SSO - Single-Sign-On Profile: Authentication Mechanisms Version 2.0

NASA Astrophysics Data System (ADS)

Taffoni, Giuliano; Schaaf, André; Rixon, Guy; Major, Brian; Taffoni, Giuliano

2017-05-01

Approved client-server authentication mechanisms are described for the IVOA single-sign-on profile: No Authentication; HTTP Basic Authentication; TLS with passwords; TLS with client certificates; Cookies; Open Authentication; Security Assertion Markup Language; OpenID. Normative rules are given for the implementation of these mechanisms, mainly by reference to pre-existing standards. The Authorization mechanisms are out of the scope of this document.

Security issues in healthcare applications using wireless medical sensor networks: a survey.

PubMed

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

PubMed Central

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

A Stateful Multicast Access Control Mechanism for Future Metro-Area-Networks.

ERIC Educational Resources Information Center

Sun, Wei-qiang; Li, Jin-sheng; Hong, Pei-lin

2003-01-01

Multicasting is a necessity for a broadband metro-area-network; however security problems exist with current multicast protocols. A stateful multicast access control mechanism, based on MAPE, is proposed. The architecture of MAPE is discussed, as well as the states maintained and messages exchanged. The scheme is flexible and scalable. (Author/AEF)

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems

PubMed Central

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D.

2016-01-01

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems. PMID:27463718

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems.

PubMed

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D

2016-07-25

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems.

A national-scale authentication infrastructure.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Butler, R.; Engert, D.; Foster, I.

2000-12-01

Today, individuals and institutions in science and industry are increasingly forming virtual organizations to pool resources and tackle a common goal. Participants in virtual organizations commonly need to share resources such as data archives, computer cycles, and networks - resources usually available only with restrictions based on the requested resource's nature and the user's identity. Thus, any sharing mechanism must have the ability to authenticate the user's identity and determine if the user is authorized to request the resource. Virtual organizations tend to be fluid, however, so authentication mechanisms must be flexible and lightweight, allowing administrators to quickly establish andmore » change resource-sharing arrangements. However, because virtual organizations complement rather than replace existing institutions, sharing mechanisms cannot change local policies and must allow individual institutions to maintain control over their own resources. Our group has created and deployed an authentication and authorization infrastructure that meets these requirements: the Grid Security Infrastructure. GSI offers secure single sign-ons and preserves site control over access policies and local security. It provides its own versions of common applications, such as FTP and remote login, and a programming interface for creating secure applications.« less

An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment

PubMed Central

Muthurajan, Vinothkumar; Narayanasamy, Balaji

2016-01-01

Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation. PMID:26981584

An Elliptic Curve Based Schnorr Cloud Security Model in Distributed Environment.

PubMed

Muthurajan, Vinothkumar; Narayanasamy, Balaji

2016-01-01

Cloud computing requires the security upgrade in data transmission approaches. In general, key-based encryption/decryption (symmetric and asymmetric) mechanisms ensure the secure data transfer between the devices. The symmetric key mechanisms (pseudorandom function) provide minimum protection level compared to asymmetric key (RSA, AES, and ECC) schemes. The presence of expired content and the irrelevant resources cause unauthorized data access adversely. This paper investigates how the integrity and secure data transfer are improved based on the Elliptic Curve based Schnorr scheme. This paper proposes a virtual machine based cloud model with Hybrid Cloud Security Algorithm (HCSA) to remove the expired content. The HCSA-based auditing improves the malicious activity prediction during the data transfer. The duplication in the cloud server degrades the performance of EC-Schnorr based encryption schemes. This paper utilizes the blooming filter concept to avoid the cloud server duplication. The combination of EC-Schnorr and blooming filter efficiently improves the security performance. The comparative analysis between proposed HCSA and the existing Distributed Hash Table (DHT) regarding execution time, computational overhead, and auditing time with auditing requests and servers confirms the effectiveness of HCSA in the cloud security model creation.

Security architecture for health grid using ambient intelligence.

PubMed

Naqvi, S; Riguidel, M; Demeure, I

2005-01-01

To propose a novel approach of incorporating ambient intelligence in the health grid security architecture. Security concerns are severely impeding the grid community effort in spreading its wings in health applications. In this paper, we have proposed a high level approach to incorporate ambient intelligence for health grid security architecture and have argued that this will significantly improve the current state of the grid security paradigm with an enhanced user-friendly environment. We believe that the time is right to shift the onus of traditional security mechanisms onto the new technologies. The incorporation of ambient intelligence in the security architecture of a grid will not only render a security paradigm robust but also provide an attractive vision for the future of computing by bringing the two worlds together. In this article we propose an evolutionary approach of utilizing smart devices for grid security architecture. We argue that such an infrastructure will impart unique features to the existing grid security paradigms by offering fortified and relentless monitoring. This new security architecture will be comprehensive in nature but will not be cumbersome for the users due to its typical characteristics of not prying into their lives and adapting to their needs. We have identified a new paradigm of the security architecture for a health grid that will not only render a security mechanism robust but will also provide the high levels of user-friendliness. As our approach is a first contribution to this problem, a number of other issues for future research remain open. However, the prospects are fascinating.

Detecting Man-in-the-Middle Attacks against Transport Layer Security Connections with Timing Analysis

DTIC Science & Technology

2011-09-15

Networks (VPNs), TLS protects massive amounts of private information, and protecting this data from Man-in-the-Middle ( MitM ) attacks is imperative to...keeping the information secure. This thesis illustrates how an attacker can successfully perform a MitM attack against a TLS connection without alerting...mechanism a user has against a MitM . The goal for this research is to determine if a time threshold exists that can indicate the presence of a MitM in this

Smart security and securing data through watermarking

NASA Astrophysics Data System (ADS)

Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

2017-11-01

The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

Economic performance of water storage capacity expansion for food security

NASA Astrophysics Data System (ADS)

Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

2013-03-01

SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

[Compliance with guidelines by state plans for food and nutritional security in Brazil].

PubMed

Machado, Mick Lennon; Gabriel, Cristine Garcia; Soar, Claudia; Mamed, Gisele Rockenbach; Machado, Patrícia Maria de Oliveira; Lacerda, Josimari Telino de; Martins, Milena Corrêa; Marcon, Maria Cristina

2018-02-05

A descriptive and documental study was performed from August to October 2016 to analyze compliance by state plans for food and nutritional security (PlanSAN) with the guidelines set by the Brazilian National Policy for Food and Nutritional Security (PNSAN). The state plans were accessed via the websites of the Inter-Ministerial Chamber for Food and Nutritional Security (CAISAN) or the state governments, plus complementary data collection at the state level. All the states of Brazil joined the National System for Food and Nutritional Security (SISAN), while fewer than half (13 states, 48%) had drafted their plans. Of these, 5 (38%) of the PlanSAN had schedules that coincided with the same state's pluriannual plan, 5 (38%) of the PlanSAN specified the budget requirements for meeting the proposed targets, 7 (54%) specified mechanisms for monitoring the plan, and only 2 (15%) defined methodologies for monitoring food and nutritional security. The recent existence of (and adherence to) the CAISAN appear to be related to the lack of state plans in half the states. Although most of the states that did have plans met some of the guidelines laid out by the PNSAN, these mechanisms become weak and impractical when they lack earmarked budget funds to meet their targets. Since the PNSAN is structurally inter-sectorial, the development of plans requires collective work by various government departments. Importantly, the items analyzed here are all guidelines, which implies the need for mechanisms to monitor their actual implementation.

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

PubMed

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

Privacy Preserved and Secured Reliable Routing Protocol for Wireless Mesh Networks.

PubMed

Meganathan, Navamani Thandava; Palanichamy, Yogesh

2015-01-01

Privacy preservation and security provision against internal attacks in wireless mesh networks (WMNs) are more demanding than in wired networks due to the open nature and mobility of certain nodes in the network. Several schemes have been proposed to preserve privacy and provide security in WMNs. To provide complete privacy protection in WMNs, the properties of unobservability, unlinkability, and anonymity are to be ensured during route discovery. These properties can be achieved by implementing group signature and ID-based encryption schemes during route discovery. Due to the characteristics of WMNs, it is more vulnerable to many network layer attacks. Hence, a strong protection is needed to avoid these attacks and this can be achieved by introducing a new Cross-Layer and Subject Logic based Dynamic Reputation (CLSL-DR) mechanism during route discovery. In this paper, we propose a new Privacy preserved and Secured Reliable Routing (PSRR) protocol for WMNs. This protocol incorporates group signature, ID-based encryption schemes, and CLSL-DR mechanism to ensure strong privacy, security, and reliability in WMNs. Simulation results prove this by showing better performance in terms of most of the chosen parameters than the existing protocols.

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

An Efficient and Secure Arbitrary N-Party Quantum Key Agreement Protocol Using Bell States

NASA Astrophysics Data System (ADS)

Liu, Wen-Jie; Xu, Yong; Yang, Ching-Nung; Gao, Pei-Pei; Yu, Wen-Bin

2018-01-01

Two quantum key agreement protocols using Bell states and Bell measurement were recently proposed by Shukla et al. (Quantum Inf. Process. 13(11), 2391-2405, 2014). However, Zhu et al. pointed out that there are some security flaws and proposed an improved version (Quantum Inf. Process. 14(11), 4245-4254, 2015). In this study, we will show Zhu et al.'s improvement still exists some security problems, and its efficiency is not high enough. For solving these problems, we utilize four Pauli operations { I, Z, X, Y} to encode two bits instead of the original two operations { I, X} to encode one bit, and then propose an efficient and secure arbitrary N-party quantum key agreement protocol. In the protocol, the channel checking with decoy single photons is introduced to avoid the eavesdropper's flip attack, and a post-measurement mechanism is used to prevent against the collusion attack. The security analysis shows the present protocol can guarantee the correctness, security, privacy and fairness of quantum key agreement.

A feedback-based secure path approach for wireless sensor network data collection.

PubMed

Mao, Yuxin; Wei, Guiyi

2010-01-01

The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

Practice brief. Securing wireless technology for healthcare.

PubMed

Retterer, John; Casto, Brian W

2004-05-01

Wireless networking can be a very complex science, requiring an understanding of physics and the electromagnetic spectrum. While the radio theory behind the technology can be challenging, a basic understanding of wireless networking can be sufficient for small-scale deployment. Numerous security mechanisms are available to wireless technologies, making it practical, scalable, and affordable for healthcare organizations. The decision on the selected security model should take into account the needs for additional server hardware and administrative costs. Where wide area network connections exist between cooperative organizations, deployment of a distributed security model can be considered to reduce administrative overhead. The wireless approach chosen should be dynamic and concentrate on the organization's specific environmental needs. Aspects of organizational mission, operations, service level, and budget allotment as well as an organization's risk tolerance are all part of the balance in the decision to deploy wireless technology.

Stakeholder perceptions of a total market approach to family planning in Nicaragua.

PubMed

Drake, Jennifer Kidwell; Espinoza, Henry; Suraratdecha, Chutima; Lacayo, Yann; Keith, Bonnie M; Vail, Janet G

2011-05-01

To assess private-sector stakeholders' and donors' perceptions of a total market approach (TMA) to family planning in Nicaragua in the context of decreased funding; to build evidence for potential strategies and mechanisms for TMA implementation (including public-private partnerships (PPPs)); and to identify information gaps and future priorities for related research and advocacy. A descriptive exploratory study was conducted in various locations in Nicaragua from March to April 2010. A total of 24 key private-sector stakeholders and donors were interviewed and their responses analyzed using two questionnaires and a stakeholder analysis tool (PolicyMakerTM software). All survey participants supported a TMA, and public-private collaboration, in family planning in Nicaragua. Based on the survey responses, opportunities for further developing PPPs for family planning include building on and expanding existing governmental frameworks, such as Nicaragua's current coordination mechanism for contraceptive security. Obstacles include the lack of ongoing government engagement with the commercial (for-profit) sector and confusion about regulations for its involvement in family planning. Strategies for strengthening existing PPPs include establishing a coordination mechanism specifically for the commercial sector and collecting and disseminating evidence supporting public-private collaboration in family planning. There was no formal or absolute opposition to a TMA or PPPs in family planning in Nicaragua among a group of diverse nongovernmental stakeholders and donors. This type of study can help identify strategies to mobilize existing and potential advocates in achieving articulated policy goals, including diversification of funding sources for family planning to achieve contraceptive security.

Research on trust calculation of wireless sensor networks based on time segmentation

NASA Astrophysics Data System (ADS)

Su, Yaoxin; Gao, Xiufeng; Qiao, Wenxin

2017-05-01

Because the wireless sensor network is different from the traditional network characteristics, it is easy to accept the intrusion from the compromise node. The trust mechanism is the most effective way to defend against internal attacks. Aiming at the shortcomings of the existing trust mechanism, a method of calculating the trust of wireless sensor networks based on time segmentation is proposed. It improves the security of the network and extends the life of the network

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

PubMed Central

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

Intrusion Detection in Database Systems

NASA Astrophysics Data System (ADS)

Javidi, Mohammad M.; Sohrabi, Mina; Rafsanjani, Marjan Kuchaki

Data represent today a valuable asset for organizations and companies and must be protected. Ensuring the security and privacy of data assets is a crucial and very difficult problem in our modern networked world. Despite the necessity of protecting information stored in database systems (DBS), existing security models are insufficient to prevent misuse, especially insider abuse by legitimate users. One mechanism to safeguard the information in these databases is to use an intrusion detection system (IDS). The purpose of Intrusion detection in database systems is to detect transactions that access data without permission. In this paper several database Intrusion detection approaches are evaluated.

Using ESB and BPEL for Evolving Healthcare Systems Towards Pervasive, Grid-Enabled SOA

NASA Astrophysics Data System (ADS)

Koufi, V.; Malamateniou, F.; Papakonstantinou, D.; Vassilacopoulos, G.

Healthcare organizations often face the challenge of integrating diverse and geographically disparate information technology systems to respond to changing requirements and to exploit the capabilities of modern technologies. Hence, systems evolution, through modification and extension of the existing information technology infrastructure, becomes a necessity. Moreover, the availability of these systems at the point of care when needed is a vital issue for the quality of healthcare provided to patients. This chapter takes a process perspective of healthcare delivery within and across organizational boundaries and presents a disciplined approach for evolving healthcare systems towards a pervasive, grid-enabled service-oriented architecture using the enterprise system bus middleware technology for resolving integration issues, the business process execution language for supporting collaboration requirements and grid middleware technology for both addressing common SOA scalability requirements and complementing existing system functionality. In such an environment, appropriate security mechanisms must ensure authorized access to integrated healthcare services and data. To this end, a security framework addressing security aspects such as authorization and access control is also presented.

A Mechanism for Anonymous Credit Card Systems

NASA Astrophysics Data System (ADS)

Tamura, Shinsuke; Yanase, Tatsuro

This paper proposes a mechanism for anonymous credit card systems, in which each credit card holder can conceal individual transactions from the credit card company, while enabling the credit card company to calculate the total expenditures of transactions of individual card holders during specified periods, and to identify card holders who executed dishonest transactions. Based on three existing mechanisms, i.e. anonymous authentication, blind signature and secure statistical data gathering, together with implicit transaction links proposed here, the proposed mechanism enables development of anonymous credit card systems without assuming any absolutely trustworthy entity like tamper resistant devices or organizations faithful both to the credit card company and card holders.

Towards a Scalable Group Vehicle-based Security System

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M

2016-01-01

In August 2014, the National Highway Traffic Safety Administration (NHTSA) proposed new rulemaking to require V2V communication in light vehicles. To establish trust in the basic safety messages (BSMs) that are exchanged by vehicles to improve driver safety, a vehicle public key infrastructure (VPKI) is required. We outline a system where a group or groups of vehicles manage and generate their own BSM signing keys and authenticating certificates -- a Vehicle-Based Security System (VBSS). Based on our preliminary examination, we assert the mechanisms exist to implement a VBSS that supports V2V communications; however, maintaining uniform trust throughout the system whilemore » protecting individual privacy does require reliance on nascent group signature technology which may require a significant amount of communication overhead for trust maintenance. To better evaluate the VBSS approach, we compare it to the proposed Security Credential Management System (SCMS) in four major areas including bootstrapping, pseudonym provisioning, BSM signing and authentication, and revocation. System scale, driver privacy, and the distribution and dynamics of participants make designing an effective VPKI an interesting and challenging problem; no clear-cut strategy exists to satisfy the security and privacy expectations in a highly efficient way. More work is needed in VPKI research, so the life-saving promise of V2V technology can be achieved.« less

A Feedback-Based Secure Path Approach for Wireless Sensor Network Data Collection

PubMed Central

Mao, Yuxin; Wei, Guiyi

2010-01-01

The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose. PMID:22163424

A solid state video recorder as a direct replacement of a mechanically driven disc recording device in a security system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Terry, P.L.

1989-01-01

Whether upgrading or developing a security system, investing in a solid state video recorder may prove to be quite prudent. Even though the initial cost of a solid state recorder may be more expensive, when comparing it to a disc recorder it is practically maintenance free. Thus, the cost effectiveness of a solid state video recorder over an extended period of time more than justifies the initial expense. This document illustrates the use of a solid state video recorder as a direct replacement. It replaces a mechanically driven disc recorder that existed in a synchronized video recording system. The originalmore » system was called the Universal Video Disc Recorder System. The modified system will now be referred to as the Solid State Video Recording System. 5 figs.« less

Network and data security design for telemedicine applications.

PubMed

Makris, L; Argiriou, N; Strintzis, M G

1997-01-01

The maturing of telecommunication technologies has ushered in a whole new era of applications and services in the health care environment. Teleworking, teleconsultation, mutlimedia conferencing and medical data distribution are rapidly becoming commonplace in clinical practice. As a result, a set of problems arises, concerning data confidentiality and integrity. Public computer networks, such as the emerging ISDN technology, are vulnerable to eavesdropping. Therefore it is important for telemedicine applications to employ end-to-end encryption mechanisms securing the data channel from unauthorized access of modification. We propose a network access and encryption system that is both economical and easily implemented for integration in developing or existing applications, using well-known and thoroughly tested encryption algorithms. Public-key cryptography is used for session-key exchange, while symmetric algorithms are used for bulk encryption. Mechanisms for session-key generation and exchange are also provided.

Cardea: Providing Support for Dynamic Resource Access in a Distributed Computing Environment

NASA Technical Reports Server (NTRS)

Lepro, Rebekah

2003-01-01

The environment framing the modem authorization process span domains of administration, relies on many different authentication sources, and manages complex attributes as part of the authorization process. Cardea facilitates dynamic access control within this environment as a central function of an inter-operable authorization framework. The system departs from the traditional authorization model by separating the authentication and authorization processes, distributing the responsibility for authorization data and allowing collaborating domains to retain control over their implementation mechanisms. Critical features of the system architecture and its handling of the authorization process differentiate the system from existing authorization components by addressing common needs not adequately addressed by existing systems. Continuing system research seeks to enhance the implementation of the current authorization model employed in Cardea, increase the robustness of current features, further the framework for establishing trust and promote interoperability with existing security mechanisms.

Quantum protocols within Spekkens' toy model

NASA Astrophysics Data System (ADS)

Disilvestro, Leonardo; Markham, Damian

2017-05-01

Quantum mechanics is known to provide significant improvements in information processing tasks when compared to classical models. These advantages range from computational speedups to security improvements. A key question is where these advantages come from. The toy model developed by Spekkens [R. W. Spekkens, Phys. Rev. A 75, 032110 (2007), 10.1103/PhysRevA.75.032110] mimics many of the features of quantum mechanics, such as entanglement and no cloning, regarded as being important in this regard, despite being a local hidden variable theory. In this work, we study several protocols within Spekkens' toy model where we see it can also mimic the advantages and limitations shown in the quantum case. We first provide explicit proofs for the impossibility of toy bit commitment and the existence of a toy error correction protocol and consequent k -threshold secret sharing. Then, defining a toy computational model based on the quantum one-way computer, we prove the existence of blind and verified protocols. Importantly, these two last quantum protocols are known to achieve a better-than-classical security. Our results suggest that such quantum improvements need not arise from any Bell-type nonlocality or contextuality, but rather as a consequence of steering correlations.

7 CFR 1717.857 - Refinancing of existing secured debt-distribution and power supply borrowers.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 11 2011-01-01 2011-01-01 false Refinancing of existing secured debt-distribution and power supply borrowers. 1717.857 Section 1717.857 Agriculture Regulations of the Department of... Private Financing § 1717.857 Refinancing of existing secured debt—distribution and power supply borrowers...

Climate change and nutrition: creating a climate for nutrition security.

PubMed

Tirado, M C; Crahay, P; Mahy, L; Zanev, C; Neira, M; Msangi, S; Brown, R; Scaramella, C; Costa Coitinho, D; Müller, A

2013-12-01

Climate change further exacerbates the enormous existing burden of undernutrition. It affects food and nutrition security and undermines current efforts to reduce hunger and promote nutrition. Undernutrition in turn undermines climate resilience and the coping strategies of vulnerable populations. The objectives of this paper are to identify and undertake a cross-sectoral analysis of the impacts of climate change on nutrition security and the existing mechanisms, strategies, and policies to address them. A cross-sectoral analysis of the impacts of climate change on nutrition security and the mechanisms and policies to address them was guided by an analytical framework focused on the three 'underlying causes' of undernutrition: 1) household food access, 2) maternal and child care and feeding practices, 3) environmental health and health access. The analytical framework includes the interactions of the three underlying causes of undernutrition with climate change,vulnerability, adaptation and mitigation. Within broad efforts on climate change mitigation and adaptation and climate-resilient development, a combination of nutrition-sensitive adaptation and mitigation measures, climate-resilient and nutrition-sensitive agricultural development, social protection, improved maternal and child care and health, nutrition-sensitive risk reduction and management, community development measures, nutrition-smart investments, increased policy coherence, and institutional and cross-sectoral collaboration are proposed as a means to address the impacts of climate change to food and nutrition security. This paper proposes policy directions to address nutrition in the climate change agenda and recommendations for consideration by the UN Framework Convention on Climate Change (UNFCCC). Nutrition and health stakeholders need to be engaged in key climate change adaptation and mitigation initiatives, including science-based assessment by the Intergovernmental Panel on Climate Change (IPCC), and policies and actions formulated by the UN Framework Convention on Climate Change (UNFCCC). Improved multi-sectoral coordination and political will is required to integrate nutrition-sensitive actions into climate-resilient sustainable development efforts in the UNFCCC work and in the post 2015 development agenda. Placing human rights at the center of strategies to mitigate and adapt to the impacts of climate change and international solidarity is essential to advance sustainable development and to create a climate for nutrition security.

A Secure Multicast Framework in Large and High-Mobility Network Groups

NASA Astrophysics Data System (ADS)

Lee, Jung-San; Chang, Chin-Chen

With the widespread use of Internet applications such as Teleconference, Pay-TV, Collaborate tasks, and Message services, how to construct and distribute the group session key to all group members securely is becoming and more important. Instead of adopting the point-to-point packet delivery, these emerging applications are based upon the mechanism of multicast communication, which allows the group member to communicate with multi-party efficiently. There are two main issues in the mechanism of multicast communication: Key Distribution and Scalability. The first issue is how to distribute the group session key to all group members securely. The second one is how to maintain the high performance in large network groups. Group members in conventional multicast systems have to keep numerous secret keys in databases, which makes it very inconvenient for them. Furthermore, in case that a member joins or leaves the communication group, many involved participants have to change their own secret keys to preserve the forward secrecy and the backward secrecy. We consequently propose a novel version for providing secure multicast communication in large network groups. Our proposed framework not only preserves the forward secrecy and the backward secrecy but also possesses better performance than existing alternatives. Specifically, simulation results demonstrate that our scheme is suitable for high-mobility environments.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

TCBMs over the military use of outer space

NASA Astrophysics Data System (ADS)

Takaya-Umehara, Yuri

2010-11-01

Although no legal instrument resulted from long negotiations in the UN and Conference on Disarmament (CD), the application of confidence-building measures (CBMs) that was once considered in the 1990's attracted attention again to restrict military use of outer space. Since 2005, the concept of "Transparency and confidence-building measures (TCBMs)" entered into the lexicon of space law to explore the possibility of reinforcing security in outer space activities. While CBMs have been developed and applied to treaty-based verification mechanisms, the introduction of TCBMs in space law needs further examination to fit in the context of space security. Therefore, by evaluating the function of CBMs applied to the existing law on disarmament and arms control, the author examines the application of TCBMs to space law and calls for the need to establish non-treaty-based monitoring mechanisms for transparency and confidence-building in outer space activities.

Secure Wake-Up Scheme for WBANs

NASA Astrophysics Data System (ADS)

Liu, Jing-Wei; Ameen, Moshaddique Al; Kwak, Kyung-Sup

Network life time and hence device life time is one of the fundamental metrics in wireless body area networks (WBAN). To prolong it, especially those of implanted sensors, each node must conserve its energy as much as possible. While a variety of wake-up/sleep mechanisms have been proposed, the wake-up radio potentially serves as a vehicle to introduce vulnerabilities and attacks to WBAN, eventually resulting in its malfunctions. In this paper, we propose a novel secure wake-up scheme, in which a wake-up authentication code (WAC) is employed to ensure that a BAN Node (BN) is woken up by the correct BAN Network Controller (BNC) rather than unintended users or malicious attackers. The scheme is thus particularly implemented by a two-radio architecture. We show that our scheme provides higher security while consuming less energy than the existing schemes.

Secure Network-Centric Aviation Communication (SNAC)

NASA Technical Reports Server (NTRS)

Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

2017-01-01

The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

Wireless sensors and sensor networks for homeland security applications.

PubMed

Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

2012-11-01

New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

Cost Considerations in Cloud Computing

DTIC Science & Technology

2014-01-01

investments. 2. Database Options The potential promise that “ big data ” analytics holds for many enterprise mission areas makes relevant the question of the...development of a range of new distributed file systems and data - bases that have better scalability properties than traditional SQL databases. Hadoop ... data . Many systems exist that extend or supplement Hadoop —such as Apache Accumulo, which provides a highly granular mechanism for managing security

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines.

PubMed

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-07-11

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs) as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Network (WSN) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs.

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines

PubMed Central

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-01-01

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs)as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Networks (WSNs) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs. PMID:28696390

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2013 CFR

2013-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2014 CFR

2014-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2011 CFR

2011-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2012 CFR

2012-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

Quantum technology and cryptology for information security

NASA Astrophysics Data System (ADS)

Naqvi, Syed; Riguidel, Michel

2007-04-01

Cryptology and information security are set to play a more prominent role in the near future. In this regard, quantum communication and cryptography offer new opportunities to tackle ICT security. Quantum Information Processing and Communication (QIPC) is a scientific field where new conceptual foundations and techniques are being developed. They promise to play an important role in the future of information Security. It is therefore essential to have a cross-fertilizing development between quantum technology and cryptology in order to address the security challenges of the emerging quantum era. In this article, we discuss the impact of quantum technology on the current as well as future crypto-techniques. We then analyse the assumptions on which quantum computers may operate. Then we present our vision for the distribution of security attributes using a novel form of trust based on Heisenberg's uncertainty; and, building highly secure quantum networks based on the clear transmission of single photons and/or bundles of photons able to withstand unauthorized reading as a result of secure protocols based on the observations of quantum mechanics. We argue how quantum cryptographic systems need to be developed that can take advantage of the laws of physics to provide long-term security based on solid assumptions. This requires a structured integration effort to deploy quantum technologies within the existing security infrastructure. Finally, we conclude that classical cryptographic techniques need to be redesigned and upgraded in view of the growing threat of cryptanalytic attacks posed by quantum information processing devices leading to the development of post-quantum cryptography.

Extending IPsec for Efficient Remote Attestation

NASA Astrophysics Data System (ADS)

Sadeghi, Ahmad-Reza; Schulz, Steffen

When establishing a VPN to connect different sites of a network, the integrity of the involved VPN endpoints is often a major security concern. Based on the Trusted Platform Module (TPM), available in many computing platforms today, remote attestation mechanisms can be used to evaluate the internal state of remote endpoints automatically. However, existing protocols and extensions are either unsuited for use with IPsec or impose considerable additional implementation complexity and protocol overhead.

Analyzing the security of an existing computer system

NASA Technical Reports Server (NTRS)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Secure Indoor Localization Based on Extracting Trusted Fingerprint

PubMed Central

Yin, Xixi; Zheng, Yanliu; Wang, Chun

2018-01-01

Indoor localization based on WiFi has attracted a lot of research effort because of the widespread application of WiFi. Fingerprinting techniques have received much attention due to their simplicity and compatibility with existing hardware. However, existing fingerprinting localization algorithms may not resist abnormal received signal strength indication (RSSI), such as unexpected environmental changes, impaired access points (APs) or the introduction of new APs. Traditional fingerprinting algorithms do not consider the problem of new APs and impaired APs in the environment when using RSSI. In this paper, we propose a secure fingerprinting localization (SFL) method that is robust to variable environments, impaired APs and the introduction of new APs. In the offline phase, a voting mechanism and a fingerprint database update method are proposed. We use the mutual cooperation between reference anchor nodes to update the fingerprint database, which can reduce the interference caused by the user measurement data. We analyze the standard deviation of RSSI, mobilize the reference points in the database to vote on APs and then calculate the trust factors of APs based on the voting results. In the online phase, we first make a judgment about the new APs and the broken APs, then extract the secure fingerprints according to the trusted factors of APs and obtain the localization results by using the trusted fingerprints. In the experiment section, we demonstrate the proposed method and find that the proposed strategy can resist abnormal RSSI and can improve the localization accuracy effectively compared with the existing fingerprinting localization algorithms. PMID:29401755

Secure Indoor Localization Based on Extracting Trusted Fingerprint.

PubMed

Luo, Juan; Yin, Xixi; Zheng, Yanliu; Wang, Chun

2018-02-05

[-5]Indoor localization based on WiFi has attracted a lot of research effort because of the widespread application of WiFi. Fingerprinting techniques have received much attention due to their simplicity and compatibility with existing hardware. However, existing fingerprinting localization algorithms may not resist abnormal received signal strength indication (RSSI), such as unexpected environmental changes, impaired access points (APs) or the introduction of new APs. Traditional fingerprinting algorithms do not consider the problem of new APs and impaired APs in the environment when using RSSI. In this paper, we propose a secure fingerprinting localization (SFL) method that is robust to variable environments, impaired APs and the introduction of new APs. In the offline phase, a voting mechanism and a fingerprint database update method are proposed. We use the mutual cooperation between reference anchor nodes to update the fingerprint database, which can reduce the interference caused by the user measurement data. We analyze the standard deviation of RSSI, mobilize the reference points in the database to vote on APs and then calculate the trust factors of APs based on the voting results. In the online phase, we first make a judgment about the new APs and the broken APs, then extract the secure fingerprints according to the trusted factors of APs and obtain the localization results by using the trusted fingerprints. In the experiment section, we demonstrate the proposed method and find that the proposed strategy can resist abnormal RSSI and can improve the localization accuracy effectively compared with the existing fingerprinting localization algorithms.

SPAR: a security- and power-aware routing protocol for wireless ad hoc and sensor networks

NASA Astrophysics Data System (ADS)

Oberoi, Vikram; Chigan, Chunxiao

2005-05-01

Wireless Ad Hoc and Sensor Networks (WAHSNs) are vulnerable to extensive attacks as well as severe resource constraints. To fulfill the security needs, many security enhancements have been proposed. Like wise, from resource constraint perspective, many power aware schemes have been proposed to save the battery power. However, we observe that for the severely resource limited and extremely vulnerable WAHSNs, taking security or power (or any other resource) alone into consideration for protocol design is rather inadequate toward the truly "secure-and-useful" WAHSNs. For example, from resource constraint perspective, we identify one of the potential problems, the Security-Capable-Congestion (SCC) behavior, for the WAHSNs routing protocols where only the security are concerned. On the other hand, the design approach where only scarce resource is concerned, such as many power-aware WAHSNs protocols, leaves security unconsidered and is undesirable to many WAHSNs application scenarios. Motivated by these observations, we propose a co-design approach, where both the high security and effective resource consumption are targeted for WAHSNs protocol design. Specifically, we propose a novel routing protocol, Security- and Power- Aware Routing (SPAR) protocol based on this co-design approach. In SPAR, the routing decisions are made based on both security and power as routing criteria. The idea of the SPAR mechanism is routing protocol independent and therefore can be broadly integrated into any of the existing WAHSNs routing protocols. The simulation results show that SPAR outperforms the WAHSNs routing protocols where security or power alone is considered, significantly. This research finding demonstrates the proposed security- and resource- aware co-design approach is promising towards the truly "secure-and-useful" WAHSNs.

High-Surety Telemedicine in a Distributed, 'Plug-andPlan' Environment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Craft, Richard L.; Funkhouser, Donald R.; Gallagher, Linda K.

1999-05-17

Commercial telemedicine systems are increasingly functional, incorporating video-conferencing capabilities, diagnostic peripherals, medication reminders, and patient education services. However, these systems (1) rarely utilize information architectures which allow them to be easily integrated with existing health information networks and (2) do not always protect patient confidentiality with adequate security mechanisms. Using object-oriented methods and software wrappers, we illustrate the transformation of an existing stand-alone telemedicine system into `plug-and-play' components that function in a distributed medical information environment. We show, through the use of open standards and published component interfaces, that commercial telemedicine offerings which were once incompatible with electronic patient recordmore » systems can now share relevant data with clinical information repositories while at the same time hiding the proprietary implementations of the respective systems. Additionally, we illustrate how leading-edge technology can secure this distributed telemedicine environment, maintaining patient confidentiality and the integrity of the associated electronic medical data. Information surety technology also encourages the development of telemedicine systems that have both read and write access to electronic medical records containing patient-identifiable information. The win-win approach to telemedicine information system development preserves investments in legacy software and hardware while promoting security and interoperability in a distributed environment.« less

Repair Works for Uplift and Seepage Control in Existing Concrete Dams

DTIC Science & Technology

1989-08-01

used ,-Z.I eFauted SECUR!TY CASSi CATON O -- _AC: A!I other eCltOln are OOsnIte 19.ABSTRACT (continued) reqards the geotechnical properties of the...the safety requirements for the works, and imply important losses of human lives and property ; and incidents are associated with violations of the...and operation of the reservoir and environment conditions) and with structural properties (geometrical, mechanical, hydraulic, thermal, etc.). For the

A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

PubMed Central

Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

A robust and effective smart-card-based remote user authentication mechanism using hash function.

PubMed

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2014-01-01

In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

75 FR 25904 - Privacy Act of 1974; as Amended; Proposed Alteration to an Existing Privacy Act System of Records...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-10

... SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974; as Amended; Proposed Alteration to an Existing Privacy Act System of Records, Housekeeping Changes, and New Routine Uses AGENCY: Social Security..., Social Security number (SSN), date of birth, address, and other relevant information about persons who...

Usability of Security Management:Defining the Permissions of Guests

NASA Astrophysics Data System (ADS)

Johnson, Matthew; Stajano, Frank

Within the scenario of a Smart Home, we discuss the issues involved in allowing limited interaction with the environment for unidentified principals, or guests. The challenges include identifying and authenticating guests on one hand and delegating authorization to them on the other. While the technical mechanisms for doing so in generic distributed systems have been around for decades, existing solutions are in general not applicable to the smart home because they are too complex to manage. We focus on providing both security and usability; we therefore seek simple and easy to understand approaches that can be used by a normal computer-illiterate home owner, not just by a trained system administrator. This position paper describes ongoing research and does not claim to have all the answers.

Novel mechanism of network protection against the new generation of cyber attacks

NASA Astrophysics Data System (ADS)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit

2012-06-01

A new intelligent mechanism is presented to protect networks against the new generation of cyber attacks. This mechanism integrates TCP/UDP/IP protocol stack protection and attacker/intruder deception to eliminate existing TCP/UDP/IP protocol stack vulnerabilities. It allows to detect currently undetectable, highly distributed, low-frequency attacks such as distributed denial-of-service (DDoS) attacks, coordinated attacks, botnet, and stealth network reconnaissance. The mechanism also allows insulating attacker/intruder from the network and redirecting the attack to a simulated network acting as a decoy. As a result, network security personnel gain sufficient time to defend the network and collect the attack information. The presented approach can be incorporated into wireless or wired networks that require protection against known and the new generation of cyber attacks.

CFCC: A Covert Flows Confinement Mechanism for Virtual Machine Coalitions

NASA Astrophysics Data System (ADS)

Cheng, Ge; Jin, Hai; Zou, Deqing; Shi, Lei; Ohoussou, Alex K.

Normally, virtualization technology is adopted to construct the infrastructure of cloud computing environment. Resources are managed and organized dynamically through virtual machine (VM) coalitions in accordance with the requirements of applications. Enforcing mandatory access control (MAC) on the VM coalitions will greatly improve the security of VM-based cloud computing. However, the existing MAC models lack the mechanism to confine the covert flows and are hard to eliminate the convert channels. In this paper, we propose a covert flows confinement mechanism for virtual machine coalitions (CFCC), which introduces dynamic conflicts of interest based on the activity history of VMs, each of which is attached with a label. The proposed mechanism can be used to confine the covert flows between VMs in different coalitions. We implement a prototype system, evaluate its performance, and show that our mechanism is practical.

A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

NASA Astrophysics Data System (ADS)

Hassan, Ahmed A.; Bahgat, Waleed M.

2010-01-01

Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

Fuzzy assessment of health information system users' security awareness.

PubMed

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

Personal health record systems and their security protection.

PubMed

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2013 CFR

2013-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2013-07-01 2013-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2011 CFR

2011-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2014 CFR

2014-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2014-07-01 2014-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

33 CFR 106.305 - Facility Security Assessment (FSA) requirements.

Code of Federal Regulations, 2012 CFR

2012-07-01

..., including computer systems and networks; (vi) Existing agreements with private security companies; (vii) Any... 33 Navigation and Navigable Waters 1 2012-07-01 2012-07-01 false Facility Security Assessment (FSA... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental...

Biosafety, biosecurity and internationally mandated regulatory regimes: compliance mechanisms for education and global health security

PubMed Central

Sture, Judi; Whitby, Simon; Perkins, Dana

2015-01-01

This paper highlights the biosafety and biosecurity training obligations that three international regulatory regimes place upon states parties. The duty to report upon the existence of such provisions as evidence of compliance is discussed in relation to each regime. We argue that such mechanisms can be regarded as building blocks for the development and delivery of complementary biosafety and biosecurity teaching and training materials. We show that such building blocks represent foundations upon which life and associated scientists – through greater awareness of biosecurity concerns – can better fulfil their responsibilities to guard their work from misuse in the future. PMID:24494580

Privacy as an enabler, not an impediment: building trust into health information exchange.

PubMed

McGraw, Deven; Dempsey, James X; Harris, Leslie; Goldman, Janlori

2009-01-01

Building privacy and security protections into health information technology systems will bolster trust in such systems and promote their adoption. The privacy issue, too long seen as a barrier to electronic health information exchange, can be resolved through a comprehensive framework that implements core privacy principles, adopts trusted network design characteristics, and establishes oversight and accountability mechanisms. The public policy challenges of implementing this framework in a complex and evolving environment will require improvements to existing law, new rules for entities outside the traditional health care sector, a more nuanced approach to the role of consent, and stronger enforcement mechanisms.

Multipath Routing of Fragmented Data Transfer in a Smart Grid Environment

NASA Astrophysics Data System (ADS)

Borgohain, Tuhin; Borgohain, Amardeep; Borgohain, Rajdeep; Sanyal, Sugata

2015-02-01

The purpose of this paper is to do a general survey on the existing communication modes inside a smart grid, the existing security loopholes and their countermeasures. Then we suggest a detailed countermeasure, building upon the Jigsaw based secure data transfer [8] for enhanced security of the data flow inside the communication system of a smart grid. The paper has been written without the consideration of any factor of inoperability between the various security techniques inside a smart grid

26 CFR 1.355-1 - Distribution of stock and securities of a controlled corporation.

Code of Federal Regulations, 2010 CFR

2010-04-01

... in income of) the shareholders and security holders, of one or more existing businesses formerly... to the separation of existing businesses that have been in active operation for at least five years.... Section 355 contemplates the continued operation of the business or businesses existing prior to the...

Using Public Network Infrastructures for UAV Remote Sensing in Civilian Security Operations

DTIC Science & Technology

2011-03-01

leveraging public wireless communication networks for UAV-based sensor networks with respect to existing constraints and user requirements...Detection with an Autonomous Micro UAV Mesh Network . In the near future police departments, fire brigades and other homeland security ...UAV-based sensor networks with respect to existing constraints and user requirements. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION

Competitive Cyber-Insurance and Internet Security

NASA Astrophysics Data System (ADS)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

UNIX security in a supercomputing environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1989-01-01

The author critiques some security mechanisms in most versions of the Unix operating system and suggests more effective tools that either have working prototypes or have been implemented, for example in secure Unix systems. Although no computer (not even a secure one) is impenetrable, breaking into systems with these alternate mechanisms will cost more, require more skill, and be more easily detected than penetrations of systems without these mechanisms. The mechanisms described fall into four classes (with considerable overlap). User authentication at the local host affirms the identity of the person using the computer. The principle of least privilege dictates that properly authenticated users should have rights precisely sufficient to perform their tasks, and system administration functions should be compartmentalized; to this end, access control lists or capabilities should either replace or augment the default Unix protection system, and mandatory access controls implementing multilevel security models and integrity mechanisms should be available. Since most users access supercomputing environments using networks, the third class of mechanisms augments authentication (where feasible). As no security is perfect, the fourth class of mechanism logs events that may indicate possible security violations; this will allow the reconstruction of a successful penetration (if discovered), or possibly the detection of an attempted penetration.

A secure cluster-based multipath routing protocol for WMSNs.

PubMed

Almalkawi, Islam T; Zapata, Manel Guerrero; Al-Karaki, Jamal N

2011-01-01

The new characteristics of Wireless Multimedia Sensor Network (WMSN) and its design issues brought by handling different traffic classes of multimedia content (video streams, audio, and still images) as well as scalar data over the network, make the proposed routing protocols for typical WSNs not directly applicable for WMSNs. Handling real-time multimedia data requires both energy efficiency and QoS assurance in order to ensure efficient utility of different capabilities of sensor resources and correct delivery of collected information. In this paper, we propose a Secure Cluster-based Multipath Routing protocol for WMSNs, SCMR, to satisfy the requirements of delivering different data types and support high data rate multimedia traffic. SCMR exploits the hierarchical structure of powerful cluster heads and the optimized multiple paths to support timeliness and reliable high data rate multimedia communication with minimum energy dissipation. Also, we present a light-weight distributed security mechanism of key management in order to secure the communication between sensor nodes and protect the network against different types of attacks. Performance evaluation from simulation results demonstrates a significant performance improvement comparing with existing protocols (which do not even provide any kind of security feature) in terms of average end-to-end delay, network throughput, packet delivery ratio, and energy consumption.

A Secure Cluster-Based Multipath Routing Protocol for WMSNs

PubMed Central

Almalkawi, Islam T.; Zapata, Manel Guerrero; Al-Karaki, Jamal N.

2011-01-01

The new characteristics of Wireless Multimedia Sensor Network (WMSN) and its design issues brought by handling different traffic classes of multimedia content (video streams, audio, and still images) as well as scalar data over the network, make the proposed routing protocols for typical WSNs not directly applicable for WMSNs. Handling real-time multimedia data requires both energy efficiency and QoS assurance in order to ensure efficient utility of different capabilities of sensor resources and correct delivery of collected information. In this paper, we propose a Secure Cluster-based Multipath Routing protocol for WMSNs, SCMR, to satisfy the requirements of delivering different data types and support high data rate multimedia traffic. SCMR exploits the hierarchical structure of powerful cluster heads and the optimized multiple paths to support timeliness and reliable high data rate multimedia communication with minimum energy dissipation. Also, we present a light-weight distributed security mechanism of key management in order to secure the communication between sensor nodes and protect the network against different types of attacks. Performance evaluation from simulation results demonstrates a significant performance improvement comparing with existing protocols (which do not even provide any kind of security feature) in terms of average end-to-end delay, network throughput, packet delivery ratio, and energy consumption. PMID:22163854

Food and nutrition security public initiatives from a human and socioeconomic development perspective: mapping experiences within the 1996 World Food Summit signatories.

PubMed

Aliaga, Marie Agnès; Chaves-Dos-Santos, Sandra Maria

2014-03-01

Food security exists when all people, at all times, have physical and economic access to sufficient, safe and nutritious food to meet their dietary needs and food preferences for an active and healthy life. In a global scenario where hunger and obesity affect millions of people, public actions have been developed towards Food and Nutrition Security (FNS). In 1996 during the World Food Summit, 186 countries signed the Rome Declaration, committing themselves to assess and address Food and Nutrition Insecurity. In this exploratory study, we compile secondary internet data using keywords in four languages to map the global distribution, among signatories, of FNS public initiatives and assess their association with key national-level socioeconomic indicators. As a result, we found FNS public policies in 123 countries, reports on the state of FNS in 139 countries, and the presence of both in 114 countries (61%). The proportion of countries with any type of, as well as with specific, FNS policy or diagnostic was higher in least developed countries. There was a statistically significant association between these proportions and selected national-level socioeconomic variables. The results are discussed along with population vulnerability, international cooperation mechanisms and political discourse and how these factors impact the existence of FNS public actions. Copyright © 2013 Elsevier Ltd. All rights reserved.

27 CFR 70.145 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2010 CFR

2010-04-01

... security interests, mechanic's lienors, and judgment lien creditors. 70.145 Section 70.145 Alcohol, Tobacco... Lien for Taxes § 70.145 Purchasers, holders of security interests, mechanic's lienors, and judgment... in § 70.143(a) of this part), mechanic's lienor (as defined in § 70.143(b) of this part), or judgment...

27 CFR 70.145 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2012 CFR

2012-04-01

... security interests, mechanic's lienors, and judgment lien creditors. 70.145 Section 70.145 Alcohol, Tobacco... Lien for Taxes § 70.145 Purchasers, holders of security interests, mechanic's lienors, and judgment... in § 70.143(a) of this part), mechanic's lienor (as defined in § 70.143(b) of this part), or judgment...

27 CFR 70.145 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2014 CFR

2014-04-01

... security interests, mechanic's lienors, and judgment lien creditors. 70.145 Section 70.145 Alcohol, Tobacco... Lien for Taxes § 70.145 Purchasers, holders of security interests, mechanic's lienors, and judgment... in § 70.143(a) of this part), mechanic's lienor (as defined in § 70.143(b) of this part), or judgment...

27 CFR 70.145 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2013 CFR

2013-04-01

... security interests, mechanic's lienors, and judgment lien creditors. 70.145 Section 70.145 Alcohol, Tobacco... Lien for Taxes § 70.145 Purchasers, holders of security interests, mechanic's lienors, and judgment... in § 70.143(a) of this part), mechanic's lienor (as defined in § 70.143(b) of this part), or judgment...

27 CFR 70.145 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2011 CFR

2011-04-01

... security interests, mechanic's lienors, and judgment lien creditors. 70.145 Section 70.145 Alcohol, Tobacco... Lien for Taxes § 70.145 Purchasers, holders of security interests, mechanic's lienors, and judgment... in § 70.143(a) of this part), mechanic's lienor (as defined in § 70.143(b) of this part), or judgment...

A Comprehensive Review of Existing Risk Assessment Models in Cloud Computing

NASA Astrophysics Data System (ADS)

Amini, Ahmad; Jamil, Norziana

2018-05-01

Cloud computing is a popular paradigm in information technology and computing as it offers numerous advantages in terms of economical saving and minimal management effort. Although elasticity and flexibility brings tremendous benefits, it still raises many information security issues due to its unique characteristic that allows ubiquitous computing. Therefore, the vulnerabilities and threats in cloud computing have to be identified and proper risk assessment mechanism has to be in place for better cloud computing management. Various quantitative and qualitative risk assessment models have been proposed but up to our knowledge, none of them is suitable for cloud computing environment. This paper, we compare and analyse the strengths and weaknesses of existing risk assessment models. We then propose a new risk assessment model that sufficiently address all the characteristics of cloud computing, which was not appeared in the existing models.

Privacy-enhanced electronic mail

NASA Astrophysics Data System (ADS)

Bishop, Matt

1990-06-01

The security of electronic mail sent through the Internet may be described in exactly three words: there is none. The Privacy and Security Research Group has recommended implementing mechanisms designed to provide security enhancements. The first set of mechanisms provides a protocol to provide privacy, integrity, and authentication for electronic mail; the second provides a certificate-based key management infrastructure to support key distribution throughout the internet, to support the first set of mechanisms. These mechanisms are described, as well as the reasons behind their selection and how these mechanisms can be used to provide some measure of security in the exchange of electronic mail.

Repair process and a repaired component

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roberts, III, Herbert Chidsey; Simpson, Stanley F.

Matrix composite component repair processes are disclosed. The matrix composite repair process includes applying a repair material to a matrix composite component, securing the repair material to the matrix composite component with an external securing mechanism and curing the repair material to bond the repair material to the matrix composite component during the securing by the external securing mechanism. The matrix composite component is selected from the group consisting of a ceramic matrix composite, a polymer matrix composite, and a metal matrix composite. In another embodiment, the repair process includes applying a partially-cured repair material to a matrix composite component,more » and curing the repair material to bond the repair material to the matrix composite component, an external securing mechanism securing the repair material throughout a curing period, In another embodiment, the external securing mechanism is consumed or decomposed during the repair process.« less

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

PubMed

Wen, Fengtong

2013-12-01

User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

Health care workers in danger zones: a special report on safety and security in a changing environment.

PubMed

Redwood-Campbell, Lynda J; Sekhar, Sharonya N; Persaud, Christine R

2014-10-01

Violence against humanitarian health care workers and facilities in situations of armed conflict is a serious humanitarian problem. Targeting health care workers and destroying or looting medical facilities directly or indirectly impacts the delivery of emergency and life-saving medical assistance, often at a time when it is most needed. Attacks may be intentional or unintentional and can take a range of forms from road blockades and check points which delay or block transport, to the direct targeting of hospitals, attacks against medical personnel, suppliers, patients, and armed entry into health facilities. Lack of access to vital health care services weakens the entire health system and exacerbates existing vulnerabilities, particularly among communities of women, children, the elderly, and the disabled, or anyone else in need of urgent or chronic care. Health care workers, especially local workers, are often the target. This report reviews the work being spearheaded by the Red Cross and Red Crescent Movement on the Health Care in Danger initiative, which aims to strengthen the protections for health care workers and facilities in armed conflicts and ensure safe access for patients. This includes a review of internal reports generated from the expert workshops on a number of topics as well as a number of public sources documenting innovative coping mechanisms adopted by National Red Cross and Red Crescent Societies. The work of other organizations is also briefly examined. This is followed by a review of security mechanisms within the humanitarian sector to ensure the safety and security of health care personnel operating in armed conflicts. From the existing literature, a number of gaps have been identified with current security frameworks that need to be addressed to improve the safety of health care workers and ensure the protection and access of vulnerable populations requiring assistance. A way forward for policy, research, and practice is proposed for consideration. While there is work being done to improve conditions for health care personnel and patients, there need to be concerted actions to stigmatize attacks against workers, facilities, and patients to protect the neutrality of the medical mission.

Research on offense and defense technology for iOS kernel security mechanism

NASA Astrophysics Data System (ADS)

Chu, Sijun; Wu, Hao

2018-04-01

iOS is a strong and widely used mobile device system. It's annual profits make up about 90% of the total profits of all mobile phone brands. Though it is famous for its security, there have been many attacks on the iOS operating system, such as the Trident apt attack in 2016. So it is important to research the iOS security mechanism and understand its weaknesses and put forward targeted protection and security check framework. By studying these attacks and previous jailbreak tools, we can see that an attacker could only run a ROP code and gain kernel read and write permissions based on the ROP after exploiting kernel and user layer vulnerabilities. However, the iOS operating system is still protected by the code signing mechanism, the sandbox mechanism, and the not-writable mechanism of the system's disk area. This is far from the steady, long-lasting control that attackers expect. Before iOS 9, breaking these security mechanisms was usually done by modifying the kernel's important data structures and security mechanism code logic. However, after iOS 9, the kernel integrity protection mechanism was added to the 64-bit operating system and none of the previous methods were adapted to the new versions of iOS [1]. But this does not mean that attackers can not break through. Therefore, based on the analysis of the vulnerability of KPP security mechanism, this paper implements two possible breakthrough methods for kernel security mechanism for iOS9 and iOS10. Meanwhile, we propose a defense method based on kernel integrity detection and sensitive API call detection to defense breakthrough method mentioned above. And we make experiments to prove that this method can prevent and detect attack attempts or invaders effectively and timely.

26 CFR 301.6323(a)-1 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2011 CFR

2011-04-01

..., mechanic's lienors, and judgment lien creditors. 301.6323(a)-1 Section 301.6323(a)-1 Internal Revenue... ADMINISTRATION Collection General Provisions § 301.6323(a)-1 Purchasers, holders of security interests, mechanic... of a security interest (as defined in paragraph (a) of § 301.6323(h)—1), mechanic's lienor (as...

26 CFR 301.6323(a)-1 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., mechanic's lienors, and judgment lien creditors. 301.6323(a)-1 Section 301.6323(a)-1 Internal Revenue... ADMINISTRATION Collection General Provisions § 301.6323(a)-1 Purchasers, holders of security interests, mechanic... of a security interest (as defined in paragraph (a) of § 301.6323(h)—1), mechanic's lienor (as...

26 CFR 301.6323(a)-1 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2013 CFR

2013-04-01

..., mechanic's lienors, and judgment lien creditors. 301.6323(a)-1 Section 301.6323(a)-1 Internal Revenue... ADMINISTRATION Collection General Provisions § 301.6323(a)-1 Purchasers, holders of security interests, mechanic... of a security interest (as defined in paragraph (a) of § 301.6323(h)—1), mechanic's lienor (as...

26 CFR 301.6323(a)-1 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2012 CFR

2012-04-01

..., mechanic's lienors, and judgment lien creditors. 301.6323(a)-1 Section 301.6323(a)-1 Internal Revenue... ADMINISTRATION Collection General Provisions § 301.6323(a)-1 Purchasers, holders of security interests, mechanic... of a security interest (as defined in paragraph (a) of § 301.6323(h)—1), mechanic's lienor (as...

26 CFR 301.6323(a)-1 - Purchasers, holders of security interests, mechanic's lienors, and judgment lien creditors.

Code of Federal Regulations, 2014 CFR

2014-04-01

..., mechanic's lienors, and judgment lien creditors. 301.6323(a)-1 Section 301.6323(a)-1 Internal Revenue... ADMINISTRATION Collection General Provisions § 301.6323(a)-1 Purchasers, holders of security interests, mechanic... of a security interest (as defined in paragraph (a) of § 301.6323(h)—1), mechanic's lienor (as...

77 FR 34416 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-11

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of... U.S.C. 78a et seq.). The Commission plans to submit the existing collection of information to the...

Mechanical code comparator

DOEpatents

Peter, Frank J.; Dalton, Larry J.; Plummer, David W.

2002-01-01

A new class of mechanical code comparators is described which have broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electromechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. These devices provide extremely high levels of robust security. Being totally mechanical in operation, an access control system properly based on such devices cannot be circumvented by software attack alone.

Usable SPACE: Security, Privacy, and Context for the Mobile User

NASA Astrophysics Data System (ADS)

Jutla, Dawn

Users breach the security of data within many financial applications daily as human and/or business expediency to access and use information wins over corporate security policy guidelines. Recognizing that changing user context often requires different security mechanisms, we discuss end-to-end solutions combining several security and context mechanisms for relevant security control and information presentation in various mobile user situations. We illustrate key concepts using Dimitri Kanevskys (IBM Research) early 2000s patented inventions for voice security and classification.

17 CFR 300.302 - Mechanics of closeout or completion.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout or...

17 CFR 300.302 - Mechanics of closeout or completion.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout or...

17 CFR 300.302 - Mechanics of closeout or completion.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout or...

17 CFR 300.302 - Mechanics of closeout or completion.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Completion of Open Contractual Commitments § 300.302 Mechanics of closeout or completion. (a) The closeout or...

17 CFR 300.302 - Mechanics of closeout or completion.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Mechanics of closeout or completion. 300.302 Section 300.302 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) Schedule A to Part 285 RULES OF THE SECURITIES INVESTOR PROTECTION CORPORATION Closeout Or...

The Development Model Electronic Commerce of Regional Agriculture

NASA Astrophysics Data System (ADS)

Kang, Jun; Cai, Lecai; Li, Hongchan

With the developing of the agricultural information, it is inevitable trend of the development of agricultural electronic commercial affairs. On the basis of existing study on the development application model of e-commerce, combined with the character of the agricultural information, compared with the developing model from the theory and reality, a new development model electronic commerce of regional agriculture base on the government is put up, and such key issues as problems of the security applications, payment mode, sharing mechanisms, and legal protection are analyzed, etc. The among coordination mechanism of the region is discussed on, it is significance for regulating the development of agricultural e-commerce and promoting the regional economical development.

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Scheduling multimedia services in cloud computing environment

NASA Astrophysics Data System (ADS)

Liu, Yunchang; Li, Chunlin; Luo, Youlong; Shao, Yanling; Zhang, Jing

2018-02-01

Currently, security is a critical factor for multimedia services running in the cloud computing environment. As an effective mechanism, trust can improve security level and mitigate attacks within cloud computing environments. Unfortunately, existing scheduling strategy for multimedia service in the cloud computing environment do not integrate trust mechanism when making scheduling decisions. In this paper, we propose a scheduling scheme for multimedia services in multi clouds. At first, a novel scheduling architecture is presented. Then, We build a trust model including both subjective trust and objective trust to evaluate the trust degree of multimedia service providers. By employing Bayesian theory, the subjective trust degree between multimedia service providers and users is obtained. According to the attributes of QoS, the objective trust degree of multimedia service providers is calculated. Finally, a scheduling algorithm integrating trust of entities is proposed by considering the deadline, cost and trust requirements of multimedia services. The scheduling algorithm heuristically hunts for reasonable resource allocations and satisfies the requirement of trust and meets deadlines for the multimedia services. Detailed simulated experiments demonstrate the effectiveness and feasibility of the proposed trust scheduling scheme.

Trusted Operations on Sensor Data †

PubMed Central

Joosen, Wouter; Michiels, Sam; Hughes, Danny

2018-01-01

The widespread use of mobile devices has allowed the development of participatory sensing systems that capture various types of data using the existing or external sensors attached to mobile devices. Gathering data from such anonymous sources requires a mechanism to establish the integrity of sensor readings. In many cases, sensor data need to be preprocessed on the device itself before being uploaded to the target server while ensuring the chain of trust from capture to the delivery of the data. This can be achieved by a framework that provides a means to implement arbitrary operations to be performed on trusted sensor data, while guaranteeing the security and integrity of the data. This paper presents the design and implementation of a framework that allows the capture of trusted sensor data from both external and internal sensors on a mobile phone along with the development of trusted operations on sensor data while providing a mechanism for performing predefined operations on the data such that the chain of trust is maintained. The evaluation shows that the proposed system ensures the security and integrity of sensor data with minimal performance overhead. PMID:29702601

Security Analysis of Yeh-Tsai Security Mechanism

NASA Astrophysics Data System (ADS)

Yum, Dae Hyun; Shin, Jong Hoon; Lee, Pil Joong

Yeh and Tsai recently proposed an enhanced mobile commerce security mechanism. They modified the lightweight security mechanism due to Lam, Chung, Gu, and Sun to relieve the burden of mobile clients. However, this article shows that a malicious WAP gateway can successfully obtain the mobile client's PIN by sending a fake public key of a mobile commerce server and exploiting information leakage caused by addition operation. We also present a countermeasure against the proposed attack.

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-01-01

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

77 FR 39529 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-03

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of... Exchange Act of 1934 (15 U.S.C. 78a et seq.). The Commission plans to submit this existing collection of...

5 CFR 9701.526 - Continuation of existing laws, recognitions, agreements, and procedures.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations...

A survey of pandemic influenza preparedness and response capabilities in Chicago area hospital security departments.

PubMed

Kimmerly, David P

2009-01-01

This article is a summary based on a December 2007 paper prepared by the author in partial fulfillment of the requirements for a master's degree in business and organizational security management at Webster University. The project described was intended to assess Chicago-area healthcare organization security departments' preparedness and response capabilities for a potential influenza pandemic. While the author says healthcare organizations are learning from the pandemics of the past, little research has been conducted on the requirements necessary within hospital security departments. The article explores staffing, planning, preparation and response capabilities within a healthcare security context to determine existing resources available to the healthcare security community. Eleven completed surveys were received from hospital security managers throughout the geographical Chicago area. They reveal that hospital security managers are conscious of the risks of a pandemic influenza outbreak. Yet, it was found that several gaps existed within hospital security department staffing and response capabilities, as hospital security departments may not have the available resources necessary to adequately maintain their operations during a pandemic incident.

Water security for productive economies: Applying an assessment framework in southern Africa

NASA Astrophysics Data System (ADS)

Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

2017-08-01

Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook (AWDO) to assess levels of water security for productive economies in countries of the Southern African Development Community (SADC). Economic aspects of water security cover four areas: economic activities in the broad sense, agriculture, electricity, and industry. Water security in each area is measured through application of a set of indicators; results of indicator application are then aggregated to determine economic water security at a country-level. Results show that economic water security in SADC is greatest in the Seychelles and South Africa, and lowest in Madagascar and Malawi. Opportunities for strengthening economic water security in the majority of SADC countries exist through improving agricultural water productivity, strengthening resilience, and expanding sustainable electricity generation. More profoundly, this paper suggests that there is clear potential and utility in applying approaches used elsewhere to assess economic water security in southern Africa.

Quantifying Mixed Uncertainties in Cyber Attacker Payoffs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Halappanavar, Mahantesh; Tipireddy, Ramakrishna

Representation and propagation of uncertainty in cyber attacker payoffs is a key aspect of security games. Past research has primarily focused on representing the defender’s beliefs about attacker payoffs as point utility estimates. More recently, within the physical security domain, attacker payoff uncertainties have been represented as Uniform and Gaussian probability distributions, and intervals. Within cyber-settings, continuous probability distributions may still be appropriate for addressing statistical (aleatory) uncertainties where the defender may assume that the attacker’s payoffs differ over time. However, systematic (epistemic) uncertainties may exist, where the defender may not have sufficient knowledge or there is insufficient information aboutmore » the attacker’s payoff generation mechanism. Such epistemic uncertainties are more suitably represented as probability boxes with intervals. In this study, we explore the mathematical treatment of such mixed payoff uncertainties.« less

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2014 CFR

2014-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2011 CFR

2011-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2013 CFR

2013-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2012 CFR

2012-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

Martime Security: Ferry Security Measures Have Been Implemented, but Evaluating Existing Studies Could Further Enhance Security

DTIC Science & Technology

2010-12-01

relevant requirements, analyzed 2006 through 2009 security operations data, interviewed federal and industry officials, and made observations at five...warranted, acted on all findings and recommendations resulting from five agency- contracted studies on ferry security completed in 2005 and 2006 ...Figure 5: Security Deficiencies by Vessel Type, 2006 through 2009 27 Figure 6: Security Deficiencies by Facility Type, 2006 through 2009 28

A Trusted Portable Computing Device

NASA Astrophysics Data System (ADS)

Ming-wei, Fang; Jun-jun, Wu; Peng-fei, Yu; Xin-fang, Zhang

A trusted portable computing device and its security mechanism were presented to solve the security issues, such as the attack of virus and Trojan horse, the lost and stolen of storage device, in mobile office. It used smart card to build a trusted portable security base, virtualization to create a secure virtual execution environment, two-factor authentication mechanism to identify legitimate users, and dynamic encryption to protect data privacy. The security environment described in this paper is characteristic of portability, security and reliability. It can meet the security requirement of mobile office.

Structuring Homeland Security

DTIC Science & Technology

2002-04-09

20 AIRPORT SECURITY .............................................................................................. 20...using an existing command and control structure. Since September 11, 2001 airport security has been of heightened importance to the American public...In order to use Reserves to provide airport security the airports themselves should be made federal property. This would allow greater flexibility for

A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

PubMed

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

2016-11-01

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

Stereotypical architecture of the stem cell niche is spatiotemporally established by miR-125-dependent coordination of Notch and steroid signaling.

PubMed

Yatsenko, Andriy S; Shcherbata, Halyna R

2018-02-08

Stem cell niches act as signaling platforms that regulate stem cell self-renewal and sustain stem cells throughout life; however, the specific developmental events controlling their assembly are not well understood. Here, we show that during Drosophila ovarian germline stem cell niche formation, the status of Notch signaling in the cell can be reprogrammed. This is controlled via steroid-induced miR-125 , which targets a negative regulator of Notch signaling, Tom. Thus, miR-125 acts as a spatiotemporal coordinator between paracrine Notch and endocrine steroid signaling. Moreover, a dual security mechanism for Notch signaling activation exists to ensure the robustness of niche assembly. Particularly, stem cell niche cells can be specified either via lateral inhibition, in which a niche cell precursor acquires Notch signal-sending status randomly, or via peripheral induction, whereby Delta is produced by a specific cell. When one mechanism is perturbed due to mutations, developmental defects or environmental stress, the remaining mechanism ensures that the niche is formed, perhaps abnormally, but still functional. This guarantees that the germline stem cells will have their residence, thereby securing progressive oogenesis and, thus, organism reproduction. © 2018. Published by The Company of Biologists Ltd.

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

Proposal of Secure VoIP System Using Attribute Certificate

NASA Astrophysics Data System (ADS)

Kim, Jin-Mook; Jeong, Young-Ae; Hong, Seong-Sik

VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

32 CFR 156.5 - National security positions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... of Existing Personnel Security Clearances” dated December 12, 2005 (Copies available on the Internet... 32 National Defense 1 2014-07-01 2014-07-01 false National security positions. 156.5 Section 156.5 National Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE...

A Unified Approach to Information Security Compliance

ERIC Educational Resources Information Center

Adler, M. Peter

2006-01-01

The increased number of government-mandated and private contractual information security requirements in recent years has caused higher education security professionals to view information security as another aspect of regulatory or contractual compliance. The existence of fines, penalties, or loss (including bad publicity) has also increased the…

75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration (SSA). ACTION: Notice of renewal of an existing...

Validity and reliability of food security measures.

PubMed

Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

2014-12-01

This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. © 2014 New York Academy of Sciences.

Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

PubMed

Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

2016-12-01

In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

The research and implementation of a unified identity authentication in e-government network

NASA Astrophysics Data System (ADS)

Feng, Zhou

Current problem existing in e-government network is that the applications of information system are developed independently by various departments, and each has its own specific set of authentication and access control mechanism. To build a comprehensive information system in favor of sharing and exchanging information, a sound and secure unified e-government authentication system is firstly needed. The paper, combining with practical development of e-government network, carries out a thorough discussion on how to achieve data synchronization between unified authentication system and related application systems.

77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-18

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0055] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration. ACTION: Notice of a renewal of an existing...

Aviation Security: Weaknesses in Airport Security and Options for Assigning Screening Responsibilities

DTIC Science & Technology

2001-09-21

actually occurred or which of the weaknesses in the nations aviation security apparatus contributed to the horrendous events of last week, it is...clear that serious weaknesses exist in our aviation security system and that their impact can be far more devastating than previously imagined.

Issues of Falsifying Financial Statements in Terms of Economic Security

ERIC Educational Resources Information Center

Zhitlukhina, Olga G.; Rakutko, Svetlana Y.; Berezhnova, Elena I.; Selezneva, Elena Y.; Belik, Elena V.; Shalaeva, Nina I.; Denisevich, Elena I.; Belik, Natalia V.; Saenko, Zhanna E.; Sultanova, Alina A.

2016-01-01

The paper deals with problems of the country's economic security and entities, timely resolution of which influences directly the country's national security. The cornerstone of successful existence of any country, especially the Russian Federation, during such complicated period is the presence of effective national economic security system.…

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

PubMed

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

Securing General Aviation

DTIC Science & Technology

2009-03-03

ajor vulnerabilities still exist in ... general aviation security ,”3 the commission did not further elaborate on the nature of those vulnerabilities...commercial operations may make them an attractive alternative to terrorists seeking to identify and exploit vulnerabilities in aviation security . In this...3, 2003, p. A7. 2 See Report of the Aviation Security Advisory Committee Working Group on General Aviation Airport Security (October 1, 2003); and

Aviation security : vulnerabilities still exist in the aviation security system

DOT National Transportation Integrated Search

2000-04-06

The testimony today discusses the Federal Aviation Administration's (FAA) efforts to implement and improve security in two key areas: air traffic control computer systems and airport passenger screening checkpoints. Computer systems-and the informati...

78 FR 70973 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-27

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: US Securities and Exchange Commission, Office of Investor Education and Advocacy... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of...

MAC layer security issues in wireless mesh networks

NASA Astrophysics Data System (ADS)

Reddy, K. Ganesh; Thilagam, P. Santhi

2016-03-01

Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

Framework for Flexible Security in Group Communications

NASA Technical Reports Server (NTRS)

McDaniel, Patrick; Prakash, Atul

2006-01-01

The Antigone software system defines a framework for the flexible definition and implementation of security policies in group communication systems. Antigone does not dictate the available security policies, but provides high-level mechanisms for implementing them. A central element of the Antigone architecture is a suite of such mechanisms comprising micro-protocols that provide the basic services needed by secure groups.

A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy

PubMed Central

Goryczka, Slawomir; Xiong, Li

2016-01-01

This paper considers the problem of secure data aggregation (mainly summation) in a distributed setting, while ensuring differential privacy of the result. We study secure multiparty addition protocols using well known security schemes: Shamir’s secret sharing, perturbation-based, and various encryptions. We supplement our study with our new enhanced encryption scheme EFT, which is efficient and fault tolerant. Differential privacy of the final result is achieved by either distributed Laplace or Geometric mechanism (respectively DLPA or DGPA), while approximated differential privacy is achieved by diluted mechanisms. Distributed random noise is generated collectively by all participants, which draw random variables from one of several distributions: Gamma, Gauss, Geometric, or their diluted versions. We introduce a new distributed privacy mechanism with noise drawn from the Laplace distribution, which achieves smaller redundant noise with efficiency. We compare complexity and security characteristics of the protocols with different differential privacy mechanisms and security schemes. More importantly, we implemented all protocols and present an experimental comparison on their performance and scalability in a real distributed environment. Based on the evaluations, we identify our security scheme and Laplace DLPA as the most efficient for secure distributed data aggregation with privacy. PMID:28919841

A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy.

PubMed

Goryczka, Slawomir; Xiong, Li

2017-01-01

This paper considers the problem of secure data aggregation (mainly summation) in a distributed setting, while ensuring differential privacy of the result. We study secure multiparty addition protocols using well known security schemes: Shamir's secret sharing, perturbation-based, and various encryptions. We supplement our study with our new enhanced encryption scheme EFT, which is efficient and fault tolerant. Differential privacy of the final result is achieved by either distributed Laplace or Geometric mechanism (respectively DLPA or DGPA), while approximated differential privacy is achieved by diluted mechanisms. Distributed random noise is generated collectively by all participants, which draw random variables from one of several distributions: Gamma, Gauss, Geometric, or their diluted versions. We introduce a new distributed privacy mechanism with noise drawn from the Laplace distribution, which achieves smaller redundant noise with efficiency. We compare complexity and security characteristics of the protocols with different differential privacy mechanisms and security schemes. More importantly, we implemented all protocols and present an experimental comparison on their performance and scalability in a real distributed environment. Based on the evaluations, we identify our security scheme and Laplace DLPA as the most efficient for secure distributed data aggregation with privacy.

A model of security monitoring

NASA Technical Reports Server (NTRS)

Bishop, Matt

1990-01-01

A model of security monitoring is presented that distinguishes between two types of logging and auditing. Implications for the design and use of security monitoring mechanisms are drawn from this model. The usefulness of the model is then demonstrated by analyzing several different monitoring mechanisms.

A model of security monitoring

NASA Technical Reports Server (NTRS)

Bishop, Matt

1989-01-01

A model of security monitoring is presented that distinguishes between two types of logging and auditing. Implications for the design and use of security monitoring mechanisms are drawn from this model. The usefulness of the model is then demonstrated by analyzing several different monitoring mechanisms.

Analysis on the University’s Network Security Level System in the Big Data Era

NASA Astrophysics Data System (ADS)

Li, Tianli

2017-12-01

The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

PubMed

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

PubMed Central

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

Towards an Enhancement of Organizational Information Security through Threat Factor Profiling (TFP) Model

NASA Astrophysics Data System (ADS)

Sidi, Fatimah; Daud, Maslina; Ahmad, Sabariah; Zainuddin, Naqliyah; Anneisa Abdullah, Syafiqa; Jabar, Marzanah A.; Suriani Affendey, Lilly; Ishak, Iskandar; Sharef, Nurfadhlina Mohd; Zolkepli, Maslina; Nur Majdina Nordin, Fatin; Amat Sejani, Hashimah; Ramadzan Hairani, Saiful

2017-09-01

Information security has been identified by organizations as part of internal operations that need to be well implemented and protected. This is because each day the organizations face a high probability of increase of threats to their networks and services that will lead to information security issues. Thus, effective information security management is required in order to protect their information assets. Threat profiling is a method that can be used by an organization to address the security challenges. Threat profiling allows analysts to understand and organize intelligent information related to threat groups. This paper presents a comparative analysis that was conducted to study the existing threat profiling models. It was found that existing threat models were constructed based on specific objectives, thus each model is limited to only certain components or factors such as assets, threat sources, countermeasures, threat agents, threat outcomes and threat actors. It is suggested that threat profiling can be improved by the combination of components found in each existing threat profiling model/framework. The proposed model can be used by an organization in executing a proactive approach to incident management.

Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2008-01-01

Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service maymore » be provided by an information technology system or process control system, etc.). (2) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the levels of verification and validation (i.e., certification) performed on components of the specification. The certification activity may produce higher levels of assurance across different components of the specification than others. Consequently, this paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs and the basic structural and mathematical underpinnings.« less

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

On the vulnerability of basic quantum key distribution protocols and three protocols stable to attack with 'blinding' of avalanche photodetectors

DOE Office of Scientific and Technical Information (OSTI.GOV)

Molotkov, S. N., E-mail: sergei.molotkov@gmail.com

2012-05-15

The fundamental quantum mechanics prohibitions on the measurability of quantum states allow secure key distribution between spatially remote users to be performed. Experimental and commercial implementations of quantum cryptography systems, however, use components that exist at the current technology level, in particular, one-photon avalanche photodetectors. These detectors are subject to the blinding effect. It was shown that all the known basic quantum key distribution protocols and systems based on them are vulnerable to attacks with blinding of photodetectors. In such attacks, an eavesdropper knows all the key transferred, does not produce errors at the reception side, and remains undetected. Threemore » protocols of quantum key distribution stable toward such attacks are suggested. The security of keys and detection of eavesdropping attempts are guaranteed by the internal structure of protocols themselves rather than additional technical improvements.« less

Construction of the food and nutrition security policy in Brazil: strategies and challenges in the promotion of intersectorality at the federal government level.

PubMed

Burlandy, Luciene

2009-01-01

This article analyzes institutional strategies of the Brazilian federal government that aim at promoting intersectorality in the field of Food and Nutrition Security (FNS), based on bibliographic review and document analysis. It is assumed that, although formal institutionality in this government level is not enough to promote intersectorality, it is important in process induction. It follows that the combination of different institutional mechanisms favors intersectorality, such as: the existence and location of councils integrated by government sectors and civil society in the presidency; political support by the presidency and inclusion of the issue as being strategic in the governmental agenda; assembly of institutional spaces that articulate the highest government spheres and that integrate technical levels; programs that integrate food production, commercialization, and consumption. Challenges concern interrelation with economic policy and the construction of budget agreed among sectors, integrated to policy management and monitoring.

Realistic noise-tolerant randomness amplification using finite number of devices.

PubMed

Brandão, Fernando G S L; Ramanathan, Ravishankar; Grudka, Andrzej; Horodecki, Karol; Horodecki, Michał; Horodecki, Paweł; Szarek, Tomasz; Wojewódka, Hanna

2016-04-21

Randomness is a fundamental concept, with implications from security of modern data systems, to fundamental laws of nature and even the philosophy of science. Randomness is called certified if it describes events that cannot be pre-determined by an external adversary. It is known that weak certified randomness can be amplified to nearly ideal randomness using quantum-mechanical systems. However, so far, it was unclear whether randomness amplification is a realistic task, as the existing proposals either do not tolerate noise or require an unbounded number of different devices. Here we provide an error-tolerant protocol using a finite number of devices for amplifying arbitrary weak randomness into nearly perfect random bits, which are secure against a no-signalling adversary. The correctness of the protocol is assessed by violating a Bell inequality, with the degree of violation determining the noise tolerance threshold. An experimental realization of the protocol is within reach of current technology.

Realistic noise-tolerant randomness amplification using finite number of devices

NASA Astrophysics Data System (ADS)

Brandão, Fernando G. S. L.; Ramanathan, Ravishankar; Grudka, Andrzej; Horodecki, Karol; Horodecki, Michał; Horodecki, Paweł; Szarek, Tomasz; Wojewódka, Hanna

2016-04-01

Randomness is a fundamental concept, with implications from security of modern data systems, to fundamental laws of nature and even the philosophy of science. Randomness is called certified if it describes events that cannot be pre-determined by an external adversary. It is known that weak certified randomness can be amplified to nearly ideal randomness using quantum-mechanical systems. However, so far, it was unclear whether randomness amplification is a realistic task, as the existing proposals either do not tolerate noise or require an unbounded number of different devices. Here we provide an error-tolerant protocol using a finite number of devices for amplifying arbitrary weak randomness into nearly perfect random bits, which are secure against a no-signalling adversary. The correctness of the protocol is assessed by violating a Bell inequality, with the degree of violation determining the noise tolerance threshold. An experimental realization of the protocol is within reach of current technology.

Realistic noise-tolerant randomness amplification using finite number of devices

PubMed Central

Brandão, Fernando G. S. L.; Ramanathan, Ravishankar; Grudka, Andrzej; Horodecki, Karol; Horodecki, Michał; Horodecki, Paweł; Szarek, Tomasz; Wojewódka, Hanna

2016-01-01

Randomness is a fundamental concept, with implications from security of modern data systems, to fundamental laws of nature and even the philosophy of science. Randomness is called certified if it describes events that cannot be pre-determined by an external adversary. It is known that weak certified randomness can be amplified to nearly ideal randomness using quantum-mechanical systems. However, so far, it was unclear whether randomness amplification is a realistic task, as the existing proposals either do not tolerate noise or require an unbounded number of different devices. Here we provide an error-tolerant protocol using a finite number of devices for amplifying arbitrary weak randomness into nearly perfect random bits, which are secure against a no-signalling adversary. The correctness of the protocol is assessed by violating a Bell inequality, with the degree of violation determining the noise tolerance threshold. An experimental realization of the protocol is within reach of current technology. PMID:27098302

31 CFR 601.4 - Use of paper; interest-bearing securities of the United States.

Code of Federal Regulations, 2010 CFR

2010-07-01

... PAPER FOR UNITED STATES CURRENCY AND OTHER SECURITIES § 601.4 Use of paper; interest-bearing securities of the United States. The existing distinctive papers shall be used for the printing of interest...

76 FR 65220 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-20

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: U.S. Securities and Exchange Commission, Office of Investor Education and Advocacy... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of...

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0089] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Homeland Security (DHS))--Match Number 1010 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that...

Securing medical research: a cybersecurity point of view.

PubMed

Schneier, Bruce

2012-06-22

The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

PubMed

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

Secure public cloud platform for medical images sharing.

PubMed

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

76 FR 31639 - Notice of the Availability of the Finding of No Significant Impact Concerning a Proposal To Award...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-01

... Significant Impact Concerning a Proposal To Award a Contract to House Federal, Low- Security, Criminal Aliens... aliens within one or more existing contractor-owned and operated correctional facilities. Background... Federal, low-security, adult male, non-U.S. citizen, criminal aliens within one or more existing...

Photonic quantum digital signatures operating over kilometer ranges in installed optical fiber

NASA Astrophysics Data System (ADS)

Collins, Robert J.; Fujiwara, Mikio; Amiri, Ryan; Honjo, Toshimori; Shimizu, Kaoru; Tamaki, Kiyoshi; Takeoka, Masahiro; Andersson, Erika; Buller, Gerald S.; Sasaki, Masahide

2016-10-01

The security of electronic communications is a topic that has gained noteworthy public interest in recent years. As a result, there is an increasing public recognition of the existence and importance of mathematically based approaches to digital security. Many of these implement digital signatures to ensure that a malicious party has not tampered with the message in transit, that a legitimate receiver can validate the identity of the signer and that messages are transferable. The security of most digital signature schemes relies on the assumed computational difficulty of solving certain mathematical problems. However, reports in the media have shown that certain implementations of such signature schemes are vulnerable to algorithmic breakthroughs and emerging quantum processing technologies. Indeed, even without quantum processors, the possibility remains that classical algorithmic breakthroughs will render these schemes insecure. There is ongoing research into information-theoretically secure signature schemes, where the security is guaranteed against an attacker with arbitrary computational resources. One such approach is quantum digital signatures. Quantum signature schemes can be made information-theoretically secure based on the laws of quantum mechanics while comparable classical protocols require additional resources such as anonymous broadcast and/or a trusted authority. Previously, most early demonstrations of quantum digital signatures required dedicated single-purpose hardware and operated over restricted ranges in a laboratory environment. Here, for the first time, we present a demonstration of quantum digital signatures conducted over several kilometers of installed optical fiber. The system reported here operates at a higher signature generation rate than previous fiber systems.

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2013 CFR

2013-07-01

... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2014 CFR

2014-01-01

... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2012 CFR

2012-01-01

... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

AVIATION SECURITY: Terrorist Acts Demonstrate Urgent Need to Improve Security at the Nation’s Airports

DTIC Science & Technology

2001-09-20

what actually occurred or what all the weaknesses in the nation’s aviation security apparatus are that contributed to the horrendous events of last week...it is clear that serious weaknesses exist in our aviation security system and that their impact can be far more devastating than previously imagined...offer some observations about improving aviation security in these various areas.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

A Security Analysis of the 802.11s Wireless Mesh Network Routing Protocol and Its Secure Routing Protocols

PubMed Central

Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

2013-01-01

Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP. PMID:24002231

A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

PubMed

Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

2013-09-02

Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

Alexa, Can I Trust You?

PubMed Central

Chung, Hyunji; Iorga, Michaela; Voas, Jeffrey; Lee, Sangjin

2017-01-01

Security diagnostics expose vulnerabilities and privacy threats that exist in commercial Intelligent Virtual Assistants (IVA) – diagnostics offer the possibility of securer IVA ecosystems. PMID:29213147

Cryptographic Combinatorial Securities Exchanges

NASA Astrophysics Data System (ADS)

Thorpe, Christopher; Parkes, David C.

We present a useful new mechanism that facilitates the atomic exchange of many large baskets of securities in a combinatorial exchange. Cryptography prevents information about the securities in the baskets from being exploited, enhancing trust. Our exchange offers institutions who wish to trade large positions a new alternative to existing methods of block trading: they can reduce transaction costs by taking advantage of other institutions’ available liquidity, while third party liquidity providers guarantee execution—preserving their desired portfolio composition at all times. In our exchange, institutions submit encrypted orders which are crossed, leaving a “remainder”. The exchange proves facts about the portfolio risk of this remainder to third party liquidity providers without revealing the securities in the remainder, the knowledge of which could also be exploited. The third parties learn either (depending on the setting) the portfolio risk parameters of the remainder itself, or how their own portfolio risk would change if they were to incorporate the remainder into a portfolio they submit. In one setting, these third parties submit bids on the commission, and the winner supplies necessary liquidity for the entire exchange to clear. This guaranteed clearing, coupled with external price discovery from the primary markets for the securities, sidesteps difficult combinatorial optimization problems. This latter method of proving how taking on the remainder would change risk parameters of one’s own portfolio, without revealing the remainder’s contents or its own risk parameters, is a useful protocol of independent interest.

Query Monitoring and Analysis for Database Privacy - A Security Automata Model Approach

PubMed Central

Kumar, Anand; Ligatti, Jay; Tu, Yi-Cheng

2015-01-01

Privacy and usage restriction issues are important when valuable data are exchanged or acquired by different organizations. Standard access control mechanisms either restrict or completely grant access to valuable data. On the other hand, data obfuscation limits the overall usability and may result in loss of total value. There are no standard policy enforcement mechanisms for data acquired through mutual and copyright agreements. In practice, many different types of policies can be enforced in protecting data privacy. Hence there is the need for an unified framework that encapsulates multiple suites of policies to protect the data. We present our vision of an architecture named security automata model (SAM) to enforce privacy-preserving policies and usage restrictions. SAM analyzes the input queries and their outputs to enforce various policies, liberating data owners from the burden of monitoring data access. SAM allows administrators to specify various policies and enforces them to monitor queries and control the data access. Our goal is to address the problems of data usage control and protection through privacy policies that can be defined, enforced, and integrated with the existing access control mechanisms using SAM. In this paper, we lay out the theoretical foundation of SAM, which is based on an automata named Mandatory Result Automata. We also discuss the major challenges of implementing SAM in a real-world database environment as well as ideas to meet such challenges. PMID:26997936

Query Monitoring and Analysis for Database Privacy - A Security Automata Model Approach.

PubMed

Kumar, Anand; Ligatti, Jay; Tu, Yi-Cheng

2015-11-01

Privacy and usage restriction issues are important when valuable data are exchanged or acquired by different organizations. Standard access control mechanisms either restrict or completely grant access to valuable data. On the other hand, data obfuscation limits the overall usability and may result in loss of total value. There are no standard policy enforcement mechanisms for data acquired through mutual and copyright agreements. In practice, many different types of policies can be enforced in protecting data privacy. Hence there is the need for an unified framework that encapsulates multiple suites of policies to protect the data. We present our vision of an architecture named security automata model (SAM) to enforce privacy-preserving policies and usage restrictions. SAM analyzes the input queries and their outputs to enforce various policies, liberating data owners from the burden of monitoring data access. SAM allows administrators to specify various policies and enforces them to monitor queries and control the data access. Our goal is to address the problems of data usage control and protection through privacy policies that can be defined, enforced, and integrated with the existing access control mechanisms using SAM. In this paper, we lay out the theoretical foundation of SAM, which is based on an automata named Mandatory Result Automata. We also discuss the major challenges of implementing SAM in a real-world database environment as well as ideas to meet such challenges.

Healthcare security staffing for smaller facilities: where science meets art.

PubMed

Warren, Bryan

2013-01-01

Obtaining effective security resourcing and staffing for smaller healthcare facilities presents many difficulties, according to the author In this article, he provides guidance to security practitioners on taking existing data and translating it into a language that administration will understand and appreciate.

77 FR 66862 - Agency Information Collection Activities: Extension, Without Change, of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-07

... DEPARTMENT OF HOMELAND SECURITY United States Immigration and Customs Enforcement Agency... Department of Homeland Security, U.S. Immigration and Customs Enforcement (ICE), will submit the following... United States Immigration and Customs Enforcement, Department of Homeland Security, and sent via...

Security clustering algorithm based on reputation in hierarchical peer-to-peer network

NASA Astrophysics Data System (ADS)

Chen, Mei; Luo, Xin; Wu, Guowen; Tan, Yang; Kita, Kenji

2013-03-01

For the security problems of the hierarchical P2P network (HPN), the paper presents a security clustering algorithm based on reputation (CABR). In the algorithm, we take the reputation mechanism for ensuring the security of transaction and use cluster for managing the reputation mechanism. In order to improve security, reduce cost of network brought by management of reputation and enhance stability of cluster, we select reputation, the historical average online time, and the network bandwidth as the basic factors of the comprehensive performance of node. Simulation results showed that the proposed algorithm improved the security, reduced the network overhead, and enhanced stability of cluster.

Quantum Attack-Resistent Certificateless Multi-Receiver Signcryption Scheme

PubMed Central

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards. PMID:23967037

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

Library Operations Policies and Procedures, Volume 2. Central Archive for Reusable Defense Software (CARDS)

DTIC Science & Technology

1994-02-28

improvements. Pare 10 ka•- V •DkI U Release Manager The Release Manager provides franchisees with media copies of existing libraries, as needed. Security...implementors, and potential library franchisees . Security Team The Security Team assists the Security Officer with security analysis. Team members are...and Franchisees . A Potential User is an individual who requests a Library Account. A User Recruit has been sent a CARDS Library Account Registration

Experimental quantum key distribution with source flaws

NASA Astrophysics Data System (ADS)

Xu, Feihu; Wei, Kejin; Sajeed, Shihan; Kaiser, Sarah; Sun, Shihai; Tang, Zhiyuan; Qian, Li; Makarov, Vadim; Lo, Hoi-Kwong

2015-09-01

Decoy-state quantum key distribution (QKD) is a standard technique in current quantum cryptographic implementations. Unfortunately, existing experiments have two important drawbacks: the state preparation is assumed to be perfect without errors and the employed security proofs do not fully consider the finite-key effects for general attacks. These two drawbacks mean that existing experiments are not guaranteed to be proven to be secure in practice. Here, we perform an experiment that shows secure QKD with imperfect state preparations over long distances and achieves rigorous finite-key security bounds for decoy-state QKD against coherent attacks in the universally composable framework. We quantify the source flaws experimentally and demonstrate a QKD implementation that is tolerant to channel loss despite the source flaws. Our implementation considers more real-world problems than most previous experiments, and our theory can be applied to general discrete-variable QKD systems. These features constitute a step towards secure QKD with imperfect devices.

Interference and memory capacity effects in memristive systems

NASA Astrophysics Data System (ADS)

Hermiz, John; Chang, Ting; Du, Chao; Lu, Wei

2013-02-01

Short-term memory implies the existence of a capacity limit beyond which memory cannot be securely formed and retained. The underlying mechanisms are believed to be two primary factors: decay and interference. Here, we demonstrate through both simulation and experiment that the memory capacity effect can be implemented in a parallel memristor circuit, where decay and interference are achieved by the inherent ion diffusion in the device and the competition for current supply in the circuit, respectively. This study suggests it is possible to emulate high-level biological behaviors with memristor circuits and will stimulate continued studies on memristor-based neuromorphic circuits.

77 FR 18255 - Agency Information Collection Activities: Form N-565; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-27

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization/Citizenship Document; OMB Control No. 1615-0091. The Department of Homeland Security, U.S... Security (DHS), USCIS, Chief, Regulatory Coordination Division, 20 Massachusetts Avenue NW., Washington, DC...

75 FR 80835 - Agency Information Collection Activities: Form N-565; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization/Citizenship Document; OMB Control No. 1615-0091. The Department of Homeland Security, U.S... Security (DHS), USCIS, Chief, Regulatory Products Division, 20 Massachusetts Avenue, NW., Washington, DC...

78 FR 77139 - Agency Information Collection Activities: Small Vessel Reporting System

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-20

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection: 1651-0137. SUMMARY: U.S. Customs and Border Protection (CBP) of the Department of Homeland Security...

Security Frameworks for Machine-to-Machine Devices and Networks

NASA Astrophysics Data System (ADS)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

NASA Astrophysics Data System (ADS)

Fathirad, Iraj; Devlin, John; Jiang, Frank

2012-09-01

The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

Distributed denial of service (DDoS) attack in cloud- assisted wireless body area networks: a systematic literature review.

PubMed

Latif, Rabia; Abbas, Haider; Assar, Saïd

2014-11-01

Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient's data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.

R AND D 100 EARLYBIRD AWARD ENTRY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dugan, J; Debbie Chapman, D

2007-01-30

The Smart Latch{trademark} is an electronically enhanced door lockset device for industrial and consumer applications, which uses existing neural network technology to analyze the sequence, timing, and acoustic signatures associated with lockset functions and provides immediate indication of failure to correctly lock and latch. It essentially ''listens'' to and learns the sequences and acoustic signatures associated with lockset function and latching. When triggered by specific door activity the Smart Latch{trademark} begins analyzing sequences, frequencies and other parameters. With a satisfactory outcome the device provides positive feedback (e.g. visual and/or audible) and returns to a ''sleep'' state awaiting the next activity.more » If any part of the normal door operation, including latching and length of time, are incorrect various alarm signals can be generated. With electronics and 5+ year battery integrated, the device is simple to install and transparent to the user. Because the device uses proven voice recognition algorithms, it could meet or exceed the performance of the human ear in detecting the unique and complex acoustic signature associated with a properly operating and secured door. Unlike existing technologies, such as limit switches, it is not easily spoofed or defeated and has a high level of immunity to interference. The Smart Latch{trademark} technology can be integrated into existing lockset and door hardware designs, including both low price consumer products and high end electronic/cipher locks. The concept and design are based on a simple security industry adage: ''It isn't locked if it isn't latched''. Even the most elaborate and robust security barriers are of little use if the locking and latching mechanisms are not properly functioning and engaged. Smart Latch{trademark} provides automatic verification of the first and most important step in facility security: Close and properly latch doors and barriers. It is a compelling product for households with children, elderly, or high traffic areas such as an office where a properly closed and latched door is essential for security and safety. In an age of ever increasing security concerns and limited human resources, Smart Latch{trademark} can be a significant addition to the $20 billion plus industrial and consumer lockset market. The Smart Latch{trademark} is unique because: (1) as an inexpensive, battery powered, stand-alone device or as integrated into any standard consumer lock set, the device uses neural network technology to analyze the acoustic signatures associated with normal door operation and generates an alert if a door is not latched correctly and within a set amount of time. (2) It is not easily spoofed or defeated. (3) Installation, setup, and use are simple.« less

76 FR 21912 - Agency Information Collection Activities: Form I-363; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-19

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information...-0022. The Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS) will be... directed to the Department of Homeland Security (DHS), USCIS, Chief, Regulatory Products Division, Office...

75 FR 13776 - Agency Information Collection Activities: Form N-300; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-23

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Intention; OMB Control No. 1615-0078. The Department of Homeland Security, U.S. Citizenship and Immigration... response time, should be directed to the Department of Homeland Security (DHS), USCIS, Chief, Regulatory...

77 FR 24507 - Agency Information Collection Activities: Form N-25, Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization. The Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS) will be... Homeland Security (DHS), and to the Office of Information and Regulatory Affairs, Office of Management and...

76 FR 17144 - Agency Information Collection Activities: Form N-300; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-28

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Intention; OMB Control No. 1615-0078. The Department Homeland Security, U.S. Citizenship and Immigration... associated response time, should be directed to the Department of Homeland Security (DHS), USCIS, Chief...

77 FR 9258 - Agency Information Collection Activities: Extension of an Existing Information Collection Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-16

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization. The Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS) will be... and associated response time should be directed to the Department of Homeland Security (DHS), USCIS...

76 FR 36560 - Agency Information Collection Activities; Form N-300; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-22

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Intention; OMB Control No. 1615-0078. The Department of Homeland Security, U.S. Citizenship and Immigration... public burden and associated response time, should be directed to the Department of Homeland Security...

7 CFR 1951.240 - State Director's additional authorizations and guidance.

Code of Federal Regulations, 2010 CFR

2010-01-01

... instruments. (4) Approve the extension or expansion of facilities and services. (5) Require additional security when: (i) Existing security is inadequate and the loan or security instruments obligate the... borrower equal the present market value and are assigned and pledged to FmHA or its successor agency under...

77 FR 12898 - Self-Regulatory Organizations; Midwest Securities Trust Company; Order Cancelling Clearing Agency...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-02

... the event any self-regulatory organization is no longer in existence or has ceased to do business in... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-66461; File No. 600-7] Self-Regulatory Organizations; Midwest Securities Trust Company; Order Cancelling Clearing Agency Registration February 24, 2012...

39 CFR 761.4 - Transfer or pledge.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) have the effect of a delivery in bearer form of definitive Postal Service securities; (2) have the... holder; and (4) if a pledge, effect a perfected security interest therein in favor of the pledgee. A...; no such conversion shall effect existing interests in such Postal Service securities. (e) A transfer...

26 CFR 53.4941(d)-4 - Transitional rules.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Transitional rules. (a) Certain transactions involving securities acquired by a foundation before May 27, 1969... of self-dealing if such transaction is pursuant to the terms of securities of such corporation, if such terms were in existence at the time such securities were acquired by the foundation, and if such...

7 CFR 764.104 - General real estate security requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 7 2012-01-01 2012-01-01 false General real estate security requirements. 764.104....104 General real estate security requirements. (a) Agency lien position requirements. If real estate... Agency; and (4) Equity in the collateral exists. (b) Real estate held under a purchase contract. If the...

7 CFR 764.104 - General real estate security requirements.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 7 2013-01-01 2013-01-01 false General real estate security requirements. 764.104....104 General real estate security requirements. (a) Agency lien position requirements. If real estate... Agency; and (4) Equity in the collateral exists. (b) Real estate held under a purchase contract. If the...

7 CFR 764.104 - General real estate security requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 7 2010-01-01 2010-01-01 false General real estate security requirements. 764.104....104 General real estate security requirements. (a) Agency lien position requirements. If real estate... Agency; and (4) Equity in the collateral exists. (b) Real estate held under a purchase contract. If the...

7 CFR 764.104 - General real estate security requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 7 2011-01-01 2011-01-01 false General real estate security requirements. 764.104....104 General real estate security requirements. (a) Agency lien position requirements. If real estate... Agency; and (4) Equity in the collateral exists. (b) Real estate held under a purchase contract. If the...

7 CFR 764.104 - General real estate security requirements.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 7 2014-01-01 2014-01-01 false General real estate security requirements. 764.104....104 General real estate security requirements. (a) Agency lien position requirements. If real estate... Agency; and (4) Equity in the collateral exists. (b) Real estate held under a purchase contract. If the...

Composing Alternatives to a National Security Language Policy

ERIC Educational Resources Information Center

Wible, Scott

2009-01-01

President Bush's National Security Language Initiative focuses narrowly on gearing language education to security and military needs. English educators should work with their counterparts in foreign language departments to promote a broader view, one that encourages study of the multiple language groups that currently exist within the United…

Psychological Security-Insecurity of Illinois Central College Students.

ERIC Educational Resources Information Center

Grout, David R.

This study attempted to discover the distribution of feelings of security and insecurity in the population of Illinois Central College (ICC) and whether significant differences exist among various subgroups. A 10 per cent stratified random sample of students were administered Maslow's Security-Insecurity Inventory. No significant difference was…

76 FR 21768 - Privacy Act of 1974; Consolidation of System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-18

... inventory of record systems titled, Department of Homeland Security/Directorate of Science and Technology... the existing Department of Homeland Security system of records notice titled, Department of Homeland Security/ALL--002 Mailing and Other Lists System, November 25, 2008. DATES: Effective Date: May 18, 2011...

Racing to the Future: Security in the Gigabit Race?

ERIC Educational Resources Information Center

Gregory, Mark A; Cradduck, Lucy

2016-01-01

This research seeks to identify the differing national perspectives towards security and the "gigabit race" as those nations transition to their next generation broadband networks. Its aim is to critically appraise the rationales for their existing digital security frameworks in order to determine whether (and what) Australia can learn…

77 FR 27474 - Agency Information Collection Activities: Form N-648, Revision of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-10

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Disability Exceptions. The Department of Homeland Security (DHS), U.S. Citizenship and Immigration Services... Security sponsoring the collection: Form N-648. U.S. Citizenship and Immigration Services (USCIS). (4...

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

Quantum communication for satellite-to-ground networks with partially entangled states

NASA Astrophysics Data System (ADS)

Chen, Na; Quan, Dong-Xiao; Pei, Chang-Xing; Yang-Hong

2015-02-01

To realize practical wide-area quantum communication, a satellite-to-ground network with partially entangled states is developed in this paper. For efficiency and security reasons, the existing method of quantum communication in distributed wireless quantum networks with partially entangled states cannot be applied directly to the proposed quantum network. Based on this point, an efficient and secure quantum communication scheme with partially entangled states is presented. In our scheme, the source node performs teleportation only after an end-to-end entangled state has been established by entanglement swapping with partially entangled states. Thus, the security of quantum communication is guaranteed. The destination node recovers the transmitted quantum bit with the help of an auxiliary quantum bit and specially defined unitary matrices. Detailed calculations and simulation analyses show that the probability of successfully transferring a quantum bit in the presented scheme is high. In addition, the auxiliary quantum bit provides a heralded mechanism for successful communication. Based on the critical components that are presented in this article an efficient, secure, and practical wide-area quantum communication can be achieved. Project supported by the National Natural Science Foundation of China (Grant Nos. 61072067 and 61372076), the 111 Project (Grant No. B08038), the Fund from the State Key Laboratory of Integrated Services Networks (Grant No. ISN 1001004), and the Fundamental Research Funds for the Central Universities (Grant Nos. K5051301059 and K5051201021).

Security Analysis of Measurement-Device-Independent Quantum Key Distribution in Collective-Rotation Noisy Environment

NASA Astrophysics Data System (ADS)

Li, Na; Zhang, Yu; Wen, Shuang; Li, Lei-lei; Li, Jian

2018-01-01

Noise is a problem that communication channels cannot avoid. It is, thus, beneficial to analyze the security of MDI-QKD in noisy environment. An analysis model for collective-rotation noise is introduced, and the information theory methods are used to analyze the security of the protocol. The maximum amount of information that Eve can eavesdrop is 50%, and the eavesdropping can always be detected if the noise level ɛ ≤ 0.68. Therefore, MDI-QKD protocol is secure as quantum key distribution protocol. The maximum probability that the relay outputs successful results is 16% when existing eavesdropping. Moreover, the probability that the relay outputs successful results when existing eavesdropping is higher than the situation without eavesdropping. The paper validates that MDI-QKD protocol has better robustness.

Security bound of cheat sensitive quantum bit commitment.

PubMed

He, Guang Ping

2015-03-23

Cheat sensitive quantum bit commitment (CSQBC) loosens the security requirement of quantum bit commitment (QBC), so that the existing impossibility proofs of unconditionally secure QBC can be evaded. But here we analyze the common features in all existing CSQBC protocols, and show that in any CSQBC having these features, the receiver can always learn a non-trivial amount of information on the sender's committed bit before it is unveiled, while his cheating can pass the security check with a probability not less than 50%. The sender's cheating is also studied. The optimal CSQBC protocols that can minimize the sum of the cheating probabilities of both parties are found to be trivial, as they are practically useless. We also discuss the possibility of building a fair protocol in which both parties can cheat with equal probabilities.

Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

NASA Astrophysics Data System (ADS)

Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

2018-05-01

The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and to indicate degradations.

Are food insecurity's health impacts underestimated in the U.S. population? Marginal food security also predicts adverse health outcomes in young U.S. children and mothers.

PubMed

Cook, John T; Black, Maureen; Chilton, Mariana; Cutts, Diana; Ettinger de Cuba, Stephanie; Heeren, Timothy C; Rose-Jacobs, Ruth; Sandel, Megan; Casey, Patrick H; Coleman, Sharon; Weiss, Ingrid; Frank, Deborah A

2013-01-01

This review addresses epidemiological, public health, and social policy implications of categorizing young children and their adult female caregivers in the United States as food secure when they live in households with "marginal food security," as indicated by the U.S. Household Food Security Survey Module. Existing literature shows that households in the US with marginal food security are more like food-insecure households than food-secure households. Similarities include socio-demographic characteristics, psychosocial profiles, and patterns of disease and health risk. Building on existing knowledge, we present new research on associations of marginal food security with health and developmental risks in young children (<48 mo) and health in their female caregivers. Marginal food security is positively associated with adverse health outcomes compared with food security, but the strength of the associations is weaker than that for food insecurity as usually defined in the US. Nonoverlapping CIs, when comparing odds of marginally food-secure children's fair/poor health and developmental risk and caregivers' depressive symptoms and fair/poor health with those in food-secure and -insecure families, indicate associations of marginal food security significantly and distinctly intermediate between those of food security and food insecurity. Evidence from reviewed research and the new research presented indicates that households with marginal food security should not be classified as food secure, as is the current practice, but should be reported in a separate discrete category. These findings highlight the potential underestimation of the prevalence of adverse health outcomes associated with exposure to lack of enough food for an active, healthy life in the US and indicate an even greater need for preventive action and policies to limit and reduce exposure among children and mothers.

Interparental Discord and Child Adjustment: Prospective Investigations of Emotional Security as an Explanatory Mechanism

ERIC Educational Resources Information Center

Cummings, E. Mark; Schermerhorn, Alice C.; Davies, Patrick T.; Goeke-Morey, Marcie C.; Cummings, Jennifer S.

2006-01-01

Advancing the process-oriented study of links between interparental discord and child adjustment, 2 multimethod prospective tests of emotional security as an explanatory mechanism are reported. On the basis of community samples, with waves spaced 2 years apart, Study 1 (113 boys and 113 girls, ages 9-18) identified emotional security as a mediator…

Toward Privacy-preserving Content Access Control for Information Centric Networking

DTIC Science & Technology

2014-03-01

REPORT Toward Privacy-preserving Content Access Control for Information Centric Networking 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: Information...regardless the security mechanisms provided by different content hosting servers. However, using ABE has a drawback that the enforced content access...Encryption (ABE) is a flexible approach to enforce the content access policies regardless the security mechanisms provided by different content hosting

49 CFR 451.7 - Alternative approval of existing containers.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.7 Alternative approval of existing containers. (a) Existing... 49 Transportation 6 2013-10-01 2013-10-01 false Alternative approval of existing containers. 451.7...

49 CFR 451.7 - Alternative approval of existing containers.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.7 Alternative approval of existing containers. (a) Existing... 49 Transportation 6 2011-10-01 2011-10-01 false Alternative approval of existing containers. 451.7...

49 CFR 451.7 - Alternative approval of existing containers.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.7 Alternative approval of existing containers. (a) Existing... 49 Transportation 6 2012-10-01 2012-10-01 false Alternative approval of existing containers. 451.7...

49 CFR 451.7 - Alternative approval of existing containers.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.7 Alternative approval of existing containers. (a) Existing... 49 Transportation 6 2014-10-01 2014-10-01 false Alternative approval of existing containers. 451.7...

49 CFR 451.7 - Alternative approval of existing containers.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., DEPARTMENT OF HOMELAND SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.7 Alternative approval of existing containers. (a) Existing... 49 Transportation 6 2010-10-01 2010-10-01 false Alternative approval of existing containers. 451.7...

Research on information security in big data era

NASA Astrophysics Data System (ADS)

Zhou, Linqi; Gu, Weihong; Huang, Cheng; Huang, Aijun; Bai, Yongbin

2018-05-01

Big data is becoming another hotspot in the field of information technology after the cloud computing and the Internet of Things. However, the existing information security methods can no longer meet the information security requirements in the era of big data. This paper analyzes the challenges and a cause of data security brought by big data, discusses the development trend of network attacks under the background of big data, and puts forward my own opinions on the development of security defense in technology, strategy and product.

Effectiveness of the Civil Aviation Security Program.

DTIC Science & Technology

1976-09-20

commerce--a pr per balance appears to exist. Moreover, airline and airport security programs appear to be capable of responding to changes in the nature...Moreover, airline and airport security programs appear to be capable of responding to changes in the nature and level of current and future threats. The...delays and diversions were experienced. Airline and airport security measures continued to afford the necessary level of protection to U.S. air

Modeling Security Bridge Certificate Authority Architecture

NASA Astrophysics Data System (ADS)

Ren, Yizhi; Li, Mingchu; Sakurai, Kouichi

Current Public Key Infrastructures suffer from a scaling problem, and some may have security problems, even given the topological simplification of bridge certification authorities. This paper analyzes the security problems in Bridge Certificate Authorities (BCA) model by using the concept of “impersonation risk, ” and proposes a new modified BCA model, which enhances its security, but is a bit more complex incertification path building and implementation than the existing one.

Aviation Security-Related Findings and Recommendations of the 9/11 Commission

DTIC Science & Technology

2005-03-30

The 9/11 Commission found that al Qaeda operatives exploited known weaknesses in U.S. aviation security to carry out the terrorist attacks of...September 11, 2001. While legislation and administration actions after September 11, 2001 were implemented to strengthen aviation security , the 9/11...Commission concluded that several weaknesses continue to exist. These include perceived vulnerabilities in cargo and general aviation security as well as

Federal Plan for Cyber Security and Information Assurance Research and Development

DTIC Science & Technology

2006-04-01

Security Systems 103 varieties of the BB84 scheme have been developed, and other forms of quantum key distribution have been proposed. Rapid progress has led... key . Capability Gaps Existing quantum cryptographic protocols may also have weaknesses. Although BB84 is generally regarded as secure , researchers...complement agency-specific prioritization and R&D planning efforts in cyber security and information assurance. The Plan also describes the key Federal

The Epistemic Representation of Information Flow Security in Probabilistic Systems

DTIC Science & Technology

1995-06-01

The new characterization also means that our security crite- rion is expressible in a simpler logic and model. 1 Introduction Multilevel security is...ber generator) during its execution. Such probabilistic choices are useful in a multilevel security context for Supported by grants HKUST 608/94E from... 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and

75 FR 28046 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-002...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-19

... nation's transportation systems to ensure freedom of movement for people and commerce. To achieve this.... Another routine use permits the release of information to the media when there exists a legitimate public... limited to, Social security number; pilot certificate information, including number and country of...

77 FR 2293 - Federal Open Market Committee; Domestic Policy Directive of December 13, 2011

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

..., Treasury securities with remaining maturities of approximately 6 years to 30 years with a total face value... total face value of $400 billion. The Committee also directs the Desk to maintain its existing policies... mortgage-backed securities in order to maintain the total face value of domestic securities at...

75 FR 14179 - Agency Information Collection Activities: Form I-9 CNMI; Revision to an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services [OMB Control No. 1615... Employment Eligibility Verification; OMB Control No. 1615- 0112. The Department of Homeland Security, U.S..., should be directed to the Department of Homeland Security (DHS), and to the Office of Management and...

Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

ERIC Educational Resources Information Center

Foltz, C. Bryan; Renwick, Janet S.

2011-01-01

The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

Company's Data Security - Case Study

NASA Astrophysics Data System (ADS)

Stera, Piotr

This paper describes a computer network and data security problems in an existing company. Two main issues were pointed out: data loss protection and uncontrolled data copying. Security system was designed and implemented. The system consists of many dedicated programs. This system protect from data loss and detected unauthorized file copying from company's server by a dishonest employee.

76 FR 17936 - Agency Information Collection Activities: Revision of an Existing Information Collection; Comment...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-31

... DEPARTMENT OF HOMELAND SECURITY United States Immigration and Customs Enforcement Agency... and Local Agency Assessment; OMB Control No. 1653-0040. The Department of Homeland Security, U.S... Security sponsoring the collection: Form 70-003, Form 70-004, Form 75-001 and Form 75-002; U.S. Immigration...

Password-only authenticated three-party key exchange with provable security in the standard model.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

Spline-Screw Payload-Fastening System

NASA Technical Reports Server (NTRS)

Vranish, John M.

1994-01-01

Payload handed off securely between robot and vehicle or structure. Spline-screw payload-fastening system includes mating female and male connector mechanisms. Clockwise (or counter-clockwise) rotation of splined male driver on robotic end effector causes connection between robot and payload to tighten (or loosen) and simultaneously causes connection between payload and structure to loosen (or tighten). Includes mechanisms like those described in "Tool-Changing Mechanism for Robot" (GSC-13435) and "Self-Aligning Mechanical and Electrical Coupling" (GSC-13430). Designed for use in outer space, also useful on Earth in applications needed for secure handling and secure mounting of equipment modules during storage, transport, and/or operation. Particularly useful in machine or robotic applications.

A Security-façade Library for Virtual-observatory Software

NASA Astrophysics Data System (ADS)

Rixon, G.

2009-09-01

The security-façade library implements, for Java, IVOA's security standards. It supports the authentication mechanisms for SOAP and REST web-services, the sign-on mechanisms (with MyProxy, AstroGrid Accounts protocol or local credential-caches), the delegation protocol, and RFC3820-enabled HTTPS for Apache Tomcat. Using the façade, a developer who is not a security specialist can easily add access control to a virtual-observatory service and call secured services from an application. The library has been an internal part of AstroGrid software for some time and it is now offered for use by other developers.

Seluge++: A Secure Over-the-Air Programming Scheme in Wireless Sensor Networks

PubMed Central

Doroodgar, Farzan; Razzaque, Mohammad Abdur; Isnin, Ismail Fauzi

2014-01-01

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge. PMID:24618781

Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

PubMed

Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

2014-03-11

Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

Security Policies for Mitigating the Risk of Load Altering Attacks on Smart Grid Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ryutov, Tatyana; AlMajali, Anas; Neuman, Clifford

2015-04-01

While demand response programs implement energy efficiency and power quality objectives, they bring potential security threats to the Smart Grid. The ability to influence load in a system enables attackers to cause system failures and impacts the quality and integrity of power delivered to customers. This paper presents a security mechanism to monitor and control load according to a set of security policies during normal system operation. The mechanism monitors, detects, and responds to load altering attacks. We examined the security requirements of Smart Grid stakeholders and constructed a set of load control policies enforced by the mechanism. We implementedmore » a proof of concept prototype and tested it using the simulation environment. By enforcing the proposed policies in this prototype, the system is maintained in a safe state in the presence of load drop attacks.« less

A Cluster-Based Framework for the Security of Medical Sensor Environments

NASA Astrophysics Data System (ADS)

Klaoudatou, Eleni; Konstantinou, Elisavet; Kambourakis, Georgios; Gritzalis, Stefanos

The adoption of Wireless Sensor Networks (WSNs) in the healthcare sector poses many security issues, mainly because medical information is considered particularly sensitive. The security mechanisms employed are expected to be more efficient in terms of energy consumption and scalability in order to cope with the constrained capabilities of WSNs and patients’ mobility. Towards this goal, cluster-based medical WSNs can substantially improve efficiency and scalability. In this context, we have proposed a general framework for cluster-based medical environments on top of which security mechanisms can rely. This framework fully covers the varying needs of both in-hospital environments and environments formed ad hoc for medical emergencies. In this paper, we further elaborate on the security of our proposed solution. We specifically focus on key establishment mechanisms and investigate the group key agreement protocols that can best fit in our framework.

Hazardous material transportation and the security externality : what should be done?

DOT National Transportation Integrated Search

2013-04-01

This project examined the safety and security externalities which exists in the : transportation of hazardous materials (particularly Toxic Inhalant Hazards) and : identified alterative mitigation strategies. The combination of terrorist attack...

26 CFR 301.6323(h)-1 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... financing security as a holder of a security interest, see § 301.6323(c)-1(e). (b) Mechanic's lienor—(1) In general. The term “mechanic's lienor” means any person who under local law has a lien on real property (or... in connection with the construction or improvement (including demolition) of the property. A mechanic...

26 CFR 301.6323(h)-1 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... financing security as a holder of a security interest, see § 301.6323(c)-1(e). (b) Mechanic's lienor—(1) In general. The term “mechanic's lienor” means any person who under local law has a lien on real property (or... in connection with the construction or improvement (including demolition) of the property. A mechanic...

26 CFR 301.6323(h)-1 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... financing security as a holder of a security interest, see § 301.6323(c)-1(e). (b) Mechanic's lienor—(1) In general. The term “mechanic's lienor” means any person who under local law has a lien on real property (or... in connection with the construction or improvement (including demolition) of the property. A mechanic...

Formalization of the Access Control on ARM-Android Platform with the B Method

NASA Astrophysics Data System (ADS)

Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

2018-01-01

ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

Epidermolysis bullosa care in Germany.

PubMed

Bruckner-Tuderman, Leena

2010-04-01

Until 2003, no structures existed in Germany for special care of patients with rare diseases, such as epidermolysis bullosa (EB). At that point, the Federal Ministry of Education and Research announced a clinical research program-networks for rare diseases. The Network Epidermolysis Bullosa (EB Network), coordinated from the Department of Dermatology, University Medical Center Freiburg, has operated since October 2003 with the goal of improving diagnostics and clinical management, elucidating disease mechanisms, and development of novel therapies for EB (www.netzwerk-eb.de). Future goals of the EB Network include securing the clinical-diagnostic and IT structures established with grant support and focusing research on molecular disease mechanisms in EB and novel biologically valid therapies. Intensive collaborations with other networks for rare genetic diseases will generate durable structures in Germany and form a basis for future international consortia. Copyright 2010 Elsevier Inc. All rights reserved.

Protection of data carriers using secure optical codes

NASA Astrophysics Data System (ADS)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

A European Perspective on Security Research

NASA Astrophysics Data System (ADS)

Liem, Khoen; Hiller, Daniel; Castex, Christoph

Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

PubMed Central

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-01

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

PubMed

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-06

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

Towards a Standard for Highly Secure SCADA Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlson, R.

1998-09-25

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied tomore » automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.« less

Derived virtual devices: a secure distributed file system mechanism

NASA Technical Reports Server (NTRS)

VanMeter, Rodney; Hotz, Steve; Finn, Gregory

1996-01-01

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

COVERING THE SEAMS IN U.S. NATIONAL SECURITY BY APPLYING NETWORK AND TEAM ATTRIBUTES

DTIC Science & Technology

2017-04-06

Today, one such weakness is the seams that exist in the system . Organizational criteria like geography , functions, and responsibilities often create...establishment by the National Security Act of 1947, the modern U.S. national security system has evolved as a result of legislation, presidential preference...and because of changes in the U.S. and international security environments. With each evolution, the system has found ways to function in dealing

Crosstalk: The Journal of Defense Software Engineering. Volume 22, Number 3

DTIC Science & Technology

2009-04-01

international standard for information security management systems like ISO /IEC 27001 :2005 [1] existed. Since that time, the organization has developed control...of ISO /IEC 27001 and the desire to make decisions based on business value and risk has prompted Ford’s IT Security and Controls organi- zation to begin...their conventional application security operation.u References 1. ISO /IEC 27001 :2005. “Information Technology – Security Techniques – Information

Precautionary Savings in Mexico: Evidence from the Mexican Health and Aging Study

PubMed Central

Velandia Naranjo, Durfari; van Gameren, Edwin

2016-01-01

Precautionary saving is the additional saving done by individuals to protect them financially in situations of uncertainty and reduce their vulnerability for negative shocks that may affect their consumption levels. This paper investigates the existence and extent of savings motivated by precaution in Mexico for people aged between 50 and 75, using data from the Mexican Health and Ageing Study 2003. The empirical strategy is based on a test of the direct relationship between the accumulated wealth and the uncertainty generated by the social security status, in particular the availability of health insurance, accounting also for the expectation to receive a retirement pension. The endogeneity-corrected estimates do not yield results that unequivocally support the existence of private savings as a risk protection mechanism, implying that the public protection system has an important role in reducing the vulnerability of the population studied. PMID:27698512

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

PubMed

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

PubMed Central

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-01-01

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism. PMID:26694409

75 FR 18867 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-011...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

... for people and commerce. To achieve this mission, TSA is required to develop and adapt its security... compromised. Another routine use permits the release of information to the media when there exists a... result of the suspected or confirmed compromise there is a risk of harm to economic or property interests...

77 FR 31015 - Federal Open Market Committee; Domestic Policy Directive of April 24-25, 2012

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-24

..., Treasury securities with remaining maturities of approximately 6 years to 30 years with a total face value... total face value of $400 billion. The Committee also directs the Desk to maintain its existing policies... mortgage-backed securities in order to maintain the total face value of domestic securities at...

17 CFR 240.12d2-2 - Removal from listing and registration.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of the Form 25 (Sec. 249.25 of this chapter) by an issuer relates solely to the withdrawal of a class... strike a class of securities from listing on a national securities exchange and/or registration under... informed that any of the following conditions exist with respect to such a security: (1) The entire class...

17 CFR 229.908 - (Item 908) Reasons for and alternatives to the roll-up transaction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... with their existing business plans, including the effects of such continuation and the material risks... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 908) Reasons for and alternatives to the roll-up transaction. 229.908 Section 229.908 Commodity and Securities Exchanges SECURITIES...

76 FR 23513 - Public and Closed Meeting To Discuss Comments on Draft Regulatory Basis for Rulemaking Revising...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-27

..., ``Security Performance (Adversary) Characteristics for Physical Security Programs for 10 CFR [Title 10 of the..., ``Physical Protection of Plants and Materials,'' that would apply during the storage of SNF at an ISFSI and... facilities licensed to store SNF through a combination of these existing security regulations and the...

Environmental security as related to scale mismatches of disturbance patterns in a panarchy of social-ecological landscapes

Treesearch

Giovanni Zurlini; Irene Petrosillo; Nicola Zaccarelli; Kurt Riitters

2008-01-01

Environmental security, as the opposite of environmental fragility (vulnerability), is multilayered, multi-scale and complex, existing in both the objective realm of biophysics and society, and the subjective realm of individual human perception. For ecological risk assessments (ERAs), the relevant objects of environmental security are social-ecological landscapes (...

76 FR 79536 - Security Zones; Captain of the Port Lake Michigan; Technical Amendment

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-22

... ACTION: Final rule. SUMMARY: The Coast Guard is revising the contact information for Security Zones in... Federal holidays. FOR FURTHER INFORMATION CONTACT: If you have questions on this rule, contact or email... exist in 33 CFR 165.910. Persons desiring to transit the areas of these security zones must contact the...

Addressing the Economic Security Issues Facing Same-Sex Couples.

ERIC Educational Resources Information Center

Dolan, Elizabeth M.; Stum, Marlene S.; Rupured, Michael

1999-01-01

Provides educators and researchers with an awareness of the financial security issues faced by same-sex couples and offers suggestions for incorporating the discussion of these ideas into existing curricula and research. (Author/JOW)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aderholdt, Ferrol; Caldwell, Blake A; Hicks, Susan Elaine

The purpose of this report is to clarify the challenges associated with storage for secure enclaves. The major focus areas for the report are: - review of relevant parallel filesystem technologies to identify assets and gaps; - review of filesystem isolation/protection mechanisms, to include native filesystem capabilities and auxiliary/layered techniques; - definition of storage architectures that can be used for customizable compute enclaves (i.e., clarification of use-cases that must be supported for shared storage scenarios); - investigate vendor products related to secure storage. This study provides technical details on the storage and filesystem used for HPC with particular attention onmore » elements that contribute to creating secure storage. We outline the pieces for a a shared storage architecture that balances protection and performance by leveraging the isolation capabilities available in filesystems and virtualization technologies to maintain the integrity of the data. Key Points: There are a few existing and in-progress protection features in Lustre related to secure storage, which are discussed in (Chapter 3.1). These include authentication capabilities like GSSAPI/Kerberos and the in-progress work for GSSAPI/Host-keys. The GPFS filesystem provides native support for encryption, which is not directly available in Lustre. Additionally, GPFS includes authentication/authorization mechanisms for inter-cluster sharing of filesystems (Chapter 3.2). The limitations of key importance for secure storage/filesystems are: (i) restricting sub-tree mounts for parallel filesystem (which is not directly supported in Lustre or GPFS), and (ii) segregation of hosts on the storage network and practical complications with dynamic additions to the storage network, e.g., LNET. A challenge for VM based use cases will be to provide efficient IO forwarding of the parallel filessytem from the host to the guest (VM). There are promising options like para-virtualized filesystems to help with this issue, which are a particular instances of the more general challenge of efficient host/guest IO that is the focus of interfaces like virtio. A collection of bridging technologies have been identified in Chapter 4, which can be helpful to overcome the limitations and challenges of supporting efficient storage for secure enclaves. The synthesis of native filesystem security mechanisms and bridging technologies led to an isolation-centric storage architecture that is proposed in Chapter 5, which leverages isolation mechanisms from different layers to facilitate secure storage for an enclave. Recommendations: The following highlights recommendations from the investigations done thus far. - The Lustre filesystem offers excellent performance but does not support some security related features, e.g., encryption, that are included in GPFS. If encryption is of paramount importance, then GPFS may be a more suitable choice. - There are several possible Lustre related enhancements that may provide functionality of use for secure-enclaves. However, since these features are not currently integrated, the use of Lustre as a secure storage system may require more direct involvement (support). (*The network that connects the storage subsystem and users, e.g., Lustre s LNET.) - The use of OpenStack with GPFS will be more streamlined than with Lustre, as there are available drivers for GPFS. - The Manilla project offers Filesystem as a Service for OpenStack and is worth further investigation. Manilla has some support for GPFS. - The proposed Lustre enhancement of Dynamic-LNET should be further investigated to provide more dynamic changes to the storage network which could be used to isolate hosts and their tenants. - The Linux namespaces offer a good solution for creating efficient restrictions to shared HPC filesystems. However, we still need to conduct a thorough round of storage/filesystem benchmarks. - Vendor products should be more closely reviewed, possibly to include evaluation of performance/protection of select products. (Note, we are investigation the option of evaluating equipment from Seagate/Xyratex.) Outline: The remainder of this report is structured as follows: - Section 1: Describes the growing importance of secure storage architectures and highlights some challenges for HPC. - Section 2: Provides background information on HPC storage architectures, relevant supporting technologies for secure storage and details on OpenStack components related to storage. Note, that background material on HPC storage architectures in this chapter can be skipped if the reader is already familiar with Lustre and GPFS. - Section 3: A review of protection mechanisms in two HPC filesystems; details about available isolation, authentication/authorization and performance capabilities are discussed. - Section 4: Describe technologies that can be used to bridge gaps in HPC storage and filesystems to facilitate...« less

Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup

NASA Astrophysics Data System (ADS)

Kuo, Cynthia; Walker, Jesse; Perrig, Adrian

Bluetooth Simple Pairing and Wi-Fi Protected Setup specify mechanisms for exchanging authentication credentials in wireless networks. Both Simple Pairing and Protected Setup support multiple setup mechanisms, which increases security risks and hurts the user experience. To improve the security and usability of these specifications, we suggest defining a common baseline for hardware features and a consistent, interoperable user experience across devices.

The Effects of Temperature on Political Violence: Global Evidence at the Subnational Level

PubMed Central

Bollfrass, Alexander; Shaver, Andrew

2015-01-01

A number of studies have demonstrated an empirical relationship between higher ambient temperatures and substate violence, which have been extrapolated to make predictions about the security implications of climate change. This literature rests on the untested assumption that the mechanism behind the temperature-conflict link is that disruption of agricultural production provokes local violence. Using a subnational-level dataset, this paper demonstrates that the relationship: (1) obtains globally, (2) exists at the substate level — provinces that experience positive temperature deviations see increased conflict; and (3) occurs even in regions without significant agricultural production. Diminished local farm output resulting from elevated temperatures is unlikely to account for the entire increase in substate violence. The findings encourage future research to identify additional mechanisms, including the possibility that a substantial portion of the variation is brought about by the well-documented direct effects of temperature on individuals' propensity for violence or through macroeconomic mechanisms such as food price shocks. PMID:25992616

Confidence building measures at sea:opportunities for India and Pakistan.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Vohra, Ravi Bhushan Rear Admiral; ); Ansari, Hasan Masood Rear Admiral

2003-12-01

The sea presents unique possibilities for implementing confidence building measures (CBMs) between India and Pakistan that are currently not available along the contentious land borders surrounding Jammu and Kashmir. This is due to the nature of maritime issues, the common military culture of naval forces, and a less contentious history of maritime interaction between the two nations. Maritime issues of mutual concern provide a strong foundation for more far-reaching future CBMs on land, while addressing pressing security, economic, and humanitarian needs at sea in the near-term. Although Indian and Pakistani maritime forces currently have stronger opportunities to cooperate with onemore » another than their counterparts on land, reliable mechanisms to alleviate tension or promote operational coordination remain non-existent. Therefore, possible maritime CBMs, as well as pragmatic mechanisms to initiate and sustain cooperation, require serious examination. This report reflects the unique joint research undertaking of two retired Senior Naval Officers from both India and Pakistan, sponsored by the Cooperative Monitoring Center of the International Security Center at Sandia National Laboratories. Research focuses on technology as a valuable tool to facilitate confidence building between states having a low level of initial trust. Technical CBMs not only increase transparency, but also provide standardized, scientific means of interacting on politically difficult problems. Admirals Vohra and Ansari introduce technology as a mechanism to facilitate consistent forms of cooperation and initiate discussion in the maritime realm. They present technical CBMs capable of being acted upon as well as high-level political recommendations regarding the following issues: (1) Delimitation of the maritime boundary between India and Pakistan and its relationship to the Sir Creek dispute; (2) Restoration of full shipping links and the security of ports and cargos; (3) Fishing within disputed areas and resolution of issues relating to arrest and repatriation of fishermen from both sides; and (4) Naval and maritime agency interaction and possibilities for cooperation.« less

Study on the early warning mechanism for the security of blast furnace hearths

NASA Astrophysics Data System (ADS)

Zhao, Hong-bo; Huo, Shou-feng; Cheng, Shu-sen

2013-04-01

The campaign life of blast furnace (BF) hearths has become the limiting factor for safety and high efficiency production of modern BFs. However, the early warning mechanism of hearth security has not been clear. In this article, based on heat transfer calculations, heat flux and erosion monitoring, the features of heat flux and erosion were analyzed and compared among different types of hearths. The primary detecting elements, mathematical models, evaluating standards, and warning methods were discussed. A novel early warning mechanism with the three-level quantificational standards was proposed for BF hearth security.

Transportation Security Administration in Defense of the National Aviation Infrastructure

DTIC Science & Technology

2009-02-12

evidence suggests a hole exists within our airport security process. That hole may be caused by an over-reliance on technology and a blatant disregard of...environment enables BDOs to operate with increased effectiveness.11 Technology. Three major tools sit at the airport security technology forefront...Through Covert Testing of TSA’s Passenger Screening Process, GAO‐08‐48T, 15 Nov 07, 2. 16 Orlando News, “TSA Workers Skipping Orlando Airport Security Causes

33 CFR 106.262 - Security measures for newly-hired employees.

Code of Federal Regulations, 2010 CFR

2010-07-01

... following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil): (i) Full legal name, including middle name if one exists; (ii) Date of birth; (iii) Social security...

33 CFR 106.262 - Security measures for newly-hired employees.

Code of Federal Regulations, 2011 CFR

2011-07-01

... following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil): (i) Full legal name, including middle name if one exists; (ii) Date of birth; (iii) Social security...

77 FR 27492 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-10

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request....), the Securities and Exchange Commission (the ``Commission'') is soliciting comments on the collection of information summarized below. The Commission plans to submit this existing collection of...

Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

PubMed

Mishra, Dheerendra

2015-03-01

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

Are Food Insecurity’s Health Impacts Underestimated in the U.S. Population? Marginal Food Security Also Predicts Adverse Health Outcomes in Young U.S. Children and Mothers123

PubMed Central

Cook, John T.; Black, Maureen; Chilton, Mariana; Cutts, Diana; Ettinger de Cuba, Stephanie; Heeren, Timothy C.; Rose-Jacobs, Ruth; Sandel, Megan; Casey, Patrick H.; Coleman, Sharon; Weiss, Ingrid; Frank, Deborah A.

2013-01-01

This review addresses epidemiological, public health, and social policy implications of categorizing young children and their adult female caregivers in the United States as food secure when they live in households with “marginal food security,” as indicated by the U.S. Household Food Security Survey Module. Existing literature shows that households in the US with marginal food security are more like food-insecure households than food-secure households. Similarities include socio-demographic characteristics, psychosocial profiles, and patterns of disease and health risk. Building on existing knowledge, we present new research on associations of marginal food security with health and developmental risks in young children (<48 mo) and health in their female caregivers. Marginal food security is positively associated with adverse health outcomes compared with food security, but the strength of the associations is weaker than that for food insecurity as usually defined in the US. Nonoverlapping CIs, when comparing odds of marginally food-secure children’s fair/poor health and developmental risk and caregivers’ depressive symptoms and fair/poor health with those in food-secure and -insecure families, indicate associations of marginal food security significantly and distinctly intermediate between those of food security and food insecurity. Evidence from reviewed research and the new research presented indicates that households with marginal food security should not be classified as food secure, as is the current practice, but should be reported in a separate discrete category. These findings highlight the potential underestimation of the prevalence of adverse health outcomes associated with exposure to lack of enough food for an active, healthy life in the US and indicate an even greater need for preventive action and policies to limit and reduce exposure among children and mothers. PMID:23319123

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods

PubMed Central

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users’ security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users’ behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals’ awareness of the consequences of security threats. By comparing participants’ behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users’ security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones. PMID:28297719

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods.

PubMed

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users' security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users' behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals' awareness of the consequences of security threats. By comparing participants' behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users' security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones.

Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks

PubMed Central

Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

2017-01-01

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users’ medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs’ applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs’ deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models. PMID:28475110

Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks.

PubMed

Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

2017-05-05

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.

75 FR 20401 - Self-Regulatory Organizations; NYSE Amex LLC; Notice of Filing of Proposed Rule Change, and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-19

... Nasdaq Securities within the existing DMM and SLP framework used to trade its listed securities. The... substantially similar to the Exchange's current SLP procedures in Rule 107B--NYSE Amex Equities. See proposed..., reassign one or more Nasdaq Securities to a different DMM Unit or to a different SLP or SLPs. a. Assignment...

76 FR 67731 - Federal Open Market Committee; Domestic Policy Directive of September 20 and 21, 2011

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-02

..., Treasury securities with remaining maturities of approximately 6 years to 30 years with a total face value... total face value of $400 billion. The Committee also directs the Desk to maintain its existing policy of...- backed securities in order to maintain the total face value of domestic securities at approximately $2.6...

Effectiveness of Using a Change Management Approach to Convey the Benefits of an Information Security Implementation to Technology Users

ERIC Educational Resources Information Center

Bennett, Jeannine B.

2012-01-01

This study addressed the problems associated with users' understanding, accepting, and complying with requirements of security-oriented solutions. The goal of the research was not to dispute existing theory on IT project implementations, but rather to further the knowledge on the topic of technology user acceptance of security-oriented IT…

Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

PubMed Central

Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

Risk assessment for physical and cyber attacks on critical infrastructures.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.

2005-08-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results ofmore » a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.« less

77 FR 54938 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-06

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the collection of information summarized below. The Commission plans to submit this existing collection of information to the Office of...

77 FR 54939 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-06

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the collection of information summarized below. The Commission plans to submit this existing collection of information to the Office of...

Organizational Culture for Safety, Security, and Safeguards in New Nuclear Power Countries

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kovacic, Donald N

2015-01-01

This chapter will contain the following sections: Existing international norms and standards for developing the infrastructure to support new nuclear power programs The role of organizational culture and how it supports the safe, secure, and peaceful application of nuclear power Identifying effective and efficient strategies for implementing safety, security and safeguards in nuclear operations Challenges identified in the implementation of safety, security and safeguards Potential areas for future collaboration between countries in order to support nonproliferation culture

Toward effectiveness and agility of network security situational awareness using moving target defense (MTD)

NASA Astrophysics Data System (ADS)

Ge, Linqiang; Yu, Wei; Shen, Dan; Chen, Genshe; Pham, Khanh; Blasch, Erik; Lu, Chao

2014-06-01

Most enterprise networks are built to operate in a static configuration (e.g., static software stacks, network configurations, and application deployments). Nonetheless, static systems make it easy for a cyber adversary to plan and launch successful attacks. To address static vulnerability, moving target defense (MTD) has been proposed to increase the difficulty for the adversary to launch successful attacks. In this paper, we first present a literature review of existing MTD techniques. We then propose a generic defense framework, which can provision an incentive-compatible MTD mechanism through dynamically migrating server locations. We also present a user-server mapping mechanism, which not only improves system resiliency, but also ensures network performance. We demonstrate a MTD with a multi-user network communication and our data shows that the proposed framework can effectively improve the resiliency and agility of the system while achieving good network timeliness and throughput performance.

Multilayer Statistical Intrusion Detection in Wireless Networks

NASA Astrophysics Data System (ADS)

Hamdi, Mohamed; Meddeb-Makhlouf, Amel; Boudriga, Noureddine

2008-12-01

The rapid proliferation of mobile applications and services has introduced new vulnerabilities that do not exist in fixed wired networks. Traditional security mechanisms, such as access control and encryption, turn out to be inefficient in modern wireless networks. Given the shortcomings of the protection mechanisms, an important research focuses in intrusion detection systems (IDSs). This paper proposes a multilayer statistical intrusion detection framework for wireless networks. The architecture is adequate to wireless networks because the underlying detection models rely on radio parameters and traffic models. Accurate correlation between radio and traffic anomalies allows enhancing the efficiency of the IDS. A radio signal fingerprinting technique based on the maximal overlap discrete wavelet transform (MODWT) is developed. Moreover, a geometric clustering algorithm is presented. Depending on the characteristics of the fingerprinting technique, the clustering algorithm permits to control the false positive and false negative rates. Finally, simulation experiments have been carried out to validate the proposed IDS.

49 CFR 393.134 - What are the rules for securing roll-on/roll-off or hook lift containers?

Code of Federal Regulations, 2014 CFR

2014-10-01

... which is not equipped with an integral securement system must be: (1) Blocked against forward movement... least as effectively as the tiedowns in the two previous items. (4) The mechanisms used to secure the... secure the container to the vehicle, providing the same level of securement as the missing, damaged or...

49 CFR 393.134 - What are the rules for securing roll-on/roll-off or hook lift containers?

Code of Federal Regulations, 2012 CFR

2012-10-01

... which is not equipped with an integral securement system must be: (1) Blocked against forward movement... least as effectively as the tiedowns in the two previous items. (4) The mechanisms used to secure the... secure the container to the vehicle, providing the same level of securement as the missing, damaged or...

33 CFR 175.135 - Existing equipment.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Existing equipment. 175.135 Section 175.135 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY EQUIPMENT REQUIREMENTS Visual Distress Signals § 175.135 Existing equipment. Launchers...

33 CFR 175.135 - Existing equipment.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Existing equipment. 175.135 Section 175.135 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY EQUIPMENT REQUIREMENTS Visual Distress Signals § 175.135 Existing equipment. Launchers...

33 CFR 175.135 - Existing equipment.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Existing equipment. 175.135 Section 175.135 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY EQUIPMENT REQUIREMENTS Visual Distress Signals § 175.135 Existing equipment. Launchers...

33 CFR 175.135 - Existing equipment.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Existing equipment. 175.135 Section 175.135 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY EQUIPMENT REQUIREMENTS Visual Distress Signals § 175.135 Existing equipment. Launchers...

33 CFR 175.135 - Existing equipment.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Existing equipment. 175.135 Section 175.135 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY EQUIPMENT REQUIREMENTS Visual Distress Signals § 175.135 Existing equipment. Launchers...

5 CFR 9701.506 - Impact on existing agreements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Impact on existing agreements. 9701.506 Section 9701.506 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT... HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.506 Impact on existing agreements...

An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks.

PubMed

Kim, Ki-Wook; Han, Youn-Hee; Min, Sung-Gi

2017-09-21

Many Internet of Things (IoT) services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM) mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism.

An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks

PubMed Central

Han, Youn-Hee; Min, Sung-Gi

2017-01-01

Many Internet of Things (IoT) services utilize an IoT access network to connect small devices with remote servers. They can share an access network with standard communication technology, such as IEEE 802.11ah. However, an authentication and key management (AKM) mechanism for resource constrained IoT devices using IEEE 802.11ah has not been proposed as yet. We therefore propose a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 key management with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network domain and the IoT service domain. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 Key Management with the IEEE 802.1X authentication mechanism. PMID:28934152

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

78 FR 49307 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-13

... Copies Available From: Securities and Exchange Commission, Office of Filings and Information Services... Securities and Exchange Commission (``Commission'') is soliciting comments on the collection of information summarized below. The Commission plans to submit this existing collection of information to the Office of...

Computers Launch Faster, Better Job Matching

ERIC Educational Resources Information Center

Stevenson, Gloria

1976-01-01

Employment Security Automation Project (ESAP), a five-year program sponsored by the Employment and Training Administration, features an innovative computer-assisted job matching system and instantaneous computer-assisted service for unemployment insurance claimants. ESAP will also consolidate existing automated employment security systems to…

511, America's traveler information number. Deployment assistance report #3, 511 and homeland security.

DOT National Transportation Integrated Search

2002-06-01

Today, transportation agencies are beginning to address the need for threat and vulnerability assessments, and re-examine how existing emergency management plans will be implemented during a homeland security emergency or alert. Travel information is...

5 CFR 175.102 - Requests for the declassification of documents.

Code of Federal Regulations, 2011 CFR

2011-01-01

... classified for national security purposes by the Civil Service Commission. The Office of Personnel Management... applicable law. (c) No OPM official will refuse to confirm the existence or non-existence of any document..., unless the fact of its existence or non-existence would itself be classifiable under the Executive order...

Clarifying Resilience in the Context of Homeland Security

DTIC Science & Technology

2013-03-01

Resilience Is a Complex Adaptive System of Systems ( CASoS ) ....60 4. Resilience Is Experienced and Demonstrated in Different Ways ..60 5. Resilience Is...The inclusion of a resilience module into existing homeland security training programs broadens the practitioner’s knowledge base from a basic level...psychology offer several considerations for the homeland security practitioner. The first consideration maintains that a de -emphasis on the

The Arctic Region: A Requirement for New Security Architecture?

DTIC Science & Technology

2013-03-01

cooperation and mutually beneficial partnerships . Denmark’s security policy states that existing international law and established forums of cooperation...increase leadership in multinational forum and, develop comprehensive partnerships without the need to create a new security organization. Figure 3...Arctic region. Endnotes 1 Government of Canada, “Canada’s Arctic foreign policy” (Ottawa, Canada, 2007), 2. 2 WWF Global, “Arctic oil and gas”, http

Considering IIOT and security for the DoD

NASA Astrophysics Data System (ADS)

Klawon, Kevin; Gold, Josh; Bachman, Kristen; Landoll, Darren

2016-05-01

The Internet of Things (IoT) has come of age and domestic and industrial devices are all "smart". But how can they be universally classified and queried? How do we know that the underlying architecture is secure enough to deploy on a defense network? By leverage existing platforms designed for interoperability, extensibility, and security that can manage data across multiple domains and runs on any platform.

Shaping the Future: A Holistic Approach to Planning

DTIC Science & Technology

1992-03-01

history. Revolutionary changes affect the world’s political , economic, and security systems. Because of these changes, the opportuni ty exists to...paralyze our thinking, cause us to muddle through, or vigorously attempt to shape the future. Change causes macro-economic, social, political , and...purposes of this paper, in military and security matters. Today, for example, the United States’ national security relates to domestic politics , global

Precision positioning device

DOEpatents

McInroy, John E.

2005-01-18

A precision positioning device is provided. The precision positioning device comprises a precision measuring/vibration isolation mechanism. A first plate is provided with the precision measuring mean secured to the first plate. A second plate is secured to the first plate. A third plate is secured to the second plate with the first plate being positioned between the second plate and the third plate. A fourth plate is secured to the third plate with the second plate being positioned between the third plate and the fourth plate. An adjusting mechanism for adjusting the position of the first plate, the second plate, the third plate, and the fourth plate relative to each other.

Information Systems Security Management: A Review and a Classification of the ISO Standards

NASA Astrophysics Data System (ADS)

Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

Redundancy of Supply in the International Nuclear Fuel Fabrication Market: Are Fabrication Services Assured?

DOE Office of Scientific and Technical Information (OSTI.GOV)

Seward, Amy M.; Toomey, Christopher; Ford, Benjamin E.

2011-11-14

For several years, Pacific Northwest National Laboratory (PNNL) has been assessing the reliability of nuclear fuel supply in support of the U.S. Department of Energy/National Nuclear Security Administration. Three international low enriched uranium reserves, which are intended back up the existing and well-functioning nuclear fuel market, are currently moving toward implementation. These backup reserves are intended to provide countries credible assurance that of the uninterrupted supply of nuclear fuel to operate their nuclear power reactors in the event that their primary fuel supply is disrupted, whether for political or other reasons. The efficacy of these backup reserves, however, may bemore » constrained without redundant fabrication services. This report presents the findings of a recent PNNL study that simulated outages of varying durations at specific nuclear fuel fabrication plants. The modeling specifically enabled prediction and visualization of the reactors affected and the degree of fuel delivery delay. The results thus provide insight on the extent of vulnerability to nuclear fuel supply disruption at the level of individual fabrication plants, reactors, and countries. The simulation studies demonstrate that, when a reasonable set of qualification criteria are applied, existing fabrication plants are technically qualified to provide backup fabrication services to the majority of the world's power reactors. The report concludes with an assessment of the redundancy of fuel supply in the nuclear fuel market, and a description of potential extra-market mechanisms to enhance the security of fuel supply in cases where it may be warranted. This report is an assessment of the ability of the existing market to respond to supply disruptions that occur for technical reasons. A forthcoming report will address political disruption scenarios.« less

Obsessive-compulsive disorder as a disturbance of security motivation: constraints on comorbidity.

PubMed

Szechtman, H; Woody, E Z

2006-10-01

Patients with OCD often meet criteria for additional psychiatric disorders, with the incidence of comorbidity being as high as 75% in some studies. Here we examine the theoretical plausibility that in OCD much of the domain of co-morbid presentations encompasses related perturbations of the security motivation system. According to a recent proposal, the security motivation system represents a biologically primitive special motivation that is activated by potential (as opposed to imminent) danger to self or intimate others and engages a set of specialized species-typical behaviors (such as checking and washing) to handle potential danger. Because the task of security motivation is open ended, in the sense that no consummatory stimuli can exist in the real world to indicate the absence of potential danger, the shutdown of security motivation is produced by a self-generated feeling of knowing, a satiety signal termed yedasentience. In this schema, OCD results from a failure to generate or respond to the yedasentience signal: without this negative feedback the patient persists abnormally long in a strong motivational state having to do with primal, basic threats to existence, a condition that leads to prolonged engagement in security-related behaviors, such as the checking and washing, characteristic of OCD compulsions and obsessions. Considering the proposed neuronatomy of security motivation system and OCD, we discuss the likelihood that the phenomenon of "spread of allied reflexes" can produce other security-related psychiatric conditions, as well as the possibility that disturbances along different pathways of the security motivation system can lead to apparently different disorders.

50 CFR 540.3 - Procedures.

Code of Federal Regulations, 2011 CFR

2011-10-01

... and Fisheries MARINE MAMMAL COMMISSION INFORMATION SECURITY § 540.3 Procedures. (a) Mandatory... all requests for national security information in its custody to the Federal agency that classified it...-existence of a document requested under the Freedom of Information Act or the mandatory review provisions of...

50 CFR 540.3 - Procedures.

Code of Federal Regulations, 2010 CFR

2010-10-01

... and Fisheries MARINE MAMMAL COMMISSION INFORMATION SECURITY § 540.3 Procedures. (a) Mandatory... all requests for national security information in its custody to the Federal agency that classified it...-existence of a document requested under the Freedom of Information Act or the mandatory review provisions of...

Secondary Market Disclosure.

ERIC Educational Resources Information Center

Jones, Robert J.; Zehner, Mark R.

1996-01-01

In late 1994, the United States Securities and Exchange Commission (SEC) issued new rules applicable to issuers of municipal securities (including school districts) concerning disclosure to the investment community. Describes how SEC's existing Rule 15c2-12 has been implemented. Discusses its purpose, jurisdiction, obligated persons, written…

Safeguarding Digital Library Contents: Charging for Online Content.

ERIC Educational Resources Information Center

Herzberg, Amir

1998-01-01

Investigates the need for mechanisms for charging by digital libraries and other providers of online content, in particular for micropayments, i.e., charging for small amounts. The SSL (Secure Socket Layer) and SET (Secure Electronic Transactions) protocols for charge card payments and the MiniPay micropayment mechanism for charging small amounts…

33 CFR 143.201 - Existing MODUs exempted from new design requirements.

Code of Federal Regulations, 2010 CFR

2010-07-01

... HOMELAND SECURITY (CONTINUED) OUTER CONTINENTAL SHELF ACTIVITIES DESIGN AND EQUIPMENT Mobile Offshore Drilling Units § 143.201 Existing MODUs exempted from new design requirements. Any mobile offshore drilling...

Autism, attachment, and social learning: Three challenges and a way forward.

PubMed

Vivanti, Giacomo; Nuske, Heather J

2017-05-15

We explore three challenges that Autism Spectrum Disorder (ASD) poses to our understanding of the processes underlying early attachment. First, while caregiver-infant attachment and later social-affiliative behavior share common biobehavioral mechanisms, individuals with ASD are able to form secure attachment relationships, despite reduced social-emotional reciprocity and motivation for social interaction. Therefore, disruptions in social affiliation mechanisms can co-exist with secure caregiver-infant bonding. Second, while early attachment quality is associated with later social outcomes in typical development, interventions targeting caregiver-child interaction in ASD often show positive effects on parental responsivity and attachment quality, but not on child social behavior. Therefore, improvements in parent-child bonding do not necessarily result in improvements in social functioning in ASD. Third, individuals with ASD show normative brain activity and selective social affiliative behaviors in response to people that they know but not to unfamiliar people. We propose a conceptual framework to reformulate and address these three theoretical impasses posed by ASD, arguing that the dissociable pathways of child-parent bonding and social development in ASD are shaped by (1) a dissociation between externally-driven and internally-driven attachment responses and (2) atypical learning dynamics occurring during child-caregiver bonding episodes, which are governed by and influence social-affiliation motives and other operant contingencies. Copyright © 2016 Elsevier B.V. All rights reserved.

A new feature detection mechanism and its application in secured ECG transmission with noise masking.

PubMed

Sufi, Fahim; Khalil, Ibrahim

2009-04-01

With cardiovascular disease as the number one killer of modern era, Electrocardiogram (ECG) is collected, stored and transmitted in greater frequency than ever before. However, in reality, ECG is rarely transmitted and stored in a secured manner. Recent research shows that eavesdropper can reveal the identity and cardiovascular condition from an intercepted ECG. Therefore, ECG data must be anonymized before transmission over the network and also stored as such in medical repositories. To achieve this, first of all, this paper presents a new ECG feature detection mechanism, which was compared against existing cross correlation (CC) based template matching algorithms. Two types of CC methods were used for comparison. Compared to the CC based approaches, which had 40% and 53% misclassification rates, the proposed detection algorithm did not perform any single misclassification. Secondly, a new ECG obfuscation method was designed and implemented on 15 subjects using added noises corresponding to each of the ECG features. This obfuscated ECG can be freely distributed over the internet without the necessity of encryption, since the original features needed to identify personal information of the patient remain concealed. Only authorized personnel possessing a secret key will be able to reconstruct the original ECG from the obfuscated ECG. Distribution of the would appear as regular ECG without encryption. Therefore, traditional decryption techniques including powerful brute force attack are useless against this obfuscation.

The development of health care data warehouses to support data mining.

PubMed

Lyman, Jason A; Scully, Kenneth; Harrison, James H

2008-03-01

Clinical data warehouses offer tremendous benefits as a foundation for data mining. By serving as a source for comprehensive clinical and demographic information on large patient populations, they streamline knowledge discovery efforts by providing standard and efficient mechanisms to replace time-consuming and expensive original data collection, organization, and processing. Building effective data warehouses requires knowledge of and attention to key issues in database design, data acquisition and processing, and data access and security. In this article, the authors provide an operational and technical definition of data warehouses, present examples of data mining projects enabled by existing data warehouses, and describe key issues and challenges related to warehouse development and implementation.

Complexity Science: A Mechanism for Strategic Foresight and Resiliency in National Security Decision-Making.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ackermann, Mark R.; Hayden, Nancy Kay; Backus, George A.

Most national policy decisions are complex with a variety of stakeholders, disparate interests and the potential for unintended consequences. While a number of analytical tools exist to help decision makers sort through the mountains of data and myriad of options, decision support teams are increasingly turning to complexity science for improved analysis and better insight into the potential impact of policy decisions. While complexity science has great potential, it has only proven useful in limited case s and when properly applied. In advance of more widespread use, a national - level effort to refine complexity science and more rigorously establishmore » its technical underpinnings is recommended.« less

Attachment-Based Family Therapy: A Review of the Empirical Support.

PubMed

Diamond, Guy; Russon, Jody; Levy, Suzanne

2016-09-01

Attachment-based family therapy (ABFT) is an empirically supported treatment designed to capitalize on the innate, biological desire for meaningful and secure relationships. The therapy is grounded in attachment theory and provides an interpersonal, process-oriented, trauma-focused approach to treating adolescent depression, suicidality, and trauma. Although a process-oriented therapy, ABFT offers a clear structure and road map to help therapists quickly address attachment ruptures that lie at the core of family conflict. Several clinical trials and process studies have demonstrated empirical support for the model and its proposed mechanism of change. This article provides an overview of the clinical model and the existing empirical support for ABFT. © 2016 Family Process Institute.

Privacy, security and access with sensitive health information.

PubMed

Croll, Peter

2010-01-01

This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

Verification of Security Policy Enforcement in Enterprise Systems

NASA Astrophysics Data System (ADS)

Gupta, Puneet; Stoller, Scott D.

Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request’s path through the system; and its enforcement point and enforcement mechanism may be unspecified. Enforcement of a high-level policy may depend on the system architecture and the configurations of a variety of security mechanisms, such as firewalls, host login permissions, file permissions, DBMS access control, and application-specific security mechanisms. This paper presents a framework in which all of these can be conveniently and formally expressed, a method to verify that a high-level policy is enforced, and an algorithm to determine a trusted computing base for each resource.

Measuring Transnational Organized Crime Threats to US National Security

DTIC Science & Technology

2016-05-26

typology is not designed to score TOC networks, so it is not an obvious choice, but it could be easily modified by the TMWG to rank-order TOC networks...States Strategy to Combat Transnational Organized Crime (SCTOC). The strategy identified Transnational Organized Crime ( TOC ) as a national security...identify the TOC groups that present the national security threat defined in the SCTOC? A literature review of existing organized crime assessments

Towards a Cross-Domain MapReduce Framework

DTIC Science & Technology

2013-11-01

These Big Data applications typically run as a set of MapReduce jobs to take advantage of Hadoop’s ease of service deployment and large-scale...parallelism. Yet, Hadoop has not been adapted for multilevel secure (MLS) environments where data of different security classifications co-exist. To solve...multilevel security. I. INTRODUCTION The US Department of Defense (DoD) and US Intelligence Community (IC) recognize they have a Big Data problem

31 CFR 306.127 - Preservation of existing rights.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 31 Money and Finance: Treasury 2 2010-07-01 2010-07-01 false Preservation of existing rights. 306.127 Section 306.127 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued.... SECURITIES Miscellaneous Provisions § 306.127 Preservation of existing rights. Nothing contained in these...

46 CFR 4.05-25 - Reports when state of war exists.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 1 2010-10-01 2010-10-01 false Reports when state of war exists. 4.05-25 Section 4.05-25 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY PROCEDURES APPLICABLE TO THE PUBLIC MARINE... war exists. During the period when a state of war exists between the United States and any foreign...

26 CFR 1.414(c)-6 - Effective date.

Code of Federal Regulations, 2011 CFR

2011-04-01

..., 1974. (b) Existing plans. In the case of a plan in existence on January 1, 1974, unless paragraph (c... § 1.410(a)-2(c). (c) Existing plans electing new provisions. In the case of a plan in existence on....410 (a)-2 (d). (d) Application. For purposes of the Employee Retirement Income Security Act of 1974...

26 CFR 1.414(c)-6 - Effective date.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., 1974. (b) Existing plans. In the case of a plan in existence on January 1, 1974, unless paragraph (c... § 1.410(a)-2(c). (c) Existing plans electing new provisions. In the case of a plan in existence on....410 (a)-2 (d). (d) Application. For purposes of the Employee Retirement Income Security Act of 1974...

Global water risks and national security: Building resilience (Invited)

NASA Astrophysics Data System (ADS)

Pulwarty, R. S.

2013-12-01

The UN defines water security as the capacity of a population to safeguard sustainable access to adequate quantities of acceptable quality water for sustaining livelihoods, human well-being, and socio-economic development, for ensuring protection against water-borne pollution and water-related disasters, and for preserving ecosystems in a climate of peace and political stability. This definition highlights complex and interconnected challenges and underscores the centrality of water for environmental services and human aactivities. Global risks are expressed at the national level. The 2010 Quadrennial Defense Review and the 2010 National Security Strategy identify climate change as likely to trigger outcomes that will threaten U.S. security including how freshwater resources can become a security issue. Impacts will be felt on the National Security interest through water, food and energy security, and critical infrastructure. This recognition focuses the need to consider the rates of change in climate extremes, in the context of more traditional political, economic, and social indicators that inform security analyses. There is a long-standing academic debate over the extent to which resource constraints and environmental challenges lead to inter-state conflict. It is generally recognized that water resources as a security issue to date exists mainly at the substate level and has not led to physical conflict between nation states. In conflict and disaster zones, threats to water security increase through inequitable and difficult access to water supply and related services, which may aggravate existing social fragility, tensions, violence, and conflict. This paper will (1) Outline the dimensions of water security and its links to national security (2) Analyze water footprints and management risks for key basins in the US and around the world, (3) map the link between global water security and national concerns, drawing lessons from the drought of 2012 and elsewhere, and (3) Identify preventable risks, public leadership and private innovation needed for developing adaptive water resource management institutions that take advantage of climate and hydrologic information and changes. The presentation will conclude with a preliminary framework for assessing and implementing water security measures given insecure conditions introduced by a changing climate and in the context of national security.

Moving toward energy security and sustainability in 2050 by reconfiguring biofuel production

USDA-ARS?s Scientific Manuscript database

To achieve energy security and sustainability by 2050 requires reconfiguring biofuel production both by building on current infrastructure and existing technology and also by making substantial improvements and changes in the feedstocks used, the process technologies applied, and the fuels produced....

76 FR 3649 - Agency Information Collection Activities: Request for Information

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-20

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Request for Information AGENCY: U.S. Customs and Border Protection, Department of Homeland Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection...

Trust Management and Accountability for Internet Security

ERIC Educational Resources Information Center

Liu, Wayne W.

2011-01-01

Adversarial yet interacting interdependent relationships in information sharing and service provisioning have been a pressing issue of the Internet. Such relationships exist among autonomous software agents, in networking system peers, as well as between "service users and providers." Traditional "ad hoc" security approaches effective in…

20 CFR 416.2055 - Mandatory minimum supplementation reduced.

Code of Federal Regulations, 2011 CFR

2011-04-01

.... 416.2055 Section 416.2055 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... Mandatory minimum supplementation reduced. If for any month after December 1973 there is a change with respect to any special need or special circumstance which, if such change had existed in December 1973...

78 FR 26649 - Agency Information Collection Activities: Trusted Traveler Programs

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-07

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Trusted Traveler Programs AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland Security. ACTION: 60-Day Notice and request for comments; Extension of an existing collection of...

77 FR 40892 - Agency Information Collection Activities: Crew Member's Declaration

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-11

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Crew Member's Declaration AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland Security. ACTION: 60-Day Notice and request for comments; Extension of an existing collection of...

78 FR 70065 - Agency Information Collection Activities: Customs Declaration

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-22

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Customs Declaration AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland Security ACTION: 60-Day notice and request for comments; Extension of an existing collection of information...

20 CFR 416.2055 - Mandatory minimum supplementation reduced.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... 416.2055 Section 416.2055 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... Mandatory minimum supplementation reduced. If for any month after December 1973 there is a change with respect to any special need or special circumstance which, if such change had existed in December 1973...

Earth Observations for Global Water Security

NASA Technical Reports Server (NTRS)

Lawford, Richard; Strauch, Adrian; Toll, David; Fekete, Balazs; Cripe, Douglas

2013-01-01

The combined effects of population growth, increasing demands for water to support agriculture, energy security, and industrial expansion, and the challenges of climate change give rise to an urgent need to carefully monitor and assess trends and variations in water resources. Doing so will ensure that sustainable access to adequate quantities of safe and useable water will serve as a foundation for water security. Both satellite and in situ observations combined with data assimilation and models are needed for effective, integrated monitoring of the water cycle's trends and variability in terms of both quantity and quality. On the basis of a review of existing observational systems, we argue that a new integrated monitoring capability for water security purposes is urgently needed. Furthermore, the components for this capability exist and could be integrated through the cooperation of national observational programmes. The Group on Earth Observations should play a central role in the design, implementation, management and analysis of this system and its products.

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks

PubMed Central

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-01-01

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication. PMID:28632171

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks.

PubMed

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-06-20

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.

Human detection in sensitive security areas through recognition of omega shapes using MACH filters

NASA Astrophysics Data System (ADS)

Rehman, Saad; Riaz, Farhan; Hassan, Ali; Liaquat, Muwahida; Young, Rupert

2015-03-01

Human detection has gained considerable importance in aggravated security scenarios over recent times. An effective security application relies strongly on detailed information regarding the scene under consideration. A larger accumulation of humans than the number of personal authorized to visit a security controlled area must be effectively detected, amicably alarmed and immediately monitored. A framework involving a novel combination of some existing techniques allows an immediate detection of an undesirable crowd in a region under observation. Frame differencing provides a clear visibility of moving objects while highlighting those objects in each frame acquired by a real time camera. Training of a correlation pattern recognition based filter on desired shapes such as elliptical representations of human faces (variants of an Omega Shape) yields correct detections. The inherent ability of correlation pattern recognition filters caters for angular rotations in the target object and renders decision regarding the existence of the number of persons exceeding an allowed figure in the monitored area.

AVQS: attack route-based vulnerability quantification scheme for smart grid.

PubMed

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

Sustainable Food Security Measurement: A Systemic Methodology

NASA Astrophysics Data System (ADS)

Findiastuti, W.; Singgih, M. L.; Anityasari, M.

2017-04-01

Sustainable food security measures how a region provides food for its people without endangered the environment. In Indonesia, it was legally measured in Food Security and Vulnerability (FSVA). However, regard to sustainable food security policy, the measurement has not encompassed the environmental aspect. This will lead to lack of environmental aspect information for adjusting the next strategy. This study aimed to assess Sustainable Food security by encompassing both food security and environment aspect using systemic eco-efficiency. Given existing indicator of cereal production level, total emission as environment indicator was generated by constructing Causal Loop Diagram (CLD). Then, a stock-flow diagram was used to develop systemic simulation model. This model was demonstrated for Indonesian five provinces. The result showed there was difference between food security order with and without environmental aspect assessment.

Preventing infant abductions: an infant security program transitioned into an interdisciplinary model.

PubMed

Hiner, Jacqueline; Pyka, Jeanine; Burks, Colleen; Pisegna, Lily; Gador, Rachel Ann

2012-01-01

Ensuring the safety of infants born in a hospital is a top priority and, therefore, requires a solid infant security plan. Using an interdisciplinary approach and a systematic change process, nursing leadership in collaboration with clinical nurses and security personnel analyzed the infant security program at this community hospital to identify vulnerabilities. By establishing an interdisciplinary approach to infant security, participants were able to unravel a complicated concept, systematically analyze the gaps, and agree to a plan of action. This resulted in improved communication and clarification of roles between the nursing and security divisions. Supply costs decreased by 17.4% after the first year of implementation. Most importantly, this project enhanced and strengthened the existing infant abduction prevention measures, hard wired the importance of infant security, and minimized vulnerabilities.

Technology Requirements and Selection for Securely Partitioning OBSW

NASA Astrophysics Data System (ADS)

Mendham, Peter; Windsor, James; Eckstein, Knut

2010-08-01

The Securely Partitioning Spacecraft Computing Resources project is a current ESA TRP activity investigating the application of secure time and space partitioning (TSP) technologies to enable multi-use missions from a single platform. Secure TSP technologies are used in a number of application areas outside the space domain and an opportunity exists to 'spin-in' a suitable solution. The selection of a technology for use within space the European space industry relies on an understanding of the requirements for the application of secure TSP, of which this paper presents a summary. Further, the paper outlines the selection process taken by the project and highlights promising solutions for use today.

A protect solution for data security in mobile cloud storage

NASA Astrophysics Data System (ADS)

Yu, Xiaojun; Wen, Qiaoyan

2013-03-01

It is popular to access the cloud storage by mobile devices. However, this application suffer data security risk, especial the data leakage and privacy violate problem. This risk exists not only in cloud storage system, but also in mobile client platform. To reduce the security risk, this paper proposed a new security solution. It makes full use of the searchable encryption and trusted computing technology. Given the performance limit of the mobile devices, it proposes the trusted proxy based protection architecture. The design basic idea, deploy model and key flows are detailed. The analysis from the security and performance shows the advantage.

Does the PCEHR mean a new paradigm for information security? Implications for health information management.

PubMed

Williams, Patricia A H

Australia is stepping up to the new e-health environment. With this comes new legislation and new demands on information security. The expanded functionality of e-health and the increased legislative requirements, coupled with new uses of technology, means that enhancement of existing security practice will be necessary. This paperanalyses the new operating environment for Australian healthcare and the legislation governing it, and highlights the changes that are required to meet this new context. Individuals are now more responsible for security and organisations should be prompted to review their security measures in light of the new demands of legislative compliance.

Manufacturing and Security Challenges in 3D Printing

NASA Astrophysics Data System (ADS)

Zeltmann, Steven Eric; Gupta, Nikhil; Tsoutsos, Nektarios Georgios; Maniatakos, Michail; Rajendran, Jeyavijayan; Karri, Ramesh

2016-07-01

As the manufacturing time, quality, and cost associated with additive manufacturing (AM) continue to improve, more and more businesses and consumers are adopting this technology. Some of the key benefits of AM include customizing products, localizing production and reducing logistics. Due to these and numerous other benefits, AM is enabling a globally distributed manufacturing process and supply chain spanning multiple parties, and hence raises concerns about the reliability of the manufactured product. In this work, we first present a brief overview of the potential risks that exist in the cyber-physical environment of additive manufacturing. We then evaluate the risks posed by two different classes of modifications to the AM process which are representative of the challenges that are unique to AM. The risks posed are examined through mechanical testing of objects with altered printing orientation and fine internal defects. Finite element analysis and ultrasonic inspection are also used to demonstrate the potential for decreased performance and for evading detection. The results highlight several scenarios, intentional or unintentional, that can affect the product quality and pose security challenges for the additive manufacturing supply chain.

Kinetics of Materials at Extreme Conditions: Understanding the Time Dependent Approach to Equilibrium at MaRIE

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kraus, R. G.; Mcnabb, D.; Kumar, M.

The National Nuclear Security Agency has recently recognized that a long-term need exists to establish a stronger scientific basis for the assessment and qualification of materials and manufacturing processes for the nuclear stockpile and other national security applications. These materials may have undergone substantial changes with age, or may represent new materials that are being introduced because of difficulties associated with reusing or recreating materials used in original stockpile components. Also, with advancements in manufacturing methods, the NNSA anticipates opportunities for an enhanced range of control over fabricated components, an enhanced pace of materials development, and enhanced functionality. The developmentmore » of qualification standards for these new materials will require the ability to understand and control material characteristics that affect both mechanical and dynamic performance. A unique aspect for NNSA is that the performance requirements for materials are often set by system hydrodynamics, and these materials must perform in extreme environments and loading conditions. Thus, the scientific motivation is to understand “Matter-Radiation Interactions in Extremes (MaRIE).”« less

Survey of Machine Learning Methods for Database Security

NASA Astrophysics Data System (ADS)

Kamra, Ashish; Ber, Elisa

Application of machine learning techniques to database security is an emerging area of research. In this chapter, we present a survey of various approaches that use machine learning/data mining techniques to enhance the traditional security mechanisms of databases. There are two key database security areas in which these techniques have found applications, namely, detection of SQL Injection attacks and anomaly detection for defending against insider threats. Apart from the research prototypes and tools, various third-party commercial products are also available that provide database activity monitoring solutions by profiling database users and applications. We present a survey of such products. We end the chapter with a primer on mechanisms for responding to database anomalies.

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

Fires. A Joint Professional Bulletin for U.S. Field and Air Defense Artillerymen. September-October 2011

DTIC Science & Technology

2011-10-01

said that security of the LOCs was a constant challenge facing the Soviet forces in Afghanistan. Security of the LOCs determined the amount of forces...resistance forces. The Afghan terrain was not ideal for a mechanized force dependent on fire power, secure LOCs and high-technology. Although the popular...Secure logistics and secure LOCs are essential for the both the guerrilla and non-guerrilla force. Security missions, however, can tie up most

20 CFR 220.131 - Work which exists in the national economy.

Code of Federal Regulations, 2013 CFR

2013-04-01

... and medium jobs exist in the national economy: (1) Dictionary of Occupational Titles, published by the..., also published by the Bureau of the Census. (4) Occupational Analyses, prepared for the Social Security...

20 CFR 220.131 - Work which exists in the national economy.

Code of Federal Regulations, 2012 CFR

2012-04-01

... and medium jobs exist in the national economy: (1) Dictionary of Occupational Titles, published by the..., also published by the Bureau of the Census. (4) Occupational Analyses, prepared for the Social Security...

20 CFR 220.131 - Work which exists in the national economy.

Code of Federal Regulations, 2011 CFR

2011-04-01

... and medium jobs exist in the national economy: (1) Dictionary of Occupational Titles, published by the..., also published by the Bureau of the Census. (4) Occupational Analyses, prepared for the Social Security...

20 CFR 220.131 - Work which exists in the national economy.

Code of Federal Regulations, 2014 CFR

2014-04-01

... and medium jobs exist in the national economy: (1) Dictionary of Occupational Titles, published by the..., also published by the Bureau of the Census. (4) Occupational Analyses, prepared for the Social Security...

20 CFR 220.131 - Work which exists in the national economy.

Code of Federal Regulations, 2010 CFR

2010-04-01

... and medium jobs exist in the national economy: (1) Dictionary of Occupational Titles, published by the..., also published by the Bureau of the Census. (4) Occupational Analyses, prepared for the Social Security...

31 CFR 370.26 - What limitations exist on liability?

Code of Federal Regulations, 2010 CFR

2010-07-01

... TRANSFERS RELATING TO UNITED STATES SECURITIES Debit Entries § 370.26 What limitations exist on liability? If we sustain a loss because a financial institution fails to handle an entry in accordance with this...

76 FR 29147 - Federal Home Loan Bank Investments

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-20

...-AA32 Federal Home Loan Bank Investments AGENCY: Federal Housing Finance Agency; Federal Housing Finance...-adopting existing investment regulations that apply to the Federal Home Loan Banks (Banks) and that were...' investment in mortgage-backed securities (MBS) and certain asset-backed securities (ABS) that were previously...

Cloud-Based Virtual Laboratory for Network Security Education

ERIC Educational Resources Information Center

Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

2014-01-01

Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

77 FR 73038 - Agency Information Collection Activities: Application for Allowance in Duties

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-07

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Application for Allowance in Duties AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland Security. ACTION: 60-day notice and request for comments; Extension of an existing...

17 CFR 242.401 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... security futures intermediary were not a participant. (6) Daily settlement price means, with respect to a... futures commission merchant that has been in existence for less than one year may meet the definition of... M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY FUTURES Customer Margin...

17 CFR 242.401 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... security futures intermediary were not a participant. (6) Daily settlement price means, with respect to a... futures commission merchant that has been in existence for less than one year may meet the definition of... M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY FUTURES Customer Margin...

17 CFR 242.401 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... security futures intermediary were not a participant. (6) Daily settlement price means, with respect to a... futures commission merchant that has been in existence for less than one year may meet the definition of... M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY FUTURES Customer Margin...

The African Peace and Security Architecture: Myth or Reality

DTIC Science & Technology

2013-03-01

resolving the conflicts. Efforts by African leaders to create continental peace and security mechanisms failed miserably . Consequently, Africans depended...Framework Document, October 2001), 14. 6 Andre Le Sage, “Africa’s Irregular Security Threats: Challenges for U.S. Engagement,” (Strategic Forum

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

Stress and depression among older residents in religious monasteries: do friends and God matter?

PubMed

Bishop, Alex J

2008-01-01

The purpose of this investigation was to explore how friendship and attach-0 ment to God provide protective benefits against stress and depression. Participants included 235 men and women, age 64 and older, residing in religious monasteries affiliated with the Order of St. Benedict. Hierarchical multiple regression analyses were completed to assess main and moderating effects of friendship and attachment to God relative to the influence of stress on depressive symptomology. Lower degree of friendship closeness (beta = -.12, p < .10) and greater insecurity with God (beta = -.15, p < .01) were directly associated with greater depressive symptoms. A significant three-way interaction (Stress x Friendship x Attachment to God) also existed relative to depressive symptoms (beta = .14, p < .05). Three "stress-buffering" mechanisms emerged relative to the influence of stress on depressive symptomology. First, a greater degree of friendship closeness in combination with less secure attachment to God represented a greater risk for depressive symptoms. Second, greater friendship closeness in combination with greater secure attachment to God reduced the risk for depressive symptoms. Third, lower degree of friendship closeness combined with less secure attachment to God diminished the noxious effects of stress on depressive symptoms. This has implications relative to how social and spiritual resources can be used to reduce stress and improve quality of life for older adults residing in religious communities.

A systematic literature review on security and privacy of electronic health record systems: technical perspectives.

PubMed

Rezaeibagha, Fatemeh; Win, Khin Than; Susilo, Willy

Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.

Three-step semiquantum secure direct communication protocol

NASA Astrophysics Data System (ADS)

Zou, XiangFu; Qiu, DaoWen

2014-09-01

Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first. In the existing schemes, quantum secure direct communication is possible only when both parties are quantum. In this paper, we construct a three-step semiquantum secure direct communication (SQSDC) protocol based on single photon sources in which the sender Alice is classical. In a semiquantum protocol, a person is termed classical if he (she) can measure, prepare and send quantum states only with the fixed orthogonal quantum basis {|0>, |1>}. The security of the proposed SQSDC protocol is guaranteed by the complete robustness of semiquantum key distribution protocols and the unconditional security of classical one-time pad encryption. Therefore, the proposed SQSDC protocol is also completely robust. Complete robustness indicates that nonzero information acquired by an eavesdropper Eve on the secret message implies the nonzero probability that the legitimate participants can find errors on the bits tested by this protocol. In the proposed protocol, we suggest a method to check Eves disturbing in the doves returning phase such that Alice does not need to announce publicly any position or their coded bits value after the photons transmission is completed. Moreover, the proposed SQSDC protocol can be implemented with the existing techniques. Compared with many quantum secure direct communication protocols, the proposed SQSDC protocol has two merits: firstly the sender only needs classical capabilities; secondly to check Eves disturbing after the transmission of quantum states, no additional classical information is needed.

Distributed Virtual System (DIVIRS) Project

NASA Technical Reports Server (NTRS)

Schorr, Herbert; Neuman, B. Clifford

1993-01-01

As outlined in our continuation proposal 92-ISI-50R (revised) on contract NCC 2-539, we are (1) developing software, including a system manager and a job manager, that will manage available resources and that will enable programmers to program parallel applications in terms of a virtual configuration of processors, hiding the mapping to physical nodes; (2) developing communications routines that support the abstractions implemented in item one; (3) continuing the development of file and information systems based on the virtual system model; and (4) incorporating appropriate security measures to allow the mechanisms developed in items 1 through 3 to be used on an open network. The goal throughout our work is to provide a uniform model that can be applied to both parallel and distributed systems. We believe that multiprocessor systems should exist in the context of distributed systems, allowing them to be more easily shared by those that need them. Our work provides the mechanisms through which nodes on multiprocessors are allocated to jobs running within the distributed system and the mechanisms through which files needed by those jobs can be located and accessed.

DIstributed VIRtual System (DIVIRS) project

NASA Technical Reports Server (NTRS)

Schorr, Herbert; Neuman, B. Clifford

1994-01-01

As outlined in our continuation proposal 92-ISI-. OR (revised) on NASA cooperative agreement NCC2-539, we are (1) developing software, including a system manager and a job manager, that will manage available resources and that will enable programmers to develop and execute parallel applications in terms of a virtual configuration of processors, hiding the mapping to physical nodes; (2) developing communications routines that support the abstractions implemented in item one; (3) continuing the development of file and information systems based on the Virtual System Model; and (4) incorporating appropriate security measures to allow the mechanisms developed in items 1 through 3 to be used on an open network. The goal throughout our work is to provide a uniform model that can be applied to both parallel and distributed systems. We believe that multiprocessor systems should exist in the context of distributed systems, allowing them to be more easily shared by those that need them. Our work provides the mechanisms through which nodes on multiprocessors are allocated to jobs running within the distributed system and the mechanisms through which files needed by those jobs can be located and accessed.

DIstributed VIRtual System (DIVIRS) project

NASA Technical Reports Server (NTRS)

Schorr, Herbert; Neuman, Clifford B.

1995-01-01

As outlined in our continuation proposal 92-ISI-50R (revised) on NASA cooperative agreement NCC2-539, we are (1) developing software, including a system manager and a job manager, that will manage available resources and that will enable programmers to develop and execute parallel applications in terms of a virtual configuration of processors, hiding the mapping to physical nodes; (2) developing communications routines that support the abstractions implemented in item one; (3) continuing the development of file and information systems based on the Virtual System Model; and (4) incorporating appropriate security measures to allow the mechanisms developed in items 1 through 3 to be used on an open network. The goal throughout our work is to provide a uniform model that can be applied to both parallel and distributed systems. We believe that multiprocessor systems should exist in the context of distributed systems, allowing them to be more easily shared by those that need them. Our work provides the mechanisms through which nodes on multiprocessors are allocated to jobs running within the distributed system and the mechanisms through which files needed by those jobs can be located and accessed.

Distributed Virtual System (DIVIRS) project

NASA Technical Reports Server (NTRS)

Schorr, Herbert; Neuman, B. Clifford

1993-01-01

As outlined in the continuation proposal 92-ISI-50R (revised) on NASA cooperative agreement NCC 2-539, the investigators are developing software, including a system manager and a job manager, that will manage available resources and that will enable programmers to develop and execute parallel applications in terms of a virtual configuration of processors, hiding the mapping to physical nodes; developing communications routines that support the abstractions implemented; continuing the development of file and information systems based on the Virtual System Model; and incorporating appropriate security measures to allow the mechanisms developed to be used on an open network. The goal throughout the work is to provide a uniform model that can be applied to both parallel and distributed systems. The authors believe that multiprocessor systems should exist in the context of distributed systems, allowing them to be more easily shared by those that need them. The work provides the mechanisms through which nodes on multiprocessors are allocated to jobs running within the distributed system and the mechanisms through which files needed by those jobs can be located and accessed.

Connected Vehicle Pilot Deployment Program phase 1 : security management operating concept : New York City : final report.

DOT National Transportation Integrated Search

2016-05-18

This document describes the Security Management Operating Concept (SMOC) for the New York City Department of Transportation (NYCDOT) Connected Vehicle Pilot Deployment (CVPD) Project. This SMOC outlines the security mechanisms that will be used to pr...

75 FR 18863 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-006...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

... transportation systems to ensure freedom of movement for people and commerce. To achieve this mission, TSA is... use permits the release of information to the media when there exists a legitimate public interest in... compromise there is a risk of [[Page 18866

The Cybercitizen Dimension: A Quantitative Study Using a Threat Avoidance Perspective

ERIC Educational Resources Information Center

Manzano, Debbie L.

2012-01-01

The importance of information security is understated and theory-based empirical research that explains computer users voluntary IT threat avoidance behavior is lacking. Most existing information security research on individual behaviors has been focused in organizational settings where the threat avoidance behavior is mandatory and dictated by…

78 FR 40479 - Declaration That Circumstances Exist Justifying Authorization of Emergency Use of All Oral...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-05

.... ACTION: Notice. SUMMARY: The Secretary of Homeland Security determined on September 23, 2008, that there... specified biological, chemical, radiological, or nuclear agent or agents--in this case, Bacillus anthracis...). SUPPLEMENTARY INFORMATION: I. Background On September 23, 2008, former Secretary of Homeland Security, [[Page...

7 CFR 1962.6 - Liens and assignments on chattel property.

Code of Federal Regulations, 2012 CFR

2012-01-01

... and Water (SW) loans. When a new security agreement or chattel mortgage is taken, all existing security items will be described on it. (b) [Reserved] (c) Assignments of upland cotton, rice, wheat and... cotton, rice, wheat and feed grain programs. (1) Obtaining assignments. Assignments will be obtained as...

7 CFR 1962.6 - Liens and assignments on chattel property.

Code of Federal Regulations, 2014 CFR

2014-01-01

... and Water (SW) loans. When a new security agreement or chattel mortgage is taken, all existing security items will be described on it. (b) [Reserved] (c) Assignments of upland cotton, rice, wheat and... cotton, rice, wheat and feed grain programs. (1) Obtaining assignments. Assignments will be obtained as...

7 CFR 1962.6 - Liens and assignments on chattel property.

Code of Federal Regulations, 2013 CFR

2013-01-01

... and Water (SW) loans. When a new security agreement or chattel mortgage is taken, all existing security items will be described on it. (b) [Reserved] (c) Assignments of upland cotton, rice, wheat and... cotton, rice, wheat and feed grain programs. (1) Obtaining assignments. Assignments will be obtained as...

Toward a Dependable Peace: A Proposal for an Appropriate Security System.

ERIC Educational Resources Information Center

Johansen, Robert C.

This booklet proposes that citizens and governments think imaginatively about national and international security and take action for comprehensive arms reductions. The document is presented in eight chapters. Chapter I reports that global insecurity exists despite continuous arms control negotiations since World War II. Chapter II discusses…

78 FR 76851 - Agency Information Collection Activities: BP Regulations Pertaining to Customs Brokers

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-19

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: BP Regulations Pertaining to Customs Brokers AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland Security. ACTION: 60-day notice and request for comments; extension of an existing...

78 FR 16564 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Personnel Management...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-15

... 1021 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of existing computer... above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0073] Privacy Act of 1974, as Amended...

78 FR 12127 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-21

... 1310 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer..., as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0007] Privacy Act of 1974, as Amended...

75 FR 51154 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-18

... 1310 AGENCY: Social Security Administration (SSA) ACTION: Notice of a renewal of an existing computer..., as shown above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2010-0035] Privacy Act of 1974, as Amended...

78 FR 69926 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Centers for Medicare & Medicaid...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0059] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Centers for Medicare & Medicaid Services (CMS))--Match Number 1076 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching...

76 FR 21091 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Centers for Medicare & Medicaid...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-14

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0022] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Centers for Medicare & Medicaid Services (CMS))--Match Number 1076 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching...

78 FR 16520 - Agency Information Collection Activities: Application To Establish a Centralized Examination Station

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-15

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... Protection, Department of Homeland Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection: 1651-0061. SUMMARY: U.S. Customs and Border Protection (CBP) of the...

77 FR 26776 - Agency Information Collection Activities: Declaration of Persons Who Performed Repairs or...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-07

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... Protection, Department of Homeland Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection. SUMMARY: U.S. Customs and Border Protection (CBP) of the Department of...

77 FR 9954 - Agency Information Collection Activities: Declaration of Owner and Declaration of Consignee When...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-21

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs And Border Protection Agency Information Collection.... Customs and Border Protection, Department of Homeland Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection. SUMMARY: U.S. Customs and Border Protection (CBP...

77 FR 16047 - Agency Information Collection Activities: Form I-589; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-19

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Immigration Services (USCIS) will be submitting the following information collection request for review and... Security sponsoring the collection: Form I-589; U.S. Citizenship and Immigration Services (USCIS). (4...

77 FR 34052 - Agency Information Collection Activities: Form I-102; Revision of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-08

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Nonimmigrant Arrival-Departure Document. The Department of Homeland Security, U.S. Citizenship and Immigration...-102; U.S. Citizenship and Immigration Services (USCIS). (4) Affected public who will be asked or...

Designing, Implementing, and Evaluating Secure Web Browsers

ERIC Educational Resources Information Center

Grier, Christopher L.

2009-01-01

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

The reformulation of emotional security theory: the role of children's social defense in developmental psychopathology.

PubMed

Davies, Patrick T; Martin, Meredith J

2013-11-01

Although children's security in the context of the interparental relationship has been identified as a key explanatory mechanism in pathways between family discord and child psychopathology, little is known about the inner workings of emotional security as a goal system. Thus, the objective of this paper is to describe how our reformulation of emotional security theory within an ethological and evolutionary framework may advance the characterization of the architecture and operation of emotional security and, in the process, cultivate sustainable growing points in developmental psychopathology. The first section of the paper describes how children's security in the interparental relationship is organized around a distinctive behavioral system designed to defend against interpersonal threat. Building on this evolutionary foundation for emotional security, the paper offers an innovative taxonomy for identifying qualitatively different ways children try to preserve their security and its innovative implications for more precisely informing understanding of the mechanisms in pathways between family and developmental precursors and children's trajectories of mental health. In the final section, the paper highlights the potential of the reformulation of emotional security theory to stimulate new generations of research on understanding how children defend against social threats in ecologies beyond the interparental dyad, including both familial and extrafamilial settings.

Hybrid Vehicles

DTIC Science & Technology

2008-12-08

chassis) by a ground strap, wire, welded connection or other suitable low-resistance mechanical connection. Case ground connectors routed from other...environment of a hybrid electric vehicle. Alternative temperature measuring transducers, e.g., thermistors , should be considered when thermocouples are...A 3. Is the ground connection to the chassis or frame mechanically secured by one of the following methods? a. Secured to a spot- welded

Development and Validation of Mechanical Engineering Trade Skills Assessment Instrument for Sustainable Job Security in Yobe State

ERIC Educational Resources Information Center

Adamu, Gishua Garba; Dawha, Josphine Musa; Kamar, Tiamiyu Salihu

2015-01-01

Mechanical Engineering Trade Skills Assessment Instrument (METSAI) is aimed at determining the extent to which students have acquired practical skills before graduation that will enable them get employment for sustainable job security in Yobe state. The study employed instrumentation research design. The populations of the study were 23 mechanical…

eCX: A Secure Infrastructure for E-Course Delivery.

ERIC Educational Resources Information Center

Yau, Joe C. K; Hui, Lucas C. K.; Cheung, Bruce; Yiu, S. M.

2003-01-01

Presents a mechanism, the Secure e-Course eXchange (eCX) designed to protect learning material from unauthorized dissemination, and shows how this mechanism can be integrated in the operation model of online learning course providers. The design of eCX is flexible to fit two operating models, the Institutional Server Model and the Corporate Server…

A security mechanism based on evolutionary game in fog computing.

PubMed

Sun, Yan; Lin, Fuhong; Zhang, Nan

2018-02-01

Fog computing is a distributed computing paradigm at the edge of the network and requires cooperation of users and sharing of resources. When users in fog computing open their resources, their devices are easily intercepted and attacked because they are accessed through wireless network and present an extensive geographical distribution. In this study, a credible third party was introduced to supervise the behavior of users and protect the security of user cooperation. A fog computing security mechanism based on human nervous system is proposed, and the strategy for a stable system evolution is calculated. The MATLAB simulation results show that the proposed mechanism can reduce the number of attack behaviors effectively and stimulate users to cooperate in application tasks positively.

The security concern on internet banking adoption among Malaysian banking customers.

PubMed

Sudha, Raju; Thiagarajan, A S; Seetharaman, A

2007-01-01

The existing literatures highlights that the security is the primary factor which determines the adoption of Internet banking technology. The secondary information on Internet banking development in Malaysia shows a very slow growth rate. Hence, this study aims to study the banking customers perception towards security concern and Internet banking adoption through the information collected from 150 sample respondents. The data analysis reveals that the customers have much concern about security and privacy issue in adoption of Internet banking, whether the customers are adopted Internet banking or not. Hence, it infers that to popularize Internet banking system there is a need for improvement in security and privacy issue among the banking customers.

Security, insecurity and health.

PubMed

Coupland, Robin

2007-03-01

An examination of the nexus of security, insecurity and health shows that security is a prerequisite for health. The many and varied ways that armed violence--including threats of armed violence--can affect people's health can be documented by formal studies; however, valuable data also exist in other reports, such as media reports. The health community needs to recognize that people's insecurity is a massive global health issue. The foreign policies of donor governments should incorporate recognition that documentation, analysis and publication of data describing the impact of insecurity on people's health can lead to the creation of policies to enhance people's security.

U.S. Army War College Guide to National Security Issues. Volume 2. National Security Policy and Strategy

DTIC Science & Technology

2012-06-01

1998 National War College paper entitled “U.S. National Se- curity Structure: A New Model for the 21st Century” defines the national security community ...fueled by revolu- tions in communications and information management, the emergence of a truly global market and world economy, the primacy of economic...collection of information is estimated to average 1 hour per response, including the time for reviewing instructions , searching existing data sources

Design of a Forecasting Service System for Monitoring of Vulnerabilities of Sensor Networks

NASA Astrophysics Data System (ADS)

Song, Jae-Gu; Kim, Jong Hyun; Seo, Dong Il; Kim, Seoksoo

This study aims to reduce security vulnerabilities of sensor networks which transmit data in an open environment by developing a forecasting service system. The system is to remove or monitor causes of breach incidents in advance. To that end, this research first examines general security vulnerabilities of sensor networks and analyzes characteristics of existing forecasting systems. Then, 5 steps of a forecasting service system are proposed in order to improve security responses.

Research on mobile electronic commerce security technology based on WPKI

NASA Astrophysics Data System (ADS)

Zhang, Bo

2013-07-01

Through the in-depth study on the existing mobile e-commerce and WAP protocols, this paper presents a security solution of e-commerce system based on WPKI, and describes its implementation process and specific implementation details. This solution uniformly distributes the key used by the various participating entities , to fully ensure the confidentiality, authentication, fairness and integrity of mobile e-commerce payments, therefore has some pract ical value for improving the security of e-commerce system.

Security in the management of information systems.

PubMed

Huston, T L; Huston, J L

1998-06-01

Although security technology exists in abundance in health information management systems, the implementation of that technology is often lacking. This lack of implementation can be heavily affected by the attitudes and perceptions of users and management, the "people part" of systems. Particular operational, organizational, and economic factors must be addressed along with employment of security objectives and accountability. Unique threats, as well as controls, pervade the use of microcomputer-based systems as these systems permeate health care information management.

Endogenous fertility, altruistic behavior across generations, and social security systems.

PubMed

Prinz, A

1990-01-01

This study examines the possible link between the existence of a pay-as-you-go social security program and individual procreative behavior. When a public old-age income support system takes the place of within-family support, the theoretical literature preducts that fertility rates will decline since children are no longer perceived as important to the old age security of the parents. The author takes up this theoretical problem and examines it through three different but related issues: optimal capital accumulation, optimal population growth and the role of social institutions affecting efficient intergenerational allocations. Econometric analysis employing a steady state growth model is used. Altruism between generations is studied for effect on the standard model. The model shows that for social optimum the per capita pension is related to the growth rate of the population, therefore, for society as a whole, children are investment goods. However, given the existence of a social security system, it is in each household's best interest to have no children at all. Only a government transfer, a child allowance to parents, changes the model and fertility rates. When modified to account for "caring" the model demonstrates that altruistic behavior between generations is not symmetrical. The study concludes that a pay-as-you-go funded social security system should be supplemented by a system of child allowances or replaced by a fully funded social security system.

Secure Multiparty Quantum Computation for Summation and Multiplication.

PubMed

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-21

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics.

Secure Multiparty Quantum Computation for Summation and Multiplication

PubMed Central

Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

2016-01-01

As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics. PMID:26792197

Interpreting international governance standards for health IT use within general medical practice.

PubMed

Mahncke, Rachel J; Williams, Patricia A H

2014-01-01

General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

Integrating Programming Language and Operating System Information Security Mechanisms

DTIC Science & Technology

2016-08-31

suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

Green Secure Processors: Towards Power-Efficient Secure Processor Design

NASA Astrophysics Data System (ADS)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

75 FR 44296 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-28

... currently collected and made transparent by the MSRB on municipal Auction Rate Securities (``ARS'') and... MSRB on municipal Auction Rate Securities (``ARS'') and Variable Rate Demand Obligations (``VRDOs... auction procedures and interest rate setting mechanisms for ARS and liquidity facilities for VRDOs...

75 FR 52793 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Order Granting Approval of...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-27

... the MSRB on municipal Auction Rate Securities (``ARS'') and Variable Rate Demand Obligations (``VRDOs... information currently collected and made transparent by the MSRB on municipal Auction Rate Securities (``ARS... that define auction procedures and interest rate setting mechanisms for ARS and liquidity facilities...

SURVIVABILITY THROUGH OPTIMIZING RESILIENT MECHANISMS (STORM)

DTIC Science & Technology

2017-04-01

STATEMENT Approved for Public Release; Distribution Unlimited. PA# 88ABW-2017-0894 Date Cleared: 07 Mar 2017 13. SUPPLEMENTARY NOTES 14. ABSTRACT Game ...quantitatively about cyber-attacks. Game theory is the branch of applied mathematics that formalizes strategic interaction among intelligent rational agents...mechanism based on game theory. This work has applied game theory to numerous cyber security problems: cloud security, cyber threat information sharing

Support system, excavation arrangement, and process of supporting an object

DOE Office of Scientific and Technical Information (OSTI.GOV)

Arnold, Bill W.

2017-08-01

A support system, an excavation arrangement, and a process of supporting an object are disclosed. The support system includes a weight-bearing device and a camming mechanism positioned below the weight-bearing device. A downward force on the weight-bearing device at least partially secures the camming mechanism to opposing surfaces. The excavation arrangement includes a borehole, a support system positioned within and secured to the borehole, and an object positioned on and supported by the support system. The process includes positioning and securing the support system and positioning the object on the weight-bearing device.

Security measures required for HIPAA privacy.

PubMed

Amatayakul, M

2000-01-01

HIPAA security requirements include administrative, physical, and technical services and mechanisms to safeguard confidentiality, availability, and integrity of health information. Security measures, however, must be implemented in the context of an organization's privacy policies. Because HIPAA's proposed privacy rules are flexible and scalable to account for the nature of each organization's business, size, and resources, each organization will be determining its own privacy policies within the context of the HIPAA requirements and its security capabilities. Security measures cannot be implemented in a vacuum.

78 FR 25115 - Self-Regulatory Organizations; Fixed Income Clearing Corporation; Notice of Filing of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-29

... Amending the Mortgage-Backed Securities Division Fails Charge Rule To Reflect Recommendation of the... change is to amend the existing fails charge rule in FICC's Mortgage-Backed Securities Division (``MBSD... (``TMPG'') relating to the removal of the resolution period for fails charges.\\3\\ \\3\\ The text of the...

31 CFR 357.21 - Registration.

Code of Federal Regulations, 2010 CFR

2010-07-01

... an existing account, the security will be registered in the same name and form of registration that... (other than a registration under paragraph (b)(2)(ii) of this section), will be presumed to be a request... owner, the security will be deemed to be registered in the owner's name alone. (3) Minors—(i) General. A...

75 FR 28042 - Privacy Act of 1974: System of Records; Department of Homeland Security Transportation Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-19

... the nation's transportation systems to ensure freedom of movement for people and commerce. To achieve... the media when there exists a legitimate public interest in disclosing information. Release under this..., including identification media and identifying information such as name, address, gender, date of birth...

78 FR 7804 - Privacy Act of 1974; as amended; Notice to Amend an Existing System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Indian Irrigation projects are constructed, including name, social security number, account/ID, whether... information, including name of debtor, address, tax identification number, social security number, ownership... suspected or confirmed compromise there is a risk of harm to economic or property interest, identity theft...

78 FR 18620 - Agency Information Collection Activities: Extension, Without Change, of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-27

... Request ACTION: 60-Day Notice of Information Collection for Review; File No. 70-009, 287(g) Candidate Questionnaire; OMB Control No. 1653-0047. The Department of Homeland Security, U.S. Immigration and Customs... Department of Homeland Security (DHS), Scott Elmore, Forms Manager, U.S. Immigration and Customs Enforcement...

77 FR 62059 - Privacy Act of 1974, as Amended; Revisions to Existing Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-11

... and forms, microfilm or microfiche, and in computer processable storage media such as personnel system... 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986... apply: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer...

Management of U.S. Coast Guard Information Security Program Using Management by Objectives.

DTIC Science & Technology

1979-09-01

conducted. These men described their jobs and the attendant problems with obvious complete frankness and in the most lucid way. Thirdly, the security...scenario is not an unrealistic dream but a statement of the conditions that would exist if the organization arrived at some future state successfully

7 CFR 3550.52 - Loan purposes.

Code of Federal Regulations, 2010 CFR

2010-01-01

... purchase a property currently financed by an RHS loan, the new borrower must assume the existing RHS... secured by a lien against the property, RHS will have a first lien position on the security property after... applicant's control, the applicant is in danger of losing the property, the debt is over $5,000, and the...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2012 CFR

2012-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2011 CFR

2011-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2013 CFR

2013-07-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2014 CFR

2014-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

17 CFR 242.203 - Borrowing and delivery requirements.

Code of Federal Regulations, 2010 CFR

2010-04-01

... purchasing securities of like kind and quantity; (iii) Short sales effected by a market maker in connection with bona-fide market making activities in the security for which this exception is claimed; and (iv... § 242.200(g) existed; and (C) Either that the condition of the market at the time the mistake was...

17 CFR 242.203 - Borrowing and delivery requirements.

Code of Federal Regulations, 2011 CFR

2011-04-01

... purchasing securities of like kind and quantity; (iii) Short sales effected by a market maker in connection with bona-fide market making activities in the security for which this exception is claimed; and (iv... § 242.200(g) existed; and (C) Either that the condition of the market at the time the mistake was...

17 CFR 242.203 - Borrowing and delivery requirements.

Code of Federal Regulations, 2014 CFR

2014-04-01

... purchasing securities of like kind and quantity; (iii) Short sales effected by a market maker in connection with bona-fide market making activities in the security for which this exception is claimed; and (iv... § 242.200(g) existed; and (C) Either that the condition of the market at the time the mistake was...

17 CFR 242.203 - Borrowing and delivery requirements.

Code of Federal Regulations, 2013 CFR

2013-04-01

... purchasing securities of like kind and quantity; (iii) Short sales effected by a market maker in connection with bona-fide market making activities in the security for which this exception is claimed; and (iv... § 242.200(g) existed; and (C) Either that the condition of the market at the time the mistake was...

17 CFR 242.203 - Borrowing and delivery requirements.

Code of Federal Regulations, 2012 CFR

2012-04-01

... purchasing securities of like kind and quantity; (iii) Short sales effected by a market maker in connection with bona-fide market making activities in the security for which this exception is claimed; and (iv... § 242.200(g) existed; and (C) Either that the condition of the market at the time the mistake was...

17 CFR 230.135 - Notice of proposed registered offerings.

Code of Federal Regulations, 2011 CFR

2011-04-01

... through any medium a notice of a proposed offering to be registered under the Act will not be deemed to... issuer is directing its offering to only a particular class of purchasers; (vii) Any statements or... offering. In a rights offering to existing security holders: (1) The class of security holders eligible to...

17 CFR 248.5 - Annual privacy notice to customers required.

Code of Federal Regulations, 2010 CFR

2010-04-01

... relationship exists. You may define the 12-consecutive-month period, but you must apply it to the customer on a.... (b)(1) Termination of customer relationship. You are not required to provide an annual notice to a... customers required. 248.5 Section 248.5 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

78 FR 23315 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-18

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... collection of information provided for in Rule 15c3-1 (17 CFR 240.15c3- 1), under the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.). The Commission plans to submit this existing collection of...

Design and Emergence of a Pedagogical Online Infosec Laboratory as an Ensemble Artefact

ERIC Educational Resources Information Center

Iqbal, Sarfraz

2016-01-01

Information security (InfoSec) education becomes increasingly important. Building hands-on capabilities to tackle challenges is a precondition to mitigate and eliminate cyber threats. Existing studies, however, show that the field lacks pedagogically founded information security laboratories that can be used flexibly to educate both on-campus and…

77 FR 49849 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Child Support...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-17

...: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer-matching... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0021] Privacy Act of 1974, as Amended...

hPIN/hTAN: Low-Cost e-Banking Secure against Untrusted Computers

NASA Astrophysics Data System (ADS)

Li, Shujun; Sadeghi, Ahmad-Reza; Schmitz, Roland

We propose hPIN/hTAN, a low-cost token-based e-banking protection scheme when the adversary has full control over the user's computer. Compared with existing hardware-based solutions, hPIN/hTAN depends on neither second trusted channel, nor secure keypad, nor computationally expensive encryption module.

77 FR 38880 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Railroad Retirement Board (SSA...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-29

... Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that... regarding protections for such persons. The Privacy Act, as amended, regulates the use of computer matching... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0002] Privacy Act of 1974, as Amended...

77 FR 27108 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Office of Child Support...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-08

...: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching... protections for such persons. The Privacy Act, as amended, regulates the use of computer matching by Federal... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0010] Privacy Act of 1974, as Amended...

78 FR 37647 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Railroad Retirement Board (RRB...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0010] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Railroad Retirement Board (RRB))--Match Number 1006 AGENCY: Social Security Administration. ACTION: Notice of a renewal of an existing computer matching program that will expire on...

78 FR 51264 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of the Treasury...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-20

... 1016 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer... above. SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2013-0022] Privacy Act of 1974, as Amended...

78 FR 12128 - Privacy Act of 1974; Computer Matching Program (SSA/Department of the Treasury, Internal Revenue...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-21

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0067] Privacy Act of 1974; Computer Matching... Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub. L.) 100-503...

Examining the Effectiveness of the Circle of Security Parenting DVD Program

ERIC Educational Resources Information Center

Rostad, Whitney Louise

2014-01-01

Child maltreatment continues to occur at alarming rates, and while several interventions currently exist for use with parents to minimize the incidence of child maltreatment (Daro & McCurdy, 2007), many can be time consuming for service providers "and" consumers. One program, the Circle of Security (COS), lasts 20 weeks with weekly…

External Labeling as a Framework for Access Control

ERIC Educational Resources Information Center

Rozenbroek, Thomas H.

2012-01-01

With the ever increasing volume of data existing on and passing through on-line resources together with a growing number of legitimate users of that information and potential adversaries, the need for better security and safeguards is immediate and critical. Currently, most of the security and safeguards afforded on-line information are provided…

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

PubMed Central

Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification. PMID:25152923

FlySec: a risk-based airport security management system based on security as a service concept

NASA Astrophysics Data System (ADS)

Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

2016-05-01

Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

Secure voice for mobile satellite applications

NASA Technical Reports Server (NTRS)

Vaisnys, Arvydas; Berner, Jeff

1990-01-01

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

A novel quantum scheme for secure two-party distance computation

NASA Astrophysics Data System (ADS)

Peng, Zhen-wan; Shi, Run-hua; Zhong, Hong; Cui, Jie; Zhang, Shun

2017-12-01

Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point's location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.

[How to establish the hospital information system security policies].

PubMed

Gong, Qing-Yue; Shi, Cheng

2008-03-01

It is important to establish the hospital information system security policies. While these security policies are being established, a comprehensive consideration should be given to the acceptable levels of users, IT supporters and hospital managers. We should have a formal policy designing process that is consistently followed by all security policies. Reasons for establishing the security policies and their coverage and applicable objects should be stated clearly. Besides, each policy should define user's responsibilities and penalties of violation. Every organization will need some key policies, such as of information sources usage, remote access, information protection, perimeter security, and baseline host/device security. Security managing procedures are the mechanisms to enforce the policies. An incident-handling procedure is the most important security managing procedure for all organizations.

26 CFR 1.410(a)-2 - Effective dates.

Code of Federal Regulations, 2010 CFR

2010-04-01

... existence. (c) Time of plan existence—(1) General rule. For purposes of this section, a plan is considered... in existence on January 1, 1974. Under section 1017(a) of the Employee Retirement Income Security Act of 1974, in the case of a plan which was not in existence on January 1, 1974, section 410 and the...

26 CFR 1.411(a)-2 - Effective dates.

Code of Federal Regulations, 2010 CFR

2010-04-01

... existence. (c) Time of plan existence—(1) General rule. For purposes of this section, a plan is considered... in existence on January 1, 1974. Under section 1017(a) of the Employee Retirement Income Security Act of 1974, in the case of a plan which was not in existence on January 1, 1974, section 411 and the...

26 CFR 1.411(a)-2 - Effective dates.

Code of Federal Regulations, 2011 CFR

2011-04-01

... to be in existence. (c) Time of plan existence—(1) General rule. For purposes of this section, a plan.... (a) Plan not in existence on January 1, 1974. Under section 1017(a) of the Employee Retirement Income Security Act of 1974, in the case of a plan which was not in existence on January 1, 1974, section 411 and...