Optimization of the Controlled Evaluation of Closed Relational Queries

NASA Astrophysics Data System (ADS)

Biskup, Joachim; Lochner, Jan-Hendrik; Sonntag, Sebastian

For relational databases, controlled query evaluation is an effective inference control mechanism preserving confidentiality regarding a previously declared confidentiality policy. Implementations of controlled query evaluation usually lack efficiency due to costly theorem prover calls. Suitably constrained controlled query evaluation can be implemented efficiently, but is not flexible enough from the perspective of database users and security administrators. In this paper, we propose an optimized framework for controlled query evaluation in relational databases, being efficiently implementable on the one hand and relaxing the constraints of previous approaches on the other hand.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Intelligent Facial Recognition Systems: Technology advancements for security applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beer, C.L.

1993-07-01

Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g.,more » fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.« less

An Evaluation Methodology for the Usability and Security of Cloud-based File Sharing Technologies

DTIC Science & Technology

2012-09-01

FISMA, ISO 27001 , FIPS 140-2, and ISO 270001) indicate a cloud-based service’s compliance with industry standard security controls, management and...Information Assurance IEEE Institute of Electrical and Electronics Engineers IT Information Technology ITS Insider Threat Study ISO International...effectively, efficiently and with satisfaction” (International Organization for Standardization [ ISO ], 1998). Alternately, information security

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

2015-01-01

NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

NASA Astrophysics Data System (ADS)

Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

A Pilot Examination of the Methods Used to Counteract Insider Threat Security Risks Associated with the Use of Radioactive Materials in the Research and Clinical Setting.

PubMed

Tsenov, B G; Emery, R J; Whitehead, L W; Gonzalez, J Reingle; Gemeinhardt, G L

2018-03-01

While many organizations maintain multiple layers of security control methodologies to prevent outsiders from gaining unauthorized access, persons such as employees or contractors who have been granted legitimate access can represent an "insider threat" risk. Interestingly, some of the most notable radiological events involving the purposeful contamination or exposure of individuals appear to have been perpetrated by insiders. In the academic and medical settings, radiation safety professionals focus their security efforts on (1) ensuring controls are in place to prevent unauthorized access or removal of sources, and (2) increasing security controls for the unescorted accessing of large sources of radioactivity (known as "quantities of concern"). But these controls may not completely address the threat insiders represent when radioactive materials below these quantities are present. The goal of this research project was to characterize the methodologies currently employed to counteract the insider security threat for the misuse or purposeful divergence of radioactive materials used in the academic and medical settings. A web-based survey was used to assess how practicing radiation safety professionals in academic and medical settings anticipate, evaluate, and control insider threat security risks within their institutions. While all respondents indicated that radioactive sources are being used in amounts below quantities of concern, only 6 % consider insider threat security issues as part of the protocol review for the use of general radioactive materials. The results of this survey identify several opportunities for improvement for institutions to address security gaps.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, T.

SPI/U3.1 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Inspector Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, Tony

SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Jason Wright

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrainedmore » computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.« less

SPCC- Software Elements for Security Partition Communication Controller

NASA Astrophysics Data System (ADS)

Herpel, H. J.; Willig, G.; Montano, G.; Tverdyshev, S.; Eckstein, K.; Schoen, M.

2016-08-01

Future satellite missions like Earth Observation, Telecommunication or any other kind are likely to be exposed to various threats aiming at exploiting vulnerabilities of the involved systems and communications. Moreover, the growing complexity of systems coupled with more ambitious types of operational scenarios imply increased security vulnerabilities in the future. In the paper we will describe an architecture and software elements to ensure high level of security on-board a spacecraft. First the threats to the Security Partition Communication Controller (SPCC) will be addressed including the identification of specific vulnerabilities to the SPCC. Furthermore, appropriate security objectives and security requirements are identified to be counter the identified threats. The security evaluation of the SPCC will be done in accordance to the Common Criteria (CC). The Software Elements for SPCC has been implemented on flight representative hardware which consists of two major elements: the I/O board and the SPCC board. The SPCC board provides the interfaces with ground while the I/O board interfaces with typical spacecraft equipment busses. Both boards are physically interconnected by a high speed spacewire (SpW) link.

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

PubMed Central

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

PubMed

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2014-07-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

SNAP-Ed (Supplemental Nutrition Assistance Program-Education) Increases Long-Term Food Security among Indiana Households with Children in a Randomized Controlled Study.

PubMed

Rivera, Rebecca L; Maulding, Melissa K; Abbott, Angela R; Craig, Bruce A; Eicher-Miller, Heather A

2016-11-01

Food insecurity is negatively associated with US children's dietary intake and health. The Supplemental Nutrition Assistance Program-Education (SNAP-Ed) aims to alleviate food insecurity by offering nutrition, budgeting, and healthy lifestyle education to low-income individuals and families. The objective of this study was to evaluate the long-term impact of the Indiana SNAP-Ed on food security among households with children. A randomized, controlled, parallel study design with SNAP-Ed as an intervention was carried out during a 4- to 10-wk intervention period. Intervention group participants received the first 4 Indiana SNAP-Ed curriculum lessons. Study participants (n = 575) were adults aged ≥18 y from low-income Indiana households with ≥1 child living in the household. Both treatment groups completed an assessment before and after the intervention period and 1 y after recruitment. The 18-item US Household Food Security Survey Module was used to classify the primary outcomes of food security for the household and adults and children in the household. A linear mixed model was used to compare intervention with control group effects over time on food security. Mean ± SEM changes in household food security score and food security score among household adults from baseline to 1-y follow-up were 1.2 ± 0.4 and 0.9 ± 0.3 units lower, respectively, in the intervention group than in the control group (P < 0.01). The mean change in food security score from baseline to 1-y follow-up among household children was not significantly different in the intervention group compared with the control group. SNAP-Ed improved food security over a longitudinal time frame among low-income Indiana households with children in this study. SNAP-Ed may be a successful intervention to improve food security. © 2016 American Society for Nutrition.

Implementing healthcare information security: standards can help.

PubMed

Orel, Andrej; Bernik, Igor

2013-01-01

Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

[Significance of re-evaluation and development of Chinese herbal drugs].

PubMed

Gao, Yue; Ma, Zengchun; Zhang, Boli

2012-01-01

The research of new herbal drugs involves in new herbal drugs development and renew the old drugs. It is necessary to research new herbal drugs based on the theory of traditional Chinese medicine (TCM). The current development of famous TCM focuses on the manufacture process, quality control standards, material basis and clinical research. But system management of security evaluation is deficient, the relevant system for the safety assessment TCM has not been established. The causes of security problems, security risks, target organ of toxicity, weak link of safety evaluation, and ideas of safety evaluation are discussed in this paper. The toxicology research of chinese herbal drugs is necessary based on standard of good laboratory practices (GLP), the characteristic of Chinese herbal drugs is necessary to be fully integrated into safety evaluation. The safety of new drug research is necessary to be integrated throughout the entire process. Famous Chinese medicine safety research must be paid more attention in the future.

[Simulation of urban ecological security pattern based on cellular automata: a case of Dongguan City, Guangdong Province of South China].

PubMed

Yang, Qing-Sheng; Qiao, Ji-Gang; Ai, Bin

2013-09-01

Taking the Dongguan City with rapid urbanization as a case, and selecting landscape ecological security level as evaluation criterion, the urbanization cellular number of 1 km x 1 km ecological security cells was obtained, and imbedded into the transition rules of cellular automata (CA) as the restraint term to control urban development, establish ecological security urban CA, and simulate ecological security urban development pattern. The results showed the integrated landscape ecological security index of the City decreased from 0.497 in 1998 to 0.395 in 2005, indicating that the ecological security at landscape scale was decreased. The CA-simulated integrated ecological security index of the City in 2005 was increased from the measured 0.395 to 0.479, showing that the simulated urban landscape ecological pressure from human became lesser, ecological security became better, and integrated landscape ecological security became higher. CA could be used as an effective tool in researching urban ecological security.

Safety and privacy outcomes from a moderated online social therapy for young people with first-episode psychosis.

PubMed

Gleeson, John F; Lederman, Reeva; Wadley, Greg; Bendall, Sarah; McGorry, Patrick D; Alvarez-Jimenez, Mario

2014-04-01

Internet-based treatments for early psychosis offer considerable promise, but safety and security need to be established. This study pilot tested Horyzons, a novel online treatment application that integrates purpose-built moderated social networking with psychoeducation for recovery from early psychosis. Safety, privacy, and security were evaluated during a one-month single-group trial with 20 young consumers recovering from early psychosis who were recruited in Melbourne, Australia. Known clinical risk factors informed the safety protocol. Safety, privacy, and security were evaluated with respect to relapse and self-harm, users' perceptions of safety and privacy, and activity using Horyzons. No clinical or security problems with use of Horyzons were noted. Participants described feeling safe and trusting Horyzons. Private moderated online social networking combined with psychoeducation was a safe and secure therapeutic environment for consumers recovering from a first episode of psychosis. Testing the intervention in a randomized controlled trial is warranted.

Health Security and Risk Aversion.

PubMed

Herington, Jonathan

2016-09-01

Health security has become a popular way of justifying efforts to control catastrophic threats to public health. Unfortunately, there has been little analysis of the concept of health security, nor the relationship between health security and other potential aims of public health policy. In this paper I develop an account of health security as an aversion to risky policy options. I explore three reasons for thinking risk avoidance is a distinctly worthwhile aim of public health policy: (i) that security is intrinsically valuable, (ii) that it is necessary for social planning and (iii) that it is an appropriate response to decision-making in contexts of very limited information. Striking the right balance between securing and maximizing population health thus requires a substantive, and hitherto unrecognized, value judgment. Finally, I critically evaluate the current health security agenda in light of this new account of the concept and its relationship to the other aims of public health policy. © 2016 John Wiley & Sons Ltd.

Mixed-Method Quasi-Experimental Study of Outcomes of a Large-Scale Multilevel Economic and Food Security Intervention on HIV Vulnerability in Rural Malawi.

PubMed

Weinhardt, Lance S; Galvao, Loren W; Yan, Alice F; Stevens, Patricia; Mwenyekonde, Thokozani Ng'ombe; Ngui, Emmanuel; Emer, Lindsay; Grande, Katarina M; Mkandawire-Valhmu, Lucy; Watkins, Susan C

2017-03-01

The objective of the Savings, Agriculture, Governance, and Empowerment for Health (SAGE4Health) study was to evaluate the impact of a large-scale multi-level economic and food security intervention on health outcomes and HIV vulnerability in rural Malawi. The study employed a quasi-experimental non-equivalent control group design to compare intervention participants (n = 598) with people participating in unrelated programs in distinct but similar geographical areas (control, n = 301). We conducted participant interviews at baseline, 18-, and 36-months on HIV vulnerability and related health outcomes, food security, and economic vulnerability. Randomly selected households (n = 1002) were interviewed in the intervention and control areas at baseline and 36 months. Compared to the control group, the intervention led to increased HIV testing (OR 1.90; 95 % CI 1.29-2.78) and HIV case finding (OR = 2.13; 95 % CI 1.07-4.22); decreased food insecurity (OR = 0.74; 95 % CI 0.63-0.87), increased nutritional diversity, and improved economic resilience to shocks. Most effects were sustained over a 3-year period. Further, no significant differences in change were found over the 3-year study period on surveys of randomly selected households in the intervention and control areas. Although there were general trends toward improvement in the study area, only intervention participants' outcomes were significantly better. Results indicate the intervention can improve economic and food security and HIV vulnerability through increased testing and case finding. Leveraging the resources of economic development NGOs to deliver locally-developed programs with scientific funding to conduct controlled evaluations has the potential to accelerate the scientific evidence base for the effects of economic development programs on health.

A form of relapse prevention for men in a high security hospital.

PubMed

Newton, Liam; Coles, Dawn; Quayle, Marie

2005-01-01

Marlatt and Gordon's relapse prevention model has evolved, and been applied to many repetitive problem behaviours, including drug use, gambling and sexual offending. High security hospital patients often present with a number of such behaviours. To evaluate a relapse prevention group in one high security hospital. Nine patients were selected on clinical need for the group. In a naturalistic study design, each completed several self-report questionnaires pre- and post-group. Analysis of group results demonstrated a significant increase in guilt and acceptance of responsibility for offences (GBAI ratings), and reduced endorsement of pro-offending thinking styles (PICTS). Movement towards increased empathy, and decreased impulsivity and venturesomeness, did not reach significance. All participants showed some changes in desired directions but effects were small. Both relapse prevention and its evaluation are limited in high security hospitals by the restricted opportunities for testing out new skills. The feasibility of delivering an RP programme and evaluating it in high security has nevertheless been established. The small effects found may be promising, and suggest both justification and need for a randomized controlled trial of this approach in that setting. Copyright (c) 2005 John Wiley & Sons, Ltd.

GPs' role security and therapeutic commitment in managing alcohol problems: a randomised controlled trial of a tailored improvement programme.

PubMed

Keurhorst, Myrna; van Beurden, Ivonne; Anderson, Peter; Heinen, Maud; Akkermans, Reinier; Wensing, Michel; Laurant, Miranda

2014-04-17

General practitioners with more positive role security and therapeutic commitment towards patients with hazardous or harmful alcohol consumption are more involved and manage more alcohol-related problems than others. In this study we evaluated the effects of our tailored multi-faceted improvement implementation programme on GPs' role security and therapeutic commitment and, in addition, which professional related factors influenced the impact of the implementation programme. In a cluster randomised controlled trial, 124 GPs from 82 Dutch general practices were randomised to either the intervention or control group. The tailored, multi-faceted programme included combined physician, organisation, and patient directed alcohol-specific implementation strategies to increase role security and therapeutic commitment in GPs. The control group was mailed the national guideline and patients received feedback letters. Questionnaires were completed before and 12 months after start of the programme. We performed linear multilevel regression analysis to evaluate effects of the implementation programme. Participating GPs were predominantly male (63%) and had received very low levels of alcohol related education before start of the study (0.4 h). The programme increased therapeutic commitment (p = 0.005; 95%-CI 0.13 - 0.73) but not role security (p = 0.58; 95%-CI -0.31 - 0.54). How important GPs thought it was to improve their care for problematic alcohol consumption, and the GPs' reported proportion of patients asked about alcohol consumption at baseline, contributed to the effect of the programme on therapeutic commitment. A tailored, multi-faceted programme aimed at improving GP management of patients with hazardous and harmful alcohol consumption improved GPs' therapeutic commitment towards patients with alcohol-related problems, but failed to improve GPs' role security. How important GPs thought it was to improve their care for problematic alcohol consumption, and the GPs' reported proportion of patients asked about alcohol consumption at baseline, both increased the impact of the programme on therapeutic commitment. It might be worthwhile to monitor proceeding of role security and therapeutic commitment throughout the year after the implementation programme, to see whether the programme is effective on short term but faded out on the longer term. ClinicalTrials.gov Identifier: NCT00298220.

Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

2008-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensively collaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder,more » CSES reflects the variance that may exist among the stakes one attaches to meeting each requirement. This paper summarizes the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural underpinnings.« less

Policy reconciliation for access control in dynamic cross-enterprise collaborations

NASA Astrophysics Data System (ADS)

Preuveneers, D.; Joosen, W.; Ilie-Zudor, E.

2018-03-01

In dynamic cross-enterprise collaborations, different enterprises form a - possibly temporary - business relationship. To integrate their business processes, enterprises may need to grant each other limited access to their information systems. Authentication and authorization are key to secure information handling. However, access control policies often rely on non-standardized attributes to describe the roles and permissions of their employees which convolutes cross-organizational authorization when business relationships evolve quickly. Our framework addresses the managerial overhead of continuous updates to access control policies for enterprise information systems to accommodate disparate attribute usage. By inferring attribute relationships, our framework facilitates attribute and policy reconciliation, and automatically aligns dynamic entitlements during the evaluation of authorization decisions. We validate our framework with a Industry 4.0 motivating scenario on networked production where such dynamic cross-enterprise collaborations are quintessential. The evaluation reveals the capabilities and performance of our framework, and illustrates the feasibility of liberating the security administrator from manually provisioning and aligning attributes, and verifying the consistency of access control policies for cross-enterprise collaborations.

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security and HIPAA Compliance: Part II

PubMed Central

Watzlaf, Valerie J.M.; Moeini, Sohrab; Matusow, Laura; Firouzan, Patti

2011-01-01

In a previous publication the authors developed a privacy and security checklist to evaluate Voice over Internet Protocol (VoIP) videoconferencing software used between patients and therapists to provide telerehabilitation (TR) therapy. In this paper, the privacy and security checklist that was previously developed is used to perform a risk analysis of the top ten VoIP videoconferencing software to determine if their policies provide answers to the privacy and security checklist. Sixty percent of the companies claimed they do not listen into video-therapy calls unless maintenance is needed. Only 50% of the companies assessed use some form of encryption, and some did not specify what type of encryption was used. Seventy percent of the companies assessed did not specify any form of auditing on their servers. Statistically significant differences across company websites were found for sharing information outside of the country (p=0.010), encryption (p=0.006), and security evaluation (p=0.005). Healthcare providers considering use of VoIP software for TR services may consider using this privacy and security checklist before deciding to incorporate a VoIP software system for TR. Other videoconferencing software that is specific for TR with strong encryption, good access controls, and hardware that meets privacy and security standards should be considered for use with TR. PMID:25945177

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security and HIPAA Compliance: Part II.

PubMed

Watzlaf, Valerie J M; Moeini, Sohrab; Matusow, Laura; Firouzan, Patti

2011-01-01

In a previous publication the authors developed a privacy and security checklist to evaluate Voice over Internet Protocol (VoIP) videoconferencing software used between patients and therapists to provide telerehabilitation (TR) therapy. In this paper, the privacy and security checklist that was previously developed is used to perform a risk analysis of the top ten VoIP videoconferencing software to determine if their policies provide answers to the privacy and security checklist. Sixty percent of the companies claimed they do not listen into video-therapy calls unless maintenance is needed. Only 50% of the companies assessed use some form of encryption, and some did not specify what type of encryption was used. Seventy percent of the companies assessed did not specify any form of auditing on their servers. Statistically significant differences across company websites were found for sharing information outside of the country (p=0.010), encryption (p=0.006), and security evaluation (p=0.005). Healthcare providers considering use of VoIP software for TR services may consider using this privacy and security checklist before deciding to incorporate a VoIP software system for TR. Other videoconferencing software that is specific for TR with strong encryption, good access controls, and hardware that meets privacy and security standards should be considered for use with TR.

77 FR 75679 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-21

... et seq.). Rule 17Ad-13 requires an annual study and evaluation of internal accounting controls under... transfer agents to obtain an annual report on the adequacy of their internal accounting controls from an... service only their own companies' securities. Approximately 150 independent, professional transfer agents...

Method for secure electronic voting system: face recognition based approach

NASA Astrophysics Data System (ADS)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

Evaluation of the Tri-Service Laboratory System. Cost/Benefit Analysis of TRILAB System, NRMC (Naval Regional Medical Center), Oakland.

DTIC Science & Technology

1983-05-15

20816 ArthurD littleInc 180527 08 SECURITY CLA IFICATIO-4 or TWISt PAGE MN-n hofa, Ent*rod " REPORT DOCUMENTATION PAGE DEFORr rOfINT -rCTIOR I. RE"PORT...PAGES Bethesda, MD 20816 _ 1 14. MONITORING AGENCY NAME & ADDRESS(If dlilerent from Controlling Office) IS. SECURITY CLASS. (of thle re"ep) ISO. DECL ASSI

Attachment security mediates the longitudinal association between child-parent psychotherapy and peer relations for toddlers of depressed mothers.

PubMed

Guild, Danielle J; Toth, Sheree L; Handley, Elizabeth D; Rogosch, Fred A; Cicchetti, Dante

2017-05-01

Numerous investigations have demonstrated that child-parent psychotherapy (CPP) promotes secure attachment between mothers and offspring. However, the role of postintervention attachment security as it relates to long-term child outcomes has never been evaluated. The present study therefore examined postintervention attachment status as a mediator of the association between CPP for depressed mothers and their offspring and subsequent peer relations among offspring. Depressed mothers and their toddlers were randomized to receive CPP (n = 45) or to a control group (n = 55). A prior investigation with this sample indicated that offspring who received CPP attained significantly higher rates of secure attachment postintervention, whereas insecure attachment continued to predominate for offspring in the control group. The present study examined follow-up data of teachers' reports on participants' competence with classroom peers when they were approximately 9 years old. Findings indicated that children who received CPP were more likely to evidence secure attachments at postintervention, which in turn was associated with more positive peer relationships at age 9.

40 CFR 300.415 - Removal action.

Code of Federal Regulations, 2013 CFR

2013-07-01

..., provision for post-removal site control following a CERCLA Fund-financed removal action at both NPL and non... lead agency shall conduct an engineering evaluation/cost analysis (EE/CA) or its equivalent. The EE/CA...) Fences, warning signs, or other security or site control precautions—where humans or animals have access...

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

PubMed

Bernik, Igor; Prislan, Kaja

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

[System construction of early warning for ecological security at cultural and natural heritage mixed sites and its application: a case study of Wuyishan Scenery District].

PubMed

You, Wei-Bin; He, Dong-Jin; Qin, De-Hua; Ji, Zhi-Rong; Wu, Li-Yun; Yu, Jian-An; Chen, Bing-Rong; Tan, Yong

2014-05-01

This paper proposed a new concept of ecological security for protection by a comprehensive analysis of the contents and standards of world heritage sites. A frame concept model named "Pressure-State-Control" for early warning of ecological security at world heritage mixed sites was constructed and evaluation indicators of this frame were also selected. Wuyishan Scenery District was chosen for a case study, which has been severely disturbed by natural and artificial factors. Based on the frame model of "Pressure-State-Control" and by employing extension analysis, the matter-element model was established to assess the ecological security status of this cultural and natural world heritage mixed site. The results showed that the accuracy of ecological security early warning reached 84%. Early warning rank was I level (no alert status) in 1997 and 2009, but that in 2009 had a higher possibility to convert into II level. Likewise, the early-warning indices of sensitive ranks were different between 1997 and 2009. Population density, population growth rate, area index for tea garden, cultivated land owned per capita, level of drought, and investment for ecological and environmental construction were the main limiting factors to hinder the development of ecological security from 2009 to future. In general, the status of Wuyishan Scenery District ecological security was relatively good and considered as no alert level, while risk conditions also existed in terms of a few early-warning indicators. We still need to pay more attention to serious alert indicators and adopt effective prevention and control measures to maintain a good ecological security status of this heritage site.

Micro-Controllable, Multi-Functional Interface Module for Digital MP: A Wearable Computer Security Application

DTIC Science & Technology

2004-05-01

Army Soldier System Command: http://www.natick.armv.mil Role Name Facial Recognition Program Manager, Army Technical Lead Mark Chandler...security force with a facial recognition system. Mike Holloran, technology officer with the 6 Fleet, directed LCDR Hoa Ho and CAPT(s) Todd Morgan to...USN 6th Fleet was accomplished with the admiral expressing his support for continuing the evaluation of the a facial recognition system. This went

Emergency positioning system accuracy with infrared LEDs in high-security facilities

NASA Astrophysics Data System (ADS)

Knoch, Sierra N.; Nelson, Charles; Walker, Owens

2017-05-01

Instantaneous personnel location presents a challenge in Department of Defense applications where high levels of security restrict real-time tracking of crew members. During emergency situations, command and control requires immediate accountability of all personnel. Current radio frequency (RF) based indoor positioning systems can be unsuitable due to RF leakage and electromagnetic interference with sensitively calibrated machinery on variable platforms like ships, submarines and high-security facilities. Infrared light provide a possible solution to this problem. This paper proposes and evaluates an indoor line-of-sight positioning system that is comprised of IR and high-sensitivity CMOS camera receivers. In this system the movement of the LEDs is captured by the camera, uploaded and analyzed; the highest point of power is located and plotted to create a blueprint of crewmember location. Results provided evaluate accuracy as a function of both wavelength and environmental conditions. Research will further evaluate the accuracy of the LED transmitter and CMOS camera receiver system. Transmissions in both the 780 and 850nm IR are analyzed.

Environmental control and life support system: Analysis of STS-1

NASA Technical Reports Server (NTRS)

Steines, G.

1980-01-01

The capability of the orbiter environmental control and life support system (ECLSS) to support vehicle cooling requirements in the event of cabin pressure reduction to 9 psia was evaluated, using the Orbiter versions of the shuttle environmental consumbles usage requirement evaluation (SECURE) program, and using heat load input data developed by the spacecraft electrical power simulator (SEPS) program. The SECURE model used in the analysis, the timeline and ECLSS configuration used in formulating the analysis, and the results of the analysis are presented. The conclusion which may be drawn drom these results. is summarized. There are no significant thermal problems with the proposed mission. There are, however, several procedures which could be optimized for better performance: setting the cabin HX air bypass and the interchanger water bypass to the zero flow position is of questionable efficacy; the cabin air pressure monitoring procedure should be re-evaluated; and the degree of equipment power down specified for this analysis and no problems were noted.

Cyber Security Research Frameworks For Coevolutionary Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rush, George D.; Tauritz, Daniel Remy

Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger,more » more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.« less

Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2008-01-01

Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service maymore » be provided by an information technology system or process control system, etc.). (2) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the levels of verification and validation (i.e., certification) performed on components of the specification. The certification activity may produce higher levels of assurance across different components of the specification than others. Consequently, this paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs and the basic structural and mathematical underpinnings.« less

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation

PubMed Central

2016-01-01

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes. PMID:27655001

Emergency Warning Systems. Part 2. Warning Systems - Evaluation Guidelines.

DTIC Science & Technology

1983-07-01

ELEMENT. PROJECT. TASK AREA A WORK UNIT NUMBERS PRC Voorhees Work Unit 2234G 1500 Planning Research Drive McLean, Virginia 22102 ___ 11. CONTROLLING ...different from Controlling Office) IS. SECURITY CLASS. (of this report) Unclassified 15a. DECLASSIFICATION/DOWNGRADING SCHEDULE 16. DISTRIBUTION...systems that control these warning systems are discussed. Test results of several warning systems are included along with a discussion of sound

32 CFR 154.42 - Evaluation of personnel security information.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 1 2011-07-01 2011-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying the...

32 CFR 154.42 - Evaluation of personnel security information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 1 2010-07-01 2010-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying the...

A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems.

PubMed

Xu, Xin; Zhu, Ping; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua; He, Lian

2014-01-01

In the field of the Telecare Medicine Information System, recent researches have focused on consummating more convenient and secure healthcare delivery services for patients. In order to protect the sensitive information, various attempts such as access control have been proposed to safeguard patients' privacy in this system. However, these schemes suffered from some certain security defects and had costly consumption, which were not suitable for the telecare medicine information system. In this paper, based on the elliptic curve cryptography, we propose a secure and efficient two-factor mutual authentication and key agreement scheme to reduce the computational cost. Such a scheme enables to provide the patient anonymity by employing the dynamic identity. Compared with other related protocols, the security analysis and performance evaluation show that our scheme overcomes some well-known attacks and has a better performance in the telecare medicine information system.

Innovative dressing and securement of tunneled central venous access devices in pediatrics: a pilot randomized controlled trial.

PubMed

Ullman, Amanda J; Kleidon, Tricia; Gibson, Victoria; McBride, Craig A; Mihala, Gabor; Cooke, Marie; Rickard, Claire M

2017-08-30

Central venous access device (CVAD) associated complications are a preventable source of patient harm, frequently resulting in morbidity and delays to vital treatment. Dressing and securement products are used to prevent infectious and mechanical complications, however current complication rates suggest customary practices are inadequate. The aim of this study was to evaluate the feasibility of launching a full-scale randomized controlled efficacy trial of innovative dressing and securement products for pediatric tunneled CVAD to prevent complication and failure. An external, pilot, four-group randomized controlled trial of standard care (bordered polyurethane dressing and suture), in comparison to integrated securement-dressing, suture-less securement device, and tissue adhesive was undertaken across two large, tertiary referral pediatric hospitals in Australia. Forty-eight pediatric participants with newly inserted tunneled CVADs were consecutively recruited. The primary outcome of study feasibility was established by elements of eligibility, recruitment, attrition, protocol adherence, missing data, parent and healthcare staff satisfaction and acceptability, and effect size estimates for CVAD failure (cessation of function prior to completion of treatment) and complication (associated bloodstream infection, thrombosis, breakage, dislodgement or occlusion). Dressing integrity, product costs and site complications were also examined. Protocol feasibility was established. CVAD failure was: 17% (2/12) integrated securement-dressing; 8% (1/13) suture-less securement device; 0% tissue adhesive (0/12); and, 0% standard care (0/11). CVAD complications were: 15% (2/13) suture-less securement device (CVAD associated bloodstream infection, and occlusion and partial dislodgement); 8% (1/12) integrated securement-dressing (partial dislodgement); 0% tissue adhesive (0/12); and, 0% standard care (0/11). One CVAD-associated bloodstream infection occurred, within the suture-less securement device group. Overall satisfaction was highest in the integrated securement-dressing (mean 8.5/10; standard deviation 1.2). Improved dressing integrity was evident in the intervention arms, with the integrated securement-dressing associated with prolonged time to first dressing change (mean days 3.5). Improving the security and dressing integrity of tunneled CVADs is likely to improve outcomes for pediatric patients. Further research is necessary to identify novel, effective CVAD securement to reduce complications, and provide reliable vascular access for children. ACTRN12614000280606 ; prospectively registered on 17/03/2014.

Common object request broker architecture (CORBA)-based security services for the virtual radiology environment.

PubMed

Martinez, R; Cole, C; Rozenblit, J; Cook, J F; Chacko, A K

2000-05-01

The US Army Great Plains Regional Medical Command (GPRMC) has a requirement to conform to Department of Defense (DoD) and Army security policies for the Virtual Radiology Environment (VRE) Project. Within the DoD, security policy is defined as the set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information. Security policy in the DoD is described by the Trusted Computer System Evaluation Criteria (TCSEC), Army Regulation (AR) 380-19, Defense Information Infrastructure Common Operating Environment (DII COE), Military Health Services System Automated Information Systems Security Policy Manual, and National Computer Security Center-TG-005, "Trusted Network Interpretation." These documents were used to develop a security policy that defines information protection requirements that are made with respect to those laws, rules, and practices that are required to protect the information stored and processed in the VRE Project. The goal of the security policy is to provide for a C2-level of information protection while also satisfying the functional needs of the GPRMC's user community. This report summarizes the security policy for the VRE and defines the CORBA security services that satisfy the policy. In the VRE, the information to be protected is embedded into three major information components: (1) Patient information consists of Digital Imaging and Communications in Medicine (DICOM)-formatted fields. The patient information resides in the digital imaging network picture archiving and communication system (DIN-PACS) networks in the database archive systems and includes (a) patient demographics; (b) patient images from x-ray, computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound (US); and (c) prior patient images and related patient history. (2) Meta-Manager information to be protected consists of several data objects. This information is distributed to the Meta-Manager nodes and includes (a) radiologist schedules; (b) modality worklists; (c) routed case information; (d) DIN-PACS and Composite Health Care system (CHCS) messages, and Meta-Manager administrative and security information; and (e) patient case information. (3) Access control and communications security is required in the VRE to control who uses the VRE and Meta-Manager facilities and to secure the messages between VRE components. The CORBA Security Service Specification version 1.5 is designed to allow up to TCSEC's B2-level security for distributed objects. The CORBA Security Service Specification defines the functionality of several security features: identification and authentication, authorization and access control, security auditing, communication security, nonrepudiation, and security administration. This report describes the enhanced security features for the VRE and their implementation using commercial CORBA Security Service software products.

Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2009-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. This paper proposes a Cyberspace Security Econometrics System (CSES) that provides a measure (i.e., a quantitative indication) of reliability, performance and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. Formore » a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. This paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings.« less

Technology and Policy: Looking to the Future

NASA Astrophysics Data System (ADS)

Sylvester, Kory

2009-05-01

As the proper scope and nature of arms control continues to be debated, it is certain that technical capabilities and advice will play a significant role. While national priorities and strategic objectives and broader perspectives of international security and foreign policy will ultimately dictate, technical expertise and assessment is critical to the identification, development and evaluation of alternatives. Strategic linkages between arms control, nonproliferation, and homeland security have perhaps never been so intertwined. Incomplete information and strongly held but disparate views about the potential of science and technology to amplify threats as readily as they mitigate them creates a highly dynamic environment for policymakers. To contribute meaningfully scientists and engineers will have to remain engaged with national security debates and think about the strategic and policy environment in which technical questions are posed to them, and how to identify and frame the important questions that aren't.

Assessment of Diverse Biological Indicators in Gulf War Illness: Are They Replicable Are They Related

DTIC Science & Technology

2016-04-01

compared to 50 healthy veteran controls in a protocol that includes physical and neuropsychological evaluations, neuroimaging (MRI, fMRI, DTI), adrenal...SUBJECT TERMS Gulf War illness, neuroimaging, neuropsychological testing, immune function, hypothalamic-pituitary-adrenal testing 16. SECURITY... neuropsychological evaluations, assessment of hypothalamic-pituitary-adrenal function, standard clinical diagnostic laboratory tests, and research

Incorporating voltage security into the planning, operation and monitoring of restructured electric energy markets

NASA Astrophysics Data System (ADS)

Nair, Nirmal-Kumar

As open access market principles are applied to power systems, significant changes are happening in their planning, operation and control. In the emerging marketplace, systems are operating under higher loading conditions as markets focus greater attention to operating costs than stability and security margins. Since operating stability is a basic requirement for any power system, there is need for newer tools to ensure stability and security margins being strictly enforced in the competitive marketplace. This dissertation investigates issues associated with incorporating voltage security into the unbundled operating environment of electricity markets. It includes addressing voltage security in the monitoring, operational and planning horizons of restructured power system. This dissertation presents a new decomposition procedure to estimate voltage security usage by transactions. The procedure follows physical law and uses an index that can be monitored knowing the state of the system. The expression derived is based on composite market coordination models that have both PoolCo and OpCo transactions, in a shared stressed transmission grid. Our procedure is able to equitably distinguish the impacts of individual transactions on voltage stability, at load buses, in a simple and fast manner. This dissertation formulates a new voltage stability constrained optimal power flow (VSCOPF) using a simple voltage security index. In modern planning, composite power system reliability analysis that encompasses both adequacy and security issues is being developed. We have illustrated the applicability of our VSCOPF into composite reliability analysis. This dissertation also delves into the various applications of voltage security index. Increasingly, FACT devices are being used in restructured markets to mitigate a variety of operational problems. Their control effects on voltage security would be demonstrated using our VSCOPF procedure. Further, this dissertation investigates the application of steady state voltage stability index to detect potential dynamic voltage collapse. Finally, this dissertation examines developments in representation, standardization, communication and exchange of power system data. Power system data is the key input to all analytical engines for system operation, monitoring and control. Data exchange and dissemination could impact voltage security evaluation and therefore needs to be critically examined.

Implementation of QoSS (Quality-of-Security Service) for NoC-Based SoC Protection

NASA Astrophysics Data System (ADS)

Sepúlveda, Johanna; Pires, Ricardo; Strum, Marius; Chau, Wang Jiang

Many of the current electronic systems embedded in a SoC (System-on-Chip) are used to capture, store, manipulate and access critical data, as well as to perform other key functions. In such a scenario, security is considered as an important issue. The Network-on-chip (NoC), as the foreseen communication structure of next-generation SoC devices, can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (Quality of Security Service) to overcome present SoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. In this paper, we present the implementation of two security services (access control and authentication), that may be configured to assume one from several possible levels, the implementation of a technique to avoid denial-of-service (DoS) attacks, evaluate their effectiveness and estimate their impact on NoC performance.

STS-1 environmental control and life support system. Consumables and thermal analysis

NASA Technical Reports Server (NTRS)

Steines, G.

1980-01-01

The Environmental Control and Life Support Systems (ECLSS)/thermal systems analysis for the Space Transportation System 1 Flight (STS-1) was performed using the shuttle environmental consumables usage requirements evaluation (SECURE) computer program. This program employs a nodal technique utilizing the Fortran Environmental Analysis Routines (FEAR). The output parameters evaluated were consumable quantities, fluid temperatures, heat transfer and rejection, and cabin atmospheric pressure. Analysis of these indicated that adequate margins exist for the nonpropulsive consumables and related thermal environment.

Proceedings of the Seminar on the DOD Computer Security Initiative (4th) Held at the National Bureau of Standards, Gaithersburg, Maryland on August 10-12, 1981.

DTIC Science & Technology

1981-01-01

comparison of formal and informal design methodologies will show how we think they are converging. Lastly, I will describe our involvement with the DoD...computer security must begin with the design methodology , with the objective being provability. The idea ofa formal evaluation and on-the-shelf... Methodologies ] Here we can compare the formal design methodologies with those used by informal practitioners like Control Data. Obviously, both processes

Personal finance: there are no shortcuts to financial security.

PubMed

Yarkony, Kathryn

2009-12-01

Perioperative nurses have skills that lend themselves to sound financial decision-making, and during these difficult economic times, it is important to know how to secure earnings for the future. Key strategies include saving for retirement, consulting a financial advisor, investing in reliable vehicles, holding investments until the market stabilizes, and controlling credit card debt. Nurses can use the nursing process of assessment, diagnosis, planning, implementation, and evaluation to help them make sound financial decisions. (c) AORN, Inc, 2009.

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners..., DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.73 Physical security... adequate security for the area or building. If such security requires an alarm, such alarm, upon...

Integrating Visual Mnemonics and Input Feedback With Passphrases to Improve the Usability and Security of Digital Authentication.

PubMed

Juang, Kevin; Greenstein, Joel

2018-04-01

We developed a new authentication system based on passphrases instead of passwords. Our new system incorporates a user-generated mnemonic picture displayed during login, definition tooltips, error correction to reduce typographical errors, a decoy-based input masking technique, and random passphrase generation using either a specialized wordlist or a sentence template. Passphrases exhibit a greater level of security than traditional passwords, but their wider adoption has been hindered by human factors issues. Our assertion is that the added features of our system work particularly well with passphrases and help address these shortcomings. We conducted a study to evaluate our new system with a customized 1,450-word list and our new system with a 6-word sentence structure against the control conditions of a user-created passphrase of at least 24 characters and a system-generated passphrase using a 10,326-word list. Fifty participants completed two sessions so that we could measure the usability and security of the authentication schemes. With the new system conditions, memorability was improved, and security was equivalent to or better than the control conditions. Usability and overall ratings also favored the new system conditions over the control conditions. Our research presents a new authentication system using innovative techniques that improve on the usability and security of existing password and passphrase authentication systems. In computer security, drastic changes should never happen overnight, but we recommend that our contributions be incorporated into current authentication systems to help facilitate a transition from passwords to usable passphrases.

[Opportunity and challenge of post-marketing evaluation of traditional Chinese medicine].

PubMed

Du, Xiao-Xi; Song, Hai-Bo; Ren, Jing-Tian; Yang, Le; Guo, Xiao-Xin; Pang, Yu

2014-09-01

Post-marketing evaluation is a process which evaluate the risks and benefits of drug clinical application comprehensively and systematically, scientific and systematic results of post-marketing evaluation not only can provide data support for clinical application of traditional Chinese medicine, but also can be a reliable basis for the supervision department to develop risk control measures. With the increasing demands for treatment and prevention of disease, traditional Chinese medicine has been widely used, and security issues are also exposed. How to find risk signal of traditional Chinese medicine in the early stages, carry out targeted evaluation work and control risk timely have become challenges in the development of traditional Chinese medicine industry.

Scale refinement and initial evaluation of a behavioral health function measurement tool for work disability evaluation.

PubMed

Marfeo, Elizabeth E; Ni, Pengsheng; Haley, Stephen M; Bogusz, Kara; Meterko, Mark; McDonough, Christine M; Chan, Leighton; Rasch, Elizabeth K; Brandt, Diane E; Jette, Alan M

2013-09-01

To use item response theory (IRT) data simulations to construct and perform initial psychometric testing of a newly developed instrument, the Social Security Administration Behavioral Health Function (SSA-BH) instrument, that aims to assess behavioral health functioning relevant to the context of work. Cross-sectional survey followed by IRT calibration data simulations. Community. Sample of individuals applying for Social Security Administration disability benefits: claimants (n=1015) and a normative comparative sample of U.S. adults (n=1000). None. SSA-BH measurement instrument. IRT analyses supported the unidimensionality of 4 SSA-BH scales: mood and emotions (35 items), self-efficacy (23 items), social interactions (6 items), and behavioral control (15 items). All SSA-BH scales demonstrated strong psychometric properties including reliability, accuracy, and breadth of coverage. High correlations of the simulated 5- or 10-item computer adaptive tests with the full item bank indicated robust ability of the computer adaptive testing approach to comprehensively characterize behavioral health function along 4 distinct dimensions. Initial testing and evaluation of the SSA-BH instrument demonstrated good accuracy, reliability, and content coverage along all 4 scales. Behavioral function profiles of Social Security Administration claimants were generated and compared with age- and sex-matched norms along 4 scales: mood and emotions, behavioral control, social interactions, and self-efficacy. Using the computer adaptive test-based approach offers the ability to collect standardized, comprehensive functional information about claimants in an efficient way, which may prove useful in the context of the Social Security Administration's work disability programs. Copyright © 2013 American Congress of Rehabilitation Medicine. Published by Elsevier Inc. All rights reserved.

An RFID-based luggage and passenger tracking system for airport security control applications

NASA Astrophysics Data System (ADS)

Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

2014-06-01

Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

46 CFR 61.40-1 - General.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PERIODIC TESTS AND INSPECTIONS Design Verification and Periodic Testing of Vital System Automation § 61.40-1 General. (a) All automatically or... tests and inspections to evaluate the operation and reliability of controls, alarms, safety features...

A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol.

PubMed

Ramsauer, Brigitte; Lotzin, Annett; Mühlhan, Christine; Romer, Georg; Nolte, Tobias; Fonagy, Peter; Powell, Bert

2014-01-30

Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention may be most suitable when offered in a clinical psychiatric outpatient context. Current Controlled Trials ISRCTN88988596.

A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol

PubMed Central

2014-01-01

Background Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. Methods/Design This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. Discussion The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention may be most suitable when offered in a clinical psychiatric outpatient context. Trial registration Current Controlled Trials ISRCTN88988596 PMID:24476106

Effectiveness of Taxicab Security Equipment in Reducing Driver Homicide Rates

PubMed Central

Menéndez, Cammie K.C.; Amandus, Harlan E.; Damadi, Parisa; Wu, Nan; Konda, Srinivas; Hendricks, Scott A.

2015-01-01

Background Taxicab drivers historically have had one of the highest work-related homicide rates of any occupation. In 2010 the taxicab driver homicide rate was 7.4 per 100,000 drivers, compared to the overall rate of 0.37 per 100,000 workers. Purpose Evaluate the effectiveness of taxicab security cameras and partitions on citywide taxicab driver homicide rates. Methods Taxicab driver homicide rates were compared in 26 major cities in the U.S. licensing taxicabs with security cameras (n=8); bullet-resistant partitions (n=7); and cities where taxicabs were not equipped with either security cameras or partitions (n=11). News clippings of taxicab driver homicides and the number of licensed taxicabs by city were used to construct taxicab driver homicide rates spanning 15 years (1996–2010). Generalized estimating equations were constructed to model the Poisson-distributed homicide rates on city-specific safety equipment installation status, controlling for city homicide rate and the concurrent decline of homicide rates over time. Data were analyzed in 2012. Results Cities with cameras experienced a threefold reduction in taxicab driver homicides compared with control cities (RR=0.27; 95% CI=0.12, 0.61; p=0.002). There was no difference in homicide rates for cities with partitions compared with control cities (RR=1.15; 95% CI=0.80, 1.64; p=0.575). Conclusions Municipal ordinances and company policies mandating security cameras appear to be highly effective in reducing taxicab driver deaths due to workplace violence. PMID:23790983

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

PubMed

Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

2018-02-13

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors

PubMed Central

Huarte, Maider; Romaña, Pedro

2018-01-01

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model. PMID:29438338

Secure SCADA communication by using a modified key management scheme.

PubMed

Rezai, Abdalhossein; Keshavarzi, Parviz; Moravej, Zahra

2013-07-01

This paper presents and evaluates a new cryptographic key management scheme which increases the efficiency and security of the Supervisory Control And Data Acquisition (SCADA) communication. In the proposed key management scheme, two key update phases are used: session key update and master key update. In the session key update phase, session keys are generated in the master station. In the master key update phase, the Elliptic Curve Diffie-Hellman (ECDH) protocol is used. The Poisson process is also used to model the Security Index (SI) and Quality of Service (QoS). Our analysis shows that the proposed key management not only supports the required speed in the MODBUS implementation but also has several advantages compared to other key management schemes for secure communication in SCADA networks. Copyright © 2013 ISA. Published by Elsevier Ltd. All rights reserved.

Real Time Quality Control Methods for Cued EMI Data Collection

DTIC Science & Technology

2016-03-14

contents be construed as reflecting the official policy or position of the Department of Defense. Reference herein to any specific commercial product...This project evaluated the effectiveness of in-field quality control (QC) procedures during cued electromagnetic induction (EMI) data collection. The...electromagnetic induction ESTCP Environmental Security Technology Certification Program hr hour ISO Industry Standard Object IVS Instrument

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

[The comparative evaluation of level of security culture in medical organizations].

PubMed

Roitberg, G E; Kondratova, N V; Galanina, E V

2016-01-01

The study was carried out on the basis of clinic “Medicine” in 2014-2015 concerning security culture. The sampling included 465 filled HSPSC questionnaires. The comparative analysis of received was implemented. The “Zubovskaia district hospital” Having no accreditation according security standards and group of clinics from USA functioning for many years in the system of patient security support were selected as objects for comparison. The evaluation was implemented concerning dynamics of security culture in organization at implementation of strategies of security of patients during 5 years and comparison of obtained results with USA clinics was made. The study results demonstrated that in conditions of absence of implemented standards of security in medical organization total evaluation of security remains extremely low. The study of security culture using HSPSC questionnaire is an effective tool for evaluating implementation of various strategies of security ofpatient. The functioning in the system of international standards of quality, primarily JCI standards, permits during several years to achieve high indices of security culture.

An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

NASA Astrophysics Data System (ADS)

Li, X. S.; Peng, Z. Y.; Li, T. T.

2016-08-01

This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

Quality control, analysis and secure sharing of Luminex® immunoassay data using the open source LabKey Server platform

PubMed Central

2013-01-01

Background Immunoassays that employ multiplexed bead arrays produce high information content per sample. Such assays are now frequently used to evaluate humoral responses in clinical trials. Integrated software is needed for the analysis, quality control, and secure sharing of the high volume of data produced by such multiplexed assays. Software that facilitates data exchange and provides flexibility to perform customized analyses (including multiple curve fits and visualizations of assay performance over time) could increase scientists’ capacity to use these immunoassays to evaluate human clinical trials. Results The HIV Vaccine Trials Network and the Statistical Center for HIV/AIDS Research and Prevention collaborated with LabKey Software to enhance the open source LabKey Server platform to facilitate workflows for multiplexed bead assays. This system now supports the management, analysis, quality control, and secure sharing of data from multiplexed immunoassays that leverage Luminex xMAP® technology. These assays may be custom or kit-based. Newly added features enable labs to: (i) import run data from spreadsheets output by Bio-Plex Manager™ software; (ii) customize data processing, curve fits, and algorithms through scripts written in common languages, such as R; (iii) select script-defined calculation options through a graphical user interface; (iv) collect custom metadata for each titration, analyte, run and batch of runs; (v) calculate dose–response curves for titrations; (vi) interpolate unknown concentrations from curves for titrated standards; (vii) flag run data for exclusion from analysis; (viii) track quality control metrics across runs using Levey-Jennings plots; and (ix) automatically flag outliers based on expected values. Existing system features allow researchers to analyze, integrate, visualize, export and securely share their data, as well as to construct custom user interfaces and workflows. Conclusions Unlike other tools tailored for Luminex immunoassays, LabKey Server allows labs to customize their Luminex analyses using scripting while still presenting users with a single, graphical interface for processing and analyzing data. The LabKey Server system also stands out among Luminex tools for enabling smooth, secure transfer of data, quality control information, and analyses between collaborators. LabKey Server and its Luminex features are freely available as open source software at http://www.labkey.com under the Apache 2.0 license. PMID:23631706

Quality control, analysis and secure sharing of Luminex® immunoassay data using the open source LabKey Server platform.

PubMed

Eckels, Josh; Nathe, Cory; Nelson, Elizabeth K; Shoemaker, Sara G; Nostrand, Elizabeth Van; Yates, Nicole L; Ashley, Vicki C; Harris, Linda J; Bollenbeck, Mark; Fong, Youyi; Tomaras, Georgia D; Piehler, Britt

2013-04-30

Immunoassays that employ multiplexed bead arrays produce high information content per sample. Such assays are now frequently used to evaluate humoral responses in clinical trials. Integrated software is needed for the analysis, quality control, and secure sharing of the high volume of data produced by such multiplexed assays. Software that facilitates data exchange and provides flexibility to perform customized analyses (including multiple curve fits and visualizations of assay performance over time) could increase scientists' capacity to use these immunoassays to evaluate human clinical trials. The HIV Vaccine Trials Network and the Statistical Center for HIV/AIDS Research and Prevention collaborated with LabKey Software to enhance the open source LabKey Server platform to facilitate workflows for multiplexed bead assays. This system now supports the management, analysis, quality control, and secure sharing of data from multiplexed immunoassays that leverage Luminex xMAP® technology. These assays may be custom or kit-based. Newly added features enable labs to: (i) import run data from spreadsheets output by Bio-Plex Manager™ software; (ii) customize data processing, curve fits, and algorithms through scripts written in common languages, such as R; (iii) select script-defined calculation options through a graphical user interface; (iv) collect custom metadata for each titration, analyte, run and batch of runs; (v) calculate dose-response curves for titrations; (vi) interpolate unknown concentrations from curves for titrated standards; (vii) flag run data for exclusion from analysis; (viii) track quality control metrics across runs using Levey-Jennings plots; and (ix) automatically flag outliers based on expected values. Existing system features allow researchers to analyze, integrate, visualize, export and securely share their data, as well as to construct custom user interfaces and workflows. Unlike other tools tailored for Luminex immunoassays, LabKey Server allows labs to customize their Luminex analyses using scripting while still presenting users with a single, graphical interface for processing and analyzing data. The LabKey Server system also stands out among Luminex tools for enabling smooth, secure transfer of data, quality control information, and analyses between collaborators. LabKey Server and its Luminex features are freely available as open source software at http://www.labkey.com under the Apache 2.0 license.

75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held December 9, 2010...

75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held March 10, 2011, from...

76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-21

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held February 8, 2011...

75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-06

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held November 2, 2010...

76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems DATES: The meeting will be held April 13, 2011, from...

46 CFR 61.40-1 - General.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PERIODIC TESTS AND INSPECTIONS Design... tests and inspections to evaluate the operation and reliability of controls, alarms, safety features... designated by the owner of the vessel shall conduct all tests and the Design Verification and Periodic Safety...

46 CFR 61.40-1 - General.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PERIODIC TESTS AND INSPECTIONS Design... tests and inspections to evaluate the operation and reliability of controls, alarms, safety features... designated by the owner of the vessel shall conduct all tests and the Design Verification and Periodic Safety...

46 CFR 61.40-1 - General.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PERIODIC TESTS AND INSPECTIONS Design... tests and inspections to evaluate the operation and reliability of controls, alarms, safety features... designated by the owner of the vessel shall conduct all tests and the Design Verification and Periodic Safety...

46 CFR 61.40-1 - General.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING PERIODIC TESTS AND INSPECTIONS Design... tests and inspections to evaluate the operation and reliability of controls, alarms, safety features... designated by the owner of the vessel shall conduct all tests and the Design Verification and Periodic Safety...

46 CFR 62.20-3 - Plans for information.

Code of Federal Regulations, 2010 CFR

2010-10-01

...-based system hardware. (3) Safety controls. (4) Automated electric power management. (5) Automation... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Plan... Officer in Charge, Marine Inspection, for use in the evaluation of automated systems provided to replace...

Food insecurity is associated with high risk glycemic control and higher health care utilization among youth and young adults with type 1 diabetes.

PubMed

Mendoza, Jason A; Haaland, Wren; D'Agostino, Ralph B; Martini, Lauren; Pihoker, Catherine; Frongillo, Edward A; Mayer-Davis, Elizabeth J; Liu, Lenna L; Dabelea, Dana; Lawrence, Jean M; Liese, Angela D

2018-04-01

Household food insecurity (FI), i.e., limited availability of nutritionally adequate foods, is associated with poor glycemic control among adults with type 2 diabetes. We evaluated the association of FI among youth and young adults (YYA) with type 1 diabetes to inform recent clinical recommendations from the American Diabetes Association for providers to screen all patients with diabetes for FI. Using data from the Washington and South Carolina SEARCH for Diabetes in Youth Study sites, we conducted an observational, cross-sectional evaluation of associations between FI and glycemic control, hospitalizations, and emergency department (ED) visits among YYA with type 1 diabetes. FI was assessed using the Household Food Security Survey Module, which queries conditions and behaviors typical of households unable to meet basic food needs. Participants' HbA 1c were measured from blood drawn at the research visit; socio-demographics and medical history were collected by survey. The prevalence of FI was 19.5%. In adjusted logistic regression analysis, YYAs from food-insecure households had 2.37 higher odds (95% CI: 1.10, 5.09) of high risk glycemic control, i.e., HbA 1c >9.0%, vs. peers from food-secure households. In adjusted binomial regression analysis for ED visits, YYAs from food-insecure households had an adjusted prevalence rate that was 2.95 times (95% CI [1.17, 7.45]) as great as those from food secure households. FI was associated with high risk glycemic control and more ED visits. Targeted efforts should be developed and tested to alleviate FI among YYA with type 1 diabetes. Copyright © 2018 Elsevier B.V. All rights reserved.

Evaluating Information Assurance Control Effectiveness on an Air Force Supervisory Control and Data Acquisition (SCADA) System

DTIC Science & Technology

2011-03-01

Byres, E. J., Lowe, J. (2004). The Myths and facts behind cyber security risks for industrial control systems . Berlin, Germany: VDE 2004 Congress...ACQUISITION (SCADA) SYSTEM THESIS Jason R. Nielsen, Major, USAF AFIT/GCO/ENG/11-10 DEPARTMENT OF THE AIR FORCE AIR UNIVERSITY AIR FORCE...DATA ACQUISITION (SCADA) SYSTEM THESIS Presented to the Faculty Department of Electrical and Computer Engineering Graduate School of

Application of Multipurpose Cadastre to Evaluate Energy Security of Land Parcel (Case Study: Gedung A and Gedung B, Institut Teknologi Sumatra)

NASA Astrophysics Data System (ADS)

Alif, S. M.; Nugroho, A. P.; Leksono, B. E.

2018-03-01

Energy security has one of its dimensions: Short-term energy security which focuses on the ability of the energy system to react promptly to sudden changes within the supply-demand balance. Non-energy components (such as land parcel) that comprise an energy system are analysed comprehensively with other component to measure energy security related to energy supply. Multipurpose cadastre which is an integrated land information system containing legal, physical, and cultural is used to evaluate energy (electrical energy) security of land parcel. The fundamental component of multipurpose cadastre used to evaluate energy security is attribute data which is the value of land parcel facilities. Other fundamental components (geographic control data, base map data, cadastral data) are used as position information and provide weight in room (part of land parcel) valuation. High value-room means the room is comfortable and/or used productively by its occupant. The method of valuation is by comparing one facility to other facilities. Facilities included in room valuation are relatively static items (such as chair, desk, and cabinet) except lamps and other electronic devices. The room value and number of electronic devices which consume electrical energy are correlated with each other. Consumption of electrical energy of electronic devices in the room with average value remains constant while consumption in other room needs to be evaluated to save the energy. The result of this research shows that room value correlate weakly with number of electronic device in corresponding room. It shows excess energy consumed in low-value room. Although numbers of electronic devices do not always mean the consumption of electrical energy and there are plenty electronic devices, it is recommended for occupant to be careful in utilizing electronic devices in low-value room to minimize energy consumption.

Integrated secure solution for electronic healthcare records sharing

NASA Astrophysics Data System (ADS)

Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

2007-03-01

The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

Evaluating the effectiveness of biometric access control systems

NASA Astrophysics Data System (ADS)

Lively, Valerie M.

2005-05-01

This paper describes the contribution by the National Safe Skies Alliance (Safe Skies) in operational testing of biometric access control systems under the guidance of the Transportation Security Administration (TSA). Safe Skies has been conducting operational tests of biometric access control systems on behalf of the TSA for approximately four years. The majority of this testing has occurred at the McGhee Tyson Airport (TYS) in Knoxville, Tennessee. Twelve separate biometric devices - eight fingerprint, facial, iris, hand geometry, and fingerprint and iris, have been tested to date. Tests were conducted at a TYS administrative door and different airports to evaluate the access control device under normal, abnormal, and attempt-to-defeat conditions.

An evaluation of the ecological and environmental security on China's terrestrial ecosystems.

PubMed

Zhang, Hongqi; Xu, Erqi

2017-04-11

With rapid economic growth, industrialization, and urbanization, various ecological and environmental problems occur, which threaten and undermine the sustainable development and domestic survival of China. On the national scale, our progress remains in a state of qualitative or semi-quantitative evaluation, lacking a quantitative evaluation and a spatial visualization of ecological and environmental security. This study collected 14 indictors of water, land, air, and biodiversity securities to compile a spatial evaluation of ecological and environmental security in terrestrial ecosystems of China. With area-weighted normalization and scaling transformations, the veto aggregation (focusing on the limit indicator) and balanced aggregation (measuring balanced performance among different indicators) methods were used to aggregate security evaluation indicators. Results showed that water, land, air, and biodiversity securities presented different spatial distributions. A relatively serious ecological and environmental security crisis was found in China, but presented an obviously spatial variation of security evaluation scores. Hotspot areas at the danger level, which are scattered throughout the entirety of the country, were identified. The spatial diversities and causes of ecological and environmental problems in different regions were analyzed. Spatial integration of regional development and proposals for improving the ecological and environmental security were put forward.

Report: Fiscal Year 2013 Federal Information Security Management Act Report

EPA Pesticide Factsheets

Report #14-P-0033, November 26, 2013. The EPA’s network and data could be exploited without processes to evaluate risks and timely remediate vulnerabilities. Data processed by EPA contractors could be at risk because adequate controls may not be in place.

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills,more » and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between those threats and the defensive capabilities of control systems can be analyzed. The results of the gap analysis drive changes in the cyber security of critical infrastructure networks to close the gap between current exploits and existing defenses. The analysis also provides defenders with an idea of how threat technology is evolving and how defenses will need to be modified to address these emerging trends.« less

Analyzing Cases of Resilience Success and Failure - A Research Study

DTIC Science & Technology

2012-12-01

controls [NIST 2012, NIST 2008] ISO 27002 and ISO 27004 Guidelines for initiating, implementing, maintaining, and improving information security...Commission ( ISO /IEC). Information technology—Security techniques—Code of practice for information security management ( ISO /IEC 27002 :2005). ISO /IEC, 2005...security management system and controls or groups of controls [ ISO /IEC 2005, ISO /IEC 2009] CIS Security Metrics Outcome and practice metrics measuring

System and method for secure group transactions

DOEpatents

Goldsmith, Steven Y [Rochester, MN

2006-04-25

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

48 CFR 1816.405-274 - Award fee evaluation factors.

Code of Federal Regulations, 2010 CFR

2010-10-01

... factor, if used, must include consideration of risk management (including mission success, safety... above the contracting officer, with the concurrence of the project manager. The rationale for any waiver shall be documented in the contract file. When safety, export control, or security are considered under...

78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will...

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

32 CFR 2800.4 - General information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... STATES SECURITY PROCEDURES § 2800.4 General information. (a) Staff Security Officer/Top Secret Control... Staff Security Officer will serve as Top Secret Control Officer and Assistant Top Secret Control Officer... responsible for the overall supervision of the Top Secret Control program. They will maintain positive control...

Methods and protocol of a mixed method quasi-experiment to evaluate the effects of a structural economic and food security intervention on HIV vulnerability in rural Malawi: The SAGE4Health Study.

PubMed

Weinhardt, Lance S; Galvao, Loren W; Mwenyekonde, Thokozani; Grande, Katarina M; Stevens, Patricia; Yan, Alice F; Mkandawire-Valhmu, Lucy; Masanjala, Winford; Kibicho, Jennifer; Ngui, Emmanuel; Emer, Lindsay; Watkins, Susan C

2014-01-01

Poverty and lack of a predictable, stable source of food are two fundamental determinants of ill health, including HIV/AIDS. Conversely, episodes of poor health and death from HIV can disrupt the ability to maintain economic stability in affected households, especially those that rely on subsistence farming. However, little empirical research has examined if, and how, improvements in people's economic status and food security translate into changes in HIV vulnerability. In this paper, we describe in detail the methods and protocol of an academic-NGO collaboration on a quasi-experimental, longitudinal study of the mechanisms and magnitude of the impact of a multilevel economic and food security program (Support to Able-Bodied Vulnerable Groups to Achieve Food Security; SAFE), as implemented by CARE. Primary outcomes include HIV vulnerability (i.e., HIV risk behaviors, HIV infection), economic status (i.e., income, household assets) and food security (including anthropometric measures). We recruited participants from two types of areas of rural central Malawi: traditional authorities (TA) selected by CARE to receive the SAFE program (intervention group) and TAs receiving other unrelated CARE programming (controls). In the intervention TAs, we recruited 598 program participants (398 women, 200 men) and interviewed them at baseline and 18- and 36-month follow-ups; we interviewed 301 control households. In addition, we conducted random surveys (n = 1002) in the intervention and control areas with a 36-month assessment interval, prior to and after implementation of SAFE. Thus, we are examining intervention outcomes both in direct SAFE program participants and their larger communities. We are using multilevel modeling to examine mediators and moderators of the effects of SAFE on HIV outcomes at the individual and community levels and determine the ways in which changes in HIV outcomes feed back into economic outcomes and food security at later interviews. Finally, we are conducting a qualitative end-of-program evaluation consisting of in-depth interviews with 90 SAFE participants. In addition to examining pathways linking structural factors to HIV vulnerability, this research will yield important information for understanding the impact of a multilevel environmental/structural intervention on HIV, with the potential for other sustainable long-term public health benefits.

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

78 FR 26681 - Medical Criteria for Evaluating Cystic Fibrosis

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-07

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2006-0149] RIN 0960-AF58 Medical Criteria for Evaluating Cystic Fibrosis AGENCY: Social Security Administration. ACTION: Notice of teleconference. SUMMARY..., Social Security Administration, 6401 Security Boulevard, Baltimore, Maryland 21235-6401, (410) 965-1020...

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

Design and evaluation of the ReKon : an integrated detection and assessment perimeter system.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dabling, Jeffrey Glenn; Andersen, Jason Jann; McLaughlin, James O.

2013-02-01

Kontek Industries (Kannapolis, NC) and their subsidiary, Stonewater Control Systems (Kannapolis, NC), have entered into a cooperative research and development agreement with Sandia to jointly develop and evaluate an integrated perimeter security system solution, one that couples access delay with detection and assessment. This novel perimeter solution was designed to be configurable for use at facilities ranging from high-security military sites to commercial power plants, to petro/chemical facilities of various kinds. A prototype section of the perimeter has been produced and installed at the Sandia Test and Evaluation Center in Albuquerque, NM. This prototype system integrated fiber optic break sensors,more » active infrared sensors, fence disturbance sensors, video motion detection, and ground sensors. This report documents the design, testing, and performance evaluation of the developed ReKon system. The ability of the system to properly detect pedestrian or vehicle attempts to bypass, breach, or otherwise defeat the system is characterized, as well as the Nuisance Alarm Rate.« less

A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

PubMed

Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

2011-10-01

In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

76 FR 67019 - Tenth Meeting: RTCA Special Committee 224, Airport Security Access Control

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-28

... 224, Airport Security Access Control AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control. SUMMARY: The... (Pub. L. 92-463, 5 U.S.C., App.), notice is hereby given for a Special Committee 224, Airport Security...

Technology Against Terrorism: The Federal Effort

DTIC Science & Technology

1991-07-01

control appli - control and airport security plans. Some difficulties cations, irises of those seeking entry would be have arisen: now that specific...Washington International Air- tion. Among more advanced technologies are four of port as a test-bed. Sandia is applying to airport interest: voice...and 300 by 1999. criteria as well as evaluation standards and proce- In further tests carried out at JFK Airport in New dures for future EDS devices

17 CFR 200.610 - Self-evaluation.

Code of Federal Regulations, 2010 CFR

2010-04-01

... handicaps or organizations representing individuals with handicaps, to participate in the self-evaluation... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Self-evaluation. 200.610 Section 200.610 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION...

Research and realization of info-net security controlling system

NASA Astrophysics Data System (ADS)

Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-03-01

The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

48 CFR 1816.405-274 - Award fee evaluation factors.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Contractor that consists of an accident, incident, or exposure resulting in a fatality or mission failure; or in damage to equipment or property equal to or greater than $1 million; or in any “willful” or... (including mission success, safety, security, health, export control, and damage to the environment, as...

75 FR 38114 - [Docket ID FEMA-2010-0008

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-01

...: 1660-NEW. Form Titles and Numbers: FEMA Form FEMA Form 091-0, Homeland Security Exercise and Evaluation...; Existing collection in use without an OMB control number; OMB No. 1660-NEW; FEMA Form FEMA Form 091-0...] Agency Information Collection Activities: Submission for OMB Review; Comment Request, OMB No. 1660-NEW...

Should Cops Be Spies? Evaluating the Collection and Sharing of National Security Intelligence by State, Local and Tribal Law Enforcement

DTIC Science & Technology

2013-03-01

international organized crime , illegal immigration, financial institution fraud and money laundering. Policymakers increasingly view domestic law...approach to crime control, focusing upon the identification, analysis and management of persisting and developing problems or risks (de Lint, 2006

OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO EAST. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in Weapons Storage Area, Plattsburgh, Clinton County, NY

OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO NORTH. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in SAC Alert Area, Plattsburgh, Clinton County, NY

SMART Security Cooperation Objectives: Improving DoD Planning and Guidance

DTIC Science & Technology

2016-01-01

integrate them into a system for assessing, monitoring, and evaluating security cooperation programs and activities. This report evaluates DoD’s...effectiveness in developing SMART security coopera- tion objectives that facilitate assessment, monitoring, and evaluation . It also proposes a systematic...Cooperation Ends, Ways, and Means . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 RAND Evaluation and Revision of Selected

MYSEA: The Monterey Security Architecture

DTIC Science & Technology

2009-01-01

Security and Protection, Organization and Design General Terms: Design; Security Keywords: access controls, authentication, information flow controls...Applicable environments include: mil- itary coalitions, agencies and organizations responding to security emergencies, and mandated sharing in business ...network architecture affords users the abil- ity to securely access information across networks at dif- ferent classifications using standardized

The Evaluation of Land Ecological Safety of Chengchao Iron Mine Based on PSR and MEM

NASA Astrophysics Data System (ADS)

Jin, Xiangdong; Chen, Yong

2018-01-01

Land ecological security is of vital importance to local security and sustainable development of mining activities. The study has analyzed the potential causal chains between the land ecological security of Iron Mine mining environment, mine resource and the social-economic background. On the base of Pressure-State-Response model, the paper set up a matter element evaluation model of land ecological security, and applies it in Chengchao iron mine. The evaluation result proves to be effective in land ecological evaluation.

IT security evaluation - “hybrid” approach and risk of its implementation

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is relevant to evolve processes of evaluation of the IT security nowadays. Creating and application of the common evaluation approaches for an IT component, which are processed by the governmental and civil organizations, are still not solving problem. It is suggested to create a more precise and complex assessment tool for an IT security – the “hybrid” method of the IT security evaluation for a particular object, which is based on a range of adequate assessment tools.

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Economic Evaluation of the Information Security Levels Achieved by Electric Energy Providers in North Arctic Region

NASA Astrophysics Data System (ADS)

Sushko, O. P.; Kaznin, A. A.; Babkin, A. V.; Bogdanov, D. A.

2017-10-01

The study we are conducting involves the analysis of information security levels achieved by energy providers operating in the North Arctic Region. We look into whether the energy providers’ current information security levels meet reliability standards and determine what further actions may be needed for upgrading information security in the context of the digital transformation that the world community is undergoing. When developing the information security systems for electric energy providers or selecting the protection means for them, we are governed by the fact that the assets to be protected are process technologies. While information security risk can be assessed using different methods, the evaluation of the economic damage from these risks appears to be a difficult task. The most probable and harmful risks we have identified when evaluating the electric energy providers’ information security will be used by us as variables. To provide the evaluation, it is necessary to calculate the costs relating to elimination of the risks identified. The final stage of the study will involve the development of an operation algorithm for the North Arctic Region’s energy provider’s business information protection security system - a set of information security services, and security software and hardware.

76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-26

... Control Systems (Update to DO-230B): Agenda October 20, 2011 Welcome/Introductions/Administrative Remarks... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-16

... Control Systems (Update to DO-230B): Agenda September 15, 2011 Welcome/Introductions/Administrative... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

State Education Department: Security over Pupil Evaluation Program and Program Evaluation Test Materials Needs Improvement. Report 91-S-2.

ERIC Educational Resources Information Center

New York State Office of the Comptroller, Albany.

Findings of an audit of the New York State Education Department's procedures to maintain security over Pupil Evaluation Program (PEP) and Program Evaluation Test (PET) examination materials are presented in this report. The audit sought to determine whether the department's security procedures adequately prevented unauthorized access to exam…

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

A joint signal processing and cryptographic approach to multimedia encryption.

PubMed

Mao, Yinian; Wu, Min

2006-07-01

In recent years, there has been an increasing trend for multimedia applications to use delegate service providers for content distribution, archiving, search, and retrieval. These delegate services have brought new challenges to the protection of multimedia content confidentiality. This paper discusses the importance and feasibility of applying a joint signal processing and cryptographic approach to multimedia encryption, in order to address the access control issues unique to multimedia applications. We propose two atomic encryption operations that can preserve standard compliance and are friendly to delegate processing. Quantitative analysis for these operations is presented to demonstrate that a good tradeoff can be made between security and bitrate overhead. In assisting the design and evaluation of media security systems, we also propose a set of multimedia-oriented security scores to quantify the security against approximation attacks and to complement the existing notion of generic data security. Using video as an example, we present a systematic study on how to strategically integrate different atomic operations to build a video encryption system. The resulting system can provide superior performance over both generic encryption and its simple adaptation to video in terms of a joint consideration of security, bitrate overhead, and friendliness to delegate processing.

AR.Drone: security threat analysis and exemplary attack to track persons

NASA Astrophysics Data System (ADS)

Samland, Fred; Fruth, Jana; Hildebrandt, Mario; Hoppe, Tobias; Dittmann, Jana

2012-01-01

In this article we illustrate an approach of a security threat analysis of the quadrocopter AR.Drone, a toy for augmented reality (AR) games. The technical properties of the drone can be misused for attacks, which may relate security and/or privacy aspects. Our aim is to sensitize for the possibility of misuses and the motivation for an implementation of improved security mechanisms of the quadrocopter. We focus primarily on obvious security vulnerabilities (e.g. communication over unencrypted WLAN, usage of UDP, live video streaming via unencrypted WLAN to the control device) of this quadrocopter. We could practically verify in three exemplary scenarios that this can be misused by unauthorized persons for several attacks: high-jacking of the drone, eavesdropping of the AR.Drones unprotected video streams, and the tracking of persons. Amongst other aspects, our current research focuses on the realization of the attack of tracking persons and objects with the drone. Besides the realization of attacks, we want to evaluate the potential of this particular drone for a "safe-landing" function, as well as potential security enhancements. Additionally, in future we plan to investigate an automatic tracking of persons or objects without the need of human interactions.

Effects of a Brief Psychoeducational Intervention for Family Conflict: Constructive Conflict, Emotional Insecurity and Child Adjustment.

PubMed

Miller-Graff, Laura E; Cummings, E Mark; Bergman, Kathleen N

2016-10-01

The role of emotional security in promoting positive adjustment following exposure to marital conflict has been identified in a large number of empirical investigations, yet to date, no interventions have explicitly addressed the processes that predict child adjustment after marital conflict. The current study evaluated a randomized controlled trial of a family intervention program aimed at promoting constructive marital conflict behaviors thereby increasing adolescent emotional security and adjustment. Families (n = 225) were randomized into 1 of 4 conditions: Parent-Adolescent (n = 75), Parent-Only (n = 75), Self-Study (n = 38) and No Treatment (n = 37). Multi-informant and multi-method assessments were conducted at baseline, post-treatment and 6-month follow-up. Effects of treatment on destructive and constructive conflict behaviors were evaluated using multilevel models where observations were nested within individuals over time. Process models assessing the impact of constructive and destructive conflict behaviors on emotional insecurity and adolescent adjustment were evaluated using path modeling. Results indicated that the treatment was effective in increasing constructive conflict behaviors (d = 0.89) and decreasing destructive conflict behaviors (d = -0.30). For the Parent-Only Group, post-test constructive conflict behaviors directly predicted lower levels of adolescent externalizing behaviors at 6-month follow-up. Post-test constructive conflict skills also indirectly affected adolescent internalizing behaviors through adolescent emotional security. These findings support the use of a brief psychoeducational intervention in improving post-treatment conflict and emotional security about interparental relationships.

Public-Private Ventures for Morale, Welfare, and Recreation Activities. A Solution to the Loss of Appropriated Funds. Volume 5. Appendices J, K, and L

DTIC Science & Technology

1990-07-01

5 H. Instructions to Offerors ..................................... V-5 VI. Evaluation Factors for Award .................................. VI- 1 A...providing capital improvements, and providing payments to the NAFI (Section VI). These factors will be weighted in the evaluation. The Contracting...maintenance of good order and discipline, security checks, control of drugs and alcohol, and building signage. g. Products and Services. All supplies

Biometric Border Security Evaluation Framework (Biometrique Cadre D’evaluation de la Securite des Frontieres)

DTIC Science & Technology

2011-10-01

those least likely to change significantly over time: upper ridges of the eye sockets, areas around the cheekbones, sides of the mouth , nose shape, and...conduct self-process using their electronic passports. ACS processes roughly 22 million visitors annually in airport environments. The program was...the electronic passport. A successful match permits a traveler to clear through the customs control point, whereas an unsuccessful match alerts the

Attachment Security Mediates the Longitudinal Association Between Child-Parent Psychotherapy and Peer Relations for Toddlers of Depressed Mothers

PubMed Central

Guild, Danielle J.; Toth, Sheree L.; Handley, Elizabeth D.; Rogosch, Fred A.; Cicchetti, Dante

2017-01-01

Numerous investigations have demonstrated that Child-Parent Psychotherapy (CPP) promotes secure attachment between mothers and offspring. However, the role of post-intervention attachment security as it relates to long-term child outcomes has never been evaluated. The present study therefore examined post-intervention attachment status as a mediator of the association between CPP for depressed mothers and their offspring and subsequent peer relations among offspring. Depressed mothers and their toddlers were randomized to receive CPP (n = 45) or to a control group (DC; n = 55). A prior investigation with this sample indicated that offpring who received CPP attained significantly higher rates of secure attachment post-intervention, wheras insecure attachment continued to predominate for offspring in the DC group. The present study examined follow-up data of teachers’ reports on participants’ competence with classroom peers when they were approximately 9 years old. Findings indicated that children who received CPP were more likely to evidence secure attachments at post-intervention, which in turn was associated with more positive peer relationships at age 9. PMID:28401848

Low-power secure body area network for vital sensors toward IEEE802.15.6.

PubMed

Kuroda, Masahiro; Qiu, Shuye; Tochikubo, Osamu

2009-01-01

Many healthcare/medical services have started using personal area networks, such as Bluetooth and ZigBee; these networks consist of various types of vital sensors. These works focus on generalized functions for sensor networks that expect enough battery capacity and low-power CPU/RF (Radio Frequency) modules, but less attention to easy-to-use privacy protection. In this paper, we propose a commercially-deployable secure body area network (S-BAN) with reduced computational burden on a real sensor that has limited RAM/ROM sizes and CPU/RF power consumption under a light-weight battery. Our proposed S-BAN provides vital data ordering among sensors that are involved in an S-BAN and also provides low-power networking with zero-administration security by automatic private key generation. We design and implement the power-efficient media access control (MAC) with resource-constraint security in sensors. Then, we evaluate the power efficiency of the S-BAN consisting of small sensors, such as an accessory type ECG and ring-type SpO2. The evaluation of power efficiency of the S-BAN using real sensors convinces us in deploying S-BAN and will also help us in providing feedbacks to the IEEE802.15.6 MAC, which will be the standard for BANs.

76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-01

... Control Systems (Update to DO-230B): Agenda July 15, 2011 Welcome/Introductions/Administrative Remarks... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to...

Land Ecological Security Evaluation of Guangzhou, China

PubMed Central

Xu, Linyu; Yin, Hao; Li, Zhaoxue; Li, Shun

2014-01-01

As the land ecosystem provides the necessary basic material resources for human development, land ecological security (LES) plays an increasingly important role in sustainable development. Given the degradation of land ecological security under rapid urbanization and the urgent LES requirements of urban populations, a comprehensive evaluation method, named Double Land Ecological Security (DLES), has been introduced with the city of Guangzhou, China, as a case study, which evaluates the LES in regional and unit scales for reasonable and specific urban planning. In the evaluation process with this method, we have combined the material security with the spiritual security that is inevitably associated with LES. Some new coefficients of land-security supply/demand distribution and technology contribution for LES evaluation have also been introduced for different spatial scales, including the regional and the unit scales. The results for Guangzhou indicated that, temporally, the LES supply indices were 0.77, 0.84 and 0.77 in 2000, 2006 and 2009 respectively, while LES demand indices for the city increased in 2000, 2006 and 2009 from 0.57 to 0.95, which made the LES level decreased slowly in this period. Spatially, at the regional scale, the urban land ecological security (ULES) level decreased from 0.2 (marginal security) to −0.18 (marginal insecurity) as a whole; in unit scale, areas in the north and in parts of the east were relatively secure and the security area was shrinking with time, but the central and southern areas turned to be marginal insecurity, especially in 2006 and 2009. This study proposes that DLES evaluation should be conducted for targeted and efficient urban planning and management, which can reflect the LES level of study area in general and in detail. PMID:25321873

Land ecological security evaluation of Guangzhou, China.

PubMed

Xu, Linyu; Yin, Hao; Li, Zhaoxue; Li, Shun

2014-10-15

As the land ecosystem provides the necessary basic material resources for human development, land ecological security (LES) plays an increasingly important role in sustainable development. Given the degradation of land ecological security under rapid urbanization and the urgent LES requirements of urban populations, a comprehensive evaluation method, named Double Land Ecological Security (DLES), has been introduced with the city of Guangzhou, China, as a case study, which evaluates the LES in regional and unit scales for reasonable and specific urban planning. In the evaluation process with this method, we have combined the material security with the spiritual security that is inevitably associated with LES. Some new coefficients of land-security supply/demand distribution and technology contribution for LES evaluation have also been introduced for different spatial scales, including the regional and the unit scales. The results for Guangzhou indicated that, temporally, the LES supply indices were 0.77, 0.84 and 0.77 in 2000, 2006 and 2009 respectively, while LES demand indices for the city increased in 2000, 2006 and 2009 from 0.57 to 0.95, which made the LES level decreased slowly in this period. Spatially, at the regional scale, the urban land ecological security (ULES) level decreased from 0.2 (marginal security) to -0.18 (marginal insecurity) as a whole; in unit scale, areas in the north and in parts of the east were relatively secure and the security area was shrinking with time, but the central and southern areas turned to be marginal insecurity, especially in 2006 and 2009. This study proposes that DLES evaluation should be conducted for targeted and efficient urban planning and management, which can reflect the LES level of study area in general and in detail.

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

Home blood pressure monitoring, secure electronic messaging and medication intensification for improving hypertension control: a mediation analysis.

PubMed

Ralston, J D; Cook, A J; Anderson, M L; Catz, S L; Fishman, P A; Carlson, J; Johnson, R; Green, B B

2014-01-01

We evaluated the role of home monitoring, communication with pharmacists, medication intensification, medication adherence and lifestyle factors in contributing to the effectiveness of an intervention to improve blood pressure control in patients with uncontrolled essential hypertension. We performed a mediation analysis of a published randomized trial based on the Chronic Care Model delivered over a secure patient website from June 2005 to December 2007. Study arms analyzed included usual care with a home blood pressure monitor and usual care with home blood pressure monitor and web-based pharmacist care. Mediator measures included secure messaging and telephone encounters; home blood pressure monitoring; medications intensification and adherence and lifestyle factors. Overall fidelity to the Chronic Care Model was assessed with the Patient Assessment of Chronic Care (PACIC) instrument. The primary outcome was percent of participants with blood pressure (BP) <140/90 mm Hg. At 12 months follow-up, patients in the web-based pharmacist care group were more likely to have BP <140/90 mm Hg (55%) compared to patients in the group with home blood pressure monitors only (37%) (p = 0.001). Home blood pressure monitoring accounted for 30.3% of the intervention effect, secure electronic messaging accounted for 96%, and medication intensification for 29.3%. Medication adherence and self-report of fruit and vegetable intake and weight change were not different between the two study groups. The PACIC score accounted for 22.0 % of the main intervention effect. The effect of web-based pharmacist care on improved blood pressure control was explained in part through a combination of home blood pressure monitoring, secure messaging, and antihypertensive medication intensification.

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE PAGES

Perkins, Casey; Muller, George

2015-10-08

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

Using Discrete Event Simulation to Model Attacker Interactions with Cyber and Physical Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Perkins, Casey; Muller, George

The number of connections between physical and cyber security systems is rapidly increasing due to centralized control from automated and remotely connected means. As the number of interfaces between systems continues to grow, the interactions and interdependencies between them cannot be ignored. Historically, physical and cyber vulnerability assessments have been performed independently. This independent evaluation omits important aspects of the integrated system, where the impacts resulting from malicious or opportunistic attacks are not easily known or understood. Here, we describe a discrete event simulation model that uses information about integrated physical and cyber security systems, attacker characteristics and simple responsemore » rules to identify key safeguards that limit an attacker's likelihood of success. Key features of the proposed model include comprehensive data generation to support a variety of sophisticated analyses, and full parameterization of safeguard performance characteristics and attacker behaviours to evaluate a range of scenarios. Lastly, we also describe the core data requirements and the network of networks that serves as the underlying simulation structure.« less

[Regional ecological construction and mission of landscape ecology].

PubMed

Xiao, Duning; Xie, Fuju; Wei, Jianbing

2004-10-01

The eco-construction on regional and landscape scale is the one which can be used to specific landscape and intercrossing ecosystem in specific region including performing scientific administration of ecosystem and optimizing environmental function. Recently, the government has taken a series of significant projects into action, such as national forest protection item, partly forest restoration, and adjustment of water, etc. Enforcing regional eco-construction and maintaining the ecology security of the nation have become the strategic requisition. In various regions, different eco-construction should be applied, for example, performing ecological safeguard measure in ecological sensitive zone, accommodating the ecological load in ecological fragile zone, etc., which can control the activities of human being, so that, sustainable development can be reached. Facing opportunity and challenge in the development of landscape ecology, we have some key topics: landscape pattern of ecological security, land use and ecological process, landscape changes under human activity stress, quantitative evaluation of the influence on human being activities, evaluation of zonal ecological security and advance warning of ecological risk, and planning and optimizing of model in landscape eco-construction.

Examining Cybersecurity of Cyberphysical Systems for Critical Infrastructures Through Work Domain Analysis.

PubMed

Wang, Hao; Lau, Nathan; Gerdes, Ryan M

2018-04-01

The aim of this study was to apply work domain analysis for cybersecurity assessment and design of supervisory control and data acquisition (SCADA) systems. Adoption of information and communication technology in cyberphysical systems (CPSs) for critical infrastructures enables automated and distributed control but introduces cybersecurity risk. Many CPSs employ SCADA industrial control systems that have become the target of cyberattacks, which inflict physical damage without use of force. Given that absolute security is not feasible for complex systems, cyberintrusions that introduce unanticipated events will occur; a proper response will in turn require human adaptive ability. Therefore, analysis techniques that can support security assessment and human factors engineering are invaluable for defending CPSs. We conducted work domain analysis using the abstraction hierarchy (AH) to model a generic SCADA implementation to identify the functional structures and means-ends relations. We then adopted a case study approach examining the Stuxnet cyberattack by developing and integrating AHs for the uranium enrichment process, SCADA implementation, and malware to investigate the interactions between the three aspects of cybersecurity in CPSs. The AHs for modeling a generic SCADA implementation and studying the Stuxnet cyberattack are useful for mapping attack vectors, identifying deficiencies in security processes and features, and evaluating proposed security solutions with respect to system objectives. Work domain analysis is an effective analytical method for studying cybersecurity of CPSs for critical infrastructures in a psychologically relevant manner. Work domain analysis should be applied to assess cybersecurity risk and inform engineering and user interface design.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Burger, J.R.

Loss control, both as a phrase and a concept, isn't used very widely in the U.S. coal industry although a U.S. manufacturer has cut accidents 71% and increased productivity 40% using the system. Safety is a part of the loss control concept, but it goes beyond traditional accident and illness prevention to become management control of anything that can result in loss or property damage. This includes what ILCI calls incidents, that is, ''any undesired or unwanted event that could (or does) degrade the efficiency of the business operation.'' These incidents could be accidents, quality or production problems, or evenmore » security breaches (such as thefts). So while safety is always a basic element-loss control also includes absenteeism control, security, fire prevention and industrial hygiene, since they're all interrelated disciplines for reducing loss. A baseline evaluation is followed by recommendations and guidance in self-sustaining corrective measures. This program would cost about $3,500 the first year. Possibly this approach is not used in the U.S. because miners feel that with all the legislation and regulation of the industry no further program is needed.« less

Web Services Security - Implementation and Evaluation Issues

NASA Astrophysics Data System (ADS)

Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

[Comparison of mental health state and psychological capacities between college students with and without siblings].

PubMed

Zhang, Xiao-yuan; Yu, Shou-yi; Zhao, Jiu-bo; Li, Jian-ming; Xiao, Rong

2007-04-01

To compare the differences in mental health state and psychological capacities between Chinese college students with and without siblings. The psychological status and capacities were evaluated with SCL-90, the Self-Esteem Scale, Spheres of Control Scale, Security Questionnaire and Cattell 16-PF Questionnaire in 427 college students, and among the students who presented valid responses, 139 with and 139 without siblings were selected for this comparative study. The total score and average score of SCL-90 in college students without siblings were significantly lower than those in students with siblings (P<0.05); the scores of factors C, E, and F of 16-PF were significantly higher but the score of factor O significantly lower in the former group (P<0.05). The scores of certainty in control, interpersonal security and total score of security were significantly higher in the students without siblings (P<0.01). The mental health state and some of the psychological capacities are generally better in college students with siblings than in those without siblings.

[Security of the medicinal therapy: Cartography of risks a priori within service of orthopaedic surgery].

PubMed

Razurel, A; Bertrand, É; Deranlot, J; Benhamou, F; Tritz, T; Le Mercier, F; Hardy, P

2015-11-01

Security and quality of the Medicinal Therapy are one of the most important objectives of the April 6th, 2011 order. The objective is to realize this study of the risks incurred by patients related to management and security of medicinal therapy in order to establish a plan to reduce the risks of drug's dispensation. The method of the Preliminary Risk Analysis (PRA) has been implemented by a multidisciplinary group in a hospital service of orthopaedic surgery. The study focused on the dispensation phase of medicinal circuit. This analysis revealed 148 scenarii, 35 were criticality unacceptable. Fifty-four initial risk control actions were proposed and their stress levels to put them in place were evaluated. The main measures of risk management are: training, information, communication, computerization, automation, dual control, updating the documentation system, drug reconciliation and respect for Best Practices Hospitallers (BPH). Risk management requires a significant human and financial investment as well as, material resources and multidisciplinary expertise in order to offer the best solutions. Copyright © 2015 Académie Nationale de Pharmacie. Published by Elsevier Masson SAS. All rights reserved.

Visiting Scholars Program

DTIC Science & Technology

2016-09-01

other associated grants. 15. SUBJECT TERMS SUNY Poly, STEM, Artificial Intelligence , Command and Control 16. SECURITY CLASSIFICATION OF: 17...neuromorphic system has the potential to be widely used in a high-efficiency artificial intelligence system. Simulation results have indicated that the...novel multiresolution fusion and advanced fusion performance evaluation tool for an Artificial Intelligence based natural language annotation engine for

Predicting Human Thermal Comfort in Automobiles

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rugh, J.; Bharathan, D.; Chaney, L.

The objects of this report are to: (1) increase national energy security by reducing fuel use for vehicle climate control systems; (2) show/demonstrate technology that can reduce the fuel used by LD vehicles' ancillary systems; and (3) develop tools to evaluate the effectiveness of energy-efficient systems including--comfort, cost, practicality, ease-of-use, and reliability.

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the seventeenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-24

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the nineteenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the eleventh meeting of RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-12

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty first meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-30

... Committee 224, Airport Security Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the thirteenth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-15

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twelfth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

National Security Technology Incubator Evaluation Process

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

This report describes the process by which the National Security Technology Incubator (NSTI) will be evaluated. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the components, steps, and measures of the proposed evaluation process. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages ofmore » early development. An effective evaluation process of the NSTI is an important step as it can provide qualitative and quantitative information on incubator performance over a given period. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The mission of the NSTI is to identify, incubate, and accelerate technologies with national security applications at various stages of development by providing hands-on mentoring and business assistance to small businesses and emerging or growing companies. To achieve success for both incubator businesses and the NSTI program, an evaluation process is essential to effectively measure results and implement corrective processes in the incubation design if needed. The evaluation process design will collect and analyze qualitative and quantitative data through performance evaluation system.« less

Short-term results of a prospective randomized evaluator blinded multicenter study comparing TVT and TVT-Secur.

PubMed

Andrada Hamer, Maria; Larsson, Per-Göran; Teleman, Pia; Etén-Bergqvist, Christina; Persson, Jan

2011-07-01

The aim of this prospective randomized multicenter study was to compare TVT (tension-free vaginal tape) with TVT-Secur in terms of efficacy and safety. We set out to enrol 280 stress incontinent women with a half time interim analysis of short-term cure and a continuous registration of adverse events. Of 133 randomized women, 126 were operated and 123 (TVT n = 62, TVT-Secur n = 61) available for 2 months follow-up. No significant differences were found between groups regarding demographics or grade of incontinence. At 2 months follow-up, subjective cure rate following TVT-Secur was significantly lower than for TVT (72% and 92%, respectively, p = 0.01). Three major complications occurred in the TVT-Secur group: tape erosion into the urethra, a tape inadvertently placed inside the bladder, and an immediate postoperative bleeding from the corona mortis. No major complications occurred in the TVT group. No significant differences were found between groups regarding perioperative bleeding, hospital stay, urge symptoms, or postoperative urinary tract infections. Median time for surgery was 13 and 22 min for TVT-Secur and TVT, respectively (p < 0.0001). In a prospective randomized controlled study, the TVT-Secur procedure had a significantly lower subjective cure rate than the retropubic TVT procedure. Due to this, in addition to three serious complications in the TVT-Secur group, we decided to stop further enrolment after the interim analysis. We discourage from further use of the TVT-Secur.

Cyber Incidents Involving Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert J. Turk

2005-10-01

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Managementmore » Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).« less

Peripherally InSerted CEntral catheter dressing and securement in patients with cancer: the PISCES trial. Protocol for a 2x2 factorial, superiority randomised controlled trial.

PubMed

Rickard, Claire M; Marsh, Nicole M; Webster, Joan; Gavin, Nicole C; Chan, Raymond J; McCarthy, Alexandra L; Mollee, Peter; Ullman, Amanda J; Kleidon, Tricia; Chopra, Vineet; Zhang, Li; McGrail, Matthew R; Larsen, Emily; Choudhury, Md Abu; Keogh, Samantha; Alexandrou, Evan; McMillan, David J; Mervin, Merehau Cindy; Paterson, David L; Cooke, Marie; Ray-Barruel, Gillian; Castillo, Maria Isabel; Hallahan, Andrew; Corley, Amanda; Geoffrey Playford, E

2017-06-15

Around 30% of peripherally inserted central catheters (PICCs) fail from vascular, infectious or mechanical complications. Patients with cancer are at highest risk, and this increases morbidity, mortality and costs. Effective PICC dressing and securement may prevent PICC failure; however, no large randomised controlled trial (RCT) has compared alternative approaches. We designed this RCT to assess the clinical and cost-effectiveness of dressing and securements to prevent PICC failure. Pragmatic, multicentre, 2×2 factorial, superiority RCT of (1) dressings (chlorhexidine gluconate disc (CHG) vs no disc) and (2) securements (integrated securement dressing (ISD) vs securement device (SED)). A qualitative evaluation using a knowledge translation framework is included. Recruitment of 1240 patients will occur over 3 years with allocation concealment until randomisation by a centralised service. For the dressing hypothesis, we hypothesise CHG discs will reduce catheter-associated bloodstream infection (CABSI) compared with no CHG disc. For the securement hypothesis, we hypothesise that ISD will reduce composite PICC failure (infection (CABSI/local infection), occlusion, dislodgement or thrombosis), compared with SED. types of PICC failure; safety; costs; dressing/securement failure; dwell time; microbial colonisation; reversible PICC complications and consumer acceptability. Relative incidence rates of CABSI and PICC failure/100 devices and/1000 PICC days (with 95% CIs) will summarise treatment impact. Kaplan-Meier survival curves (and log rank Mantel-Haenszel test) will compare outcomes over time. Secondary end points will be compared between groups using parametric/non-parametric techniques; p values <0.05 will be considered to be statistically significant. Ethical approval from Queensland Health (HREC/15/QRCH/241) and Griffith University (Ref. No. 2016/063). Results will be published. Trial registration number is: ACTRN12616000315415. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2017. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

NASA Astrophysics Data System (ADS)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and to indicate degradations.

33 CFR 106.265 - Security measures for restricted areas.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Telecommunications; (iii) Power distribution system; (iv) Access points for ventilation and air-conditioning systems... security areas within the OCS facility; (6) Protect security and surveillance equipment and systems; and (7... security and surveillance equipment and systems and their controls, and lighting system controls; and (3...

36 CFR 1256.70 - What controls access to national security-classified information?

Code of Federal Regulations, 2010 CFR

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

Report: EPA’s Office of Environmental Information Should Improve Ariel Rios and Potomac Yard Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0879, September 26, 2012. The security posture and in-place environmental control review of the computer rooms in the Ariel Rios and Potomac Yard buildings revealed numerous security and environmental control deficiencies.

A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

PubMed

Gope, Prosanta; Amin, Ruhul

2016-11-01

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

Detection and response to unauthorized access to a communication device

DOEpatents

Smith, Rhett; Gordon, Colin

2015-09-08

A communication gateway consistent with the present disclosure may detect unauthorized physical or electronic access and implement security actions in response thereto. A communication gateway may provide a communication path to an intelligent electronic device (IED) using an IED communications port configured to communicate with the IED. The communication gateway may include a physical intrusion detection port and a network port. The communication gateway may further include control logic configured to evaluate physical intrusion detection signal. The control logic may be configured to determine that the physical intrusion detection signal is indicative of an attempt to obtain unauthorized access to one of the communication gateway, the IED, and a device in communication with the gateway; and take a security action based upon the determination that the indication is indicative of the attempt to gain unauthorized access.

An efficient and secure certificateless authentication protocol for healthcare system on wireless medical sensor networks.

PubMed

Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

2013-01-01

Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks.

An Efficient and Secure Certificateless Authentication Protocol for Healthcare System on Wireless Medical Sensor Networks

PubMed Central

Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

2013-01-01

Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks. PMID:23710147

5 CFR 9701.107 - Program evaluation.

Code of Federal Regulations, 2010 CFR

2010-01-01

....107 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.107 Program evaluation. (a) DHS will establish...

Curriculum evaluation and revision in a nascent field: the utility of the retrospective pretest--posttest model in a homeland security program of study.

PubMed

Pelfrey, William V; Pelfrey, William V

2009-02-01

Although most academic disciplines evolve at a measured pace, the emerging field of homeland security must, for reasons of safety and security, evolve rapidly. The Department of Homeland Security sponsored the establishment of a graduate educational program for key officials holding homeland security roles. Because homeland security is a nascent field, the establishment of a program curriculum was forced to draw from a variety of disciplines. Curriculum evaluation was complicated by the rapid changes occurring in the emerging discipline, producing response shift bias, and interfering with the pre-post assessments. To compensate for the validity threat associated with response shift bias, a retrospective pretest-posttest evaluative methodology was used. Data indicate the program has evolved in a significant and orderly fashion and these data support the use of this innovative evaluation approach in the development of any discipline.

Evaluation of a Cyber Security System for Hospital Network.

PubMed

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Food security among individuals experiencing homelessness and mental illness in the At Home/Chez Soi Trial.

PubMed

O'Campo, Patricia; Hwang, Stephen W; Gozdzik, Agnes; Schuler, Andrée; Kaufman-Shriqui, Vered; Poremski, Daniel; Lazgare, Luis Ivan Palma; Distasio, Jino; Belbraouet, Slimane; Addorisio, Sindi

2017-08-01

Individuals experiencing homelessness are particularly vulnerable to food insecurity. The At Home/Chez Soi study provides a unique opportunity to first examine baseline levels of food security among homeless individuals with mental illness and second to evaluate the effect of a Housing First (HF) intervention on food security in this population. At Home/Chez Soi was a 2-year randomized controlled trial comparing the effectiveness of HF compared with usual care among homeless adults with mental illness, stratified by level of need for mental health services (high or moderate). Logistic regressions tested baseline associations between food security (US Food Security Survey Module), study site, sociodemographic variables, duration of homelessness, alcohol/substance use, physical health and service utilization. Negative binomial regression determined the impact of the HF intervention on achieving levels of high or marginal food security over an 18-month follow-up period (6 to 24 months). Community settings at five Canadian sites (Moncton, Montreal, Toronto, Winnipeg and Vancouver). Homeless adults with mental illness (n 2148). Approximately 41 % of our sample reported high or marginal food security at baseline, but this figure varied with gender, age, mental health issues and substance use problems. High need participants who received HF were more likely to achieve marginal or high food security than those receiving usual care, but only at the Toronto and Moncton sites. Our large multi-site study demonstrated low levels of food security among homeless experiencing mental illness. HF showed promise for improving food security among participants with high levels of need for mental health services, with notable site differences.

The adoption of IT security standards in a healthcare environment.

PubMed

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Testbed-based Performance Evaluation of Attack Resilient Control for AGC

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Sridhar, Siddharth; McKinnon, Archibald D.

The modern electric power grid is a complex cyber-physical system whose reliable operation is enabled by a wide-area monitoring and control infrastructure. This infrastructure, supported by an extensive communication backbone, enables several control applications functioning at multiple time scales to ensure the grid is maintained within stable operating limits. Recent events have shown that vulnerabilities in this infrastructure may be exploited to manipulate the data being exchanged. Such a scenario could cause the associated control application to mis-operate, potentially causing system-wide instabilities. There is a growing emphasis on looking beyond traditional cybersecurity solutions to mitigate such threats. In this papermore » we perform a testbed-based validation of one such solution - Attack Resilient Control (ARC) - on Iowa State University's \\textit{PowerCyber} testbed. ARC is a cyber-physical security solution that combines domain-specific anomaly detection and model-based mitigation to detect stealthy attacks on Automatic Generation Control (AGC). In this paper, we first describe the implementation architecture of the experiment on the testbed. Next, we demonstrate the capability of stealthy attack templates to cause forced under-frequency load shedding in a 3-area test system. We then validate the performance of ARC by measuring its ability to detect and mitigate these attacks. Our results reveal that ARC is efficient in detecting stealthy attacks and enables AGC to maintain system operating frequency close to its nominal value during an attack. Our studies also highlight the importance of testbed-based experimentation for evaluating the performance of cyber-physical security and control applications.« less

Report: EPA’s Radiation and Indoor Environments National Laboratory Should Improve Its Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0847, September 21, 2012.Our review of the security posture and in-place environmental controls of EPA’s Radiation and Indoor Environments National Laboratory computer room disclosed an array of security and environmental control deficiencies.

Repair, Evaluation, Maintenance, and Rehabilitation Research Program. Floating Debris Control; A Literature Review.

DTIC Science & Technology

1987-06-01

Debris diversion boom and debris, Appalachian Power Company Station at Winfield Lock and Dam, Kanavha River, West Virginia. Than, T 9 (sin a) - 1.94...control dam. Central gate Is blocked partly open causing .ime downstream scour. Water flows right to left. BOTTOM-Debris diversion boom and debris... Appalachian Power Company Station at Winfield Lock and Dam, Kanawha River, West Virginia. - 0 .’ Unclass ified SECURITY CLASSIFICATION OF THIS PAGE for- 40

Sleep-Disordered Breathing in Chronic SCI: A Randomized Controlled Trial of Treatment Impact on Cognition, Quality of Life, and Cardiovascular Disease

DTIC Science & Technology

2014-10-01

SCI. In this prospective randomized controlled trial, we will objectively measure sleep disordered breathing ( SDB ) in chronic SCI patients using...portable sleep studies, and systematically evaluate the association between SDB , cognitive performance, mood, pain, and CV measures. We will randomize...randomized shortly. 15. SUBJECT TERMS SDB , SCI, PAP, CV 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 19a

A Procedure for Evaluating Subpotable Water Reuse Potential at Army Fixed Facilities.

DTIC Science & Technology

1981-11-01

characteristic of phosphate waste waters from fume scrubbers. + Flue gas desulfurization sludge liquors. 75 Table B5 Base Housing Water Supply Quality (Also...ENGINEERING RESEARCH LABORATORY 4A762720A896-B-008 P.O. Box 4005, Champaign, IL 61820 1I. CONTROLLING OFFICE NAME AND ADDRESS 12. REPORT DATE November 1981 13...NUMBER OF PAGES 102 4. MONITORING AGENCY NAME & ADDRESS(If different from Controlling Office) IS. SECURITY CLASS. (of til, report) UNCLASSIFIED 15

Subchronic Toxicity Studies on 1,3,5-Trinitrobenzene, 1,3- Dinitrobenzene, and Tetryl in Rats. Subchronic Toxicity Evaluation of 1,3,5- Trinitrobenzene in Fischer 344 Rats

DTIC Science & Technology

1994-05-01

cton ofMO,,natt. ’"An saqe jr~n ’edw tc.ngin o...rm to Wailoqto. HeCdos11#, ¶ n1e i Oueftoc D or.,e fwaft at~on OOWctl~t~ and AeoOat. 12 11 J~flfflOI 0S...controls in both sexes.3 14. SUBJECT TERMS 115 . NUMBER OF PAGES 16. PRICE CODE 17. SECURITv CLASSIFICATION 13. SECURITY CLASSIFICATION 19. SECURITY...NJ). Total red and white blood cell counts, platelet count, differential leukocyte count, hemoglobin, and packed cell volume were measured and

Mere Exposure Revisited: The Influence of Growth versus Security Cues on Evaluations of Novel and Familiar Stimuli

ERIC Educational Resources Information Center

Gillebaart, Marleen; Forster, Jens; Rotteveel, Mark

2012-01-01

Combining regulatory focus theory (Higgins, 1997) and novelty categorization theory (Forster, Marguc, & Gillebaart, 2010), we predicted that novel stimuli would be more positively evaluated when focused on growth as compared with security and that familiar stimuli would be more negatively evaluated when focused on growth as compared with security.…

Evaluation of security algorithms used for security processing on DICOM images

NASA Astrophysics Data System (ADS)

Chen, Xiaomeng; Shuai, Jie; Zhang, Jianguo; Huang, H. K.

2005-04-01

In this paper, we developed security approach to provide security measures and features in PACS image acquisition and Tele-radiology image transmission. The security processing on medical images was based on public key infrastructure (PKI) and including digital signature and data encryption to achieve the security features of confidentiality, privacy, authenticity, integrity, and non-repudiation. There are many algorithms which can be used in PKI for data encryption and digital signature. In this research, we select several algorithms to perform security processing on different DICOM images in PACS environment, evaluate the security processing performance of these algorithms, and find the relationship between performance with image types, sizes and the implementation methods.

Improving the redistribution of the security lessons in healthcare: An evaluation of the Generic Security Template.

PubMed

He, Ying; Johnson, Chris

2015-11-01

The recurrence of past security breaches in healthcare showed that lessons had not been effectively learned across different healthcare organisations. Recent studies have identified the need to improve learning from incidents and to share security knowledge to prevent future attacks. Generic Security Templates (GSTs) have been proposed to facilitate this knowledge transfer. The objective of this paper is to evaluate whether potential users in healthcare organisations can exploit the GST technique to share lessons learned from security incidents. We conducted a series of case studies to evaluate GSTs. In particular, we used a GST for a security incident in the US Veterans' Affairs Administration to explore whether security lessons could be applied in a very different Chinese healthcare organisation. The results showed that Chinese security professional accepted the use of GSTs and that cyber security lessons could be transferred to a Chinese healthcare organisation using this approach. The users also identified the weaknesses and strengths of GSTs, providing suggestions for future improvements. Generic Security Templates can be used to redistribute lessons learned from security incidents. Sharing cyber security lessons helps organisations consider their own practices and assess whether applicable security standards address concerns raised in previous breaches in other countries. The experience gained from this study provides the basis for future work in conducting similar studies in other healthcare organisations. Copyright © 2015 Elsevier Ireland Ltd. All rights reserved.

Arms Control and National Security: An Introduction. Advance Edition.

ERIC Educational Resources Information Center

Arms Control Association, Washington, DC.

Suitable for use with high school students, this booklet on arms control and national security provides background information, describes basic concepts, reviews recent history, and offers suggestions for further reading. The first section, on American attitudes toward national security and arms control, defines five types of limits on weapons…

Security Controls Hurt Research, NAS Warns.

ERIC Educational Resources Information Center

Kolata, Gina

1982-01-01

A National Academy of Sciences (NAS) report found no evidence that leaks of technical information from universities or other research centers have damaged national security. However, in areas where control is warranted, decisions should be based on criteria. These criteria and issues related to security control and technological transfer are…

A Pilot Randomized Controlled Trial of Novel Dressing and Securement Techniques in 101 Pediatric Patients.

PubMed

Kleidon, Tricia M; Ullman, Amanda J; Gibson, Victoria; Chaseling, Brett; Schoutrop, Jason; Mihala, Gabor; Rickard, Claire M

2017-11-01

To evaluate feasibility of an efficacy trial comparing peripherally inserted central catheter (PICC) dressing and securement techniques to prevent complications and failure. This pilot, 3-armed, randomized controlled trial was undertaken at Royal Children's Hospital and Lady Cilento Children's Hospital, Brisbane, Australia, between April 2014 and September 2015. Pediatric participants (N = 101; age range, 0-18 y) were assigned to standard care (bordered polyurethane [BPU] dressing, sutureless securement device), tissue adhesive (TA) (plus BPU dressing), or integrated securement dressings (ISDs). Average PICC dwell time was 8.1 days (range, 0.2-27.7 d). Primary outcome was trial feasibility including PICC failure. Secondary outcomes were PICC complications, dressing performance, and parent and staff satisfaction. Protocol feasibility was established. PICC failure was 6% (2/32) with standard care, 6% (2/31) with ISD, and 3% (1/32) with TA. PICC complications were 16% across all groups. TA provided immediate postoperative hemostasis, prolonging the first dressing change until 5.5 days compared with 3.5 days and 2.5 days with standard care and ISD respectively. Bleeding was the most common reason for first dressing change: standard care (n = 18; 75%), ISD (n = 11; 69%), TA (n = 4; 27%). Parental satisfaction (median 9.7/10; P = .006) and staff feedback (9.2/10; P = .002) were most positive for ISD. This research suggests safety and acceptability of different securement dressings compared with standard care; securement dressings may also reduce dressing changes after insertion. Further research is required to confirm clinically cost-effective methods to prevent PICC failure. Copyright © 2017 SIR. Published by Elsevier Inc. All rights reserved.

Tobacco control advocacy in Australia: reflections on 30 years of progress.

PubMed

Chapman, S; Wakefield, M

2001-06-01

Australia has one of the world's most successful records on tobacco control. The role of public health advocacy in securing public and political support for tobacco control legislation and policy and program support is widely acknowledged and enshrined in World Health Organization policy documents yet is seldom the subject of analysis in the public health policy research literature. Australian public health advocates tend to not work in settings where evaluation and systematic planning are valued. However, their day-to-day strategies reveal considerable method and grounding in framing theory. The nature of media advocacy is explored, with differences between the conceptualization of routine "programmatic" public health interventions and the modus operandi of media advocacy highlighted. Two case studies on securing smoke-free indoor air and banning all tobacco advertising are used to illustrate advocacy strategies that have been used in Australia. Finally, the argument that advocacy should emanate from communities and be driven by them is considered.

Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

PubMed

He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

2017-09-06

With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

Access control based on attribute certificates for medical intranet applications.

PubMed

Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

2001-01-01

Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

33 CFR 104.265 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... security measures to: (1) Deter the unauthorized introduction of dangerous substances and devices...

A review of physical security robotics at Sandia National Laboratories

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roerig, S.C.

1990-01-01

As an outgrowth of research into physical security technologies, Sandia is investigating the role of robotics in security systems. Robotics may allow more effective utilization of guard forces, especially in scenarios where personnel would be exposed to harmful environments. Robots can provide intrusion detection and assessment functions for failed sensors or transient assets, can test existing fixed site sensors, and can gather additional intelligence and dispense delaying elements. The Robotic Security Vehicle (RSV) program for DOE/OSS is developing a fieldable prototype for an exterior physical security robot based upon a commercial four wheel drive vehicle. The RSV will be capablemore » of driving itself, being driven remotely, or being driven by an onboard operator around a site and will utilize its sensors to alert an operator to unusual conditions. The Remote Security Station (RSS) program for the Defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior security systems. The RSS consists of an independent sensor pod, a mobile sensor platform and a control and display console. Sensor data fusion is used to optimize the system's intrusion detection performance. These programs are complementary, the RSV concentrates on developing autonomous mobility, while the RSS thrust is on mobile sensor employment. 3 figs.« less

Methods for Restoring Shape and Structure of Compressed Dehydrated Animal and Combination Products

DTIC Science & Technology

1974-09-01

controls. Meatballs showed sl ight deteriorat ion whil e the other foods scored between the extremely affected products. SECURITY CI.ASSI F ICATION...Basic Formulation of Seasoning Mix . ... ..• .•. Diced Chicken Evaluati on .. . . . .......... . . .•. Meatball Formul ation... Meatball Evaluation •..... . ....... . .. . .. . . ... Chicken and Rice Evaluati on ..... .. . .... ..• .• Chicken and Rice

49 CFR Appendix C to Part 240 - Procedures for Obtaining and Evaluating Motor Vehicle Driving Record Data

Code of Federal Regulations, 2011 CFR

2011-10-01

... under the influence of, or impaired by, alcohol or a controlled substance, and for traffic violations... social security account number, if a State collects such data. Access to NDR Data Essentially only... information to that being mandated by FRA. Furnishing additional information, such as the person's Social...

Food Security and Leukocyte Telomere Length in Adult Americans.

PubMed

Mazidi, Mohsen; Kengne, Andre Pascal; Vatanparast, Hassan

2017-01-01

Leukocyte telomere length (LTL) is a biomarker of biologic age. Whether food security status modulates LTL is still unknown. We investigated the association between food security and LTL in participants of the 1999-2002 US National Health and Nutrition Examination Survey (NHANES). Analysis of covariance (ANCOVA) was used to evaluate the association between food security categories and LTL controlling for sex, race, and education and accounting for the survey design and sample weights. We included 10,888 participants with 5228 (48.0%) being men. They were aged on average 44.1 years. In all, 2362 (21.7%) had less than high school, 2787 (25.6%) had achieved high school, while 5705 (52.5%) had done more than high school. In sex-, race-, and education-adjusted ANCOVA, average LTL (T/S ratio) for participants with high food security versus those with marginal, low, or very low food security was 1.32 versus 1.20 for the age group 25-35 years and 1.26 versus 1.11 for the 35-45 years, ( p < 0.001). The association between food insecurity and LTL shortening in young adults suggest that some of the future effects of food insecurity on chronic disease risk in this population could be mediated by telomere shortening.

Fuzzy assessment of health information system users' security awareness.

PubMed

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

Security and privacy qualities of medical devices: an analysis of FDA postmarket surveillance.

PubMed

Kramer, Daniel B; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R

2012-01-01

Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients' stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware.

Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance

PubMed Central

Kramer, Daniel B.; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R.

2012-01-01

Background Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware. PMID:22829874

Safe-haven locking device

DOEpatents

Williams, J.V.

1984-04-26

Disclosed is a locking device for eliminating external control of a secured space formed by fixed and movable barriers. The locking device uses externally and internally controlled locksets and a movable strike, operable from the secured side of the movable barrier, to selectively engage either lockset. A disengagement device, for preventing forces from being applied to the lock bolts is also disclosed. In this manner, a secured space can be controlled from the secured side as a safe-haven. 4 figures.

Graphs for information security control in software defined networks

NASA Astrophysics Data System (ADS)

Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

2017-07-01

Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

33 CFR 105.255 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and facilities; (4) Granting access to only those responding to the security incident or threat... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.255 Security...

77 FR 5734 - New Medical Criteria for Evaluating Language and Speech Disorders

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-06

... Medical Criteria for Evaluating Language and Speech Disorders AGENCY: Social Security Administration... Security numbers or medical information. 1. Internet: We strongly recommend that you submit your comments... INFORMATION CONTACT: Cheryl A. Williams, Office of Medical Listings Improvement, Social Security...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

Which green way: description of the intervention for mobilising against Aedes aegypti under difficult security conditions in southern Mexico.

PubMed

Morales-Perez, Arcadio; Nava-Aguilera, Elizabeth; Legorreta-Soberanis, José; Paredes-Solís, Sergio; Balanzar-Martínez, Alejandro; Serrano-de Los Santos, Felipe René; Ríos-Rivera, Claudia Erika; García-Leyva, Jaime; Ledogar, Robert J; Cockcroft, Anne; Andersson, Neil

2017-05-30

Community mobilisation for prevention requires engagement with and buy in from those communities. In the Mexico state of Guerrero, unprecedented social violence related to the narcotics trade has eroded most community structures. A recent randomised controlled trial in 90 coastal communities achieved sufficient mobilisation to reduce conventional vector density indicators, self-reported dengue illness and serologically proved dengue virus infection. The Camino Verde intervention was a participatory research protocol promoting local discussion of baseline evidence and co-design of vector control solutions. Training of facilitators emphasised community authorship rather than trying to convince communities to do specific activities. Several discussion groups in each intervention community generated a loose and evolving prevention plan. Facilitators trained brigadistas, the first wave of whom received a small monthly stipend. Increasing numbers of volunteers joined the effort without pay. All communities opted to work with schoolchildren and for house-to-house visits by brigadístas. Children joined the neighbourhood vector control movements where security conditions permitted. After 6 months, a peer evaluation involved brigadista visits between intervention communities to review and to share progress. Although most communities had no active social institutions at the outset, local action planning using survey data provided a starting point for community authorship. Well-known in their own communities, brigadistas faced little security risk compared with the facilitators who visited the communities, or with governmental programmes. We believe the training focus on evidence-based dialogue and a plural community ownership through multiple design groups were key to success under challenging security conditions. ISRCTN27581154 .

Field testing of tele-operation versus shared and traded control for military assets: an evaluation involving real-time embedded simulation and soldier assessment

NASA Astrophysics Data System (ADS)

Metcalfe, Jason S.; Alban, Jillyn; Cosenzo, Keryl; Johnson, Tony; Capstick, Erin

2010-04-01

Those applying autonomous technologies to military systems strive to enhance human-robot and robot-robot performance. Beyond performance, the military must be concerned with local area security. Characterized as "secure mobility", military systems must enable safe and effective terrain traversal concurrent with maintenance of situational awareness (SA). One approach to interleaving these objectives is supervisory control, with popular options being shared and traded control. Yet, with the scale and expense of military assets, common technical issues such as transition time and safeguarding become critical; especially as they interact with Soldier capabilities. Study is required to enable selection of control methods that optimize Soldier-system performance while safeguarding both individually. The current report describes a study utilizing experimental military vehicles and simulation systems enabling teleoperation and supervisory control. Automated triggering of SA demands was interspersed with a set of challenging driving maneuvers in a 'teleoperation-like' context to examine the influence of supervisory control on Soldier-system performance. Results indicated that direct application of supervisory control, while beneficial under particular demands, requires continued development to be perceived by Soldiers as useful. Future efforts should more tightly couple the information exchanged between the Soldier and system to overcome current challenges not addressed by standard control methods.

Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

DOT National Transportation Integrated Search

1998-05-01

Given the paramount importance of computer security of Air Traffic Control (ATC) systems, Congress asked the General Accounting Office to determine (1) whether the Fedcral Aviation Administration (FAA) is effectively managing physical security at ATC...

33 CFR 104.405 - Format of the Vessel Security Plan (VSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Communications; (9) Security systems and equipment maintenance; (10) Security measures for access control... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Format of the Vessel Security... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Plan (VSP) § 104.405 Format of the...

Main control computer security model of closed network systems protection against cyber attacks

NASA Astrophysics Data System (ADS)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

Sleep-Disordered Breathing in Chronic SCI: A Randomized Controlled Trial of Treatment Impact on Cognition, Quality of Life, and Cardiovascular Disease

DTIC Science & Technology

2015-10-01

randomized controlled trial, we will objectively measure sleep disordered breathing ( SDB ) in chronic SCI patients using portable sleep studies, and...systematically evaluate the association between SDB , cognitive performance, mood, pain, and CV measures. We will randomize participants to 4 months of PAP...TERMS SDB , SCI, PAP, CV 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 19a. NAME OF RESPONSIBLE PERSON USAMRMC a

Sleep Disordered Breathing in Chronic SCI: A Randomized Controlled Trial of Treatment Impact on Cognition, Quality of Life, and Cardiovascular Disease

DTIC Science & Technology

2015-11-30

randomized controlled trial, we will objectively measure sleep disordered breathing ( SDB ) in chronic SCI patients using portable sleep studies, and...systematically evaluate the association between SDB , cognitive performance, mood, pain, and CV measures. We will randomize participants to 4 months of PAP...TERMS SDB , SCI, PAP, CV 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES 19a. NAME OF RESPONSIBLE PERSON USAMRMC a

Technological Tyranny

NASA Astrophysics Data System (ADS)

Greenwood, Dick

1984-08-01

It is implicitly assumed by those who create, develop, control and deploy new technology, as well as by society at-large, that technological innovation always represents progress. Such an unchallenged assumption precludes an examination and evaluation of the interrelationships and impact the development and use of technology have on larger public policy matters, such as preservation of democratic values, national security and military policies, employment, income and tax policies, foreign policy and the accountability of private corporate entities to society. This brief challenges those assumptions and calls for social control of technology.

Family conflict, emotional security, and child development: translating research findings into a prevention program for community families.

PubMed

Cummings, E Mark; Schatz, Julie N

2012-03-01

The social problem posed by family conflict to the physical and psychological health and well-being of children, parents, and underlying family relationships is a cause for concern. Inter-parental and parent-child conflict are linked with children's behavioral, emotional, social, academic, and health problems, with children's risk particularly elevated in distressed marriages. Supported by the promise of brief psycho-educational programs (e.g., Halford et al. in Journal of Family Psychology 22:497-505, 2008; Sanders in Journal of Family Psychology 22:506-517, 2008), the present paper presents the development and evaluation of a prevention program for community families with children, concerned with family-wide conflict and relationships, and building on Emotional Security Theory (Davies and Cummings in Psychological Bulletin 116:387-411, 1994). This program uniquely focuses on translating research and theory in this area into brief, engaging programs for community families to improve conflict and emotional security for the sake of the children. Evaluation is based on multi-domain and multi-method assessments of family-wide and child outcomes in the context of a randomized control design. A series of studies are briefly described in the programmatic development of a prevention program for conflict and emotional security for community families, culminating in a program for family-wide conflict and emotional security for families with adolescents. With regard to this ongoing program, evidence is presented at the post-test for improvements in family-wide functioning, consideration of the relative benefits for different groups within the community, and preliminary support for the theoretical bases for program outcomes.

Modular robotic system for forensic investigation support

NASA Astrophysics Data System (ADS)

Kowalski, Grzegorz; Główka, Jakub; Maciaś, Mateusz; Puchalski, Sławomir

2017-10-01

Forensic investigation on the crime scene is an activity that requires not only knowledge about the ways of searching for evidence, collecting and processing them. In some cases the area of operation might not be properly secured and poses threat to human health or life. Some devices or materials may be left intentionally or not to injure potential investigators. Besides conventional explosives, threats can be in form of CBRN materials, which have not only immediate effect on the exposed personnel, but can contaminate further people, when being transferred for example on clothes or unsecured equipment. In this case a risk evaluation should be performed, that can lead to conclusions that it is too dangerous for investigators to work. In that kind of situation remote devices, which are able to examine the crime scene and secure samples, can be used. In the course of R&D activities PIAP developed a system, which is based on small UGV capable of carrying out inspection of suspicious places and securing evidence, when needed. The system consists of remotely controlled mobile robot, its control console and a set of various inspection and support tools, that enable detection of CBRN threats as well as revelation, documentation and securing of the evidence. This paper will present main features of the system, like mission adjustment possibilities and communication aspects, and also examples of the forensic accessories.

78 FR 25521 - Revised Medical Criteria for Evaluating Visual Disorders

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2010-0078] Revised Medical Criteria for Evaluating Visual Disorders AGENCY: Social Security Administration. ACTION: Final rules; Correction. SUMMARY: The Social Security Administration published a document in the Federal Register of March 28, 2013, in FR Doc...

10 CFR 709.10 - Scope of a counterintelligence evaluation.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Protection of National Security § 709.10 Scope of a counterintelligence evaluation. A counterintelligence evaluation consists of a counterintelligence-based review of the covered person's personnel security file and...

Security Evolution.

ERIC Educational Resources Information Center

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

Evidence-Based Parenting Interventions to Promote Secure Attachment

PubMed Central

Wright, Barry; Edginton, Elizabeth

2016-01-01

Various interventions are used in clinical practice to address insecure or disorganized attachment patterns and attachment disorders. The most common of these are parenting interventions, but not all have a robust empirical evidence base. We undertook a systematic review of randomized trials comparing a parenting intervention with a control, where these used a validated attachment instrument, in order to evaluate the clinical and cost-effectiveness of interventions aiming to improve attachment in children with severe attachment problems (mean age <13 years). This article aims to inform clinicians about the parenting interventions included in our systematic review that were clinically effective in promoting secure attachment. For completeness, we also briefly discuss other interventions without randomized controlled trial evidence, identified in Patient Public Involvement workshops and expert groups at the point our review was completed as being used or recommended. We outline the key implications of our findings for clinical practice and future research. PMID:27583298

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

Capturing security requirements for software systems.

PubMed

El-Hadary, Hassan; El-Kassas, Sherif

2014-07-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way.

Capturing security requirements for software systems

PubMed Central

El-Hadary, Hassan; El-Kassas, Sherif

2014-01-01

Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

Localization-Free Detection of Replica Node Attacks in Wireless Sensor Networks Using Similarity Estimation with Group Deployment Knowledge

PubMed Central

Ding, Chao; Yang, Lijun; Wu, Meng

2017-01-01

Due to the unattended nature and poor security guarantee of the wireless sensor networks (WSNs), adversaries can easily make replicas of compromised nodes, and place them throughout the network to launch various types of attacks. Such an attack is dangerous because it enables the adversaries to control large numbers of nodes and extend the damage of attacks to most of the network with quite limited cost. To stop the node replica attack, we propose a location similarity-based detection scheme using deployment knowledge. Compared with prior solutions, our scheme provides extra functionalities that prevent replicas from generating false location claims without deploying resource-consuming localization techniques on the resource-constraint sensor nodes. We evaluate the security performance of our proposal under different attack strategies through heuristic analysis, and show that our scheme achieves secure and robust replica detection by increasing the cost of node replication. Additionally, we evaluate the impact of network environment on the proposed scheme through theoretic analysis and simulation experiments, and indicate that our scheme achieves effectiveness and efficiency with substantially lower communication, computational, and storage overhead than prior works under different situations and attack strategies. PMID:28098846

Localization-Free Detection of Replica Node Attacks in Wireless Sensor Networks Using Similarity Estimation with Group Deployment Knowledge.

PubMed

Ding, Chao; Yang, Lijun; Wu, Meng

2017-01-15

Due to the unattended nature and poor security guarantee of the wireless sensor networks (WSNs), adversaries can easily make replicas of compromised nodes, and place them throughout the network to launch various types of attacks. Such an attack is dangerous because it enables the adversaries to control large numbers of nodes and extend the damage of attacks to most of the network with quite limited cost. To stop the node replica attack, we propose a location similarity-based detection scheme using deployment knowledge. Compared with prior solutions, our scheme provides extra functionalities that prevent replicas from generating false location claims without deploying resource-consuming localization techniques on the resource-constraint sensor nodes. We evaluate the security performance of our proposal under different attack strategies through heuristic analysis, and show that our scheme achieves secure and robust replica detection by increasing the cost of node replication. Additionally, we evaluate the impact of network environment on the proposed scheme through theoretic analysis and simulation experiments, and indicate that our scheme achieves effectiveness and efficiency with substantially lower communication, computational, and storage overhead than prior works under different situations and attack strategies.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew A.

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew

2013-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

Evaluating Library Security Problems and Solutions.

ERIC Educational Resources Information Center

Nicely, Chris

1993-01-01

Discusses different types of security systems for libraries and explains the differences between electromagnetic, radio-frequency, and microwave technologies. A list of questions to assist in system evaluation is provided; and preventive measures used to curtail theft and protocol for handling situations that trigger security alarms are included.…

Access Control based on Attribute Certificates for Medical Intranet Applications

PubMed Central

Georgiadis, Christos; Pangalos, George; Khair, Marie

2001-01-01

Background Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. Objectives To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. Methods We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Results Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Conclusions Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy. PMID:11720951

75 FR 2556 - Extension of Agency Information Collection Activity Under OMB Review: Transportation Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-15

... Information Collection Activity Under OMB Review: Transportation Security Officer (TSO) Medical Questionnaire... Evaluation, Cardiac Further Evaluation, Diabetes Further Evaluation, Drug or Alcohol Use Further Evaluation... evaluate a candidate's physical and medical qualifications to be a TSO, including visual and aural acuity...

76 FR 22409 - Nationwide Cyber Security Review (NCSR) Assessment

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-21

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0012] Nationwide Cyber Security Review (NCSR...), National Cyber Security Division (NCSD), Cyber Security Evaluation Program (CSEP), will submit the... for all levels of government to complete a cyber network security assessment so that a full measure of...

33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...; (9) Security systems and equipment maintenance; (10) Security measures for access control; (11... Facility Security Plan (FSP). 106.405 Section 106.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES...

Secure public cloud platform for medical images sharing.

PubMed

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

Innovative hyperchaotic encryption algorithm for compressed video

NASA Astrophysics Data System (ADS)

Yuan, Chun; Zhong, Yuzhuo; Yang, Shiqiang

2002-12-01

It is accepted that stream cryptosystem can achieve good real-time performance and flexibility which implements encryption by selecting few parts of the block data and header information of the compressed video stream. Chaotic random number generator, for example Logistics Map, is a comparatively promising substitute, but it is easily attacked by nonlinear dynamic forecasting and geometric information extracting. In this paper, we present a hyperchaotic cryptography scheme to encrypt the compressed video, which integrates Logistics Map with Z(232 - 1) field linear congruential algorithm to strengthen the security of the mono-chaotic cryptography, meanwhile, the real-time performance and flexibility of the chaotic sequence cryptography are maintained. It also integrates with the dissymmetrical public-key cryptography and implements encryption and identity authentification on control parameters at initialization phase. In accord with the importance of data in compressed video stream, encryption is performed in layered scheme. In the innovative hyperchaotic cryptography, the value and the updating frequency of control parameters can be changed online to satisfy the requirement of the network quality, processor capability and security requirement. The innovative hyperchaotic cryprography proves robust security by cryptoanalysis, shows good real-time performance and flexible implement capability through the arithmetic evaluating and test.

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

NASA Astrophysics Data System (ADS)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

Effortful control mediates relations between children's attachment security and their regard for rules of conduct

PubMed Central

Nordling, Jamie Koenig; Boldt, Lea J.; O'Bleness, Jessica; Kochanska, Grazyna

2015-01-01

Although attachment security has been associated with children's rule-compatible conduct, the mechanism through which attachment influences early regard for rules is not well established. We hypothesized that effortful control would mediate the link between security and indicators of children's emerging regard for rules (discomfort following rule violations, internalization of parents' and experimenter's rules, few externalizing behaviors). In a longitudinal study, the Attachment Q-Set was completed by parents, effortful control was observed, and Regard for Rules was observed and rated by parents. The proposed model fit the data well: Children's security to mothers predicted their effortful control, which in turn had a direct link to a greater Regard for Rules. Children's security with fathers did not predict effortful control. The mother-child relationship appears particularly important for positive developmental cascades of self-regulation and socialization. PMID:27158193

Auditing Albaha University Network Security using in-house Developed Penetration Tool

NASA Astrophysics Data System (ADS)

Alzahrani, M. E.

2018-03-01

Network security becomes very important aspect in any enterprise/organization computer network. If important information of the organization can be accessed by anyone it may be used against the organization for further own interest. Thus, network security comes into it roles. One of important aspect of security management is security audit. Security performance of Albaha university network is relatively low (in term of the total controls outlined in the ISO 27002 security control framework). This paper proposes network security audit tool to address issues in Albaha University network. The proposed penetration tool uses Nessus and Metasploit tool to find out the vulnerability of a site. A regular self-audit using inhouse developed tool will increase the overall security and performance of Albaha university network. Important results of the penetration test are discussed.

75 FR 68395 - Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-05

...-800-325- 0778, or visit our Internet site, Social Security Online, at http://www.socialsecurity.gov... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2010-0069] Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973 AGENCY: Social Security Administration. ACTION: Notice and request...

75 FR 30693 - Revised Medical Criteria for Evaluating Hearing Loss

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-02

... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 404 [Docket No. SSA-2008-0016] RIN 0960-AG20 Revised Medical Criteria for Evaluating Hearing Loss AGENCY: Social Security Administration. ACTION: Final rules... claims involving hearing loss under titles II and XVI of the Social Security Act (Act). The revisions...

Security management techniques and evaluative checklists for security force effectiveness. Technical report (final) Sep 80-Jul 81

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schurman, D.L.; Datesman, G.H. Jr; Truitt, J.O.

The report presents a system for evaluating and correcting deficiencies in security-force effectiveness in licensed nuclear facilities. There are four checklists which security managers can copy directly, or can use as guidelines for developing their own checklists. The checklists are keyed to corrective-action guides found in the body of the report. In addition to the corrective-action guides, the report gives background information on the nature of security systems and discussions of various special problems of the licensed nuclear industry.

Social Security Ruling, SSR 99-2p.; titles II and XVI; evaluating cases involving chronic fatigue syndrome (CFS). Social Security Administration. Notice of Social Security ruling.

PubMed

1999-04-30

In accordance with 20 CFR 402.35(b)(1), the Commissioner of Social Security gives notice of Social Security Ruling, SSR 99-2p. This Ruling clarifies disability policy for the evaluation and adjudication of disability claims involving Chronic Fatigue Syndrome (CFS). This Ruling explains that, when it is accompanied by appropriate medical signs or laboratory findings, CFS is a medically determinable impairment that can be the basis for a finding of "disability." This Ruling ensures that all adjudicators will use the same policies and procedures in evaluating disability claims involving CFS, and provides a consolidated statement of these policies and procedures.

Right Technology, Right Now: An Evaluation Methodology for Rapidly Deployable Information and Communications Technologies in Humanitarian Assistance/Disaster Relief

DTIC Science & Technology

2012-03-01

30  c.  IEEE 802.16/WiMAX .............................................................31  4.  Broadband Global Area Network...Space Agency, 2006) ...........................34  Figure 19.  Global BGAN Coverage (From Inmarsat, 2009...BGAN Broadband Global Area Network C2 Command and Control CHSC California Homeland Security Consortium CIE Collaborative Information Environment CJCS

Security of social network credentials for accessing course portal: Users' experience

NASA Astrophysics Data System (ADS)

Katuk, Norliza; Fong, Choo Sok; Chun, Koo Lee

2015-12-01

Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the within-subject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

Promoting mother-infant interaction and infant mental health in low-income Korean families: attachment-based cognitive behavioral approach.

PubMed

Lee, Gyungjoo; McCreary, Linda; Breitmayer, Bonnie; Kim, Mi Ja; Yang, Soo

2013-10-01

This study evaluated the attachment-based cognitive behavioral approach (ACBA) to enhance mother-infant interaction and infant mental health. This quasi-experimental study used a pre-posttest control group design. Participants were 40 low-income, mother-infant (infant ages 12-36 months) dyads, 20 dyads per group. The ACBA group received 10 weekly 90-min sessions. Dependent variables were changes in mother-infant interaction and infant mental health. Additionally, we explored changes in mothers' attachment security. The groups differed significantly in changes in mother-infant interaction, infant mental health problems, and mothers' attachment security. ACBA may enhance mother-infant interaction and infants' mental health. © 2013, Wiley Periodicals, Inc.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Okhravi, Hamed; Sheldon, Frederick T.; Haines, Joshua

Data diodes provide protection of critical cyber assets by the means of physically enforcing traffic direction on the network. In order to deploy data diodes effectively, it is imperative to understand the protection they provide, the protection they do not provide, their limitations, and their place in the larger security infrastructure. In this work, we study data diodes, their functionalities and limitations. We then propose two critical infrastructure systems that can benefit from the additional protection offered by data diodes: process control networks and net-centric cyber decision support systems. We review the security requirements of these systems, describe the architectures,more » and study the trade-offs. Finally, the architectures are evaluated against different attack patterns.« less

Agent of opportunity risk mitigation: people, engineering, and security efficacy.

PubMed

Graham, Margaret E; Tunik, Michael G; Farmer, Brenna M; Bendzans, Carly; McCrillis, Aileen M; Nelson, Lewis S; Portelli, Ian; Smith, Silas; Goldberg, Judith D; Zhang, Meng; Rosenberg, Sheldon D; Goldfrank, Lewis R

2010-12-01

Agents of opportunity (AO) are potentially harmful biological, chemical, radiological, and pharmaceutical substances commonly used for health care delivery and research. AOs are present in all academic medical centers (AMC), creating vulnerability in the health care sector; AO attributes and dissemination methods likely predict risk; and AMCs are inadequately secured against a purposeful AO dissemination, with limited budgets and competing priorities. We explored health care workers' perceptions of AMC security and the impact of those perceptions on AO risk. Qualitative methods (survey, interviews, and workshops) were used to collect opinions from staff working in a medical school and 4 AMC-affiliated hospitals concerning AOs and the risk to hospital infrastructure associated with their uncontrolled presence. Secondary to this goal, staff perception concerning security, or opinions about security behaviors of others, were extracted, analyzed, and grouped into themes. We provide a framework for depicting the interaction of staff behavior and access control engineering, including the tendency of staff to "defeat" inconvenient access controls. In addition, 8 security themes emerged: staff security behavior is a significant source of AO risk; the wide range of opinions about "open" front-door policies among AMC staff illustrates a disparity of perceptions about the need for security; interviewees expressed profound skepticism concerning the effectiveness of front-door access controls; an AO risk assessment requires reconsideration of the security levels historically assigned to areas such as the loading dock and central distribution sites, where many AOs are delivered and may remain unattended for substantial periods of time; researchers' view of AMC security is influenced by the ongoing debate within the scientific community about the wisdom of engaging in bioterrorism research; there was no agreement about which areas of the AMC should be subject to stronger access controls; security personnel play dual roles of security and customer service, creating the negative perception that neither role is done well; and budget was described as an important factor in explaining the state of security controls. We determined that AMCs seeking to reduce AO risk should assess their institutionally unique AO risks, understand staff security perceptions, and install access controls that are responsive to the staff's tendency to defeat them. The development of AO attribute fact sheets is desirable for AO risk assessment; new funding and administrative or legislative tools to improve AMC security are required; and security practices and methods that are convenient and effective should be engineered.

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2012 CFR

2012-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2014 CFR

2014-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2013 CFR

2013-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2011 CFR

2011-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2010 CFR

2010-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

Future of Assurance: Ensuring that a System is Trustworthy

NASA Astrophysics Data System (ADS)

Sadeghi, Ahmad-Reza; Verbauwhede, Ingrid; Vishik, Claire

Significant efforts are put in defining and implementing strong security measures for all components of the comput-ing environment. It is equally important to be able to evaluate the strength and robustness of these measures and establish trust among the components of the computing environment based on parameters and attributes of these elements and best practices associated with their production and deployment. Today the inventory of techniques used for security assurance and to establish trust -- audit, security-conscious development process, cryptographic components, external evaluation - is somewhat limited. These methods have their indisputable strengths and have contributed significantly to the advancement in the area of security assurance. However, shorter product and tech-nology development cycles and the sheer complexity of modern digital systems and processes have begun to decrease the efficiency of these techniques. Moreover, these approaches and technologies address only some aspects of security assurance and, for the most part, evaluate assurance in a general design rather than an instance of a product. Additionally, various components of the computing environment participating in the same processes enjoy different levels of security assurance, making it difficult to ensure adequate levels of protection end-to-end. Finally, most evaluation methodologies rely on the knowledge and skill of the evaluators, making reliable assessments of trustworthiness of a system even harder to achieve. The paper outlines some issues in security assurance that apply across the board, with the focus on the trustworthiness and authenticity of hardware components and evaluates current approaches to assurance.

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Value of information analysis optimizing future trial design from a pilot study on catheter securement devices.

PubMed

Tuffaha, Haitham W; Reynolds, Heather; Gordon, Louisa G; Rickard, Claire M; Scuffham, Paul A

2014-12-01

Value of information analysis has been proposed as an alternative to the standard hypothesis testing approach, which is based on type I and type II errors, in determining sample sizes for randomized clinical trials. However, in addition to sample size calculation, value of information analysis can optimize other aspects of research design such as possible comparator arms and alternative follow-up times, by considering trial designs that maximize the expected net benefit of research, which is the difference between the expected cost of the trial and the expected value of additional information. To apply value of information methods to the results of a pilot study on catheter securement devices to determine the optimal design of a future larger clinical trial. An economic evaluation was performed using data from a multi-arm randomized controlled pilot study comparing the efficacy of four types of catheter securement devices: standard polyurethane, tissue adhesive, bordered polyurethane and sutureless securement device. Probabilistic Monte Carlo simulation was used to characterize uncertainty surrounding the study results and to calculate the expected value of additional information. To guide the optimal future trial design, the expected costs and benefits of the alternative trial designs were estimated and compared. Analysis of the value of further information indicated that a randomized controlled trial on catheter securement devices is potentially worthwhile. Among the possible designs for the future trial, a four-arm study with 220 patients/arm would provide the highest expected net benefit corresponding to 130% return-on-investment. The initially considered design of 388 patients/arm, based on hypothesis testing calculations, would provide lower net benefit with return-on-investment of 79%. Cost-effectiveness and value of information analyses were based on the data from a single pilot trial which might affect the accuracy of our uncertainty estimation. Another limitation was that different follow-up durations for the larger trial were not evaluated. The value of information approach allows efficient trial design by maximizing the expected net benefit of additional research. This approach should be considered early in the design of randomized clinical trials. © The Author(s) 2014.

Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

DTIC Science & Technology

2016-07-14

of the important properties of secure computation . In particular, it is known that full fairness cannot be achieved in the case of two-party com...Jakobsen, J. Nielsen, and C. Orlandi. A framework for outsourcing of secure computation . In ACM Workshop on Cloud Computing Security (CCSW), pages...Function Evaluation with Applications to Genomic Computation Abstract: Computation based on genomic data is becoming increasingly popular today, be it

Communication Security for Control Systems in Smart Grid

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

As an example of Control System, Supervisory Control and Data Acquisition systems can be relatively simple, such as one that monitors environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system. SCADA systems are basically Process Control Systems, designed to automate systems such as traffic control, power grid management, waste processing etc. Connecting SCADA to the Internet can provide a lot of advantages in terms of control, data viewing and generation. SCADA infrastructures like electricity can also be a part of a Smart Grid. Connecting SCADA to a public network can bring a lot of security issues. To answer the security issues, a SCADA communication security solution is proposed.

17 CFR 240.15c3-4 - Internal risk management control systems for OTC derivatives dealers.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Internal risk management control systems for OTC derivatives dealers. 240.15c3-4 Section 240.15c3-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

76 FR 43696 - Nationwide Cyber Security Review (NCSR) Assessment

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-21

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0012] Nationwide Cyber Security Review (NCSR... Protection and Programs Directorate (NPPD), Office of Cybersecurity and Communications (CS&C), National Cyber Security Division (NCSD), Cyber Security Evaluation Program (CSEP), will submit the following Information...

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption

PubMed Central

2015-01-01

Background The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. Methods We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. Results The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Conclusions Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics. PMID:26733391

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption.

PubMed

Zhang, Yuchen; Dai, Wenrui; Jiang, Xiaoqian; Xiong, Hongkai; Wang, Shuang

2015-01-01

The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics.

Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

PubMed

Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

2017-05-01

This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach-A Case Study for the City of Wuhan in China.

PubMed

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-06-15

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study-simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan.

Evaluation of Traditional Security Solutions in the SCADA Environment

DTIC Science & Technology

2012-03-01

Evaluation of Traditional Security Solutions in the SCADA Environment THESIS Robert D. Larkin, Captain, USAF AFIT/GCO/ENG/12-06 DEPARTMENT OF THE AIR...views expressed in this thesis are those of the author and do not reflect the official policy or position of the United States Air Force, Department...United States. AFIT/GCO/ENG/12-06 Evaluation of Traditional Security Solutions in the SCADA Environment THESIS Presented to the Faculty Department of

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

Programmable Logic Controllers for Research on the Cyber Security of Industrial Power Plants

DTIC Science & Technology

2017-02-12

group . 15. SUBJECT TERMS Industrial control systems, cyber security 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF a. REPORT b. ABSTRACT c. THIS...currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (00-MM-YYYY) ,2. REPORT TYPE 3. DATES COVERED...From- To) 12/02/2017 Final 15 August 2015 - 12 February 2017 4. TITLE AND SUBTITLE Sa. CONTRACT NUMBER Programmable Logic Controllers for Research

Integrated Evaluation of Coupling Coordination for Land Use Change and Ecological Security: A Case Study in Wuhan City of Hubei Province, China

PubMed Central

Wang, Zhanqi; Zhang, Hongwei

2017-01-01

As land resources and ecosystems provide necessary materials and conditions for human development, land use change and ecological security play increasingly important roles in sustainable development. This study aims to reveal the mutual-influence and interaction between land use change and ecological security in Wuhan, based on the coupling coordination degree model. As such, it provides strategies for the achievement of the synchronous and coordinated development of urbanization and ecological security. The results showed that, during the period from 2006 to 2012, the size of built-up area in Wuhan increased to 26.16%, and that all the other types of land use reduced due to the urbanization process, which appeared to be the main driving force of land use change. The ecological security in Wuhan has been improving as a whole although it was somewhat held back from 2006 to 2008 due to the rapid growth of built-up area. The coupling coordination analysis revealed that the relationship between built-up area and ecological security was more coordinated after 2008. The results can provide feasible recommendations for land use management and environmental protection from the viewpoint of coordinated development. To achieve sustainable development from economic and ecological perspective, policy makers should control the rate of urban expansion and exert more effort on intensive land use, clean energy development and emission reduction. PMID:29165365

Integrated Evaluation of Coupling Coordination for Land Use Change and Ecological Security: A Case Study in Wuhan City of Hubei Province, China.

PubMed

Chai, Ji; Wang, Zhanqi; Zhang, Hongwei

2017-11-22

As land resources and ecosystems provide necessary materials and conditions for human development, land use change and ecological security play increasingly important roles in sustainable development. This study aims to reveal the mutual-influence and interaction between land use change and ecological security in Wuhan, based on the coupling coordination degree model. As such, it provides strategies for the achievement of the synchronous and coordinated development of urbanization and ecological security. The results showed that, during the period from 2006 to 2012, the size of built-up area in Wuhan increased to 26.16%, and that all the other types of land use reduced due to the urbanization process, which appeared to be the main driving force of land use change. The ecological security in Wuhan has been improving as a whole although it was somewhat held back from 2006 to 2008 due to the rapid growth of built-up area. The coupling coordination analysis revealed that the relationship between built-up area and ecological security was more coordinated after 2008. The results can provide feasible recommendations for land use management and environmental protection from the viewpoint of coordinated development. To achieve sustainable development from economic and ecological perspective, policy makers should control the rate of urban expansion and exert more effort on intensive land use, clean energy development and emission reduction.

How effective is high-support community-based step-down housing for women in secure mental health care? A quasi-experimental pilot study.

PubMed

Barr, W; Brown, A; Quinn, B; McFarlane, J; McCabe, R; Whittington, R

2013-02-01

In the past decade UK government policy has been to develop alternative care for women detained in secure psychiatric hospital. This study evaluated the relative benefits of community-based step-down housing. Comparisons were made between female patients in community step-down housing and a control group in secure hospital who were on the waiting list for the houses. For each woman in the sample, a range of assessments was conducted on three separate occasions over a 12-month period. We noted a gradual improvement over time in women in both settings. However, by the final assessment psychological well-being and security needs were significantly better in the community group (P < 0.05). Although risks for violence and social functioning were also somewhat better in this group throughout the study, no statistically significant differences between the groups were found in these areas at any assessment time. This study has generated evidence in support of the further development of high-support step-down community housing for women in secure psychiatric care. This initiative may provide greater personal freedom and enhanced relational security for the women concerned while also facilitating improvements in their psychological well-being, with no increased risk to the women themselves or to the wider community. © 2012 Blackwell Publishing.

Survey of methods for secure connection to the internet

NASA Astrophysics Data System (ADS)

Matsui, Shouichi

1994-04-01

This paper describes a study of a security method of protecting inside network computers against outside miscreants and unwelcome visitors and a control method when these computers are connected with the Internet. In the present Internet, a method to encipher all data cannot be used, so that it is necessary to utilize PEM (Privacy Enhanced Mail) capable of the encipherment and conversion of secret information. For preventing miscreant access by eavesdropping password, one-time password is effective. The most cost-effective method is a firewall system. This system lies between the outside and inside network. By limiting computers that directly communicate with the Internet, control is centralized and inside network security is protected. If the security of firewall systems is strictly controlled under correct setting, security within the network can be secured even in open networks such as the Internet.

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

US-CERT Control System Center Input/Output (I/O) Conceputal Design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2005-02-01

This document was prepared for the US-CERT Control Systems Center of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs the federal departments to identify and prioritize critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the NCSD to address the control system security component addressed in the National Strategy to Secure Cyberspace andmore » the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems; the I/O upgrade described in this document supports these goals. The vulnerability assessment Test Bed, located in the Information Operations Research Center (IORC) facility at Idaho National Laboratory (INL), consists of a cyber test facility integrated with multiple test beds that simulate the nation's critical infrastructure. The fundamental mission of the Test Bed is to provide industry owner/operators, system vendors, and multi-agency partners of the INL National Security Division a platform for vulnerability assessments of control systems. The Input/Output (I/O) upgrade to the Test Bed (see Work Package 3.1 of the FY-05 Annual Work Plan) will provide for the expansion of assessment capabilities within the IORC facility. It will also provide capabilities to connect test beds within the Test Range and other Laboratory resources. This will allow real time I/O data input and communication channels for full replications of control systems (Process Control Systems [PCS], Supervisory Control and Data Acquisition Systems [SCADA], and components). This will be accomplished through the design and implementation of a modular infrastructure of control system, communications, networking, computing and associated equipment, and measurement/control devices. The architecture upgrade will provide a flexible patching system providing a quick ''plug and play''configuration through various communication paths to gain access to live I/O running over specific protocols. This will allow for in-depth assessments of control systems in a true-to-life environment. The full I/O upgrade will be completed through a two-phased approach. Phase I, funded by DHS, expands the capabilities of the Test Bed by developing an operational control system in two functional areas, the Science & Technology Applications Research (STAR) Facility and the expansion of various portions of the Test Bed. Phase II (see Appendix A), funded by other programs, will complete the full I/O upgrade to the facility.« less

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

PubMed Central

Hu, Hequn; Liao, Xuewen

2017-01-01

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission (PSST), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. PSST is analyzed for the proposed secure schemes, and the closed form expressions of PSST for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better PSST than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar PSST, the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations. PMID:28869540

32 CFR 245.6 - Abbreviations and acronyms.

Code of Federal Regulations, 2010 CFR

2010-07-01

...—Domestic Event Network DHS—Department of Homeland Security DND—Department of National Defence (Canada) DoD...) MISCELLANEOUS PLAN FOR THE EMERGENCY SECURITY CONTROL OF AIR TRAFFIC (ESCAT) Explanation of Terms, Acronyms and... Order ESCAT—Emergency Security Control of Air Traffic FAA—Federal Aviation Administration IFR—Instrument...

Arms Control and Nonproliferation: A Catalog of Treaties and Agreements

DTIC Science & Technology

2007-08-09

security and control over nuclear weapons and fissile materials. These projects provided Russia with bullet-proof Kevlar blankets, secure canisters ...U.S. security concerns. The United States and Soviet Union began to sign agreements limiting their strategic offensive nuclear weapons in the early...U.S.-Russian relationship. At the same time, however, the two sides began to cooperate on securing and eliminating Soviet-era nuclear , chemical, and

Digitally Controlled ’Programmable’ Active Filters.

DTIC Science & Technology

1985-12-01

Advisor: Sherif Michael Approved for public release; distribution is unlimited. U - ~ .%~ ~ % %’.4 ~ -. 4-. " %’ -. .4. z. . 4, ,4°*-4° -o - ’ SECURITY ...CLASSIFICATION O THI PAGE ff ,’- -""" REPORT DOCUMENTATION PAGE Ia REPORT SECURITY CLASSIFICATION lb. RESTRICTIVE MARKINGS 2a SECURITY CLASSIFICATION...ELEMENT NO. NO NO. ACCESSION NO. S 11 TITLE (Include Security ClassWfication) , DIGITALLY CONTROLLED "PROGRAMMABLE" ACTIVE FILTERS 1 PERSONAL AUTHOR

33 CFR 101.405 - Maritime Security (MARSEC) Directives.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.405 Maritime... necessary to respond to a threat assessment or to a specific threat against the maritime elements of the...

Cyber Security Testing and Training Programs for Industrial Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Daniel Noyes

2012-03-01

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall securitymore » posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.« less

Taking Steps to Protect Against the Insider Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pope, Noah Gale; Williams, Martha; Lewis, Joel

2015-10-16

Research reactors are required (in accordance with the Safeguards Agreement between the State and the IAEA) to maintain a system of nuclear material accounting and control for reporting quantities of nuclear material received, shipped, and held on inventory. Enhancements to the existing accounting and control system can be made at little additional cost to the facility, and these enhancements can make nuclear material accounting and control useful for nuclear security. In particular, nuclear material accounting and control measures can be useful in protecting against an insider who is intent on unauthorized removal or misuse of nuclear material or misuse ofmore » equipment. An enhanced nuclear material accounting and control system that responds to nuclear security is described in NSS-25G, Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities, which is scheduled for distribution by the IAEA Department of Nuclear Security later this year. Accounting and control measures that respond to the insider threat are also described in NSS-33, Establishing a System for Control of Nuclear Material for Nuclear Security Purposes at a Facility During Storage, Use and Movement, and in NSS-41, Preventive and Protective Measures against Insider Threats (originally issued as NSS-08), which are available in draft form. This paper describes enhancements to existing material control and accounting systems that are specific to research reactors, and shows how they are important to nuclear security and protecting against an insider.« less

A Network Access Control Framework for 6LoWPAN Networks

PubMed Central

Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

2013-01-01

Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

Change In Length of Stay and Readmissions among Hospitalized Medical Patients after Inpatient Medicine Service Adoption of Mobile Secure Text Messaging.

PubMed

Patel, Mitesh S; Patel, Neha; Small, Dylan S; Rosin, Roy; Rohrbach, Jeffrey I; Stromberg, Nathaniel; Hanson, C William; Asch, David A

2016-08-01

Changes in the medium of communication from paging to mobile secure text messaging may change clinical care, but the effects of these changes on patient outcomes have not been well examined. To evaluate the association between inpatient medicine service adoption of mobile secure text messaging and patient length of stay and readmissions. Observational study. Patients admitted to medicine services at the Hospital of the University of Pennsylvania (intervention site; n = 8995 admissions of 6484 patients) and Penn Presbyterian Medical Center (control site; n = 6799 admissions of 4977 patients) between May 1, 2012, and April 30, 2014. Mobile secure text messaging. Change in length of stay and 30-day readmissions, comparing patients at the intervention site to the control site before (May 1, 2012 to April 30, 2013) and after (May 1, 2013 to April 30, 2014) the intervention, adjusting for time trends and patient demographics, comorbidities, insurance, and disposition. During the pre-intervention period, the mean length of stay ranged from 4.0 to 5.0 days at the control site and from 5.2 to 6.7 days at the intervention site, but trends were similar. In the first month after the intervention, the mean length of stay was unchanged at the control site (4.7 to 4.7 days) but declined at the intervention site (6.0 to 5.4 days). Trends were mostly similar during the rest of the post-intervention period, ranging from 4.4 to 5.6 days at the control site and from 5.4 to 6.5 days at the intervention site. Readmission rates varied significantly within sites before and after the intervention, but overall trends were similar. In adjusted analyses, there was a significant decrease in length of stay for the intervention site relative to the control site during the post-intervention period compared to the pre-intervention period (-0.77 days ; 95 % CI, -1.14, -0.40; P < 0.001). There was no significant difference in the odds of readmission (OR, 0.97; 95 % CI: 0.81, 1.17; P = 0.77). These findings were supported by multiple sensitivity analyses. Compared to a control group over time, hospitalized medical patients on inpatient services whose care providers and staff were offered mobile secure text messaging showed a relative decrease in length of stay and no change in readmissions.

Library and Archival Security: Policies and Procedures To Protect Holdings from Theft and Damage.

ERIC Educational Resources Information Center

Trinkaus-Randall, Gregor

1998-01-01

Firm policies and procedures that address the environment, patron/staff behavior, general attitude, and care and handling of materials need to be at the core of the library/archival security program. Discussion includes evaluating a repository's security needs, collections security, security in non-public areas, security in the reading room,…

78 FR 17744 - Social Security Ruling, SSR 13-2p; Titles II and XVI: Evaluating Cases Involving Drug Addiction...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-22

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0006] Social Security Ruling, SSR 13-2p...: Social Security Administration. ACTION: Notice of Social Security Ruling; Correction. SUMMARY: The Social..., Social Security Administration. [FR Doc. 2013-06594 Filed 3-21-13; 8:45 am] BILLING CODE 4191-02-P ...

Electronic Warfare Test and Evaluation (Essai et evaluation en matiere de guerre electronique)

DTIC Science & Technology

2012-12-01

Largest known chamber is 80 x 76 x 21 m. Shielding and quiet zones Usually ≥100 dB over at least 0.5 – 18 GHz. TEMPEST grade. Quiet zones: one or...accommodated as an afterthought. The highest level of RF/EO/IR/UV security control is offered by TEMPEST -grade aircraft-sized anechoic chambers. 6.9.7 SUT...aircraft-sized, RF- and laser-shielded anechoic chamber, shielded rooms, and an EW Sub-System Test Laboratory, all TEMPEST grade. It is co-located with the

EVALUATION REPORT SCIENCE APPLICATIONS INTERNATIONAL CORPORATION S-CAD CHEMICAL AGENT DETECTION SYSTEM

EPA Science Inventory

The USEPA's National Homeland Security Research Center (NHSRC)Technology Testing and Evaluation Program (TTEP) is carrying out performance tests on homeland security technologies. Under TTEP, Battelle recently evaluated the performance of the Science Applications International Co...

32 CFR 2700.42 - Responsibility for safeguarding classified information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... responsibility. (b) Security and Top Secret Control Officers. The Director, OMSN, and the Status Liaison Officer, Saipan, are assigned specific security responsibilities as Security Officer and Top Secret Control Officer. (c) Handling. All documents bearing the terms “Top Secret,” “Secret” and “Confidential” shall be...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... significance (Category III), and for protection of Restricted Data, National Security Information, Safeguards... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2013 CFR

2013-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2012 CFR

2012-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2014 CFR

2014-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

Information-Flow-Based Access Control for Web Browsers

NASA Astrophysics Data System (ADS)

Yoshihama, Sachiko; Tateishi, Takaaki; Tabuchi, Naoshi; Matsumoto, Tsutomu

The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.

Evaluating Equating Results in the Non-Equivalent Groups with Anchor Test Design Using Equipercentile and Equity Criteria

ERIC Educational Resources Information Center

Duong, Minh Quang

2011-01-01

Testing programs often use multiple test forms of the same test to control item exposure and to ensure test security. Although test forms are constructed to be as similar as possible, they often differ. Test equating techniques are those statistical methods used to adjust scores obtained on different test forms of the same test so that they are…

India’s Emerging Security Strategy, Missile Defense, and Arms Control

DTIC Science & Technology

2004-06-01

and contemplate a security strategy. Starting in July 1998, a series of negotiations between Foreign Minister Jaswant Singh and US envoy Strobe...arms control.46 The Singh -Talbott discussions eventually led to the reaffirmation of civilian command-and-control and a doctrine of “minimum...Council (NSC), including Prime Minister Vajpayee, Minister of Foreign Affairs Singh , and Minister of Defense Fernandes, and appointed a National Security

Controlled Secure Direct Communication with Seven-Qubit Entangled States

NASA Astrophysics Data System (ADS)

Wang, Shu-Kai; Zha, Xin-Wei; Wu, Hao

2018-01-01

In this paper, a new controlled secure direct communication protocol based on a maximally seven-qubit entangled state is proposed. the outcomes of measurement is performed by the sender and the controller, the receiver can obtain different secret messages in a deterministic way with unit successful probability.In this scheme,by using entanglement swapping, no qubits carrying secret messages are transmitted.Therefore, the protocol is completely secure.

Mobile Virtual Private Networking

NASA Astrophysics Data System (ADS)

Pulkkis, Göran; Grahn, Kaj; Mårtens, Mathias; Mattsson, Jonny

Mobile Virtual Private Networking (VPN) solutions based on the Internet Security Protocol (IPSec), Transport Layer Security/Secure Socket Layer (SSL/TLS), Secure Shell (SSH), 3G/GPRS cellular networks, Mobile IP, and the presently experimental Host Identity Protocol (HIP) are described, compared and evaluated. Mobile VPN solutions based on HIP are recommended for future networking because of superior processing efficiency and network capacity demand features. Mobile VPN implementation issues associated with the IP protocol versions IPv4 and IPv6 are also evaluated. Mobile VPN implementation experiences are presented and discussed.

Building a Secure Library System.

ERIC Educational Resources Information Center

Benson, Allen C.

1998-01-01

Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

Crosstalk: The Journal of Defense Software Engineering. Volume 22, Number 3

DTIC Science & Technology

2009-04-01

international standard for information security management systems like ISO /IEC 27001 :2005 [1] existed. Since that time, the organization has developed control...of ISO /IEC 27001 and the desire to make decisions based on business value and risk has prompted Ford’s IT Security and Controls organi- zation to begin...their conventional application security operation.u References 1. ISO /IEC 27001 :2005. “Information Technology – Security Techniques – Information

How to implement security controls for an information security program at CBRN facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.

This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in anmore » easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.« less

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

Urban Ecological Security Simulation and Prediction Using an Improved Cellular Automata (CA) Approach—A Case Study for the City of Wuhan in China

PubMed Central

Gao, Yuan; Zhang, Chuanrong; He, Qingsong; Liu, Yaolin

2017-01-01

Ecological security is an important research topic, especially urban ecological security. As highly populated eco-systems, cities always have more fragile ecological environments. However, most of the research on urban ecological security in literature has focused on evaluating current or past status of the ecological environment. Very little literature has carried out simulation or prediction of future ecological security. In addition, there is even less literature exploring the urban ecological environment at a fine scale. To fill-in the literature gap, in this study we simulated and predicted urban ecological security at a fine scale (district level) using an improved Cellular Automata (CA) approach. First we used the pressure-state-response (PSR) method based on grid-scale data to evaluate urban ecological security. Then, based on the evaluation results, we imported the geographically weighted regression (GWR) concept into the CA model to simulate and predict urban ecological security. We applied the improved CA approach in a case study—simulating and predicting urban ecological security for the city of Wuhan in Central China. By comparing the simulated ecological security values from 2010 using the improved CA model to the actual ecological security values of 2010, we got a relatively high value of the kappa coefficient, which indicates that this CA model can simulate or predict well future development of ecological security in Wuhan. Based on the prediction results for 2020, we made some policy recommendations for each district in Wuhan. PMID:28617348

A novel approach to quantify cybersecurity for electric power systems

NASA Astrophysics Data System (ADS)

Kaster, Paul R., Jr.

Electric Power grid cybersecurity is a topic gaining increased attention in academia, industry, and government circles, yet a method of quantifying and evaluating a system's security is not yet commonly accepted. In order to be useful, a quantification scheme must be able to accurately reflect the degree to which a system is secure, simply determine the level of security in a system using real-world values, model a wide variety of attacker capabilities, be useful for planning and evaluation, allow a system owner to publish information without compromising the security of the system, and compare relative levels of security between systems. Published attempts at quantifying cybersecurity fail at one or more of these criteria. This document proposes a new method of quantifying cybersecurity that meets those objectives. This dissertation evaluates the current state of cybersecurity research, discusses the criteria mentioned previously, proposes a new quantification scheme, presents an innovative method of modeling cyber attacks, demonstrates that the proposed quantification methodology meets the evaluation criteria, and proposes a line of research for future efforts.

Cyber Security and Resilient Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments tomore » date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.« less

A game-theoretical approach to multimedia social networks security.

PubMed

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

A Game-Theoretical Approach to Multimedia Social Networks Security

PubMed Central

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders. PMID:24977226

Martime Security: Ferry Security Measures Have Been Implemented, but Evaluating Existing Studies Could Further Enhance Security

DTIC Science & Technology

2010-12-01

relevant requirements, analyzed 2006 through 2009 security operations data, interviewed federal and industry officials, and made observations at five...warranted, acted on all findings and recommendations resulting from five agency- contracted studies on ferry security completed in 2005 and 2006 ...Figure 5: Security Deficiencies by Vessel Type, 2006 through 2009 27 Figure 6: Security Deficiencies by Facility Type, 2006 through 2009 28

A rule-based smart automated fertilization and irrigation systems

NASA Astrophysics Data System (ADS)

Yousif, Musab El-Rashid; Ghafar, Khairuddin; Zahari, Rahimi; Lim, Tiong Hoo

2018-04-01

Smart automation in industries has become very important as it can improve the reliability and efficiency of the systems. The use of smart technologies in agriculture have increased over the year to ensure and control the production of crop and address food security. However, it is important to use proper irrigation systems avoid water wastage and overfeeding of the plant. In this paper, a Smart Rule-based Automated Fertilization and Irrigation System is proposed and evaluated. We propose a rule based decision making algorithm to monitor and control the food supply to the plant and the soil quality. A build-in alert system is also used to update the farmer using a text message. The system is developed and evaluated using a real hardware.

CAS. Controlled Access Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Martinez, B.; Pomeroy, G.

1989-12-01

The Security Alarm System is a data acquisition and control system which collects data from intrusion sensors and displays the information in a real-time environment for operators. The Access Control System monitors and controls the movement of personnel with the use of card readers and biometrics hand readers.

IT Security Support for Spaceport Command and Control System

NASA Technical Reports Server (NTRS)

McLain, Jeffrey

2013-01-01

During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

5 CFR 1312.31 - Security violations.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Security violations. 1312.31 Section 1312..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified Information § 1312.31 Security violations. (a) A security violation notice is issued by the United...

6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO WEST. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO NORTH. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

75 FR 14179 - Agency Information Collection Activities: Form I-9 CNMI; Revision to an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services [OMB Control No. 1615... Employment Eligibility Verification; OMB Control No. 1615- 0112. The Department of Homeland Security, U.S..., should be directed to the Department of Homeland Security (DHS), and to the Office of Management and...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 6 2011-10-01 2011-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cabrera-Palmer, Belkis

Predicting the performance of radiation detection systems at field sites based on measured performance acquired under controlled conditions at test locations, e.g., the Nevada National Security Site (NNSS), remains an unsolved and standing issue within DNDO’s testing methodology. Detector performance can be defined in terms of the system’s ability to detect and/or identify a given source or set of sources, and depends on the signal generated by the detector for the given measurement configuration (i.e., source strength, distance, time, surrounding materials, etc.) and on the quality of the detection algorithm. Detector performance is usually evaluated in the performance and operationalmore » testing phases, where the measurement configurations are selected to represent radiation source and background configurations of interest to security applications.« less

Evaluation of IT security – genesis and its state-of-art

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is topical to evolve processes of an evaluation of the IT security nowadays. Formation and application of common evaluation approaches to the IT component, which are processed by the governmental and civil organizations, are still not solving problem. Successful processing of the independent evaluation for conformity with a security standard is supposed to be the main criteria of a suitability of any IT component to be used in a trusted computer system. The solution of the mentioned-above problem is suggested through the localization of all research, development and producing processes in a national trusted area (digital sovereignty).

Controlled quantum secure direct communication by entanglement distillation or generalized measurement

NASA Astrophysics Data System (ADS)

Tan, Xiaoqing; Zhang, Xiaoqian

2016-05-01

We propose two controlled quantum secure communication schemes by entanglement distillation or generalized measurement. The sender Alice, the receiver Bob and the controllers David and Cliff take part in the whole schemes. The supervisors David and Cliff can control the information transmitted from Alice to Bob by adjusting the local measurement angles θ _4 and θ _3. Bob can verify his secret information by classical one-way function after communication. The average amount of information is analyzed and compared for these two methods by MATLAB. The generalized measurement is a better scheme. Our schemes are secure against some well-known attacks because classical encryption and decoy states are used to ensure the security of the classical channel and the quantum channel.

TECHNOLOGY EVALUATION REPORT CEREX ENVIRONMENTAL SERVICES UV HOUND POINT SAMPLE AIR MONITOR

EPA Science Inventory

The USEPA's National Homeland Security Research Center (NHSRC) Technology Testing and Evaluation Program (TTEP) is carrying out performance tests on homeland security technologies. Under TTEP, Battelle evaluated the performance of the Cerex UV Hound point sample air monitor in de...

17 CFR 200.13b - Director of the Office of Public Affairs, Policy Evaluation, and Research.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Director of the Office of Public Affairs, Policy Evaluation, and Research. 200.13b Section 200.13b Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Organization and Program Management General...

[Statistical process control applied to intensity modulated radiotherapy pretreatment controls with portal dosimetry].

PubMed

Villani, N; Gérard, K; Marchesi, V; Huger, S; François, P; Noël, A

2010-06-01

The first purpose of this study was to illustrate the contribution of statistical process control for a better security in intensity modulated radiotherapy (IMRT) treatments. This improvement is possible by controlling the dose delivery process, characterized by pretreatment quality control results. So, it is necessary to put under control portal dosimetry measurements (currently, the ionisation chamber measurements were already monitored by statistical process control thanks to statistical process control tools). The second objective was to state whether it is possible to substitute ionisation chamber with portal dosimetry in order to optimize time devoted to pretreatment quality control. At Alexis-Vautrin center, pretreatment quality controls in IMRT for prostate and head and neck treatments were performed for each beam of each patient. These controls were made with an ionisation chamber, which is the reference detector for the absolute dose measurement, and with portal dosimetry for the verification of dose distribution. Statistical process control is a statistical analysis method, coming from industry, used to control and improve the studied process quality. It uses graphic tools as control maps to follow-up process, warning the operator in case of failure, and quantitative tools to evaluate the process toward its ability to respect guidelines: this is the capability study. The study was performed on 450 head and neck beams and on 100 prostate beams. Control charts, showing drifts, both slow and weak, and also both strong and fast, of mean and standard deviation have been established and have shown special cause introduced (manual shift of the leaf gap of the multileaf collimator). Correlation between dose measured at one point, given with the EPID and the ionisation chamber has been evaluated at more than 97% and disagreement cases between the two measurements were identified. The study allowed to demonstrate the feasibility to reduce the time devoted to pretreatment controls, by substituting the ionisation chamber's measurements with those performed with EPID, and also that a statistical process control monitoring of data brought security guarantee. 2010 Société française de radiothérapie oncologique (SFRO). Published by Elsevier SAS. All rights reserved.

Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

ERIC Educational Resources Information Center

Okolo, Nkiru Benjamin

2016-01-01

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

From Fault-Diagnosis and Performance Recovery of a Controlled System to Chaotic Secure Communication

NASA Astrophysics Data System (ADS)

Hsu, Wen-Teng; Tsai, Jason Sheng-Hong; Guo, Fang-Cheng; Guo, Shu-Mei; Shieh, Leang-San

Chaotic systems are often applied to encryption on secure communication, but they may not provide high-degree security. In order to improve the security of communication, chaotic systems may need to add other secure signals, but this may cause the system to diverge. In this paper, we redesign a communication scheme that could create secure communication with additional secure signals, and the proposed scheme could keep system convergence. First, we introduce the universal state-space adaptive observer-based fault diagnosis/estimator and the high-performance tracker for the sampled-data linear time-varying system with unanticipated decay factors in actuators/system states. Besides, robustness, convergence in the mean, and tracking ability are given in this paper. A residual generation scheme and a mechanism for auto-tuning switched gain is also presented, so that the introduced methodology is applicable for the fault detection and diagnosis (FDD) for actuator and state faults to yield a high tracking performance recovery. The evolutionary programming-based adaptive observer is then applied to the problem of secure communication. Whenever the tracker induces a large control input which might not conform to the input constraint of some physical systems, the proposed modified linear quadratic optimal tracker (LQT) can effectively restrict the control input within the specified constraint interval, under the acceptable tracking performance. The effectiveness of the proposed design methodology is illustrated through tracking control simulation examples.

Security and SCADA protocols

DOE Office of Scientific and Technical Information (OSTI.GOV)

Igure, V. M.; Williams, R. D.

2006-07-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview ofmore » security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)« less

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

Reasoning on Weighted Delegatable Authorizations

NASA Astrophysics Data System (ADS)

Ruan, Chun; Varadharajan, Vijay

This paper studies logic based methods for representing and evaluating complex access control policies needed by modern database applications. In our framework, authorization and delegation rules are specified in a Weighted Delegatable Authorization Program (WDAP) which is an extended logic program. We show how extended logic programs can be used to specify complex security policies which support weighted administrative privilege delegation, weighted positive and negative authorizations, and weighted authorization propagations. We also propose a conflict resolution method that enables flexible delegation control by considering priorities of authorization grantors and weights of authorizations. A number of rules are provided to achieve delegation depth control, conflict resolution, and authorization and delegation propagations.

75 FR 73117 - New Agency Information Collection Activity Under OMB Review: Pipeline Corporate Security Review

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-29

... Collection Activity Under OMB Review: Pipeline Corporate Security Review AGENCY: Transportation Security.... Information Collection Requirement Title: Pipeline Corporate Security Review (PCSR). Type of Request: New collection. OMB Control Number: Not yet assigned. Form(s): Pipeline Corporate Security Review (PCSR) Protocol...

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Clements, Samuel L.; Patrick, Scott W.

Securing high value and critical assets is one of the biggest challenges facing this nation and others around the world. In modern integrated systems, there are four potential modes of attack available to an adversary: • physical only attack, • cyber only attack, • physical-enabled cyber attack, • cyber-enabled physical attack. Blended attacks involve an adversary working in one domain to reduce system effectiveness in another domain. This enables the attacker to penetrate further into the overall layered defenses. Existing vulnerability assessment (VA) processes and software tools which predict facility vulnerabilities typically evaluate the physical and cyber domains separately. Vulnerabilitiesmore » which result from the integration of cyber-physical control systems are not well characterized and are often overlooked by existing assessment approaches. In this paper, we modified modification of the timely detection methodology, used for decades in physical security VAs, to include cyber components. The Physical and Cyber Risk Analysis Tool (PACRAT) prototype illustrates an integrated vulnerability assessment that includes cyber-physical interdependencies. Information about facility layout, network topology, and emplaced safeguards is used to evaluate how well suited a facility is to detect, delay, and respond to attacks, to identify the pathways most vulnerable to attack, and to evaluate how often safeguards are compromised for a given threat or adversary type. We have tested the PACRAT prototype on critical infrastructure facilities and the results are promising. Future work includes extending the model to prescribe the recommended security improvements via an automated cost-benefit analysis.« less

Hiding Critical Targets in Smart Grid Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bao, Wei; Li, Qinghua

With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromisedmore » nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.« less

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD

NASA Astrophysics Data System (ADS)

Länger, Thomas; Lenhart, Gaby

2009-05-01

In recent years, quantum key distribution (QKD) has been the object of intensive research activities and of rapid progress, and it is now developing into a competitive industry with commercial products. Once QKD systems are transferred from the controlled environment of physical laboratories into a real-world environment for practical use, a number of practical security, compatibility and connectivity issues need to be resolved. In particular, comprehensive security evaluation and watertight security proofs need to be addressed to increase trust in QKD. System interoperability with existing infrastructures and applications as well as conformance with specific user requirements have to be assured. Finding common solutions to these problems involving all actors can provide an advantage for the commercialization of QKD as well as for further technological development. The ETSI industry specification group for QKD (ISG-QKD) offers a forum for creating such universally accepted standards and will promote significant leverage effects on coordination, cooperation and convergence in research, technical development and business application of QKD.

Toward Improving Electrocardiogram (ECG) Biometric Verification using Mobile Sensors: A Two-Stage Classifier Approach

PubMed Central

Tan, Robin; Perkowski, Marek

2017-01-01

Electrocardiogram (ECG) signals sensed from mobile devices pertain the potential for biometric identity recognition applicable in remote access control systems where enhanced data security is demanding. In this study, we propose a new algorithm that consists of a two-stage classifier combining random forest and wavelet distance measure through a probabilistic threshold schema, to improve the effectiveness and robustness of a biometric recognition system using ECG data acquired from a biosensor integrated into mobile devices. The proposed algorithm is evaluated using a mixed dataset from 184 subjects under different health conditions. The proposed two-stage classifier achieves a total of 99.52% subject verification accuracy, better than the 98.33% accuracy from random forest alone and 96.31% accuracy from wavelet distance measure algorithm alone. These results demonstrate the superiority of the proposed algorithm for biometric identification, hence supporting its practicality in areas such as cloud data security, cyber-security or remote healthcare systems. PMID:28230745

Toward Improving Electrocardiogram (ECG) Biometric Verification using Mobile Sensors: A Two-Stage Classifier Approach.

PubMed

Tan, Robin; Perkowski, Marek

2017-02-20

Electrocardiogram (ECG) signals sensed from mobile devices pertain the potential for biometric identity recognition applicable in remote access control systems where enhanced data security is demanding. In this study, we propose a new algorithm that consists of a two-stage classifier combining random forest and wavelet distance measure through a probabilistic threshold schema, to improve the effectiveness and robustness of a biometric recognition system using ECG data acquired from a biosensor integrated into mobile devices. The proposed algorithm is evaluated using a mixed dataset from 184 subjects under different health conditions. The proposed two-stage classifier achieves a total of 99.52% subject verification accuracy, better than the 98.33% accuracy from random forest alone and 96.31% accuracy from wavelet distance measure algorithm alone. These results demonstrate the superiority of the proposed algorithm for biometric identification, hence supporting its practicality in areas such as cloud data security, cyber-security or remote healthcare systems.

Analysis of information security management systems at 5 domestic hospitals with more than 500 beds.

PubMed

Park, Woo-Sung; Seo, Sun-Won; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-06-01

The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS.

Terrorism: Its Evolving Nature

DTIC Science & Technology

1989-01-01

the adequacy of the Foreign Airport Security Act, an overall evaluation of the required foreign airport security assessments, and several others can...procedures envisioned by the Foreign Airport Security Act of 1985, which your committee helped initiate, played a useful role in this security...case of a threat to an airline, we get that information into the hands of airport security officials responsible for aviation security. This is the

Security of medical multimedia.

PubMed

Tzelepi, S; Pangalos, G; Nikolacopoulou, G

2002-09-01

The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted Data...

10 CFR 95.49 - Security of automatic data processing (ADP) systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of...

A comprehensive Network Security Risk Model for process control networks.

PubMed

Henry, Matthew H; Haimes, Yacov Y

2009-02-01

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

Chuma na Uchizi: A Livelihood Intervention to Increase Food Security of People Living with HIV in Rural Zambia.

PubMed

Masa, Rainier; Chowa, Gina; Nyirenda, Victor

2018-01-01

The objective of this study was to evaluate the impact of Chuma na Uchizi, a livelihood intervention for people living with HIV (PLHIV) in rural Eastern Province, Zambia, on food security. The intervention included cash transfers to purchase income-generating assets, access to a savings account, and life-skills training. The study employed a non-equivalent groups design to compare intervention (n = 50) and control participants (n = 51) who were receiving outpatient care from two comparable health facilities in distinct constituencies in the same geographic area. We collected data before and after implementation of the intervention. Chuma na Uchizi improved access to food. At follow-up, the intervention group reported lower food insecurity scores compared with the control group (β = -5.65; 95% CI - 10.85 --0.45). Livelihood programs for PLHIV are practical and may be a promising approach to address food insecurity and its adverse effects.

7 CFR 274.11 - Issuance and inventory record retention, and forms security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... processed within the State agency. The State agency shall use numbers, batching, inventory control logs, or...) Secure storage; (iii) Access limited to authorized personnel; (iv) Bulk inventory control records; (v... validation of inventory controls and records by parties not otherwise involved in maintaining control records...

12 CFR 1204.8 - How are records secured?

Code of Federal Regulations, 2010 CFR

2010-01-01

... § 1204.8 How are records secured? (a) What controls must FHFA have in place? Each FHFA office must establish administrative and physical controls to prevent unauthorized access to its systems of records... stringency of these controls should correspond to the sensitivity of the records that the controls protect...

Digital watermarking for secure and adaptive teleconferencing

NASA Astrophysics Data System (ADS)

Vorbrueggen, Jan C.; Thorwirth, Niels

2002-04-01

The EC-sponsored project ANDROID aims to develop a management system for secure active networks. Active network means allowing the network's customers to execute code (Java-based so-called proxylets) on parts of the network infrastructure. Secure means that the network operator nonetheless retains full control over the network and its resources, and that proxylets use ANDROID-developed facilities to provide secure applications. Management is based on policies and allows autonomous, distributed decisions and actions to be taken. Proxylets interface with the system via policies; among actions they can take is controlling execution of other proxylets or redirection of network traffic. Secure teleconferencing is used as the application to demonstrate the approach's advantages. A way to control a teleconference's data streams is to use digital watermarking of the video, audio and/or shared-whiteboard streams, providing an imperceptible and inseparable side channel that delivers information from originating or intermediate stations to downstream stations. Depending on the information carried by the watermark, these stations can take many different actions. Examples are forwarding decisions based on security classifications (possibly time-varying) at security boundaries, set-up and tear-down of virtual private networks, intelligent and adaptive transcoding, recorder or playback control (e.g., speaking off the record), copyright protection, and sender authentication.

Fatigue Behavior of a Cross-Ply Metal Matrix Composite at Elevated Temperature Under Strain Controlled Mode.

DTIC Science & Technology

1994-12-01

1991. 114 22. Nimmer, R. P. et al. "Fiber Array Geometry Effects Upon Composite Transverse Tensile Behavior," Titanium Aluminide Composites. February... Titanium , Silicon Carbide, Strain Control Mode 17. SECURITY CLASSIFICATION I18. SECURITY CLASSIFICATION 19. SECURITY CLASSIFIKATION 20. LIMITATION OF...ends. Boyum was the first to examine fully reversed (R=-l) fatigue of a titanium composite under the load control mode, at both room and elevated

WriteShield: A Pseudo Thin Client for Prevention of Information Leakage

NASA Astrophysics Data System (ADS)

Kirihata, Yasuhiro; Sameshima, Yoshiki; Onoyama, Takashi; Komoda, Norihisa

While thin-client systems are diffusing as an effective security method in enterprises and organizations, there is a new approach called pseudo thin-client system. In this system, local disks of clients are write-protected and user data is forced to save on the central file server to realize the same security effect of conventional thin-client systems. Since it takes purely the software-based simple approach, it does not require the hardware enhancement of network and servers to reduce the installation cost. However there are several problems such as no write control to external media, memory depletion possibility, and lower security because of the exceptional write permission to the system processes. In this paper, we propose WriteShield, a pseudo thin-client system which solves these issues. In this system, the local disks are write-protected with volume filter driver and it has a virtual cache mechanism to extend the memory cache size for the write protection. This paper presents design and implementation details of WriteShield. Besides we describe the security analysis and simulation evaluation of paging algorithms for virtual cache mechanism and measure the disk I/O performance to verify its feasibility in the actual environment.

Defense AT&L (Volume 37, Number 2, March-April 2008)

DTIC Science & Technology

2008-04-01

environment. Operational suit- ability is the degree to which a system can be satisfactorily placed in field use, with consideration given to reliability...devise the most effective test-and-evaluation strategy. Whenever possible, the program should be developed and fielded in small increments and provided... ability to control access to design-related informa- tion and availability of technology, and it will raise grave security considerations. Do you develop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Witzke, Edward L.

In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process,more » this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.« less

[Image-guided radiotherapy and partial delegation to radiotherapy technicians: Clermont-Ferrand experience].

PubMed

Loos, G; Moreau, J; Miroir, J; Benhaïm, C; Biau, J; Caillé, C; Bellière, A; Lapeyre, M

2013-10-01

The various image-guided radiotherapy techniques raise the question of how to achieve the control of patient positioning before irradiation session and sharing of tasks between radiation oncologists and radiotherapy technicians. We have put in place procedures and operating methods to make a partial delegation of tasks to radiotherapy technicians and secure the process in three situations: control by orthogonal kV imaging (kV-kV) of bony landmarks, control by kV-kV imaging of intraprostatic fiducial goldmarkers and control by cone beam CT (CBCT) imaging for prostate cancer. Significant medical overtime is required to control these three IGRT techniques. Because of their competence in imaging, these daily controls can be delegated to radiotherapy technicians. However, to secure the process, initial training and regular evaluation are essential. The analysis of the comparison of the use of kV/kV on bone structures allowed us to achieve a partial delegation of control to radiotherapy technicians. Controlling the positioning of the prostate through the use and automatic registration of fiducial goldmarkers allows better tracking of the prostate and can be easily delegated to radiotherapy technicians. The analysis of the use of daily cone beam CT for patients treated with intensity modulated irradiation is underway, and a comparison of practices between radiotherapy technicians and radiation oncologists is ongoing to know if a partial delegation of this control is possible. Copyright © 2013. Published by Elsevier SAS.

Evaluation of Ecological Environment Security in Contiguous Poverty Alleviation Area of Sichuan Province

NASA Astrophysics Data System (ADS)

Xian, W.; Chen, Y.; Chen, J.; Luo, X.; Shao, H.

2018-04-01

According to the overall requirements of ecological construction and environmental protection, rely on the national key ecological engineering, strengthen ecological environmental restoration and protection, improve forest cover, control soil erosion, construct important ecological security barrier in poor areas, inhibit poverty alleviation through ecological security in this area from environmental damage to the vicious cycle of poverty. Obviously, the dynamic monitoring of ecological security in contiguous destitute areas of Sichuan province has a policy sense of urgency and practical significance. This paper adopts RS technology and GIS technology to select the Luhe region of Jinchuan county and Ganzi prefecture as the research area, combined with the characteristics of ecological environment in poor areas, the impact factors of ecological environment are determined as land use type, terrain slope, vegetation cover, surface water, soil moisture and other factors. Using the ecological environmental safety assessment model, the ecological environment safety index is calculated. According to the index, the ecological environment safety of the research area is divided into four levels. The ecological environment safety classification map of 1990 in 2009 is obtained. It can be seen that with the human modern life and improve their economic level, the surrounding environment will be destroyed, because the research area ecological environment is now in good, the ecological environment generally tends to be stable. We should keep its ecological security good and improve local economic income. The relationship between ecological environmental security and economic coordinated development in poor areas has very important strategic significance.

IT Security Support for the Spaceport Command Control System Development

NASA Technical Reports Server (NTRS)

Varise, Brian

2014-01-01

My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

Injection of Contaminants into a Simulated Water Distribution System Equipped with Continuous Multi-Parameter Water Monitors

EPA Science Inventory

The U.S. EPA’s Technology Testing and Evaluation Program has been charged by EPA to evaluate the performance of commercially available water security-related technologies. Multi-parameter water monitors for distributions systems have been evaluated as such a water security techn...

20 CFR 416.920 - Evaluation of disability of adults, in general.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Evaluation of disability of adults, in general. 416.920 Section 416.920 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... § 416.920 Evaluation of disability of adults, in general. (a) General—(1) Purpose of this section. This...

20 CFR 416.920 - Evaluation of disability of adults, in general.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Evaluation of disability of adults, in general. 416.920 Section 416.920 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... § 416.920 Evaluation of disability of adults, in general. (a) General—(1) Purpose of this section. This...

20 CFR 416.920 - Evaluation of disability of adults, in general.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Evaluation of disability of adults, in general. 416.920 Section 416.920 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... § 416.920 Evaluation of disability of adults, in general. (a) General—(1) Purpose of this section. This...

20 CFR 416.920 - Evaluation of disability of adults, in general.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Evaluation of disability of adults, in general. 416.920 Section 416.920 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... § 416.920 Evaluation of disability of adults, in general. (a) General—(1) Purpose of this section. This...

20 CFR 416.920 - Evaluation of disability of adults, in general.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Evaluation of disability of adults, in general. 416.920 Section 416.920 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... § 416.920 Evaluation of disability of adults, in general. (a) General—(1) Purpose of this section. This...

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2013 CFR

2013-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2014 CFR

2014-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

33 CFR 106.205 - Company Security Officer (CSO).

Code of Federal Regulations, 2012 CFR

2012-07-01

...) Methods of conducting audits, inspection, control, and monitoring; and (7) Techniques for security... security related communications; (7) Knowledge of current security threats and patterns; (8) Recognition and detection of dangerous substances and devices; (9) Recognition of characteristics and behavioral...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2012 CFR

2012-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2013 CFR

2013-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2011 CFR

2011-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2014 CFR

2014-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

PubMed Central

Masys, D. R.; Baker, D. B.

1997-01-01

The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks. PMID:9357644

A Method for Evaluating Information Security Governance (ISG) Components in Banking Environment

NASA Astrophysics Data System (ADS)

Ula, M.; Ula, M.; Fuadi, W.

2017-02-01

As modern banking increasingly relies on the internet and computer technologies to operate their businesses and market interactions, the threats and security breaches have highly increased in recent years. Insider and outsider attacks have caused global businesses lost trillions of Dollars a year. Therefore, that is a need for a proper framework to govern the information security in the banking system. The aim of this research is to propose and design an enhanced method to evaluate information security governance (ISG) implementation in banking environment. This research examines and compares the elements from the commonly used information security governance frameworks, standards and best practices. Their strength and weakness are considered in its approaches. The initial framework for governing the information security in banking system was constructed from document review. The framework was categorized into three levels which are Governance level, Managerial level, and technical level. The study further conducts an online survey for banking security professionals to get their professional judgment about the ISG most critical components and the importance for each ISG component that should be implemented in banking environment. Data from the survey was used to construct a mathematical model for ISG evaluation, component importance data used as weighting coefficient for the related component in the mathematical model. The research further develops a method for evaluating ISG implementation in banking based on the mathematical model. The proposed method was tested through real bank case study in an Indonesian local bank. The study evidently proves that the proposed method has sufficient coverage of ISG in banking environment and effectively evaluates the ISG implementation in banking environment.

Credit BG. Northeast and northwest facades of Building 4496 (Security ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

Credit BG. Northeast and northwest facades of Building 4496 (Security Facility) as seen when looking south (178°) from entrance to secured area. The Control Tower (Building 4500) appears in background. The Security Facility is part of the secured Building 4505 complex - Edwards Air Force Base, North Base, Security Facility, Northeast of A Street, Boron, Kern County, CA

Increasing security in inter-chip communication

DOE Office of Scientific and Technical Information (OSTI.GOV)

Edwards, Nathan J.; Hamlet, Jason; Bauer, Todd

An apparatus for increasing security in inter-chip communication includes a sending control module, a communication bus, and a receiving control module. The communication bus is coupled between the sending control module and the receiving control module. The sending control module operates to send data on the communication bus, disable the communication bus when threats are detected, or both.

Increasing security in inter-chip communication

DOEpatents

Edwards, Nathan J; Hamlet, Jason; Bauer, Todd; Helinski, Ryan

2014-10-28

An apparatus for increasing security in inter-chip communication includes a sending control module, a communication bus, and a receiving control module. The communication bus is coupled between the sending control module and the receiving control module. The sending control module operates to send data on the communication bus, disable the communication bus when threats are detected, or both.

Attachment, self-worth, and peer-group functioning in middle childhood.

PubMed

Booth-Laforce, Cathryn; Oh, Wonjung; Kim, Angel Hayoung; Rubin, Kenneth H; Rose-Krasnor, Linda; Burgess, Kim

2006-12-01

We evaluated links between peer-group functioning and indicators of attachment security in relation to both mother and father in middle childhood, among 73 10-year-olds (37 girls). Children's perceptions of security with both parents, coping styles with mother, and self-worth were assessed. Classmates, teachers, and mothers evaluated the participants' peer-related behavioral characteristics. Children's perceptions of security to both parents were related to others' appraisals of their social competence; perceptions of security to father were related to lower aggression. We did not find child gender effects, but children had higher security scores in relation to mother than to father. Self-worth perceptions mediated the relation between attachment and social competence.

Information Analysis Methodology for Border Security Deployment Prioritization and Post Deployment Evaluation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Booker, Paul M.; Maple, Scott A.

2010-06-08

Due to international commerce, cross-border conflicts, and corruption, a holistic, information driven, approach to border security is required to best understand how resources should be applied to affect sustainable improvements in border security. The ability to transport goods and people by land, sea, and air across international borders with relative ease for legitimate commercial purposes creates a challenging environment to detect illicit smuggling activities that destabilize national level border security. Smuggling activities operated for profit or smuggling operations driven by cross border conflicts where militant or terrorist organizations facilitate the transport of materials and or extremists to advance a causemore » add complexity to smuggling interdiction efforts. Border security efforts are further hampered when corruption thwarts interdiction efforts or reduces the effectiveness of technology deployed to enhance border security. These issues necessitate the implementation of a holistic approach to border security that leverages all available data. Large amounts of information found in hundreds of thousands of documents can be compiled to assess national or regional borders to identify variables that influence border security. Location data associated with border topics of interest may be extracted and plotted to better characterize the current border security environment for a given country or region. This baseline assessment enables further analysis, but also documents the initial state of border security that can be used to evaluate progress after border security improvements are made. Then, border security threats are prioritized via a systems analysis approach. Mitigation factors to address risks can be developed and evaluated against inhibiting factor such as corruption. This holistic approach to border security helps address the dynamic smuggling interdiction environment where illicit activities divert to a new location that provides less resistance to smuggling activities after training or technology is deployed at a given location. This paper will present an approach to holistic border security information analysis.« less

INcreasing Security and Protection through Infrastructure REsilience: The INSPIRE Project

NASA Astrophysics Data System (ADS)

D'Antonio, Salvatore; Romano, Luigi; Khelil, Abdelmajid; Suri, Neeraj

The INSPIRE project aims at enhancing the European potential in the field of security by ensuring the protection of critical information infrastructures through (a) the identification of their vulnerabilities and (b) the development of innovative techniques for securing networked process control systems. To increase the resilience of such systems INSPIRE will develop traffic engineering algorithms, diagnostic processes and self-reconfigurable architectures along with recovery techniques. Hence, the core idea of the INSPIRE project is to protect critical information infrastructures by appropriately configuring, managing, and securing the communication network which interconnects the distributed control systems. A working prototype will be implemented as a final demonstrator of selected scenarios. Controls/Communication Experts will support project partners in the validation and demonstration activities. INSPIRE will also contribute to standardization process in order to foster multi-operator interoperability and coordinated strategies for securing lifeline systems.

Design and evaluation of security multimedia warnings for children's smartphones

NASA Astrophysics Data System (ADS)

Menzel, Wiebke; Tuchscheerer, Sven; Fruth, Jana; Kraetzer, Christian; Dittmann, Jana

2012-02-01

This article describes primarily the development and empiric validation of a design for security warning messages on smartphones for primary school children (7-10 years old). Our design approach for security warnings for children uses a specific character and is based on recommendations of a paediatrician expert. The design criteria are adapted to children's skills, e.g. their visual, acoustic, and haptic perception and their literacy. The developed security warnings are prototypically implemented in an iOS application (on the iPhone 3G/4G) where children are warned by a simulated anti-malware background service, while they are busy with another task. For the evaluation we select methods for empiric validation of the design approach from the field of usability testing ("think aloud" test, questionnaires, log-files, etc.). Our security warnings prototype is evaluated in an empiric user study with 13 primary school children, aged between 8 and 9 years and of different gender (5 girls, 8 boys). The evaluation analysis shows, that nearly all children liked the design of our security warnings. Surprisingly, on several security warning messages most of the children react in the right way after reading the warning, although the meaning couldn't be interpreted in the right way. Another interesting result is, that several children relate specific information, e.g. update, to a specific character. Furthermore, it could be seen that most of the primary school test candidates have little awareness of security threats on smartphones. It is a very strong argument to develop e.g. tutorials or websites in order to raise awareness and teach children how to recognize security threats and how to react to them. Our design approach of security warnings for children's smartphones can be a basis for warning on other systems or applications like tutorials, which are used by children. In a second investigation, we focus on webpages, designed for children since smartphones and webpages (the services behind) are more and more interconnected. From this point of view those services should continue the securityapproaches for children's smartphones. The webservices were evaluated among different criteria, e.g. data protection. The results of a first investigation are reported in this paper.

Mobile detection assessment and response systems (MDARS): a force protection physical security operational success

NASA Astrophysics Data System (ADS)

Shoop, Brian; Johnston, Michael; Goehring, Richard; Moneyhun, Jon; Skibba, Brian

2006-05-01

MDARS is a Semi-autonomous unmanned ground vehicle with intrusion detection & assessment, product & barrier assessment payloads. Its functions include surveillance, security, early warning, incident first response and product and barrier status primarily focused on a depot/munitions security mission at structured/semi-structured facilities. MDARS is in Systems Development and Demonstration (SDD) under the Product Manager for Force Protection Systems (PM-FPS). MDARS capabilities include semi-autonomous navigation, obstacle avoidance, motion detection, day and night imagers, radio frequency tag inventory/barrier assessment and audio challenge and response. Four SDD MDARS Patrol Vehicles have been undergoing operational evaluation at Hawthorne Army Depot, NV (HWAD) since October 2004. Hawthorne personnel were trained to administer, operate and maintain the system in accordance with the US Army Military Police School (USAMPS) Concept of Employment and the PM-FPS MDARS Integrated Logistic Support Plan. The system was subjected to intensive periods of evaluation under the guidance and control of the Army Test and Evaluation Center (ATEC) and PM-FPS. Significantly, in terms of User acceptance, the system has been under the "operational control" of the installation performing security and force protection missions in support of daily operations. This evaluation is intended to assess MDARS operational effectiveness in an operational environment. Initial observations show that MDARS provides enhanced force protection, can potentially reduce manpower requirements by conducting routine tasks within its design capabilities and reduces Soldier exposure in the initial response to emerging incidents and situations. Success of the MDARS program has been instrumental in the design and development of two additional robotic force protection programs. The first was the USAF Force Protection Battle Lab sponsored Remote Detection Challenge & Response (REDCAR) concept demonstration executed by the Air Force Robotics Lab (AFRL). The REDCAR used an MDARS PUV as the central robotic technology and expanded the concept to incorporate a smaller high speed platform (SCOUT) equipped with lethal, non-lethal and challenge components as an engagement platform and, in a marsupial configuration on the MDARS, a small UGV that can be deployed to investigate close quarters areas. The Family of Integrated Rapid Response Equipment (FIRRE) program further expands these concepts by incorporating and adapting other mobile/tactical force protection equipment with a more robust Unmanned Ground Vehicle into an "Expeditionary" configuration to provide the current force with a rapidly deployable force protection system that can operate in austere less structured and protected environments. A USAMPS/ MANCEN sponsored "FIRRE System Demonstration" in Iraq is scheduled to begin in FY '07.

Novel Control Scheme of Power Assisted Wheelchair for Preventing Overturn (Part I)-Adjustment of Assisted Torque and Performance Evaluation From Field Test-

NASA Astrophysics Data System (ADS)

Seki, Hirokazu; Hata, Naoki; Koyasu, Yuichi; Hori, Yoichi

Aged people and disabled people who have difficulty in walking are increasing. As one of mobility support, significance of power assisted wheelchair which assists driving force using electric motors and spreads their living areas has been enhanced. However, the increased driving force often causes a dangerous overturn of wheelchair. In this paper, control method to prevent power assisted wheelchair from overturning is proposed. It is found the front wheels rising is caused by magnitude and rapid increase of assisted torque. Therefore, feedforward control method to limit the assisted torque by tuning its magnitude or time constant is proposed. In order to emphasize safety and feeling of security, these methods make the front wheels no rise. The effectiveness of the proposed method is verified by the practical experiments and field test based performance evaluation using many trial subjects.

Nevada National Security Site Environmental Report Summary 2016

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wills, Cathy

This document is a summary of the full 2016 Nevada National Security Site Environmental Report (NNSSER) prepared by the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/ NFO). This summary provides an abbreviated and more readable version of the full NNSSER. NNSA/NFO prepares the NNSSER to provide the public an understanding of the environmental monitoring and compliance activities that are conducted on the Nevada National Security Site (NNSS) to protect the public and the environment from radiation hazards and from potential nonradiological impacts. It is a comprehensive report of environmental activities performed at the NNSS andmore » offsite facilities over the previous calendar year. The NNSS is currently the nation’s unique site for ongoing national security–related missions and high-risk operations. The NNSS is located about 65 miles northwest of Las Vegas. The approximately 1,360-square-mile site is one of the largest restricted access areas in the United States. It is surrounded by federal installations with strictly controlled access as well as by lands that are open to public entry. In 2016, National Security Technologies, LLC (NSTec), was the NNSS Management and Operations Contractor accountable for ensuring work was performed in compliance with environmental regulations. NNSS activities in 2016 continued to be diverse, with the primary goal to ensure that the existing U.S. stockpile of nuclear weapons remains safe and reliable. Other activities included weapons of mass destruction first responder training; the controlled release of hazardous material at the Nonproliferation Test and Evaluation Complex (NPTEC); remediation of legacy contamination sites; characterization of waste destined for the Waste Isolation Pilot Plant in Carlsbad, New Mexico, or the Idaho National Laboratory in Idaho Falls, Idaho; disposal of low-level and mixed low-level radioactive waste; and environmental research. Facilities and centers that support the National Security/Defense mission include the U1a Facility, Big Explosives Experimental Facility (BEEF), Device Assembly Facility (DAF), National Criticality Experiments Research Center (NCERC) located in the DAF, Joint Actinide Shock Physics Experimental Research (JASPER) Facility, Dense Plasma Focus (DPF) Facility located in the Los Alamos Technical Facility (LATF), and the Radiological/ Nuclear Countermeasures Test and Evaluation Complex (RNCTEC). Facilities that support the Environmental Management mission include the Area 5 Radioactive Waste Management Complex (RWMC) and the Area 3 Radioactive Waste Management Site (RWMS), which has been in cold standby since 2006.« less

10 CFR 712.16 - DOE security review.

Code of Federal Regulations, 2010 CFR

2010-01-01

... of the HRP process, the HRP certifying official must be notified and the security concern evaluated... part. (c) Any mental/personality disorder or behavioral issues found in a personnel security file...

Special Analysis for the Disposal of the Lawrence Livermore National Laboratory Low Activity Beta/Gamma Sources Waste Stream at the Area 5 Radioactive Waste Management Site, Nevada National Security Site, Nye County, Nevada

DOE Office of Scientific and Technical Information (OSTI.GOV)

Shott, Gregory J.

This special analysis (SA) evaluates whether the Lawrence Livermore National Laboratory (LLNL) Low Activity Beta/Gamma Sources waste stream (BCLALADOEOSRP, Revision 0) is suitable for disposal by shallow land burial (SLB) at the Area 5 Radioactive Waste Management Site (RWMS) at the Nevada National Security Site (NNSS). The LLNL Low Activity Beta/Gamma Sources waste stream consists of sealed sources that are no longer needed. The LLNL Low Activity Beta/Gamma Sources waste stream required a special analysis because cobalt-60 (60Co), strontium-90 (90Sr), cesium-137 (137Cs), and radium-226 (226Ra) exceeded the NNSS Waste Acceptance Criteria (WAC) Action Levels (U.S. Department of Energy, National Nuclearmore » Security Administration Nevada Field Office [NNSA/NFO] 2015). The results indicate that all performance objectives can be met with disposal of the LLNL Low Activity Beta/Gamma Sources in a SLB trench. The LLNL Low Activity Beta/Gamma Sources waste stream is suitable for disposal by SLB at the Area 5 RWMS. However, the activity concentration of 226Ra listed on the waste profile sheet significantly exceeds the action level. Approval of the waste profile sheet could potentially allow the disposal of high activity 226Ra sources. To ensure that the generator does not include large 226Ra sources in this waste stream without additional evaluation, a control is need on the maximum 226Ra inventory. A limit based on the generator’s estimate of the total 226Ra inventory is recommended. The waste stream is recommended for approval with the control that the total 226Ra inventory disposed shall not exceed 5.5E10 Bq (1.5 Ci).« less

5 CFR 1312.31 - Security violations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... States Secret Service when an office/division fails to properly secure classified information. Upon... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Security violations. 1312.31 Section 1312..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of...

49 CFR 1580.107 - Chain of custody and control requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... businesses, housing, schools, and hospitals. (4) Any information regarding threats to the facility. (5) Other...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY RAIL TRANSPORTATION SECURITY Freight Rail Including Freight Railroad Carriers, Rail Hazardous Materials...

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2007-01-01

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

76 FR 35275 - Export Control Reform Initiative: Strategic Trade Authorization License Exception

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-16

.... The Export Control Reform Initiative is designed to enhance U.S. national security and strengthen the... Security 15 CFR Parts 732, 738, 740, et al. Export Control Reform Initiative: Strategic Trade Authorization... Parts 732, 738, 740, 743, and 774 [Docket No. 100923470-1230-03] RIN 0694-AF03 Export Control Reform...

27 CFR 73.12 - What security controls must I use for identification codes and passwords?

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2010-04-01 2010-04-01 false What security controls... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure their...

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay.

PubMed

Hu, Hequn; Gao, Zhenzhen; Liao, Xuewen; Leung, Victor C M

2017-09-04

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device's messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission ( P S S T ), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. P S S T is analyzed for the proposed secure schemes, and the closed form expressions of P S S T for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better P S S T than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar P S S T , the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations.

Mechanical code comparator

DOEpatents

Peter, Frank J.; Dalton, Larry J.; Plummer, David W.

2002-01-01

A new class of mechanical code comparators is described which have broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electromechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. These devices provide extremely high levels of robust security. Being totally mechanical in operation, an access control system properly based on such devices cannot be circumvented by software attack alone.

76 FR 68242 - Self-Regulatory Organizations; Chicago Mercantile Exchange, Inc.; Order Approving Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-03

... securities and funds which are in the custody or control of such clearing agency or for which it is... assure the safeguarding of securities and funds which are in its custody or control or for which it is... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-65655; File No. SR-CME-2011-07] Self-Regulatory...

Toward Privacy-preserving Content Access Control for Information Centric Networking

DTIC Science & Technology

2014-03-01

REPORT Toward Privacy-preserving Content Access Control for Information Centric Networking 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: Information...regardless the security mechanisms provided by different content hosting servers. However, using ABE has a drawback that the enforced content access...Encryption (ABE) is a flexible approach to enforce the content access policies regardless the security mechanisms provided by different content hosting

DOE`s nation-wide system for access control can solve problems for the federal government

DOE Office of Scientific and Technical Information (OSTI.GOV)

Callahan, S.; Tomes, D.; Davis, G.

1996-07-01

The U.S. Department of Energy`s (DOE`s) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by manymore » different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location`s level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals.« less

Lemnos interoperable security project.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Halbgewachs, Ronald D.

2010-03-01

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance inmore » a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.« less

Evaluation of Uncertainty in Constituent Input Parameters for Modeling the Fate of IMX 101 Components

DTIC Science & Technology

2017-05-01

ER D C/ EL T R- 17 -7 Environmental Security Technology Certification Program (ESTCP) Evaluation of Uncertainty in Constituent Input...Environmental Security Technology Certification Program (ESTCP) ERDC/EL TR-17-7 May 2017 Evaluation of Uncertainty in Constituent Input Parameters...Environmental Evaluation and Characterization Sys- tem (TREECS™) was applied to a groundwater site and a surface water site to evaluate the sensitivity

Evaluation of anger management groups in a high-security hospital.

PubMed

Wilson, Claire; Gandolfi, Stacy; Dudley, Alison; Thomas, Brian; Tapp, James; Moore, Estelle

2013-12-01

Anger management programmes for offenders typically aim to improve the management of emotion associated with aggressive and antisocial behaviour. Such programmes have been quite extensively evaluated in prison and probation settings, but there is less published research in forensic mental health settings. This study aimed to evaluate anger management groups in a high-security hospital. Eighty-six patients were referred for a 20-session anger management intervention. Outcomes were self-reported experiences of anger and changes in institutionally documented incidents of aggression. Incident rates were retrospectively reviewed for all group graduates, where data were available, including a comparison group of graduates who acted as their own controls. Group graduates reported sustained reductions in feelings of anger and positive changes in their use of aggression in reaction to provocation. Some reduction in incidents of physical aggression was noted when group completers were compared with non-completers. Incidents of verbal aggression were observed to increase for graduates. There was also a trend towards improvement when treated men were compared with men on the waiting list. Our findings contribute to the growing evidence for anger management groups for aggressive men, although the low-base rate of incidents, typical of such a containing and therapeutic hospital setting, rendered the analysis of behavioural outcomes difficult. Anger management sessions for male forensic psychiatric patients can be effective in reducing incidents of physical aggression in response to provocation. Evaluation of treatments for anger is particularly difficult in secure and protective settings, where the aim is to keep incidents of actual physical aggression to a minimum. Further research of this kind is needed to test the value of self-reported reduction in angry feelings as an indicator of clinically useful progress. Copyright © 2013 John Wiley & Sons, Ltd.

Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality.

PubMed

Herd, Toria; Li, Mengjiao; Maciejewski, Dominique; Lee, Jacob; Deater-Deckard, Kirby; King-Casas, Brooks; Kim-Spoon, Jungmeen

2018-01-01

Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males) who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents' inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent's secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers.

Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality

PubMed Central

Herd, Toria; Li, Mengjiao; Maciejewski, Dominique; Lee, Jacob; Deater-Deckard, Kirby; King-Casas, Brooks; Kim-Spoon, Jungmeen

2018-01-01

Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males) who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents’ inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent’s secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers. PMID:29535664

The development of the Project NetWork administrative records database for policy evaluation.

PubMed

Rupp, K; Driessen, D; Kornfeld, R; Wood, M

1999-01-01

This article describes the development of SSA's administrative records database for the Project NetWork return-to-work experiment targeting persons with disabilities. The article is part of a series of papers on the evaluation of the Project NetWork demonstration. In addition to 8,248 Project NetWork participants randomly assigned to receive case management services and a control group, the simulation identified 138,613 eligible nonparticipants in the demonstration areas. The output data files contain detailed monthly information on Supplemental Security Income (SSI) and Disability Insurance (DI) benefits, annual earnings, and a set of demographic and diagnostic variables. The data allow for the measurement of net outcomes and the analysis of factors affecting participation. The results suggest that it is feasible to simulate complex eligibility rules using administrative records, and create a clean and edited data file for a comprehensive and credible evaluation. The study shows that it is feasible to use administrative records data for selecting control or comparison groups in future demonstration evaluations.

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2013 CFR

2013-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2012 CFR

2012-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2014 CFR

2014-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

33 CFR 101.400 - Enforcement.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Enforcement. 101.400 Section 101.400 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.400 Enforcement. (a) The rules and...

78 FR 51266 - International Security Advisory Board (ISAB) Meeting Notice

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-20

... DEPARTMENT OF STATE [Public Notice 8419] International Security Advisory Board (ISAB) Meeting.... App Sec. 10(a)(2), the Department of State announces a meeting of the International Security Advisory... all aspects of arms control, disarmament, political-military affairs, international security and...

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

PubMed Central

Park, Woo-Sung; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-01-01

Objectives The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. Methods The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. Results With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. Conclusions The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS. PMID:21818429

Exploring the Educational Needs of the Homeland Security Community

ERIC Educational Resources Information Center

France, Paul

2012-01-01

This study involved an evaluation of the subjective perspectives held by a panel of 16 homeland security subject matter experts to determine what the needs of the homeland security professional community are for educational programs. The researcher examined the knowledge, skills, and abilities deemed important in homeland security to determine…

Security evaluation of the quantum key distribution system with two-mode squeezed states

DOE Office of Scientific and Technical Information (OSTI.GOV)

Osaki, M.; Ban, M.

2003-08-01

The quantum key distribution (QKD) system with two-mode squeezed states has been demonstrated by Pereira et al. [Phys. Rev. A 62, 042311 (2000)]. They evaluate the security of the system based on the signal to noise ratio attained by a homodyne detector. In this paper, we discuss its security based on the error probability individually attacked by eavesdropper with the unambiguous or the error optimum detection. The influence of the energy loss at transmission channels is also taken into account. It will be shown that the QKD system is secure under these conditions.

5. SOUTH ELEVATION OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

5. SOUTH ELEVATION OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

6. SOUTHWEST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

6. SOUTHWEST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

7. SOUTHEAST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

7. SOUTHEAST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

Food security is related to adult type 2 diabetes control over time in a United States safety net primary care clinic population.

PubMed

Shalowitz, M U; Eng, J S; McKinney, C O; Krohn, J; Lapin, B; Wang, C-H; Nodine, E

2017-05-15

Successful Type 2 diabetes management requires adopting a high nutrient-density diet made up of food items that both meet dietary needs and preferences and can be feasibly obtained on a regular basis. However, access to affordable, nutrient-dense foods often is lacking in poorer neighbourhoods. Therefore, low food security should directly impair glucose control, even when patients have full access to and utilize comprehensive medical management. The present study sought to determine whether food security is related longitudinally to glucose control, over-and-above ongoing medication management, among Type 2 diabetes patients receiving comprehensive care at a Midwestern multi-site federally qualified health centre (FQHC). In this longitudinal observational study, we completed a baseline assessment of patients' food security (using the US Household Food Security Module), demographics (via Census items), and diabetes history/management (using a structured clinical encounter form) when patients began receiving diabetes care at the health centre. We then recorded those patients' A1C levels several times during a 24-month follow-up period. Three hundred and ninety-nine patients (56% with low food security) had a baseline A1c measurement; a subsample of 336 (median age=52 years; 56% female; 60% Hispanic, 27% African American, and 9% White) also had at least one follow-up A1c measurement. Patients with lower (vs higher) food security were more likely to be on insulin and have higher A1c levels at baseline. Moreover, the disparity in glucose control by food security status persisted throughout the next 2 years. Although results were based on one multi-site FQHC, potentially limiting their generalizability, they seem to suggest that among Type 2 diabetes patients, low food security directly impairs glucose control-even when patients receive full access to comprehensive medical management-thereby increasing their long-term risks of high morbidity, early mortality, and high health-care utilization and cost.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

33 CFR 104.215 - Vessel Security Officer (VSO).

Code of Federal Regulations, 2011 CFR

2011-07-01

... procedures, including scenario-based response training; (4) Crowd management and control techniques; (5) Operations of security equipment and systems; and (6) Testing and calibration of security equipment and...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2010 CFR

2010-04-01

... over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND... § 229.308 (Item 308) Internal control over financial reporting. (a) Management's annual report on internal control over financial reporting. Provide a report of management on the registrant's internal...

17 CFR 38.255 - Risk controls for trading.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Risk controls for trading. 38.255 Section 38.255 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Prevention of Market Disruption § 38.255 Risk controls for trading. The designated...

17 CFR 38.255 - Risk controls for trading.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Risk controls for trading. 38.255 Section 38.255 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Prevention of Market Disruption § 38.255 Risk controls for trading. The designated...

Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

NASA Astrophysics Data System (ADS)

Gonzalez, Elias; Kish, Laszlo B.

2016-03-01

As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

Structuring Homeland Security

DTIC Science & Technology

2002-04-09

20 AIRPORT SECURITY .............................................................................................. 20...using an existing command and control structure. Since September 11, 2001 airport security has been of heightened importance to the American public...In order to use Reserves to provide airport security the airports themselves should be made federal property. This would allow greater flexibility for

75 FR 29567 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... Information Collection Activity Under OMB Review: Aviation Security Customer Satisfaction Performance... surveying travelers to measure customer satisfaction of aviation security in an effort to more efficiently.... Information Collection Requirement OMB Control Number 1652-0013; Aviation Security Customer Satisfaction...

A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

NASA Astrophysics Data System (ADS)

Hassan, Ahmed A.; Bahgat, Waleed M.

2010-01-01

Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

Electronic communications and home blood pressure monitoring (e-BP) study: design, delivery, and evaluation framework.

PubMed

Green, Beverly B; Ralston, James D; Fishman, Paul A; Catz, Sheryl L; Cook, Andrea; Carlson, Jim; Tyll, Lynda; Carrell, David; Thompson, Robert S

2008-05-01

Randomized controlled trials have provided unequivocal evidence that treatment of hypertension decreases mortality and major disability from cardiovascular disease; however, blood pressure remains inadequately treated in most affected individuals. This large gap continues despite the facts that more than 90% of adults with hypertension have health insurance, and hypertension is the leading cause of visits to the doctor. New approaches are needed to improve hypertension care. The Electronic Communications and Home Blood Pressure Monitoring (e-BP) study is a three-arm randomized controlled trial designed to determine whether care based on the Chronic Care Model and delivered over the Internet improves hypertension care. The primary study outcomes are systolic, diastolic, and blood pressure control; secondary outcomes are medication adherence, patient self-efficacy, satisfaction and quality of life, and healthcare utilization and costs. Hypertensive patients receiving care at Group Health medical centers are eligible if they have uncontrolled blood pressure on two screening visits and access to the Web and an e-mail address. Study participants are randomly assigned to three intervention groups: (a) usual care; (b) home blood pressure monitoring receipt and proficiency training on its use and the Group Health secure patient website (with secure e-mail access to their healthcare provider, access to a shared medical record, prescription refill and other services); or (c) this plus pharmacist care management (collaborative care management between the patient, the pharmacist, and the patient's physician via a secure patient website and the electronic medical record). We will determine whether a new model of patient-centered care that leverages Web communications, self-monitoring, and collaborative care management improves hypertension control. If this model proves successful and cost-effective, similar interventions could be used to improve the care of large numbers of patients with uncontrolled hypertension.

Orchestrating BMD Control in Extended BPEL

DTIC Science & Technology

2008-05-21

Orchestration of secure WebMail , Technical Report ISE-TR-06-08, George Mason University, Fairfax, VA, August 2006. [9] E. Christensen, F. Curbera...methods to access and dissemination control, securing circuit switched (SS7) and IP based telecommunication (VoIP) systems, multimedia, security ...decorating the Business Process Execution Language (BPEL) with Quality of Service (QoS), Measures of Performance (MoP), Measures of Effectiveness (MoE

A Survey and Evaluation of Software Quality Assurance.

DTIC Science & Technology

1984-09-01

activities; 2. Cryptologic activities related to national security; 3. Command and control of military forces; 4. Equipment that is an integral part of a...Testing and Integration , and Performance or Operation (6). Figure 3 shows the software life cycle and the key outputs of the phases. The first phase to...defects. This procedure is considered the Checkout (13:09-91). Once coding is complete, the Testing and Integration Phase begins. Here the developed

Evaluating U.S. and Chinese Cyber Security Strategies Within a Cultural Framework

DTIC Science & Technology

2016-04-01

predictable courses of action that an organization would take. Hofstede’s National Cultural Dimensions Starting with Hofstede’s work as a foundation to...accepted cultural influences. When combined with Hofstede’s dimensions, and Kim’s framework, strategic vision and goals may start to become more...China has exhibited a tendency for the controlled, politically driven defensive and minimalistic use of force that is deeply rooted in the statecraft

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Developing an Assessment, Monitoring, and Evaluation Framework for U.S. Department of Defense Security Cooperation

DTIC Science & Technology

2016-09-01

be conducted midstream, at the end of an activity program or LOE, or ex post facto . Not all security cooperation endeavors require evaluation...noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only...iv Developing an AME Framework for DoD Security Cooperation approach, the study team analyzed documents, interviewed subject- matter experts

Evaluation of the Efficiency of Liquid Cooling Garments using a Thermal Manikin

DTIC Science & Technology

2005-05-01

temperatures. The software also calculates thermal resistances and evaporative resistances. TM tests were run dry (i.e. no sweating ) and wet (i.e...REPORT DOCUMENTATION PAGE Form ApprovedOMB No . 0704-0188 SECURITY CLASSIFICATION OF REPORT SECURITY CLASSIFICATION OF THIS PAGE SECURITY CLASSIFICATION...OF ABSTRACT 8. M05-17 1. AGENCY USE ONLY (Leave blank) 4. TITLE AND SUBTITLE EVALUATION OF THE EFFICIENCY OF LIQUID COOLING GARMENTS USING A THERMAL

Guidelines for developing NASA (National Aeronautics and Space Administration) ADP security risk management plans

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1983-01-01

This report presents guidance to NASA Computer security officials for developing ADP security risk management plans. The six components of the risk management process are identified and discussed. Guidance is presented on how to manage security risks that have been identified during a risk analysis performed at a data processing facility or during the security evaluation of an application system.

Cox report and the US-China arms control technical exchange program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Di Capua, M S

The ACE program furthered the national security interests of the US by promoting technical approaches to the implementation and verification of arms control treaties that the international community embraces. The Cox Committee report suggests that uncontrolled interactions were taking place between US and Chinese nuclear weapons scientists in the course of the ACE program. On the contrary, elaborate controls were in place at the very beginning and remained in place to control the interactions and protect US national security information. The ACE program payoff to national security was just beginning and its suspension, resulting from the Cox reports allegations, ismore » a setback to US-China progress on arms control.« less

Attack-tolerant networked control system: an approach for detection the controller stealthy hijacking attack

NASA Astrophysics Data System (ADS)

Atta Yaseen, Amer; Bayart, Mireille

2017-01-01

In this work, a new approach will be introduced as a development for the attack-tolerant scheme in the Networked Control System (NCS). The objective is to be able to detect an attack such as the Stuxnet case where the controller is reprogrammed and hijacked. Besides the ability to detect the stealthy controller hijacking attack, the advantage of this approach is that there is no need for a priori mathematical model of the controller. In order to implement the proposed scheme, a specific detector for the controller hijacking attack is designed. The performance of this scheme is evaluated be connected the detector to NCS with basic security elements such as Data Encryption Standard (DES), Message Digest (MD5), and timestamp. The detector is tested along with networked PI controller under stealthy hijacking attack. The test results of the proposed method show that the hijacked controller can be significantly detected and recovered.

Important variables for parents' postnatal sense of security: evaluating a new Swedish instrument (the PPSS instrument).

PubMed

Persson, Eva K; Dykes, Anna-Karin

2009-08-01

to evaluate dimensions of both parents' postnatal sense of security the first week after childbirth, and to determine associations between the PPSS instrument and different sociodemographic and situational background variables. evaluative, cross-sectional design. 113 mothers and 99 fathers with children live born at term, from five hospitals in southern Sweden. mothers and fathers had similar feelings concerning postnatal sense of security. Of the dimensions in the PPSS instrument, a sense of midwives'/nurses' empowering behaviour, a sense of one's own general well-being and a sense of the mother's well-being as experienced by the father were the most important dimensions for parents' experienced security. A sense of affinity within the family (for both parents) and a sense of manageable breast feeding (for mothers) were not significantly associated with their experienced security. A sense of participation during pregnancy and general anxiety were significantly associated background variables for postnatal sense of security for both parents. For the mothers, parity and a sense that the father was participating during pregnancy were also significantly associated. more focus on parents' participation during pregnancy as well as midwives'/nurses' empowering behaviour during the postnatal period will be beneficial for both parents' postnatal sense of security.

Allergy and Asthma Care in the Mobile Phone Era.

PubMed

Huang, Xinyuan; Matricardi, Paolo Maria

2016-05-21

Strategies to improve patients' adherence to treatment are essential to reduce the great health and economic burden of allergic rhinitis and asthma. Mobile phone applications (apps) for a better management of allergic diseases are growing in number, but their usefulness for doctors and patients is still debated. Controlled trials have investigated the feasibility, cost-effectiveness, security, and perspectives of the use of tele-medicine in the self-management of asthma. These studies focused on different tools or devices, such as SMS, telephone calls, automatic voice response system, mobile applications, speech recognition system, or cloud-computing systems. While some trials concluded that m-Health can improve asthma control and the patient's quality of life, others did not show any advantage in relation to usual care. The only controlled study on allergic rhinitis showed an improvement of adherence to treatment among tele-monitored patients compared to those managed with usual care. Most studies have also highlighted a few shortcomings and limitations of tele-medicine, mainly concerning security and cost-efficiency. The use of smartphones and apps for a personalized asthma and allergy care needs to be further evaluated and optimized before conclusions on its usefulness can be drawn.

Land Ecological Security Evaluation of Underground Iron Mine Based on PSR Model

NASA Astrophysics Data System (ADS)

Xiao, Xiao; Chen, Yong; Ruan, Jinghua; Hong, Qiang; Gan, Yong

2018-01-01

Iron ore mine provides an important strategic resource to the national economy while it also causes many serious ecological problems to the environment. The study summed up the characteristics of ecological environment problems of underground iron mine. Considering the mining process of underground iron mine, we analysis connections between mining production, resource, environment and economical background. The paper proposed a land ecological security evaluation system and method of underground iron mine based on Pressure-State-Response model. Our application in Chengchao iron mine proves its efficiency and promising guide on land ecological security evaluation.

Application of the API/NPRA SVA methodology to transportation security issues.

PubMed

Moore, David A

2006-03-17

Security vulnerability analysis (SVA) is becoming more prevalent as the issue of chemical process security is of greater concern. The American Petroleum Institute (API) and the National Petrochemical and Refiner's Association (NPRA) have developed a guideline for conducting SVAs of petroleum and petrochemical facilities in May 2003. In 2004, the same organizations enhanced the guidelines by adding the ability to evaluate transportation security risks (pipeline, truck, and rail). The importance of including transportation and value chain security in addition to fixed facility security in a SVA is that these issues may be critically important to understanding the total risk of the operation. Most of the SVAs done using the API/NPRA SVA and other SVA methods were centered on the fixed facility and the operations within the plant fence. Transportation interfaces alone are normally studied as a part of the facility SVA, and the entire transportation route impacts and value chain disruption are not commonly considered. Particularly from a national, regional, or local infrastructure analysis standpoint, understanding the interdependencies is critical to the risk assessment. Transportation risks may include weaponization of the asset by direct attack en route, sabotage, or a Trojan Horse style attack into a facility. The risks differ in the level of access control and the degree of public exposures, as well as the dynamic nature of the assets. The public exposures along the transportation route need to be carefully considered. Risks may be mitigated by one of many strategies including internment, staging, prioritization, conscription, or prohibition, as well as by administrative security measures and technology for monitoring and isolating the assets. This paper illustrates how these risks can be analyzed by the API/NPRA SVA methodology. Examples are given of a pipeline operation, and other examples are found in the guidelines.

Mere exposure revisited: the influence of growth versus security cues on evaluations of novel and familiar stimuli.

PubMed

Gillebaart, Marleen; Förster, Jens; Rotteveel, Mark

2012-11-01

Combining regulatory focus theory (Higgins, 1997) and novelty categorization theory (Förster, Marguc, & Gillebaart, 2010), we predicted that novel stimuli would be more positively evaluated when focused on growth as compared with security and that familiar stimuli would be more negatively evaluated when focused on growth as compared with security. This would occur, at least in part, because of changes in category breadth. We tested effects of several variables linked to growth and security on evaluations of novel and familiar stimuli. Using a subliminal mere exposure paradigm, results showed novel stimuli were evaluated more positively in a promotion focus compared to a prevention focus (Experiments 1A-1C), with high power compared to low power (Experiment 2A), and with the color blue compared to red (Experiment 2B). For familiar stimuli, all effects were reversed. Additionally, as predicted by novelty categorization theory, novel stimuli were liked better after broad compared to narrow category priming, and familiar stimuli were liked better after narrow compared with broad category priming (Experiment 3). We suggest, therefore, that although familiarity glows warmly in security-related contexts, people prefer novelty when they are primarily focused on growth. (PsycINFO Database Record (c) 2012 APA, all rights reserved).

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS... such as walls or partitions, by traffic control lines or restricted space designation. The employee...

17 CFR 37.405 - Risk controls for trading.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Risk controls for trading. 37.405 Section 37.405 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SWAP EXECUTION FACILITIES Monitoring of Trading and Trade Processing § 37.405 Risk controls for trading. The swap...

Cheating in OSCEs: The Impact of Simulated Security Breaches on OSCE Performance.

PubMed

Gotzmann, Andrea; De Champlain, André; Homayra, Fahmida; Fotheringham, Alexa; de Vries, Ingrid; Forgie, Melissa; Pugh, Debra

2017-01-01

Construct: Valid score interpretation is important for constructs in performance assessments such as objective structured clinical examinations (OSCEs). An OSCE is a type of performance assessment in which a series of standardized patients interact with the student or candidate who is scored by either the standardized patient or a physician examiner. In high-stakes examinations, test security is an important issue. Students accessing unauthorized test materials can create an unfair advantage and lead to examination scores that do not reflect students' true ability level. The purpose of this study was to assess the impact of various simulated security breaches on OSCE scores. Seventy-six 3rd-year medical students participated in an 8-station OSCE and were randomized to either a control group or to 1 of 2 experimental conditions simulating test security breaches: station topic (i.e., providing a list of station topics prior to the examination) or egregious security breach (i.e., providing detailed content information prior to the examination). Overall total scores were compared for the 3 groups using both a one-way between-subjects analysis of variance and a repeated measure analysis of variance to compare the checklist, rating scales, and oral question subscores across the three conditions. Overall total scores were highest for the egregious security breach condition (81.8%), followed by the station topic condition (73.6%), and they were lowest for the control group (67.4%). This trend was also found with checklist subscores only (79.1%, 64.9%, and 60.3%, respectively for the security breach, station topic, and control conditions). Rating scale subscores were higher for both the station topic and egregious security breach conditions compared to the control group (82.6%, 83.1%, and 77.6%, respectively). Oral question subscores were significantly higher for the egregious security breach condition (88.8%) followed by the station topic condition (64.3%), and they were the lowest for the control group (48.6%). This simulation of different OSCE security breaches demonstrated that student performance is greatly advantaged by having prior access to test materials. This has important implications for medical educators as they develop policies and procedures regarding the safeguarding and reuse of test content.

Security Considerations for E-Mental Health Interventions

PubMed Central

Bennett, Anthony James; Griffiths, Kathleen Margaret

2010-01-01

Security considerations are an often overlooked and underfunded aspect of the development, delivery, and evaluation of e-mental health interventions although they are crucial to the overall success of any eHealth project. The credibility and reliability of eHealth scientific research and the service delivery of eHealth interventions rely on a high standard of data security. This paper describes some of the key methodological, technical, and procedural issues that need to be considered to ensure that eHealth research and intervention delivery meet adequate security standards. The paper concludes by summarizing broad strategies for addressing the major security risks associated with eHealth interventions. These include involving information technology (IT) developers in all stages of the intervention process including its development, evaluation, and ongoing delivery; establishing a wide-ranging discourse about relevant security issues; and familiarizing researchers and providers with the security measures that must be instituted in order to protect the integrity of eHealth interventions. PMID:21169173

Learning Locked down: Evaluating the Treatment of Students' Rights in High Security School Environments

ERIC Educational Resources Information Center

Bracy, Nicole L.

2009-01-01

Public schools have transformed significantly over the past several decades in response to broad concerns about rising school violence. Today's public schools are high security environments employing tactics commonly found in jails and prisons such as police officers, security cameras, identification systems, and secure building strategies.…

Evaluation of Participant Needs in a Regional Center for Security Studies

ERIC Educational Resources Information Center

Schmoker, Oliver E., III.

2009-01-01

This research study was implemented within the subject headquarters of a regional center, an organization responsible for security cooperation in Europe and Eurasia. The focus of the study was the center's program of security education. This program was designed to support evolving security objectives of foreign countries in order to increase the…

Assessing Children's Emotional Security in the Interparental Relationship: The Security in the Interparental Subsystem Scales.

ERIC Educational Resources Information Center

Davies, Patrick T.; Forman, Evan M.; Rasi, Jennifer A.; Stevens, Kristopher I.

2002-01-01

Evaluated new self-report measure assessing children's strategies for preserving emotional security in context of interparental conflict. Factor analyses of the Security in the Interparental Subsystem (SIS) Scale supported a 7-factor solution. The SIS demonstrated satisfactory internal consistency and test-retest reliability. Support for test…

ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

DOT National Transportation Integrated Search

2013-07-29

The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 19 Customs Duties 1 2010-04-01 2010-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 19 Customs Duties 1 2011-04-01 2011-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 1 2012-01-01 2012-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

Food insecurity, malnutrition and mortality in Maewo and Ambae islands, Vanuatu.

PubMed

Renzaho, Andre M N

2004-03-01

This study reports on findings from the ex post evaluation of the Maewo Capacity Building project in Vanuatu which was funded by World Vision Australia. The objective of the evaluation was to examine the extent to which the infrastructure and systems left behind by the project contributed to the improvement of household food security, and health and nutritional outcomes in Maewo island, using Ambae island as a comparator The household food security of 817 households selected by a two stage cluster sampling method was assessed using a modified version of the Radimer-Comell hunger scale and the US National Measure of food security. Anthropometric measurement in children (6-59 months) and mortality data were also obtained. The prevalence of food insecurity without hunger was estimated at 15.3% (95%CI: 12.1% to 19.2%) in Maewo versus 38.2% (95%CI: 33.6% to 43.0%) in Ambae while food insecurity with hunger in children did not vary by location. After controlling for age, gender and household food security status, children aged 6-59 months in Maewo were less likely to be underweight than children of the same age in Ambae (OR: 0.66, 95%CI 0.38 to 0.99). No difference was detected between the two locations in terms of stunting and wasting prevalence. The crude mortality rate (CMR) was lower in Maewo (CTvIIR=0.47/10,000/day, 95%CI: 0.39 to 0.55) than Ambae (CMR= 0.59/10,000/day, 95%CI: 0.51 to 0.67) but no difference existed in mortality in children under five years old. The major causes of death were similar in both locations and the causes frequently reported were malaria, acute respiratory infection and dianheal diseases. The evaluation found that Maewo had better health and nutrition outcomes but the infrastructure left behind by the project and the livelihood system may have been weakened by cyclone Ivy that devastated the region from 25 to 27 February 2004.