Design of a Forecasting Service System for Monitoring of Vulnerabilities of Sensor Networks

NASA Astrophysics Data System (ADS)

Song, Jae-Gu; Kim, Jong Hyun; Seo, Dong Il; Kim, Seoksoo

This study aims to reduce security vulnerabilities of sensor networks which transmit data in an open environment by developing a forecasting service system. The system is to remove or monitor causes of breach incidents in advance. To that end, this research first examines general security vulnerabilities of sensor networks and analyzes characteristics of existing forecasting systems. Then, 5 steps of a forecasting service system are proposed in order to improve security responses.

Security in the management of information systems.

PubMed

Huston, T L; Huston, J L

1998-06-01

Although security technology exists in abundance in health information management systems, the implementation of that technology is often lacking. This lack of implementation can be heavily affected by the attitudes and perceptions of users and management, the "people part" of systems. Particular operational, organizational, and economic factors must be addressed along with employment of security objectives and accountability. Unique threats, as well as controls, pervade the use of microcomputer-based systems as these systems permeate health care information management.

Aviation Security: Weaknesses in Airport Security and Options for Assigning Screening Responsibilities

DTIC Science & Technology

2001-09-21

actually occurred or which of the weaknesses in the nations aviation security apparatus contributed to the horrendous events of last week, it is...clear that serious weaknesses exist in our aviation security system and that their impact can be far more devastating than previously imagined.

Issues of Falsifying Financial Statements in Terms of Economic Security

ERIC Educational Resources Information Center

Zhitlukhina, Olga G.; Rakutko, Svetlana Y.; Berezhnova, Elena I.; Selezneva, Elena Y.; Belik, Elena V.; Shalaeva, Nina I.; Denisevich, Elena I.; Belik, Natalia V.; Saenko, Zhanna E.; Sultanova, Alina A.

2016-01-01

The paper deals with problems of the country's economic security and entities, timely resolution of which influences directly the country's national security. The cornerstone of successful existence of any country, especially the Russian Federation, during such complicated period is the presence of effective national economic security system.…

Security for decentralized health information systems.

PubMed

Bleumer, G

1994-02-01

Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

Computers Launch Faster, Better Job Matching

ERIC Educational Resources Information Center

Stevenson, Gloria

1976-01-01

Employment Security Automation Project (ESAP), a five-year program sponsored by the Employment and Training Administration, features an innovative computer-assisted job matching system and instantaneous computer-assisted service for unemployment insurance claimants. ESAP will also consolidate existing automated employment security systems to…

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

Protection of data carriers using secure optical codes

NASA Astrophysics Data System (ADS)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

AVQS: attack route-based vulnerability quantification scheme for smart grid.

PubMed

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2012 CFR

2012-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2011 CFR

2011-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2013 CFR

2013-07-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2014 CFR

2014-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

Clarifying Resilience in the Context of Homeland Security

DTIC Science & Technology

2013-03-01

Resilience Is a Complex Adaptive System of Systems ( CASoS ) ....60 4. Resilience Is Experienced and Demonstrated in Different Ways ..60 5. Resilience Is...The inclusion of a resilience module into existing homeland security training programs broadens the practitioner’s knowledge base from a basic level...psychology offer several considerations for the homeland security practitioner. The first consideration maintains that a de -emphasis on the

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2013 CFR

2013-07-01

... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2014 CFR

2014-01-01

... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2012 CFR

2012-01-01

... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

41 CFR 105-64.105 - When may Social Security Numbers (SSNs) be collected?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false When may Social Security...-64.105 When may Social Security Numbers (SSNs) be collected? (a) Statutory or regulatory authority must exist for collecting Social Security Numbers for record systems that use the SSNs as a method of...

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

Endogenous fertility, altruistic behavior across generations, and social security systems.

PubMed

Prinz, A

1990-01-01

This study examines the possible link between the existence of a pay-as-you-go social security program and individual procreative behavior. When a public old-age income support system takes the place of within-family support, the theoretical literature preducts that fertility rates will decline since children are no longer perceived as important to the old age security of the parents. The author takes up this theoretical problem and examines it through three different but related issues: optimal capital accumulation, optimal population growth and the role of social institutions affecting efficient intergenerational allocations. Econometric analysis employing a steady state growth model is used. Altruism between generations is studied for effect on the standard model. The model shows that for social optimum the per capita pension is related to the growth rate of the population, therefore, for society as a whole, children are investment goods. However, given the existence of a social security system, it is in each household's best interest to have no children at all. Only a government transfer, a child allowance to parents, changes the model and fertility rates. When modified to account for "caring" the model demonstrates that altruistic behavior between generations is not symmetrical. The study concludes that a pay-as-you-go funded social security system should be supplemented by a system of child allowances or replaced by a fully funded social security system.

78 FR 77139 - Agency Information Collection Activities: Small Vessel Reporting System

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-20

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... Security. ACTION: 30-Day notice and request for comments; Extension of an existing information collection: 1651-0137. SUMMARY: U.S. Customs and Border Protection (CBP) of the Department of Homeland Security...

Sustainable Food Security Measurement: A Systemic Methodology

NASA Astrophysics Data System (ADS)

Findiastuti, W.; Singgih, M. L.; Anityasari, M.

2017-04-01

Sustainable food security measures how a region provides food for its people without endangered the environment. In Indonesia, it was legally measured in Food Security and Vulnerability (FSVA). However, regard to sustainable food security policy, the measurement has not encompassed the environmental aspect. This will lead to lack of environmental aspect information for adjusting the next strategy. This study aimed to assess Sustainable Food security by encompassing both food security and environment aspect using systemic eco-efficiency. Given existing indicator of cereal production level, total emission as environment indicator was generated by constructing Causal Loop Diagram (CLD). Then, a stock-flow diagram was used to develop systemic simulation model. This model was demonstrated for Indonesian five provinces. The result showed there was difference between food security order with and without environmental aspect assessment.

AVIATION SECURITY: Terrorist Acts Demonstrate Urgent Need to Improve Security at the Nation’s Airports

DTIC Science & Technology

2001-09-20

what actually occurred or what all the weaknesses in the nation’s aviation security apparatus are that contributed to the horrendous events of last week...it is clear that serious weaknesses exist in our aviation security system and that their impact can be far more devastating than previously imagined...offer some observations about improving aviation security in these various areas.

Architecture of security management unit for safe hosting of multiple agents

NASA Astrophysics Data System (ADS)

Gilmont, Tanguy; Legat, Jean-Didier; Quisquater, Jean-Jacques

1999-04-01

In such growing areas as remote applications in large public networks, electronic commerce, digital signature, intellectual property and copyright protection, and even operating system extensibility, the hardware security level offered by existing processors is insufficient. They lack protection mechanisms that prevent the user from tampering critical data owned by those applications. Some devices make exception, but have not enough processing power nor enough memory to stand up to such applications (e.g. smart cards). This paper proposes an architecture of secure processor, in which the classical memory management unit is extended into a new security management unit. It allows ciphered code execution and ciphered data processing. An internal permanent memory can store cipher keys and critical data for several client agents simultaneously. The ordinary supervisor privilege scheme is replaced by a privilege inheritance mechanism that is more suited to operating system extensibility. The result is a secure processor that has hardware support for extensible multitask operating systems, and can be used for both general applications and critical applications needing strong protection. The security management unit and the internal permanent memory can be added to an existing CPU core without loss of performance, and do not require it to be modified.

76 FR 59733 - Privacy Act of 1974, as Amended; Notice To Amend an Existing System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-27

... name, alias, address, date of birth, social security number, blood degree, enrollment/BIA number, date... suspected or confirmed compromise there is a risk of harm to economic or property interest, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs whether...

Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

PubMed

Mishra, Dheerendra

2015-03-01

Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

Identifiable piezoelectric security system design

NASA Astrophysics Data System (ADS)

Li, Zhenyu; Zhang, Xiaoming

2017-10-01

Directing at the disadvantages of low environmental suitability, inferior anti-interference ability and being easy to be found and destroyed in existing security product, a kind of identifiable piezoelectric security system based on piezoelectric cable is designed. The present system gathers vibration signals of different moving bodies, such as human, vehicles, animals and so on, with piezoelectric cable buried under -ground and distinguishes the different moving bodies through recognition algorithm and thus giving an alarm. As is shown in experiments, the present system has the features of good concealment and high accuracy in distinguishing moving bodies.

Obsessive-compulsive disorder as a disturbance of security motivation: constraints on comorbidity.

PubMed

Szechtman, H; Woody, E Z

2006-10-01

Patients with OCD often meet criteria for additional psychiatric disorders, with the incidence of comorbidity being as high as 75% in some studies. Here we examine the theoretical plausibility that in OCD much of the domain of co-morbid presentations encompasses related perturbations of the security motivation system. According to a recent proposal, the security motivation system represents a biologically primitive special motivation that is activated by potential (as opposed to imminent) danger to self or intimate others and engages a set of specialized species-typical behaviors (such as checking and washing) to handle potential danger. Because the task of security motivation is open ended, in the sense that no consummatory stimuli can exist in the real world to indicate the absence of potential danger, the shutdown of security motivation is produced by a self-generated feeling of knowing, a satiety signal termed yedasentience. In this schema, OCD results from a failure to generate or respond to the yedasentience signal: without this negative feedback the patient persists abnormally long in a strong motivational state having to do with primal, basic threats to existence, a condition that leads to prolonged engagement in security-related behaviors, such as the checking and washing, characteristic of OCD compulsions and obsessions. Considering the proposed neuronatomy of security motivation system and OCD, we discuss the likelihood that the phenomenon of "spread of allied reflexes" can produce other security-related psychiatric conditions, as well as the possibility that disturbances along different pathways of the security motivation system can lead to apparently different disorders.

Research on the information security system in electrical gis system in mobile application

NASA Astrophysics Data System (ADS)

Zhou, Chao; Feng, Renjun; Jiang, Haitao; Huang, Wei; Zhu, Daohua

2017-05-01

With the rapid development of social informatization process, the demands of government, enterprise, and individuals for spatial information becomes larger. In addition, the combination of wireless network technology and spatial information technology promotes the generation and development of mobile technologies. In today’s rapidly developed information technology field, network technology and mobile communication have become the two pillar industries by leaps and bounds. They almost absorbed and adopted all the latest information, communication, computer, electronics and so on new technologies. Concomitantly, the network coverage is more and more big, the transmission rate is faster and faster, the volume of user’s terminal is smaller and smaller. What’s more, from LAN to WAN, from wired network to wireless network, from wired access to mobile wireless access, people’s demand for communication technology is increasingly higher. As a result, mobile communication technology is facing unprecedented challenges as well as unprecedented opportunities. When combined with the existing mobile communication network, it led to the development of leaps and bounds. However, due to the inherent dependence of the system on the existing computer communication network, information security problems cannot be ignored. Today’s information security has penetrated into all aspects of life. Information system is a complex computer system, and it’s physical, operational and management vulnerabilities constitute the security vulnerability of the system. Firstly, this paper analyzes the composition of mobile enterprise network and information security threat. Secondly, this paper puts forward the security planning and measures, and constructs the information security structure.

75 FR 28046 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-002...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-19

... nation's transportation systems to ensure freedom of movement for people and commerce. To achieve this.... Another routine use permits the release of information to the media when there exists a legitimate public... limited to, Social security number; pilot certificate information, including number and country of...

75 FR 28042 - Privacy Act of 1974: System of Records; Department of Homeland Security Transportation Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-19

... the nation's transportation systems to ensure freedom of movement for people and commerce. To achieve... the media when there exists a legitimate public interest in disclosing information. Release under this..., including identification media and identifying information such as name, address, gender, date of birth...

77 FR 62059 - Privacy Act of 1974, as Amended; Revisions to Existing Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-11

... and forms, microfilm or microfiche, and in computer processable storage media such as personnel system... 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986... apply: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer...

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

PubMed Central

Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification. PMID:25152923

Research on mobile electronic commerce security technology based on WPKI

NASA Astrophysics Data System (ADS)

Zhang, Bo

2013-07-01

Through the in-depth study on the existing mobile e-commerce and WAP protocols, this paper presents a security solution of e-commerce system based on WPKI, and describes its implementation process and specific implementation details. This solution uniformly distributes the key used by the various participating entities , to fully ensure the confidentiality, authentication, fairness and integrity of mobile e-commerce payments, therefore has some pract ical value for improving the security of e-commerce system.

International organizations to enable world-wide mobile satellite services

NASA Technical Reports Server (NTRS)

Anglin, Richard L., Jr.

1993-01-01

Numbers of systems exist or have been proposed to provide world-wide mobile satellite services (MSS). Developers of these systems have formulated institutional structures they consider most appropriate for profitable delivery of these services. MSS systems provide niche services and complement traditional telecommunications networks; they are not integrated into world-wide networks. To be successful, MSS system operators must be able to provide an integrated suite of services to support the increasing globalization, interconnectivity, and mobility of business. The critical issue to enabling 'universal roaming' is securing authority to provide MSS in all of the nations of the world. Such authority must be secured in the context of evolving trends in international telecommunications, and must specifically address issues of standardization, regulation and organization. Today, only one existing organization has such world-wide authority. The question is how proponents of new MSS systems and services can gain similar authority. Securing the appropriate authorizations requires that these new organizations reflect the objectives of the nations in which services are to be delivered.

Federal Plan for Cyber Security and Information Assurance Research and Development

DTIC Science & Technology

2006-04-01

Security Systems 103 varieties of the BB84 scheme have been developed, and other forms of quantum key distribution have been proposed. Rapid progress has led... key . Capability Gaps Existing quantum cryptographic protocols may also have weaknesses. Although BB84 is generally regarded as secure , researchers...complement agency-specific prioritization and R&D planning efforts in cyber security and information assurance. The Plan also describes the key Federal

The Epistemic Representation of Information Flow Security in Probabilistic Systems

DTIC Science & Technology

1995-06-01

The new characterization also means that our security crite- rion is expressible in a simpler logic and model. 1 Introduction Multilevel security is...ber generator) during its execution. Such probabilistic choices are useful in a multilevel security context for Supported by grants HKUST 608/94E from... 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and

Taking Steps to Protect Against the Insider Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pope, Noah Gale; Williams, Martha; Lewis, Joel

2015-10-16

Research reactors are required (in accordance with the Safeguards Agreement between the State and the IAEA) to maintain a system of nuclear material accounting and control for reporting quantities of nuclear material received, shipped, and held on inventory. Enhancements to the existing accounting and control system can be made at little additional cost to the facility, and these enhancements can make nuclear material accounting and control useful for nuclear security. In particular, nuclear material accounting and control measures can be useful in protecting against an insider who is intent on unauthorized removal or misuse of nuclear material or misuse ofmore » equipment. An enhanced nuclear material accounting and control system that responds to nuclear security is described in NSS-25G, Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities, which is scheduled for distribution by the IAEA Department of Nuclear Security later this year. Accounting and control measures that respond to the insider threat are also described in NSS-33, Establishing a System for Control of Nuclear Material for Nuclear Security Purposes at a Facility During Storage, Use and Movement, and in NSS-41, Preventive and Protective Measures against Insider Threats (originally issued as NSS-08), which are available in draft form. This paper describes enhancements to existing material control and accounting systems that are specific to research reactors, and shows how they are important to nuclear security and protecting against an insider.« less

76 FR 41850 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-15

... to use their existing quotation systems to enter quotes for complex order strategies rather than... posted on the complex order book are not firm, nor included in the national market system. The Exchange... Complex Orders July 11, 2011. Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934 (the...

5 CFR 9701.506 - Impact on existing agreements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Impact on existing agreements. 9701.506 Section 9701.506 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT... HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.506 Impact on existing agreements...

Sandia National Laboratories proof-of-concept robotic security vehicle

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harrington, J.J.; Jones, D.P.; Klarer, P.R.

1989-01-01

Several years ago Sandia National Laboratories developed a prototype interior robot that could navigate autonomously inside a large complex building to air and test interior intrusion detection systems. Recently the Department of Energy Office of Safeguards and Security has supported the development of a vehicle that will perform limited security functions autonomously in a structured exterior environment. The goal of the first phase of this project was to demonstrate the feasibility of an exterior robotic vehicle for security applications by using converted interior robot technology, if applicable. An existing teleoperational test bed vehicle with remote driving controls was modified andmore » integrated with a newly developed command driving station and navigation system hardware and software to form the Robotic Security Vehicle (RSV) system. The RSV, also called the Sandia Mobile Autonomous Navigator (SANDMAN), has been successfully used to demonstrate that teleoperated security vehicles which can perform limited autonomous functions are viable and have the potential to decrease security manpower requirements and improve system capabilities. 2 refs., 3 figs.« less

Using ESB and BPEL for Evolving Healthcare Systems Towards Pervasive, Grid-Enabled SOA

NASA Astrophysics Data System (ADS)

Koufi, V.; Malamateniou, F.; Papakonstantinou, D.; Vassilacopoulos, G.

Healthcare organizations often face the challenge of integrating diverse and geographically disparate information technology systems to respond to changing requirements and to exploit the capabilities of modern technologies. Hence, systems evolution, through modification and extension of the existing information technology infrastructure, becomes a necessity. Moreover, the availability of these systems at the point of care when needed is a vital issue for the quality of healthcare provided to patients. This chapter takes a process perspective of healthcare delivery within and across organizational boundaries and presents a disciplined approach for evolving healthcare systems towards a pervasive, grid-enabled service-oriented architecture using the enterprise system bus middleware technology for resolving integration issues, the business process execution language for supporting collaboration requirements and grid middleware technology for both addressing common SOA scalability requirements and complementing existing system functionality. In such an environment, appropriate security mechanisms must ensure authorized access to integrated healthcare services and data. To this end, a security framework addressing security aspects such as authorization and access control is also presented.

Remote video assessment for missile launch facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wagner, G.G.; Stewart, W.A.

1995-07-01

The widely dispersed, unmanned launch facilities (LFs) for land-based ICBMs (intercontinental ballistic missiles) currently do not have visual assessment capability for existing intrusion alarms. The security response force currently must assess each alarm on-site. Remote assessment will enhance manpower, safety, and security efforts. Sandia National Laboratories was tasked by the USAF Electronic Systems Center to research, recommend, and demonstrate a cost-effective remote video assessment capability at missile LFs. The project`s charter was to provide: system concepts; market survey analysis; technology search recommendations; and operational hardware demonstrations for remote video assessment from a missile LF to a remote security center viamore » a cost-effective transmission medium and without using visible, on-site lighting. The technical challenges of this project were to: analyze various video transmission media and emphasize using the existing missile system copper line which can be as long as 30 miles; accentuate and extremely low-cost system because of the many sites requiring system installation; integrate the video assessment system with the current LF alarm system; and provide video assessment at the remote sites with non-visible lighting.« less

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

Crosstalk: The Journal of Defense Software Engineering. Volume 22, Number 3

DTIC Science & Technology

2009-04-01

international standard for information security management systems like ISO /IEC 27001 :2005 [1] existed. Since that time, the organization has developed control...of ISO /IEC 27001 and the desire to make decisions based on business value and risk has prompted Ford’s IT Security and Controls organi- zation to begin...their conventional application security operation.u References 1. ISO /IEC 27001 :2005. “Information Technology – Security Techniques – Information

Towards a Scalable Group Vehicle-based Security System

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M

2016-01-01

In August 2014, the National Highway Traffic Safety Administration (NHTSA) proposed new rulemaking to require V2V communication in light vehicles. To establish trust in the basic safety messages (BSMs) that are exchanged by vehicles to improve driver safety, a vehicle public key infrastructure (VPKI) is required. We outline a system where a group or groups of vehicles manage and generate their own BSM signing keys and authenticating certificates -- a Vehicle-Based Security System (VBSS). Based on our preliminary examination, we assert the mechanisms exist to implement a VBSS that supports V2V communications; however, maintaining uniform trust throughout the system whilemore » protecting individual privacy does require reliance on nascent group signature technology which may require a significant amount of communication overhead for trust maintenance. To better evaluate the VBSS approach, we compare it to the proposed Security Credential Management System (SCMS) in four major areas including bootstrapping, pseudonym provisioning, BSM signing and authentication, and revocation. System scale, driver privacy, and the distribution and dynamics of participants make designing an effective VPKI an interesting and challenging problem; no clear-cut strategy exists to satisfy the security and privacy expectations in a highly efficient way. More work is needed in VPKI research, so the life-saving promise of V2V technology can be achieved.« less

76 FR 66917 - Privacy Act of 1974; Notice To Amend an Existing System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-28

... methodologies. DATES: The proposed amendment to this existing system of records will become effective without... that this amendment should not become effective on that date. Comments regarding this amendment must be...: Name, date and place of birth, social security number, citizenship status, grade, organization...

Trust Management and Accountability for Internet Security

ERIC Educational Resources Information Center

Liu, Wayne W.

2011-01-01

Adversarial yet interacting interdependent relationships in information sharing and service provisioning have been a pressing issue of the Internet. Such relationships exist among autonomous software agents, in networking system peers, as well as between "service users and providers." Traditional "ad hoc" security approaches effective in…

Earth Observations for Global Water Security

NASA Technical Reports Server (NTRS)

Lawford, Richard; Strauch, Adrian; Toll, David; Fekete, Balazs; Cripe, Douglas

2013-01-01

The combined effects of population growth, increasing demands for water to support agriculture, energy security, and industrial expansion, and the challenges of climate change give rise to an urgent need to carefully monitor and assess trends and variations in water resources. Doing so will ensure that sustainable access to adequate quantities of safe and useable water will serve as a foundation for water security. Both satellite and in situ observations combined with data assimilation and models are needed for effective, integrated monitoring of the water cycle's trends and variability in terms of both quantity and quality. On the basis of a review of existing observational systems, we argue that a new integrated monitoring capability for water security purposes is urgently needed. Furthermore, the components for this capability exist and could be integrated through the cooperation of national observational programmes. The Group on Earth Observations should play a central role in the design, implementation, management and analysis of this system and its products.

44 CFR 6.72 - Effective date of new system of records or alteration of an existing system of records.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 44 Emergency Management and Assistance 1 2010-10-01 2010-10-01 false Effective date of new system of records or alteration of an existing system of records. 6.72 Section 6.72 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL IMPLEMENTATION OF THE PRIVACY ACT OF 1974 Report on New...

Field trial of the enhanced data authentication system (EDAS)

DOE PAGES

Thomas, Maikael A.; Hymel, Ross W.; Baldwin, George; ...

2016-11-01

The Enhanced Data Authentication System (EDAS) is means to securely branch information from an existing measurement system or data stream to a secondary observer. In an international nuclear safeguards context, the EDAS connects to operator instrumentation, and provides a cryptographically secure copy of the information for a safeguards inspectorate. However, this novel capability could be a valuable complement to inspector-owned safeguards instrumentation, offering context that is valuable for anomaly resolution and contingency.

Solar Thermal Utility-Scale Joint Venture Program (USJVP) Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

MANCINI,THOMAS R.

2001-04-01

Several years ago Sandia National Laboratories developed a prototype interior robot [1] that could navigate autonomously inside a large complex building to aid and test interior intrusion detection systems. Recently the Department of Energy Office of Safeguards and Security has supported the development of a vehicle that will perform limited security functions autonomously in a structured exterior environment. The goal of the first phase of this project was to demonstrate the feasibility of an exterior robotic vehicle for security applications by using converted interior robot technology, if applicable. An existing teleoperational test bed vehicle with remote driving controls was modifiedmore » and integrated with a newly developed command driving station and navigation system hardware and software to form the Robotic Security Vehicle (RSV) system. The RSV, also called the Sandia Mobile Autonomous Navigator (SANDMAN), has been successfully used to demonstrate that teleoperated security vehicles which can perform limited autonomous functions are viable and have the potential to decrease security manpower requirements and improve system capabilities.« less

Increasing the resilience and security of the United States' power infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-worldmore » conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.« less

Shaping the Future: A Holistic Approach to Planning

DTIC Science & Technology

1992-03-01

history. Revolutionary changes affect the world’s political , economic, and security systems. Because of these changes, the opportuni ty exists to...paralyze our thinking, cause us to muddle through, or vigorously attempt to shape the future. Change causes macro-economic, social, political , and...purposes of this paper, in military and security matters. Today, for example, the United States’ national security relates to domestic politics , global

A model of airport security work flow based on petri net

NASA Astrophysics Data System (ADS)

Dong, Xinming

2017-09-01

Extremely long lines at airports in the United States have been sharply criticized. In order to find out the bottleneck in the existing security system and put forward reasonable improvement plans and proposal, the Petri net model and the Markov Chain are introduced in this paper. This paper uses data collected by transportation Security Agency (TSA), assuming the data can represent the average level of all airports in the Unites States, to analysis the performance of security check system. By calculating the busy probabilities and the utilization probabilities, the bottleneck is found. Moreover, recommendation is given based on the parameters’ modification in Petri net model.

An E-payment system based on quantum group signature

NASA Astrophysics Data System (ADS)

Xiaojun, Wen

2010-12-01

Security and anonymity are essential to E-payment systems. However, existing E-payment systems will easily be broken into soon with the emergence of quantum computers. In this paper, we propose an E-payment system based on quantum group signature. In contrast to classical E-payment systems, our quantum E-payment system can protect not only the users' anonymity but also the inner structure of customer groups. Because of adopting the two techniques of quantum key distribution, a one-time pad and quantum group signature, unconditional security of our E-payment system is guaranteed.

Experimental quantum key distribution with source flaws

NASA Astrophysics Data System (ADS)

Xu, Feihu; Wei, Kejin; Sajeed, Shihan; Kaiser, Sarah; Sun, Shihai; Tang, Zhiyuan; Qian, Li; Makarov, Vadim; Lo, Hoi-Kwong

2015-09-01

Decoy-state quantum key distribution (QKD) is a standard technique in current quantum cryptographic implementations. Unfortunately, existing experiments have two important drawbacks: the state preparation is assumed to be perfect without errors and the employed security proofs do not fully consider the finite-key effects for general attacks. These two drawbacks mean that existing experiments are not guaranteed to be proven to be secure in practice. Here, we perform an experiment that shows secure QKD with imperfect state preparations over long distances and achieves rigorous finite-key security bounds for decoy-state QKD against coherent attacks in the universally composable framework. We quantify the source flaws experimentally and demonstrate a QKD implementation that is tolerant to channel loss despite the source flaws. Our implementation considers more real-world problems than most previous experiments, and our theory can be applied to general discrete-variable QKD systems. These features constitute a step towards secure QKD with imperfect devices.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Creation of backdoors in quantum communications via laser damage

NASA Astrophysics Data System (ADS)

Makarov, Vadim; Bourgoin, Jean-Philippe; Chaiwongkhot, Poompong; Gagné, Mathieu; Jennewein, Thomas; Kaiser, Sarah; Kashyap, Raman; Legré, Matthieu; Minshull, Carter; Sajeed, Shihan

2016-09-01

Practical quantum communication (QC) protocols are assumed to be secure provided implemented devices are properly characterized and all known side channels are closed. We show that this is not always true. We demonstrate a laser-damage attack capable of modifying device behavior on demand. We test it on two practical QC systems for key distribution and coin tossing, and show that newly created deviations lead to side channels. This reveals that laser damage is a potential security risk to existing QC systems, and necessitates their testing to guarantee security.

Strengthening health security at the Hajj mass gatherings: characteristics of the infectious diseases surveillance systems operational during the 2015 Hajj.

PubMed

Alotaibi, Badriah M; Yezli, Saber; Bin Saeed, Abdul-Aziz A; Turkestani, Abdulhafeez; Alawam, Amnah H; Bieh, Kingsley L

2017-05-01

Hajj is one of the largest and the most ethnically and culturally diverse mass gatherings worldwide. The use of appropriate surveillance systems ensures timely information management for effective planning and response to infectious diseases threats during the pilgrimage. The literature describes infectious diseases prevention and control strategies for Hajj but with limited information on the operations and characteristics of the existing Hajj infectious diseases surveillance systems. We reviewed documents, including guidelines and reports from the Saudi Ministry of Health's database, to describe the characteristics of the infectious diseases surveillance systems that were operational during the 2015 Hajj, highlighting best practices and gaps and proposing strategies for strengthening and improvement. Using Pubmed and Embase online search engines and a combination of search terms including, 'mass gatherings' 'Olympics' 'surveillance' 'Hajj' 'health security', we explored the existing literature and highlighted some lessons learnt from other international mass gatherings. A regular indicator-based infectious disease surveillance system generates routine reports from health facilities within the Kingdom to the regional and central public health directorates all year round. During Hajj, enhanced indicator-based notifiable diseases surveillance systems complement the existing surveillance tool to ensure timely reporting of event information for appropriate action by public health officials. There is need to integrate the existing Hajj surveillance data management systems and to implement syndromic surveillance as an early warning system for infectious disease control during Hajj. International engagement is important to strengthen Hajj infectious diseases surveillance and to prevent disease transmission and globalization of infectious agents which could undermine global health security. © International Society of Travel Medicine, 2017. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com

PKPass

DOE Office of Scientific and Technical Information (OSTI.GOV)

Adamson, Ryan M.

Password management solutions exist, but few are designed for enterprise systems administrators sharing oncall rotations. Due to the Multi-Factor Level of Assurance 4 effort, DOE is now distributing PIV cards with cryptographically signed certificate and private key pairs to administrators and other security-significant users. We utilize this public key infrastructure (PKI) to encrypt passwords for other recipients in a secure way. This is cross platform (works on OSX and Linux systems), and has already been adopted internally by the NCCS systems administration staff to replace their old password book system.

Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abbott, Shannon

In recent years, insider threat programs have become an important aspect of nuclear security, and nuclear security training courses. However, many nuclear security insider threat programs fail to address the insider threat attack and monitoring potential that exists on information technology (IT) systems. This failure is critical because of the importance of information technology and networks in today’s world. IT systems offer an opportunity to perpetrate dangerous insider attacks, but they also present an opportunity to monitor for them and prevent them. This paper suggests a number of best practices for monitoring and preventing insider attacks on IT systems, andmore » proposes the development of a new IT insider threat tabletop that can be used to help train nuclear security practitioners on how best to implement IT insider threat prevention best practices. The development of IT insider threat best practices and a practical tabletop exercise will allow nuclear security practitioners to improve nuclear security trainings as it integrates a critical part of insider threat prevention into the broader nuclear security system.« less

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

75 FR 18863 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-006...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

... transportation systems to ensure freedom of movement for people and commerce. To achieve this mission, TSA is... use permits the release of information to the media when there exists a legitimate public interest in... compromise there is a risk of [[Page 18866

Toward a Dependable Peace: A Proposal for an Appropriate Security System.

ERIC Educational Resources Information Center

Johansen, Robert C.

This booklet proposes that citizens and governments think imaginatively about national and international security and take action for comprehensive arms reductions. The document is presented in eight chapters. Chapter I reports that global insecurity exists despite continuous arms control negotiations since World War II. Chapter II discusses…

Designing, Implementing, and Evaluating Secure Web Browsers

ERIC Educational Resources Information Center

Grier, Christopher L.

2009-01-01

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

Protecting clinical data on Web client computers: the PCASSO approach.

PubMed Central

Masys, D. R.; Baker, D. B.

1998-01-01

The ubiquity and ease of use of the Web have made it an increasingly popular medium for communication of health-related information. Web interfaces to commercially available clinical information systems are now available or under development by most major vendors. To the extent that such interfaces involve the use of unprotected operating systems, they are vulnerable to security limitations of Web client software environments. The Patient Centered Access to Secure Systems Online (PCASSO) project extends the protections for person-identifiable health data on Web client computers. PCASSO uses several approaches, including physical protection of authentication information, execution containment, graphical displays, and monitoring the client system for intrusions and co-existing programs that may compromise security. PMID:9929243

Secure voice for mobile satellite applications

NASA Technical Reports Server (NTRS)

Vaisnys, Arvydas; Berner, Jeff

1990-01-01

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

ReTrust: attack-resistant and lightweight trust management for medical sensor networks.

PubMed

He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Vasilakos, Athanasios V

2012-07-01

Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.

48 CFR 3401.670-1 - General.

Code of Federal Regulations, 2012 CFR

2012-10-01

... in which an information technology system exists, the System Security Officer for that system will... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false General. 3401.670-1 Section 3401.670-1 Federal Acquisition Regulations System DEPARTMENT OF EDUCATION ACQUISITION REGULATION...

48 CFR 3401.670-1 - General.

Code of Federal Regulations, 2014 CFR

2014-10-01

... in which an information technology system exists, the System Security Officer for that system will... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false General. 3401.670-1 Section 3401.670-1 Federal Acquisition Regulations System DEPARTMENT OF EDUCATION ACQUISITION REGULATION...

48 CFR 3401.670-1 - General.

Code of Federal Regulations, 2013 CFR

2013-10-01

... in which an information technology system exists, the System Security Officer for that system will... 48 Federal Acquisition Regulations System 7 2013-10-01 2012-10-01 true General. 3401.670-1 Section 3401.670-1 Federal Acquisition Regulations System DEPARTMENT OF EDUCATION ACQUISITION REGULATION...

48 CFR 3401.670-1 - General.

Code of Federal Regulations, 2011 CFR

2011-10-01

... in which an information technology system exists, the System Security Officer for that system will... 48 Federal Acquisition Regulations System 7 2011-10-01 2011-10-01 false General. 3401.670-1 Section 3401.670-1 Federal Acquisition Regulations System DEPARTMENT OF EDUCATION ACQUISITION REGULATION...

Economic performance of water storage capacity expansion for food security

NASA Astrophysics Data System (ADS)

Gohar, Abdelaziz A.; Ward, Frank A.; Amer, Saud A.

2013-03-01

SummaryContinued climate variability, population growth, and rising food prices present ongoing challenges for achieving food and water security in poor countries that lack adequate water infrastructure. Undeveloped storage infrastructure presents a special challenge in northern Afghanistan, where food security is undermined by highly variable water supplies, inefficient water allocation rules, and a damaged irrigation system due three decades of war and conflict. Little peer-reviewed research to date has analyzed the economic benefits of water storage capacity expansions as a mechanism to sustain food security over long periods of variable climate and growing food demands needed to feed growing populations. This paper develops and applies an integrated water resources management framework that analyzes impacts of storage capacity expansions for sustaining farm income and food security in the face of highly fluctuating water supplies. Findings illustrate that in Afghanistan's Balkh Basin, total farm income and food security from crop irrigation increase, but at a declining rate as water storage capacity increases from zero to an amount equal to six times the basin's long term water supply. Total farm income increases by 21%, 41%, and 42% for small, medium, and large reservoir capacity, respectively, compared to the existing irrigation system unassisted by reservoir storage capacity. Results provide a framework to target water infrastructure investments that improve food security for river basins in the world's dry regions with low existing storage capacity that face ongoing climate variability and increased demands for food security for growing populations.

Flexible session management in a distributed environment

NASA Astrophysics Data System (ADS)

Miller, Zach; Bradley, Dan; Tannenbaum, Todd; Sfiligoi, Igor

2010-04-01

Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR's separation of these layers. Regardless of the authentication method used, CEDAR establishes a secure session key, which has the flexibility to be used for multiple capabilities. We demonstrate how a layered approach to security sessions can avoid round-trips and latency inherent in network authentication. The creation of a distinct session management layer allows for optimizations to improve scalability by way of delegating sessions to other components in the system. This session delegation creates a chain of trust that reduces the overhead of establishing secure connections and enables centralized enforcement of system-wide security policies. Additionally, secure channels based upon UDP datagrams are often overlooked by existing libraries; we show how CEDAR's structure accommodates this as well. As an example of the utility of this work, we show how the use of delegated security sessions and other techniques inherent in CEDAR's architecture enables US CMS to meet their scalability requirements in deploying Condor over large-scale, wide-area grid systems.

Enhancing security and improving interoperability in healthcare information systems.

PubMed

Gritzalis, D A

1998-01-01

Security is a key issue in healthcare information systems, since most aspects of security become of considerable or even critical importance when handling healthcare information. In addition, the intense need for information exchange has revealed interoperability of systems and applications as another key issue. Standardization can play an important role towards both these issues. In this paper, relevant standardization activities are briefly presented, and existing and emerging healthcare information security standards are identified and critically analysed. The analysis is based on a framework which has been developed for this reason. Therefore, the identification of gaps and inconsistencies in current standardization, the description of the conflicts of standards with legislation, and the analysis of implications of these standards to user organizations, are the main results of this paper.

Performance of device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Cao, Zhu; Zhao, Qi; Ma, Xiongfeng

2016-07-01

Quantum key distribution provides information-theoretically-secure communication. In practice, device imperfections may jeopardise the system security. Device-independent quantum key distribution solves this problem by providing secure keys even when the quantum devices are untrusted and uncharacterized. Following a recent security proof of the device-independent quantum key distribution, we improve the key rate by tightening the parameter choice in the security proof. In practice where the system is lossy, we further improve the key rate by taking into account the loss position information. From our numerical simulation, our method can outperform existing results. Meanwhile, we outline clear experimental requirements for implementing device-independent quantum key distribution. The maximal tolerable error rate is 1.6%, the minimal required transmittance is 97.3%, and the minimal required visibility is 96.8 % .

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL ismore » tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.« less

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

Summary of vulnerability related technologies based on machine learning

NASA Astrophysics Data System (ADS)

Zhao, Lei; Chen, Zhihao; Jia, Qiong

2018-04-01

As the scale of information system increases by an order of magnitude, the complexity of system software is getting higher. The vulnerability interaction from design, development and deployment to implementation stages greatly increases the risk of the entire information system being attacked successfully. Considering the limitations and lags of the existing mainstream security vulnerability detection techniques, this paper summarizes the development and current status of related technologies based on the machine learning methods applied to deal with massive and irregular data, and handling security vulnerabilities.

A Multifactor Secure Authentication System for Wireless Payment

NASA Astrophysics Data System (ADS)

Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

Implementation and evaluation of an efficient secure computation system using ‘R’ for healthcare statistics

PubMed Central

Chida, Koji; Morohashi, Gembu; Fuji, Hitoshi; Magata, Fumihiko; Fujimura, Akiko; Hamada, Koki; Ikarashi, Dai; Yamamoto, Ryuichi

2014-01-01

Background and objective While the secondary use of medical data has gained attention, its adoption has been constrained due to protection of patient privacy. Making medical data secure by de-identification can be problematic, especially when the data concerns rare diseases. We require rigorous security management measures. Materials and methods Using secure computation, an approach from cryptography, our system can compute various statistics over encrypted medical records without decrypting them. An issue of secure computation is that the amount of processing time required is immense. We implemented a system that securely computes healthcare statistics from the statistical computing software ‘R’ by effectively combining secret-sharing-based secure computation with original computation. Results Testing confirmed that our system could correctly complete computation of average and unbiased variance of approximately 50 000 records of dummy insurance claim data in a little over a second. Computation including conditional expressions and/or comparison of values, for example, t test and median, could also be correctly completed in several tens of seconds to a few minutes. Discussion If medical records are simply encrypted, the risk of leaks exists because decryption is usually required during statistical analysis. Our system possesses high-level security because medical records remain in encrypted state even during statistical analysis. Also, our system can securely compute some basic statistics with conditional expressions using ‘R’ that works interactively while secure computation protocols generally require a significant amount of processing time. Conclusions We propose a secure statistical analysis system using ‘R’ for medical data that effectively integrates secret-sharing-based secure computation and original computation. PMID:24763677

Implementation and evaluation of an efficient secure computation system using 'R' for healthcare statistics.

PubMed

Chida, Koji; Morohashi, Gembu; Fuji, Hitoshi; Magata, Fumihiko; Fujimura, Akiko; Hamada, Koki; Ikarashi, Dai; Yamamoto, Ryuichi

2014-10-01

While the secondary use of medical data has gained attention, its adoption has been constrained due to protection of patient privacy. Making medical data secure by de-identification can be problematic, especially when the data concerns rare diseases. We require rigorous security management measures. Using secure computation, an approach from cryptography, our system can compute various statistics over encrypted medical records without decrypting them. An issue of secure computation is that the amount of processing time required is immense. We implemented a system that securely computes healthcare statistics from the statistical computing software 'R' by effectively combining secret-sharing-based secure computation with original computation. Testing confirmed that our system could correctly complete computation of average and unbiased variance of approximately 50,000 records of dummy insurance claim data in a little over a second. Computation including conditional expressions and/or comparison of values, for example, t test and median, could also be correctly completed in several tens of seconds to a few minutes. If medical records are simply encrypted, the risk of leaks exists because decryption is usually required during statistical analysis. Our system possesses high-level security because medical records remain in encrypted state even during statistical analysis. Also, our system can securely compute some basic statistics with conditional expressions using 'R' that works interactively while secure computation protocols generally require a significant amount of processing time. We propose a secure statistical analysis system using 'R' for medical data that effectively integrates secret-sharing-based secure computation and original computation. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://group.bmj.com/group/rights-licensing/permissions.

78 FR 7804 - Privacy Act of 1974; as amended; Notice to Amend an Existing System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Indian Irrigation projects are constructed, including name, social security number, account/ID, whether... information, including name of debtor, address, tax identification number, social security number, ownership... suspected or confirmed compromise there is a risk of harm to economic or property interest, identity theft...

A Study on the Secure User Profiling Structure and Procedure for Home Healthcare Systems.

PubMed

Ko, Hoon; Song, MoonBae

2016-01-01

Despite of various benefits such as a convenience and efficiency, home healthcare systems have some inherent security risks that may cause a serious leak on personal health information. This work presents a Secure User Profiling Structure which has the patient information including their health information. A patient and a hospital keep it at that same time, they share the updated data. While they share the data and communicate, the data can be leaked. To solve the security problems, a secure communication channel with a hash function and an One-Time Password between a client and a hospital should be established and to generate an input value to an OTP, it uses a dual hash-function. This work presents a dual hash function-based approach to generate the One-Time Password ensuring a secure communication channel with the secured key. In result, attackers are unable to decrypt the leaked information because of the secured key; in addition, the proposed method outperforms the existing methods in terms of computation cost.

Developing a Standard Method for Link-Layer Security of CCSDS Space Communications

NASA Technical Reports Server (NTRS)

Biggerstaff, Craig

2009-01-01

Communications security for space systems has been a specialized field generally far removed from considerations of mission interoperability and cross-support in fact, these considerations often have been viewed as intrinsically opposed to security objectives. The space communications protocols defined by the Consultative Committee for Space Data Systems (CCSDS) have a twenty-five year history of successful use in over 400 missions. While the CCSDS Telemetry, Telecommand, and Advancing Orbiting Systems protocols for use at OSI Layer 2 are operationally mature, there has been no direct support within these protocols for communications security techniques. Link-layer communications security has been successfully implemented in the past using mission-unique methods, but never before with an objective of facilitating cross-support and interoperability. This paper discusses the design of a standard method for cryptographic authentication, encryption, and replay protection at the data link layer that can be integrated into existing CCSDS protocols without disruption to legacy communications services. Integrating cryptographic operations into existing data structures and processing sequences requires a careful assessment of the potential impediments within spacecraft, ground stations, and operations centers. The objective of this work is to provide a sound method for cryptographic encapsulation of frame data that also facilitates Layer 2 virtual channel switching, such that a mission may procure data transport services as needed without involving third parties in the cryptographic processing, or split independent data streams for separate cryptographic processing.

Three tenets for secure cyber-physical system design and assessment

NASA Astrophysics Data System (ADS)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

Privacy, confidentiality, and security in information systems of state health agencies.

PubMed

O'Brien, D G; Yasnoff, W A

1999-05-01

To assess the employment and status of privacy, confidentiality, security and fair information practices in electronic information systems of U.S. state health agencies. A survey instrument was developed and administered to key contacts within the state health agencies of each of the 50 U.S. states, Puerto Rico and the District of Columbia. About a third of U.S. state health agencies have no written policies in place regarding privacy and confidentiality in electronic information systems. The doctrines of fair information practice often seemed to be ignored. One quarter of the agencies reported at least one security breach during the past two years, and 16% experienced a privacy and confidentiality related transgression. Most of the breaches were committed by personnel from within the agencies. These results raise questions about the integrity of existing privacy, confidentiality and security measures in the information systems of U.S. state health agencies. Recommendations include the development and vigorous enforcement of written privacy and confidentiality policies, increased personnel training, and expanded implementation of security measures such as encryption and system firewalls. A discussion of the current status of U.S. privacy, confidentiality and security issues is offered.

High-Surety Telemedicine in a Distributed, 'Plug-andPlan' Environment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Craft, Richard L.; Funkhouser, Donald R.; Gallagher, Linda K.

1999-05-17

Commercial telemedicine systems are increasingly functional, incorporating video-conferencing capabilities, diagnostic peripherals, medication reminders, and patient education services. However, these systems (1) rarely utilize information architectures which allow them to be easily integrated with existing health information networks and (2) do not always protect patient confidentiality with adequate security mechanisms. Using object-oriented methods and software wrappers, we illustrate the transformation of an existing stand-alone telemedicine system into `plug-and-play' components that function in a distributed medical information environment. We show, through the use of open standards and published component interfaces, that commercial telemedicine offerings which were once incompatible with electronic patient recordmore » systems can now share relevant data with clinical information repositories while at the same time hiding the proprietary implementations of the respective systems. Additionally, we illustrate how leading-edge technology can secure this distributed telemedicine environment, maintaining patient confidentiality and the integrity of the associated electronic medical data. Information surety technology also encourages the development of telemedicine systems that have both read and write access to electronic medical records containing patient-identifiable information. The win-win approach to telemedicine information system development preserves investments in legacy software and hardware while promoting security and interoperability in a distributed environment.« less

Practical security analysis of continuous-variable quantum key distribution with jitter in clock synchronization

NASA Astrophysics Data System (ADS)

Xie, Cailang; Guo, Ying; Liao, Qin; Zhao, Wei; Huang, Duan; Zhang, Ling; Zeng, Guihua

2018-03-01

How to narrow the gap of security between theory and practice has been a notoriously urgent problem in quantum cryptography. Here, we analyze and provide experimental evidence of the clock jitter effect on the practical continuous-variable quantum key distribution (CV-QKD) system. The clock jitter is a random noise which exists permanently in the clock synchronization in the practical CV-QKD system, it may compromise the system security because of its impact on data sampling and parameters estimation. In particular, the practical security of CV-QKD with different clock jitter against collective attack is analyzed theoretically based on different repetition frequencies, the numerical simulations indicate that the clock jitter has more impact on a high-speed scenario. Furthermore, a simplified experiment is designed to investigate the influence of the clock jitter.

Smashing the Stovepipe: Leveraging the GMSEC Open Architecture and Advanced IT Automation to Rapidly Prototype, Develop and Deploy Next-Generation Multi-Mission Ground Systems

NASA Technical Reports Server (NTRS)

Swenson, Paul

2017-01-01

Satellite/Payload Ground Systems - Typically highly-customized to a specific mission's use cases - Utilize hundreds (or thousands!) of specialized point-to-point interfaces for data flows / file transfers Documentation and tracking of these complex interfaces requires extensive time to develop and extremely high staffing costs Implementation and testing of these interfaces are even more cost-prohibitive, and documentation often lags behind implementation resulting in inconsistencies down the road With expanding threat vectors, IT Security, Information Assurance and Operational Security have become key Ground System architecture drivers New Federal security-related directives are generated on a daily basis, imposing new requirements on current / existing ground systems - These mandated activities and data calls typically carry little or no additional funding for implementation As a result, Ground System Sustaining Engineering groups and Information Technology staff continually struggle to keep up with the rolling tide of security Advancing security concerns and shrinking budgets are pushing these large stove-piped ground systems to begin sharing resources - I.e. Operational / SysAdmin staff, IT security baselines, architecture decisions or even networks / hosting infrastructure Refactoring these existing ground systems into multi-mission assets proves extremely challenging due to what is typically very tight coupling between legacy components As a result, many "Multi-Mission" ops. environments end up simply sharing compute resources and networks due to the difficulty of refactoring into true multi-mission systems Utilizing continuous integration / rapid system deployment technologies in conjunction with an open architecture messaging approach allows System Engineers and Architects to worry less about the low-level details of interfaces between components and configuration of systems GMSEC messaging is inherently designed to support multi-mission requirements, and allows components to aggregate data across multiple homogeneous or heterogeneous satellites or payloads - The highly-successful Goddard Science and Planetary Operations Control Center (SPOCC) utilizes GMSEC as the hub for it's automation and situational awareness capability Shifts focus towards getting GS to a final configuration-managed baseline, as well as multi-mission / big-picture capabilities that help increase situational awareness, promote cross-mission sharing and establish enhanced fleet management capabilities across all levels of the enterprise.

Smart security and securing data through watermarking

NASA Astrophysics Data System (ADS)

Singh, Ritesh; Kumar, Lalit; Banik, Debraj; Sundar, S.

2017-11-01

The growth of image processing in embedded system has provided the boon of enhancing the security in various sectors. This lead to the developing of various protective strategies, which will be needed by private or public sectors for cyber security purposes. So, we have developed a method which uses digital water marking and locking mechanism for the protection of any closed premises. This paper describes a contemporary system based on user name, user id, password and encryption technique which can be placed in banks, protected offices to beef the security up. The burglary can be abated substantially by using a proactive safety structure. In this proposed framework, we are using water-marking in spatial domain to encode and decode the image and PIR(Passive Infrared Sensor) sensor to detect the existence of person in any close area.

A protect solution for data security in mobile cloud storage

NASA Astrophysics Data System (ADS)

Yu, Xiaojun; Wen, Qiaoyan

2013-03-01

It is popular to access the cloud storage by mobile devices. However, this application suffer data security risk, especial the data leakage and privacy violate problem. This risk exists not only in cloud storage system, but also in mobile client platform. To reduce the security risk, this paper proposed a new security solution. It makes full use of the searchable encryption and trusted computing technology. Given the performance limit of the mobile devices, it proposes the trusted proxy based protection architecture. The design basic idea, deploy model and key flows are detailed. The analysis from the security and performance shows the advantage.

Manufacturing Accomplices: ICT Use in Securing the Safety State at Airports

NASA Astrophysics Data System (ADS)

Østerlie, Thomas; Asak, Ole Martin; Pettersen, Ole Georg; Tronhus, Håvard

Based on a study of ICT use at an airport security checkpoint, this paper explores a possible explanation to the paradox that travelers find existing airport security measures inadequate while at the same time believing air travel to be sufficiently secure. We pursue this explanation by showing that, for the security checkpoint to function properly in relation to the overall function of the airport, travelers have to be enrolled in a particular program of action. They are then locked into this program through sanctions. Travelers are forced into participating in a system many of them find ethically and morally objectionable. Yet, active participation makes it difficult for them to object to the moral and ethical issues of their actions without damning themselves. Our explanation of the security paradox is, therefore, that while travelers remain critical of airport security, they avoid damning themselves by criticizing the system in terms of its own logic. They have been made accomplices.

Secured remote health monitoring system

PubMed Central

Ganesh Kumar, Pugalendhi

2017-01-01

Wireless medical sensor network is used in healthcare applications that have the collections of biosensors connected to a human body or emergency care unit to monitor the patient's physiological vital status. The real-time medical data collected using wearable medical sensors are transmitted to a diagnostic centre. The data generated from the sensors are aggregated at this centre and transmitted further to the doctor's personal digital assistant for diagnosis. The unauthorised access of one's health data may lead to misuse and legal complications while unreliable data transmission or storage may lead to life threatening risk to patients. So, this Letter combines the symmetric algorithm and attribute-based encryption to secure the data transmission and access control system for medical sensor network. In this work, existing systems and their algorithm are compared for identifying the best performance. The work also shows the graphical comparison of encryption time, decryption time and total computation time of the existing and the proposed systems. PMID:29383257

NATIONAL PREPAREDNESS: Integrating New and Existing Technology and Information Sharing into an Effective Homeland Security Strategy

DTIC Science & Technology

2002-06-07

Continue to Develop and Refine Emerging Technology • Some of the emerging biometric devices, such as iris scans and facial recognition systems...such as iris scans and facial recognition systems, facial recognition systems, and speaker verification systems. (976301)

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

Improving the security of international ISO container traffic by centralizing the archival of inspection results

NASA Astrophysics Data System (ADS)

Chalmers, Alex

2004-09-01

To increase the security and throughput of ISO traffic through international terminals more technology must be applied to the problem. A transnational central archive of inspection records is discussed that can be accessed by national agencies as ISO containers approach their borders. The intent is to improve the throughput and security of the cargo inspection process. A review of currently available digital media archiving technologies is presented and their possible application to the tracking of international ISO container shipments. Specific image formats employed by current x-ray inspection systems are discussed. Sample x-ray data from systems in use today are shown that could be entered into such a system. Data from other inspection technologies are shown to be easily integrated, as well as the creation of database records suitable for interfacing with other computer systems. Overall system performance requirements are discussed in terms of security, response time and capacity. Suggestions for pilot projects based on existing border inspection processes are made also.

Expanding the role of unattended ground sensors to multi-tiered systems

NASA Astrophysics Data System (ADS)

Garrison, David R., II

2009-05-01

Unattended Ground Sensors (UGS) have recently gained momentum in surveillance and protection applications. Many of these Unattended Ground Sensors are deployed in current operations today across the Department of Defense (DoD) and Department of Homeland Security (DHS). In addition to UGS needs, there is a growing desire to leverage existing UGS for incorporation into higher level systems for a broadening role in defense and homeland security applications. The architecture to achieve this goal and examples of non-traditional scenarios that leverage higher level systems are discussed in this paper.

Location Privacy in RFID Applications

NASA Astrophysics Data System (ADS)

Sadeghi, Ahmad-Reza; Visconti, Ivan; Wachsmann, Christian

RFID-enabled systems allow fully automatic wireless identification of objects and are rapidly becoming a pervasive technology with various applications. However, despite their benefits, RFID-based systems also pose challenging risks, in particular concerning user privacy. Indeed, improvident use of RFID can disclose sensitive information about users and their locations allowing detailed user profiles. Hence, it is crucial to identify and to enforce appropriate security and privacy requirements of RFID applications (that are also compliant to legislation). This chapter first discusses security and privacy requirements for RFID-enabled systems, focusing in particular on location privacy issues. Then it explores the advances in RFID applications, stressing the security and privacy shortcomings of existing proposals. Finally, it presents new promising directions for privacy-preserving RFID systems, where as a case study we focus electronic tickets (e-tickets) for public transportation.

Unobtrusive Behavioral and Activity-Related Multimodal Biometrics: The ACTIBIO Authentication Concept

PubMed Central

Drosou, A.; Ioannidis, D.; Moustakas, K.; Tzovaras, D.

2011-01-01

Unobtrusive Authentication Using ACTIvity-Related and Soft BIOmetrics (ACTIBIO) is an EU Specific Targeted Research Project (STREP) where new types of biometrics are combined with state-of-the-art unobtrusive technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system, which uses a biodynamic physiological profile, unique for each individual, and advancements of the state of the art in unobtrusive behavioral and other biometrics, such as face, gait recognition, and seat-based anthropometrics. Several shortcomings of existing biometric recognition systems are addressed within this project, which have helped in improving existing sensors, in developing new algorithms, and in designing applications, towards creating new, unobtrusive, biometric authentication procedures in security-sensitive, Ambient Intelligence environments. This paper presents the concept of the ACTIBIO project and describes its unobtrusive authentication demonstrator in a real scenario by focusing on the vision-based biometric recognition modalities. PMID:21380485

Unobtrusive behavioral and activity-related multimodal biometrics: The ACTIBIO Authentication concept.

PubMed

Drosou, A; Ioannidis, D; Moustakas, K; Tzovaras, D

2011-03-01

Unobtrusive Authentication Using ACTIvity-Related and Soft BIOmetrics (ACTIBIO) is an EU Specific Targeted Research Project (STREP) where new types of biometrics are combined with state-of-the-art unobtrusive technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system, which uses a biodynamic physiological profile, unique for each individual, and advancements of the state of the art in unobtrusive behavioral and other biometrics, such as face, gait recognition, and seat-based anthropometrics. Several shortcomings of existing biometric recognition systems are addressed within this project, which have helped in improving existing sensors, in developing new algorithms, and in designing applications, towards creating new, unobtrusive, biometric authentication procedures in security-sensitive, Ambient Intelligence environments. This paper presents the concept of the ACTIBIO project and describes its unobtrusive authentication demonstrator in a real scenario by focusing on the vision-based biometric recognition modalities.

Advanced approach to information security management system model for industrial control system.

PubMed

Park, Sanghyun; Lee, Kyungho

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Advanced Approach to Information Security Management System Model for Industrial Control System

PubMed Central

2014-01-01

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. PMID:25136659

Intrusion Detection in Database Systems

NASA Astrophysics Data System (ADS)

Javidi, Mohammad M.; Sohrabi, Mina; Rafsanjani, Marjan Kuchaki

Data represent today a valuable asset for organizations and companies and must be protected. Ensuring the security and privacy of data assets is a crucial and very difficult problem in our modern networked world. Despite the necessity of protecting information stored in database systems (DBS), existing security models are insufficient to prevent misuse, especially insider abuse by legitimate users. One mechanism to safeguard the information in these databases is to use an intrusion detection system (IDS). The purpose of Intrusion detection in database systems is to detect transactions that access data without permission. In this paper several database Intrusion detection approaches are evaluated.

Secure Utilization of Beacons and UAVs in Emergency Response Systems for Building Fire Hazard

PubMed Central

Seo, Seung-Hyun; Choi, Jung-In; Song, Jinseok

2017-01-01

An intelligent emergency system for hazard monitoring and building evacuation is a very important application area in Internet of Things (IoT) technology. Through the use of smart sensors, such a system can provide more vital and reliable information to first-responders and also reduce the incidents of false alarms. Several smart monitoring and warning systems do already exist, though they exhibit key weaknesses such as a limited monitoring coverage and security, which have not yet been sufficiently addressed. In this paper, we propose a monitoring and emergency response method for buildings by utilizing beacons and Unmanned Aerial Vehicles (UAVs) on an IoT security platform. In order to demonstrate the practicability of our method, we also implement a proof of concept prototype, which we call the UAV-EMOR (UAV-assisted Emergency Monitoring and Response) system. Our UAV-EMOR system provides the following novel features: (1) secure communications between UAVs, smart sensors, the control server and a smartphone app for security managers; (2) enhanced coordination between smart sensors and indoor/outdoor UAVs to expand real-time monitoring coverage; and (3) beacon-aided rescue and building evacuation. PMID:28946659

Secure Utilization of Beacons and UAVs in Emergency Response Systems for Building Fire Hazard.

PubMed

Seo, Seung-Hyun; Choi, Jung-In; Song, Jinseok

2017-09-25

An intelligent emergency system for hazard monitoring and building evacuation is a very important application area in Internet of Things (IoT) technology. Through the use of smart sensors, such a system can provide more vital and reliable information to first-responders and also reduce the incidents of false alarms. Several smart monitoring and warning systems do already exist, though they exhibit key weaknesses such as a limited monitoring coverage and security, which have not yet been sufficiently addressed. In this paper, we propose a monitoring and emergency response method for buildings by utilizing beacons and Unmanned Aerial Vehicles (UAVs) on an IoT security platform. In order to demonstrate the practicability of our method, we also implement a proof of concept prototype, which we call the UAV-EMOR (UAV-assisted Emergency Monitoring and Response) system. Our UAV-EMOR system provides the following novel features: (1) secure communications between UAVs, smart sensors, the control server and a smartphone app for security managers; (2) enhanced coordination between smart sensors and indoor/outdoor UAVs to expand real-time monitoring coverage; and (3) beacon-aided rescue and building evacuation.

Draft secure medical database standard.

PubMed

Pangalos, George

2002-01-01

Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

A Layered Decision Model for Cost-Effective System Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wei, Huaqiang; Alves-Foss, James; Soule, Terry

System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use inmore » deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.« less

Surveillance of borders, coastlines, and harbours (SOBCAH): a European commission preparatory action on security research

NASA Astrophysics Data System (ADS)

Clarke, David J.; Davis, Eric; Varco, Alan G.

2008-10-01

Surveillance Of Borders Coastlines And Harbours (SOBCAH ) is becoming increasingly challenging in Europe due to the expansion of new European borders coupled with the increased risks from the potential quantity and variety of terrorist activities. SOBCAH was an 18-month programme undertaken as a European Commission funded Preparatory Action in the field of Security Research (PASR) initiative to identify and demonstrate improvements in security; initially focusing on techniques to maximise the surveillance and detection effectiveness of existing sensor systems and technologies. This paper discusses the rationale in identifying the requirements, establishing a system architecture and the findings of building a security system demonstrator that underwent trials in the Port of Genoa, Italy in July 2007. It will provide an overview of the main drivers for a European-wide concept to standardise the development of enhanced border security systems. The paper will focus on techniques employed in the demonstrator to maximise the intelligence gathered from many disparate sensor sources without burdening the work load of the operators; providing enhanced situational awareness of the threat environment.

Safe teleradiology: information assurance as project planning methodology

NASA Astrophysics Data System (ADS)

Collmann, Jeff R.; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2003-05-01

This project demonstrates use of OCTAVE, an information security risk assessment method, as an approach to the safe design and planning of a teleradiology system. By adopting this approach to project planning, we intended to provide evidence that including information security as an intrinsic component of project planning improves information assurance and that using information assurance as a planning tool produces and improves the general system management plan. Several considerations justify this approach to planning a safe teleradiology system. First, because OCTAVE was designed as a method for retrospectively assessing and proposing enhancements for the security of existing information management systems, it should function well as a guide to prospectively designing and deploying a secure information system such as teleradiology. Second, because OCTAVE provides assessment and planning tools for use primarily by interdisciplinary teams from user organizations, not consultants, it should enhance the ability of such teams at the local level to plan safe information systems. Third, from the perspective of sociological theory, OCTAVE explicitly attempts to enhance organizational conditions identified as necessary to safely manage complex technologies. Approaching information system design from the perspective of information security risk management proactively integrates health information assurance into a project"s core. This contrasts with typical approaches that perceive "security" as a secondary attribute to be "added" after designing the system and with approaches that identify information assurance only with security devices and user training. The perspective of health information assurance embraces so many dimensions of a computerized health information system"s design that one may successfully deploy a method for retrospectively assessing information security risk as a prospective planning tool. From a sociological perspective, this approach enhances the general conditions as well as establishes specific policies and procedures for reliable performance of health information assurance.

How Secure Is Education in Information Technology? A Method for Evaluating Security Education in IT

ERIC Educational Resources Information Center

Grover, Mark; Reinicke, Bryan; Cummings, Jeff

2016-01-01

As the popularity of Information Technology programs has expanded at many universities, there are a number of questions to be answered from a curriculum standpoint. As many of these programs are either interdisciplinary, or at least exist outside of the usual Computer Science and Information Systems programs, questions of what is appropriate for…

Information Systems: Opportunities Exist to Strengthen SEC’s Oversight of Capacity and Security

DTIC Science & Technology

2001-07-01

Strengthen SEC’s Oversight of Capacity and Security 5 . FUNDING NUMBERS 6. AUTHOR(S) GAO 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING...ANSI Std. Z39-18 298-102 Page i GAO-01-863 Information Systems Letter 1 Results in Brief 2 Background 4 Scope and Methodology 5 SEC Uses a Wide Range...or external organizations to conduct the independent reviews. These internal audits are performed cyclically based on an annual risk analysis. SEC

An efficient and provable secure revocable identity-based encryption scheme.

PubMed

Wang, Changji; Li, Yuan; Xia, Xiaonan; Zheng, Kangjia

2014-01-01

Revocation functionality is necessary and crucial to identity-based cryptosystems. Revocable identity-based encryption (RIBE) has attracted a lot of attention in recent years, many RIBE schemes have been proposed in the literature but shown to be either insecure or inefficient. In this paper, we propose a new scalable RIBE scheme with decryption key exposure resilience by combining Lewko and Waters' identity-based encryption scheme and complete subtree method, and prove our RIBE scheme to be semantically secure using dual system encryption methodology. Compared to existing scalable and semantically secure RIBE schemes, our proposed RIBE scheme is more efficient in term of ciphertext size, public parameters size and decryption cost at price of a little looser security reduction. To the best of our knowledge, this is the first construction of scalable and semantically secure RIBE scheme with constant size public system parameters.

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2010 CFR

2010-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2012 CFR

2012-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2011 CFR

2011-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

The security concern on internet banking adoption among Malaysian banking customers.

PubMed

Sudha, Raju; Thiagarajan, A S; Seetharaman, A

2007-01-01

The existing literatures highlights that the security is the primary factor which determines the adoption of Internet banking technology. The secondary information on Internet banking development in Malaysia shows a very slow growth rate. Hence, this study aims to study the banking customers perception towards security concern and Internet banking adoption through the information collected from 150 sample respondents. The data analysis reveals that the customers have much concern about security and privacy issue in adoption of Internet banking, whether the customers are adopted Internet banking or not. Hence, it infers that to popularize Internet banking system there is a need for improvement in security and privacy issue among the banking customers.

FlySec: a risk-based airport security management system based on security as a service concept

NASA Astrophysics Data System (ADS)

Kyriazanos, Dimitris M.; Segou, Olga E.; Zalonis, Andreas; Thomopoulos, Stelios C. A.

2016-05-01

Complementing the ACI/IATA efforts, the FLYSEC European H2020 Research and Innovation project (http://www.fly-sec.eu/) aims to develop and demonstrate an innovative, integrated and end-to-end airport security process for passengers, enabling a guided and streamlined procedure from the landside to airside and into the boarding gates, and offering for an operationally validated innovative concept for end-to-end aviation security. FLYSEC ambition turns through a well-structured work plan into: (i) innovative processes facilitating risk-based screening; (ii) deployment and integration of new technologies and repurposing existing solutions towards a risk-based Security paradigm shift; (iii) improvement of passenger facilitation and customer service, bringing security as a real service in the airport of tomorrow;(iv) achievement of measurable throughput improvement and a whole new level of Quality of Service; and (v) validation of the results through advanced "in-vitro" simulation and "in-vivo" pilots. On the technical side, FLYSEC achieves its ambitious goals by integrating new technologies on video surveillance, intelligent remote image processing and biometrics combined with big data analysis, open-source intelligence and crowdsourcing. Repurposing existing technologies is also in the FLYSEC objectives, such as mobile application technologies for improved passenger experience and positive boarding applications (i.e. services to facilitate boarding and landside/airside way finding) as well as RFID for carry-on luggage tracking and quick unattended luggage handling. In this paper, the authors will describe the risk based airport security management system which powers FLYSEC intelligence and serves as the backend on top of which FLYSEC's front end technologies reside for security services management, behaviour and risk analysis.

An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing.

PubMed

Kumar, Vinod; Jangirala, Srinivas; Ahmad, Musheer

2018-06-28

The increasing role of Telecare Medicine Information Systems (TMIS) makes its accessibility for patients to explore medical treatment, accumulate and approach medical data through internet connectivity. Security and privacy preservation is necessary for medical data of the patient in TMIS because of the very perceptive purpose. Recently, Mohit et al.'s proposed a mutual authentication protocol for TMIS in the cloud computing environment. In this work, we reviewed their protocol and found that it is not secure against stolen verifier attack, many logged in patient attack, patient anonymity, impersonation attack, and fails to protect session key. For enhancement of security level, we proposed a new mutual authentication protocol for the similar environment. The presented framework is also more capable in terms of computation cost. In addition, the security evaluation of the protocol protects resilience of all possible security attributes, and we also explored formal security evaluation based on random oracle model. The performance of the proposed protocol is much better in comparison to the existing protocol.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

Risk assessment for physical and cyber attacks on critical infrastructures.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.

2005-08-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results ofmore » a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.« less

Secure method for biometric-based recognition with integrated cryptographic functions.

PubMed

Chiou, Shin-Yan

2013-01-01

Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.

An adaptive cryptographic accelerator for network storage security on dynamically reconfigurable platform

NASA Astrophysics Data System (ADS)

Tang, Li; Liu, Jing-Ning; Feng, Dan; Tong, Wei

2008-12-01

Existing security solutions in network storage environment perform poorly because cryptographic operations (encryption and decryption) implemented in software can dramatically reduce system performance. In this paper we propose a cryptographic hardware accelerator on dynamically reconfigurable platform for the security of high performance network storage system. We employ a dynamic reconfigurable platform based on a FPGA to implement a PowerPCbased embedded system, which executes cryptographic algorithms. To reduce the reconfiguration latency, we apply prefetch scheduling. Moreover, the processing elements could be dynamically configured to support different cryptographic algorithms according to the request received by the accelerator. In the experiment, we have implemented AES (Rijndael) and 3DES cryptographic algorithms in the reconfigurable accelerator. Our proposed reconfigurable cryptographic accelerator could dramatically increase the performance comparing with the traditional software-based network storage systems.

Efficient and universal quantum key distribution based on chaos and middleware

NASA Astrophysics Data System (ADS)

Jiang, Dong; Chen, Yuanyuan; Gu, Xuemei; Xie, Ling; Chen, Lijun

2017-01-01

Quantum key distribution (QKD) promises unconditionally secure communications, however, the low bit rate of QKD cannot meet the requirements of high-speed applications. Despite the many solutions that have been proposed in recent years, they are neither efficient to generate the secret keys nor compatible with other QKD systems. This paper, based on chaotic cryptography and middleware technology, proposes an efficient and universal QKD protocol that can be directly deployed on top of any existing QKD system without modifying the underlying QKD protocol and optical platform. It initially takes the bit string generated by the QKD system as input, periodically updates the chaotic system, and efficiently outputs the bit sequences. Theoretical analysis and simulation results demonstrate that our protocol can efficiently increase the bit rate of the QKD system as well as securely generate bit sequences with perfect statistical properties. Compared with the existing methods, our protocol is more efficient and universal, it can be rapidly deployed on the QKD system to increase the bit rate when the QKD system becomes the bottleneck of its communication system.

A rhythm-based authentication scheme for smart media devices.

PubMed

Lee, Jae Dong; Jeong, Young-Sik; Park, Jong Hyuk

2014-01-01

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

A Rhythm-Based Authentication Scheme for Smart Media Devices

PubMed Central

Lee, Jae Dong; Park, Jong Hyuk

2014-01-01

In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience. PMID:25110743

NASA's Plan for SDLS Testing

NASA Technical Reports Server (NTRS)

Bailey, Brandon

2015-01-01

The Space Data Link Security (SDLS) Protocol is a Consultative Committee for Space Data Systems (CCSDS) standard which extends the known Data Link protocols to secure data being sent over a space link by providing confidentiality and integrity services. This plan outlines the approach by National Aeronautics Space Administration (NASA) in performing testing of the SDLS protocol using a prototype based on an existing NASA missions simulator.

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids

PubMed Central

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham- Yahalom logic. PMID:27007951

Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

PubMed

Zhang, Liping; Tang, Shanyu; Luo, He

2016-01-01

In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

Hybrid network defense model based on fuzzy evaluation.

PubMed

Cho, Ying-Chiang; Pan, Jen-Yi

2014-01-01

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network's existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter's inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

Distributed Energy Systems: Security Implications of the Grid of the Future

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stamber, Kevin L.; Kelic, Andjelka; Taylor, Robert A.

2017-01-01

Distributed Energy Resources (DER) are being added to the nation's electric grid, and as penetration of these resources increases, they have the potential to displace or offset large-scale, capital-intensive, centralized generation. Integration of DER into operation of the traditional electric grid requires automated operational control and communication of DER elements, from system measurement to control hardware and software, in conjunction with a utility's existing automated and human-directed control of other portions of the system. Implementation of DER technologies suggests a number of gaps from both a security and a policy perspective. This page intentionally left blank.

Review of intelligent video surveillance with single camera

NASA Astrophysics Data System (ADS)

Liu, Ying; Fan, Jiu-lun; Wang, DianWei

2012-01-01

Intelligent video surveillance has found a wide range of applications in public security. This paper describes the state-of- the-art techniques in video surveillance system with single camera. This can serve as a starting point for building practical video surveillance systems in developing regions, leveraging existing ubiquitous infrastructure. In addition, this paper discusses the gap between existing technologies and the requirements in real-world scenario, and proposes potential solutions to reduce this gap.

A security mediator for health care information.

PubMed Central

Wiederhold, G.; Bilello, M.; Sarathy, V.; Qian, X.

1996-01-01

The TIHI (Trusted Interoperation of Healthcare Information) project addresses a security issue that arises when some information is being shared among collaborating enterprises, although not all enterprise information is sharable. It assumes that protection exists to prevent intrusion by adversaries through secure transmission and firewalls. The TIHI system design provides a gateway, owned by the enterprise security officer, to mediate queries and responses. The latter are typically transmitted via the Internet. The enterprise policy is determined by rules provided to the mediator. We show examples of typical rules. The problem and our solution, although developed in a healthcare context, is equally valid among collaborating enterprises. PMID:8947640

LISA, the next generation: from a web-based application to a fat client.

PubMed

Pierlet, Noëlla; Aerts, Werner; Vanautgaerden, Mark; Van den Bosch, Bart; De Deurwaerder, André; Schils, Erik; Noppe, Thomas

2008-01-01

The LISA application, developed by the University Hospitals Leuven, permits referring physicians to consult the electronic medical records of their patients over the internet in a highly secure way. We decided to completely change the way we secured the application, discard the existing web application and build a completely new application, based on the in-house developed hospital information system, used in the University Hospitals Leuven. The result is a fat Java client, running on a Windows Terminal Server, secured by a commercial SSL-VPN solution.

Security Belt for Wireless Implantable Medical Devices.

PubMed

Kulaç, Selman

2017-09-19

In this study, a new protective design compatible with existing non-secure systems was proposed, since it is focused on the secure communication of wireless IMD systems in all transmissions. This new protector is an external wearable device and appears to be a belt fitted around for the patients IMD implanted. However, in order to provide effective full duplex transmissions and physical layer security, some sophisticated transceiver antennas have been placed on the belt. In this approach, beam-focused multi-antennas in optimal positions on the belt are randomly switched when transmissions to the IMD are performed and multi-jammer switching with MRC combining or majority-rule based receiving techniques are applied when transmissions from the IMD are carried out. This approach can also reduce the power consumption of the IMDs and contribute to the prolongation of the IMD's battery life.

Integrating Visual Mnemonics and Input Feedback With Passphrases to Improve the Usability and Security of Digital Authentication.

PubMed

Juang, Kevin; Greenstein, Joel

2018-04-01

We developed a new authentication system based on passphrases instead of passwords. Our new system incorporates a user-generated mnemonic picture displayed during login, definition tooltips, error correction to reduce typographical errors, a decoy-based input masking technique, and random passphrase generation using either a specialized wordlist or a sentence template. Passphrases exhibit a greater level of security than traditional passwords, but their wider adoption has been hindered by human factors issues. Our assertion is that the added features of our system work particularly well with passphrases and help address these shortcomings. We conducted a study to evaluate our new system with a customized 1,450-word list and our new system with a 6-word sentence structure against the control conditions of a user-created passphrase of at least 24 characters and a system-generated passphrase using a 10,326-word list. Fifty participants completed two sessions so that we could measure the usability and security of the authentication schemes. With the new system conditions, memorability was improved, and security was equivalent to or better than the control conditions. Usability and overall ratings also favored the new system conditions over the control conditions. Our research presents a new authentication system using innovative techniques that improve on the usability and security of existing password and passphrase authentication systems. In computer security, drastic changes should never happen overnight, but we recommend that our contributions be incorporated into current authentication systems to help facilitate a transition from passwords to usable passphrases.

A joint signal processing and cryptographic approach to multimedia encryption.

PubMed

Mao, Yinian; Wu, Min

2006-07-01

In recent years, there has been an increasing trend for multimedia applications to use delegate service providers for content distribution, archiving, search, and retrieval. These delegate services have brought new challenges to the protection of multimedia content confidentiality. This paper discusses the importance and feasibility of applying a joint signal processing and cryptographic approach to multimedia encryption, in order to address the access control issues unique to multimedia applications. We propose two atomic encryption operations that can preserve standard compliance and are friendly to delegate processing. Quantitative analysis for these operations is presented to demonstrate that a good tradeoff can be made between security and bitrate overhead. In assisting the design and evaluation of media security systems, we also propose a set of multimedia-oriented security scores to quantify the security against approximation attacks and to complement the existing notion of generic data security. Using video as an example, we present a systematic study on how to strategically integrate different atomic operations to build a video encryption system. The resulting system can provide superior performance over both generic encryption and its simple adaptation to video in terms of a joint consideration of security, bitrate overhead, and friendliness to delegate processing.

49 CFR 1580.101 - Rail security coordinator.

Code of Federal Regulations, 2010 CFR

2010-10-01

... system of transportation, when notified by TSA in writing, that a threat exists concerning that operation.... This section applies to: (1) Each freight railroad carrier that operates rolling equipment on track that is part of the general railroad system of transportation. (2) Each rail hazardous materials...

33 CFR 62.63 - Recommendations.

Code of Federal Regulations, 2013 CFR

2013-07-01

....63 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION UNITED STATES AIDS TO NAVIGATION SYSTEM Public Participation in the Aids to Navigation System § 62.63 Recommendations. (a) The public may recommend changes to existing aids to navigation, request new aids or the...

33 CFR 62.63 - Recommendations.

Code of Federal Regulations, 2014 CFR

2014-07-01

....63 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY AIDS TO NAVIGATION UNITED STATES AIDS TO NAVIGATION SYSTEM Public Participation in the Aids to Navigation System § 62.63 Recommendations. (a) The public may recommend changes to existing aids to navigation, request new aids or the...

A review of physical security robotics at Sandia National Laboratories

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roerig, S.C.

1990-01-01

As an outgrowth of research into physical security technologies, Sandia is investigating the role of robotics in security systems. Robotics may allow more effective utilization of guard forces, especially in scenarios where personnel would be exposed to harmful environments. Robots can provide intrusion detection and assessment functions for failed sensors or transient assets, can test existing fixed site sensors, and can gather additional intelligence and dispense delaying elements. The Robotic Security Vehicle (RSV) program for DOE/OSS is developing a fieldable prototype for an exterior physical security robot based upon a commercial four wheel drive vehicle. The RSV will be capablemore » of driving itself, being driven remotely, or being driven by an onboard operator around a site and will utilize its sensors to alert an operator to unusual conditions. The Remote Security Station (RSS) program for the Defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior security systems. The RSS consists of an independent sensor pod, a mobile sensor platform and a control and display console. Sensor data fusion is used to optimize the system's intrusion detection performance. These programs are complementary, the RSV concentrates on developing autonomous mobility, while the RSS thrust is on mobile sensor employment. 3 figs.« less

Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

NASA Astrophysics Data System (ADS)

Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

2016-11-01

Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

Inventory of Safety-related Codes and Standards for Energy Storage Systems with some Experiences related to Approval and Acceptance

DOE Office of Scientific and Technical Information (OSTI.GOV)

Conover, David R.

The purpose of this document is to identify laws, rules, model codes, codes, standards, regulations, specifications (CSR) related to safety that could apply to stationary energy storage systems (ESS) and experiences to date securing approval of ESS in relation to CSR. This information is intended to assist in securing approval of ESS under current CSR and to identification of new CRS or revisions to existing CRS and necessary supporting research and documentation that can foster the deployment of safe ESS.

Critical side channel effects in random bit generation with multiple semiconductor lasers in a polarization-based quantum key distribution system.

PubMed

Ko, Heasin; Choi, Byung-Seok; Choe, Joong-Seon; Kim, Kap-Joong; Kim, Jong-Hoi; Youn, Chun Ju

2017-08-21

Most polarization-based BB84 quantum key distribution (QKD) systems utilize multiple lasers to generate one of four polarization quantum states randomly. However, random bit generation with multiple lasers can potentially open critical side channels that significantly endangers the security of QKD systems. In this paper, we show unnoticed side channels of temporal disparity and intensity fluctuation, which possibly exist in the operation of multiple semiconductor laser diodes. Experimental results show that the side channels can enormously degrade security performance of QKD systems. An important system issue for the improvement of quantum bit error rate (QBER) related with laser driving condition is further addressed with experimental results.

Security Investment in Contagious Networks.

PubMed

Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

2018-01-16

Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

46 CFR 39.1013 - U.S.-flagged tank vessel certification procedures for vapor control system designs-TB/ALL.

Code of Federal Regulations, 2014 CFR

2014-10-01

... vapor control system designs-TB/ALL. 39.1013 Section 39.1013 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY TANK VESSELS VAPOR CONTROL SYSTEMS General § 39.1013 U.S.-flagged tank vessel certification procedures for vapor control system designs—TB/ALL. (a) For an existing Coast Guard-approved vapor...

46 CFR 39.1013 - U.S.-flagged tank vessel certification procedures for vapor control system designs-TB/ALL.

Code of Federal Regulations, 2013 CFR

2013-10-01

... vapor control system designs-TB/ALL. 39.1013 Section 39.1013 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY TANK VESSELS VAPOR CONTROL SYSTEMS General § 39.1013 U.S.-flagged tank vessel certification procedures for vapor control system designs—TB/ALL. (a) For an existing Coast Guard-approved vapor...

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wheeler, Timothy A.; Denman, Matthew R.; Williams, R. A.

Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities.more » iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.« less

A Hybrid Authentication and Authorization Process for Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Manz, David O.; Edgar, Thomas W.; Fink, Glenn A.

2010-08-25

Convergence of control system and IT networks require that security, privacy, and trust be addressed. Trust management continues to plague traditional IT managers and is even more complex when extended into control system networks, with potentially millions of entities, a mission that requires 100% availability. Yet these very networks necessitate a trusted secure environment where controllers and managers can be assured that the systems are secure and functioning properly. We propose a hybrid authentication management protocol that addresses the unique issues inherent within control system networks, while leveraging the considerable research and momentum in existing IT authentication schemes. Our hybridmore » authentication protocol for control systems provides end device to end device authentication within a remote station and between remote stations and control centers. Additionally, the hybrid protocol is failsafe and will not interrupt communication or control of vital systems in a network partition or device failure. Finally, the hybrid protocol is resilient to transitory link loss and can operate in an island mode until connectivity is reestablished.« less

Secure Remote Access Issues in a Control Center Environment

NASA Technical Reports Server (NTRS)

Pitts, Lee; McNair, Ann R. (Technical Monitor)

2002-01-01

The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

Secure Payload Access to the International Space Station

NASA Technical Reports Server (NTRS)

Pitts, R. Lee; Reid, Chris

2002-01-01

The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

7 CFR 1717.857 - Refinancing of existing secured debt-distribution and power supply borrowers.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 11 2011-01-01 2011-01-01 false Refinancing of existing secured debt-distribution and power supply borrowers. 1717.857 Section 1717.857 Agriculture Regulations of the Department of... Private Financing § 1717.857 Refinancing of existing secured debt—distribution and power supply borrowers...

Decoy-state quantum key distribution with a leaky source

NASA Astrophysics Data System (ADS)

Tamaki, Kiyoshi; Curty, Marcos; Lucamarini, Marco

2016-06-01

In recent years, there has been a great effort to prove the security of quantum key distribution (QKD) with a minimum number of assumptions. Besides its intrinsic theoretical interest, this would allow for larger tolerance against device imperfections in the actual implementations. However, even in this device-independent scenario, one assumption seems unavoidable, that is, the presence of a protected space devoid of any unwanted information leakage in which the legitimate parties can privately generate, process and store their classical data. In this paper we relax this unrealistic and hardly feasible assumption and introduce a general formalism to tackle the information leakage problem in most of existing QKD systems. More specifically, we prove the security of optical QKD systems using phase and intensity modulators in their transmitters, which leak the setting information in an arbitrary manner. We apply our security proof to cases of practical interest and show key rates similar to those obtained in a perfectly shielded environment. Our work constitutes a fundamental step forward in guaranteeing implementation security of quantum communication systems.

USign--a security enhanced electronic consent model.

PubMed

Li, Yanyan; Xie, Mengjun; Bian, Jiang

2014-01-01

Electronic consent becomes increasingly popular in the healthcare sector given the many benefits it provides. However, security concerns, e.g., how to verify the identity of a person who is remotely accessing the electronic consent system in a secure and user-friendly manner, also arise along with the popularity of electronic consent. Unfortunately, existing electronic consent systems do not pay sufficient attention to those issues. They mainly rely on conventional password based authentication to verify the identity of an electronic consent user, which is far from being sufficient given that identity theft threat is real and significant in reality. In this paper, we present a security enhanced electronic consent model called USign. USign enhances the identity protection and authentication for electronic consent systems by leveraging handwritten signatures everyone is familiar with and mobile computing technologies that are becoming ubiquitous. We developed a prototype of USign and conducted preliminary evaluation on accuracy and usability of signature verification. Our experimental results show the feasibility of the proposed model.

Chemical Sniffing Instrumentation for Security Applications.

PubMed

Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

2016-07-27

Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

Secure Network-Centric Aviation Communication (SNAC)

NASA Technical Reports Server (NTRS)

Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

2017-01-01

The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

Secure Method for Biometric-Based Recognition with Integrated Cryptographic Functions

PubMed Central

Chiou, Shin-Yan

2013-01-01

Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied. PMID:23762851

Security and privacy issues with health care information technology.

PubMed

Meingast, Marci; Roosta, Tanya; Sastry, Shankar

2006-01-01

The face of health care is changing as new technologies are being incorporated into the existing infrastructure. Electronic patient records and sensor networks for in-home patient monitoring are at the current forefront of new technologies. Paper-based patient records are being put in electronic format enabling patients to access their records via the Internet. Remote patient monitoring is becoming more feasible as specialized sensors can be placed inside homes. The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable. In this paper we explore the privacy and security implications of these next-generation health care technologies. We describe existing methods for handling issues as well as discussing which issues need further consideration.

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems

PubMed Central

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D.

2016-01-01

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems. PMID:27463718

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems.

PubMed

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D

2016-07-25

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems.

Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

2008-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensively collaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder,more » CSES reflects the variance that may exist among the stakes one attaches to meeting each requirement. This paper summarizes the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural underpinnings.« less

A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

PubMed

Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Zhao, Jining

2015-03-01

Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

Applications of superconducting bolometers in security imaging

NASA Astrophysics Data System (ADS)

Luukanen, A.; Leivo, M. M.; Rautiainen, A.; Grönholm, M.; Toivanen, H.; Grönberg, L.; Helistö, P.; Mäyrä, A.; Aikio, M.; Grossman, E. N.

2012-12-01

Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ~ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

QuickCash: Secure Transfer Payment Systems

PubMed Central

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-01-01

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties. PMID:28608846

QuickCash: Secure Transfer Payment Systems.

PubMed

Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

2017-06-13

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users' needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

77 FR 837 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-06

...,'' and ``Retention and disposal.'' Under the existing system of records, BEP may collect and maintain... collect and maintain background investigation records on individuals who do not work for BEP or for any of... maintained for ``five years after expiration of a security agreement or a nondisclosure agreement.'' This is...

Security/Life Safety: A Need for Change.

ERIC Educational Resources Information Center

Ellsworth, Douglas

2003-01-01

In response to legislation, colleges and universities in several states must prepare to install sprinkler systems. Four basic issues an engineering study should examine include: whether the existing water service has the size, capacity, and pressure to support a sprinkler system; whether the protected facility will have to comply with more…

33 CFR 96.490 - What further obligations exist for an organization if the Coast Guard terminates its authorization?

Code of Federal Regulations, 2010 CFR

2010-07-01

... and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized... companies and vessels must do to have their safety management systems transferred to another organization...

41 CFR 101-25.101-2 - Supply through storage and issue.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS SUPPLY AND PROCUREMENT 25-GENERAL 25.1... close inspection or testing is necessary to secure quality, or where repetitive inspection and test of... distribution system does not exist to assure availability at use point. (6) Where volume purchases are...

41 CFR 101-25.101-2 - Supply through storage and issue.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS SUPPLY AND PROCUREMENT 25-GENERAL 25.1... close inspection or testing is necessary to secure quality, or where repetitive inspection and test of... distribution system does not exist to assure availability at use point. (6) Where volume purchases are...

CREM monitoring: a wireless RF application

NASA Astrophysics Data System (ADS)

Valencia, J. D.; Burghard, B. J.; Skorpik, J. R.; Silvers, K. L.; Schwartz, M. J.

2005-05-01

Recent security lapses within the Department of Energy laboratories prompted the establishment and implementation of additional procedures and training for operations involving classified removable electronic media (CREM) storage. In addition, the definition of CREM has been expanded and the number of CREM has increased significantly. Procedures now require that all CREM be inventoried and accounted for on a weekly basis. Weekly inventories consist of a physical comparison of each item against the reportable inventory listing. Securing and accounting for CREM is a continuous challenge for existing security systems. To address this challenge, an innovative framework, encompassing a suite of technologies, has been developed by Pacific Northwest National Laboratory (PNNL) to monitor, track, and locate CREM in safes, vaults, and storage areas. This Automated Removable Media Observation and Reporting (ARMOR)framework, described in this paper, is an extension of an existing PNNL program, SecureSafe. The key attributes of systems built around the ARMOR framework include improved accountability, reduced risk of human error, improved accuracy and timeliness of inventory data, and reduced costs. ARMOR solutions require each CREM to be tagged with a unique electronically readable ID code. Inventory data is collected from tagged CREM at regular intervals and upon detection of an access event. Automated inventory collection and report generation eliminates the need for hand-written inventory sheets and allows electronic transfer of the collected inventory data to a modern electronic reporting system. An electronic log of CREM access events is maintained, providing enhanced accountability for daily/weekly checks, routine audits, and follow-up investigations.

Face Recognition for Access Control Systems Combining Image-Difference Features Based on a Probabilistic Model

NASA Astrophysics Data System (ADS)

Miwa, Shotaro; Kage, Hiroshi; Hirai, Takashi; Sumi, Kazuhiko

We propose a probabilistic face recognition algorithm for Access Control System(ACS)s. Comparing with existing ACSs using low cost IC-cards, face recognition has advantages in usability and security that it doesn't require people to hold cards over scanners and doesn't accept imposters with authorized cards. Therefore face recognition attracts more interests in security markets than IC-cards. But in security markets where low cost ACSs exist, price competition is important, and there is a limitation on the quality of available cameras and image control. Therefore ACSs using face recognition are required to handle much lower quality images, such as defocused and poor gain-controlled images than high security systems, such as immigration control. To tackle with such image quality problems we developed a face recognition algorithm based on a probabilistic model which combines a variety of image-difference features trained by Real AdaBoost with their prior probability distributions. It enables to evaluate and utilize only reliable features among trained ones during each authentication, and achieve high recognition performance rates. The field evaluation using a pseudo Access Control System installed in our office shows that the proposed system achieves a constant high recognition performance rate independent on face image qualities, that is about four times lower EER (Equal Error Rate) under a variety of image conditions than one without any prior probability distributions. On the other hand using image difference features without any prior probabilities are sensitive to image qualities. We also evaluated PCA, and it has worse, but constant performance rates because of its general optimization on overall data. Comparing with PCA, Real AdaBoost without any prior distribution performs twice better under good image conditions, but degrades to a performance as good as PCA under poor image conditions.

Hybrid Network Defense Model Based on Fuzzy Evaluation

PubMed Central

2014-01-01

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network's existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter's inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture. PMID:24574870

Data threats analysis and prevention on iOS platform

NASA Astrophysics Data System (ADS)

Gao, Bo; Wang, Yi; Chen, Zhou; Tang, Jiqiang

2015-12-01

Background: The rapid growth of mobile internet has driven the rapid popularity of smart mobiles. iOS device is chosen by more and more people for its humanity, stability and excellent industrial design, and the data security problem that followed it has gradually attracted the researchers' attention. Method & Result: This thesis focuses on the analysis of current situation of data security on iOS platform, from both security mechanism and data risk, and proposes countermeasures. Conclusion: From practical work, many problems of data security mechanism on iOS platform still exist. At present, the problem of malicious software towards iOS system has not been severe, but how to ensure the security of data on iOS platform will inevitably become one of the directions for our further study.

EHR in the perspective of security, integrity and ethics.

PubMed

Nordberg, Ragnar

2006-01-01

Success stories of modern applications in healthcare and welfare, like the electronic health record, are always linked to end user awareness, confidence, and acceptance. Reports and surveys have given proof of these dependencies. Knowing about existing and emerging concerns and weaknesses right in advance allows to taking actions on an ethical, social, and societal level. This paper gives a review of specific observations regarding security, privacy, authentication, integrity and ethical aspects when operating an electronic health record (EHR) system in a hospital, an open care department and in a wider community of the health care sector. A reference is given to existing and emerging international standards related to the aforementioned aspects.

Toward Automating Web Protocol Configuration for a Programmable Logic Controller Emulator

DTIC Science & Technology

2014-06-19

Security Risks for Industrial Control Systems ,” VDE 2004 Congress, Berlin, Germany, October 2004, pp. 1-7. [Cis12] Cisco, NetFlow Configuration Guide...Date 29 May 2014 Date AFIT-ENG-T-14-J-4 Abstract Industrial Control Systems (ICS) remain vulnerable through attack vectors that exist within programmable...5 2.2 Industrial Control Systems

Secure Control Systems for the Energy Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Rhett; Campbell, Jack; Hadley, Mark

2012-03-31

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use thismore » technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.« less

District of Columbia Motor Carrier Management and Threat Assessment Study

DOT National Transportation Integrated Search

2004-08-01

DDOT asked the Volpe National Transportation Systems Center (Volpe) to conduct an : analysis of existing truck traffic conditions in the District, successful truck management : practices from other areas, stakeholder interests and opinions, and secur...

47 CFR 1.10015 - Are there exceptions for emergency filings?

Code of Federal Regulations, 2010 CFR

2010-10-01

... International Bureau Filing System § 1.10015 Are there exceptions for emergency filings? (a) Sometimes we grant... where we find that it is not feasible to secure renewal applications from existing licensees or to...

Homeland security and virtual reality: building a Strategic Adaptive Response System (STARS).

PubMed

Swift, Christopher; Rosen, Joseph M; Boezer, Gordon; Lanier, Jaron; Henderson, Joseph V; Liu, Alan; Merrell, Ronald C; Nguyen, Sinh; Demas, Alex; Grigg, Elliot B; McKnight, Matthew F; Chang, Janelle; Koop, C Everett

2005-01-01

The advent of the Global War on Terrorism (GWOT) underscored the need to improve the U.S. disaster response paradigm. Existing systems involve numerous agencies spread across disparate functional and geographic jurisdictions. The current architecture remains vulnerable to sophisticated terrorist strikes. To address these vulnerabilities, we must continuously adapt and improve our Homeland Security architecture. Virtual Reality (VR) technologies will help model those changes and integrate technologies. This paper provides a broad overview of the strategic threats, together with a detailed examination of how specific VR technologies could be used to ensure successful disaster responses.

Cross-Layer Damage Assessment for Cyber Situational Awareness

NASA Astrophysics Data System (ADS)

Liu, Peng; Jia, Xiaoqi; Zhang, Shengzhi; Xiong, Xi; Jhi, Yoon-Chan; Bai, Kun; Li, Jason

Damage assessment plays a very important role in securing enterprise networks and systems. Gaining good awareness about the effects and impact of cyber attack actions would enable security officers to make the right cyber defense decisions and take the right cyber defense actions. A good number of damage assessment techniques have been proposed in the literature, but they typically focus on a single abstraction level (of the software system in concern). As a result, existing damage assessment techniques and tools are still very limited in satisfying the needs of comprehensive damage assessment which should not result in any “blind spots”.

A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

PubMed

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

2016-11-01

Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

Creation of security engineering programs by the Southwest Surety Institute

NASA Astrophysics Data System (ADS)

Romero, Van D.; Rogers, Bradley; Winfree, Tim; Walsh, Dan; Garcia, Mary Lynn

1998-12-01

The Southwest Surety Institute includes Arizona State University (ASU), Louisiana State University (LSU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL). The universities currently offer a full spectrum of post-secondary programs in security system design and evaluation, including an undergraduate minor, a graduate program, and continuing education programs. The programs are based on the methodology developed at Sandia National Laboratories over the past 25 years to protect critical nuclear assets. The programs combine basic concepts and principles from business, criminal justice, and technology to create an integrated performance-based approach to security system design and analysis. Existing university capabilities in criminal justice (NMSU), explosives testing and technology (NM Tech and LSU), and engineering technology (ASU) are leveraged to provide unique science-based programs that will emphasize the use of performance measures and computer analysis tools to prove the effectiveness of proposed systems in the design phase. Facility managers may then balance increased protection against the cost of implementation and risk mitigation, thereby enabling effective business decisions. Applications expected to benefit from these programs include corrections, law enforcement, counter-terrorism, critical infrastructure protection, financial and medical care fraud, industrial security, and border security.

Protection of electronic health records (EHRs) in cloud.

PubMed

Alabdulatif, Abdulatif; Khalil, Ibrahim; Mai, Vu

2013-01-01

EHR technology has come into widespread use and has attracted attention in healthcare institutions as well as in research. Cloud services are used to build efficient EHR systems and obtain the greatest benefits of EHR implementation. Many issues relating to building an ideal EHR system in the cloud, especially the tradeoff between flexibility and security, have recently surfaced. The privacy of patient records in cloud platforms is still a point of contention. In this research, we are going to improve the management of access control by restricting participants' access through the use of distinct encrypted parameters for each participant in the cloud-based database. Also, we implement and improve an existing secure index search algorithm to enhance the efficiency of information control and flow through a cloud-based EHR system. At the final stage, we contribute to the design of reliable, flexible and secure access control, enabling quick access to EHR information.

Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T

2014-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. The Cyberspace Security Econometrics System (CSES) provides a measure (i.e., a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSESmore » accounts for the variance that may exist among the stakes one attaches to meeting each requirement. The basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings contained in this copyright.« less

A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop.

PubMed

Zhang, Lifu; Zhang, Heng

2016-03-26

Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas.

Maximizing the security of chaotic optical communications.

PubMed

Hou, T T; Yi, L L; Yang, X L; Ke, J X; Hu, Y; Yang, Q; Zhou, P; Hu, W S

2016-10-03

The practical application of chaotic optical communications has been limited by two aspects: the difficulty in concealing the time delay - a critical security parameter in feedback chaotic systems, and the difficulty of significantly enlarging the key space without complicating the implementation. Here we propose an architecture to break the above limits. By introducing a frequency-dependent group delay module with frequency tuning resolution of 1 MHz into the chaotic feedback loop, we demonstrate excellent time delay concealment effect, and an additional huge key space of 10⁴⁸ can be achieved at the same time. The effectiveness is proved by both numerical simulation and experiment. Besides, the proposed scheme is compatible with the existing commercial optical communication systems, thus pave the way for high-speed secure optical communications.

Calibration methods for explosives detectors

NASA Astrophysics Data System (ADS)

MacDonald, Stephen J.; Rounbehler, David P.

1992-05-01

Airport security has become an important concern to cultures in every corner of the world. Presently, efforts to improve airport security have brought additional technological solutions, in the form of advanced instrumentation for the detection of explosives, into use at airport terminals in many countries. This new generation of explosives detectors is often used to augment existing security measures and provide a more encompassing screening capability for airline passengers. This paper describes two calibration procedures used for the Thermedics' EGIS explosives detectors. The systems were designed to screen people, electronic components, luggage, automobiles, and other objects for the presence of concealed explosives. The detectors have the ability to detect a wide range of explosives in both the vapor state or as surface adsorbed solids, therefore, calibrations were designed to challenge the system with explosives in each form.

Fuzzy assessment of health information system users' security awareness.

PubMed

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

The Proliferation Security Initiative as a New Paradigm for Peace and Security

DTIC Science & Technology

2006-04-01

sense of the term, in the UN system... That is to say, there 31 exists no corporate organ formally empowered to enact laws directly binding on...as entirely legitimate. If the PSI is to succeed, it means rethinking certain elemental components of the international legal regime. It means...consequence, there is a real need for some nongovernmental organization, philanthropy or pro bono practice to help the poor countries report on their efforts

Using secure web services to visualize poison center data for nationwide biosurveillance: a case study.

PubMed

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance.

77 FR 1728 - Privacy Act of 1974; Publication of Five New Systems of Records; Amendments to Five Existing...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-11

... assistance to correspondents; to use Web site based programs; to provide usage statistics associated with the... of individuals for surveys. Among other things, maintaining the names, addresses, etc. of individuals... information in the system. Safeguards: Access by authorized personnel only. Computer security safeguards are...

Analysis of Existing Privacy-Preserving Protocols in Domain Name System

NASA Astrophysics Data System (ADS)

Zhao, Fangming; Hori, Yoshiaki; Sakurai, Kouichi

In a society preoccupied with gradual erosion of electronic privacy, loss of privacy in the current Domain Name System is an important issue worth considering. In this paper, we first review the DNS and some security & privacy threats to make average users begin to concern about the significance of privacy preservation in DNS protocols. Then, by an careful survey of four noise query generation based existing privacy protection approaches, we analyze some benefits and limitations of these proposals in terms of both related performance evaluation results and theoretic proofs. Finally, we point out some problems that still exist for research community's continuing efforts in the future.

75 FR 65312 - Combined Notice of Filings #1

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-22

...: Request for Reauthorization and Extension of Existing Blanket Authorization to Acquire Securities under.... Applicants: Western Electricity Coordinating Council. Description: Notice of Proposed Cancellation of Western Electricity Coordinating Council's Reliability Management System. Filed Date: 10/12/2010. Accession Number...

A Quantitative Experimental Study of the Effectiveness of Systems to Identify Network Attackers

ERIC Educational Resources Information Center

Handorf, C. Russell

2016-01-01

This study analyzed the meta-data collected from a honeypot that was run by the Federal Bureau of Investigation for a period of 5 years. This analysis compared the use of existing industry methods and tools, such as Intrusion Detection System alerts, network traffic flow and system log traffic, within the Open Source Security Information Manager…

Importance of biometrics to addressing vulnerabilities of the U.S. infrastructure

NASA Astrophysics Data System (ADS)

Arndt, Craig M.; Hall, Nathaniel A.

2004-08-01

Human identification technologies are important threat countermeasures in minimizing select infrastructure vulnerabilities. Properly targeted countermeasures should be selected and integrated into an overall security solution based on disciplined analysis and modeling. Available data on infrastructure value, threat intelligence, and system vulnerabilities are carefully organized, analyzed and modeled. Prior to design and deployment of an effective countermeasure; the proper role and appropriateness of technology in addressing the overall set of vulnerabilities is established. Deployment of biometrics systems, as with other countermeasures, introduces potentially heightened vulnerabilities into the system. Heightened vulnerabilities may arise from both the newly introduced system complexities and an unfocused understanding of the set of vulnerabilities impacted by the new countermeasure. The countermeasure's own inherent vulnerabilities and those introduced by the system's integration with the existing system are analyzed and modeled to determine the overall vulnerability impact. The United States infrastructure is composed of government and private assets. The infrastructure is valued by their potential impact on several components: human physical safety, physical/information replacement/repair cost, potential contribution to future loss (criticality in weapons production), direct productivity output, national macro-economic output/productivity, and information integrity. These components must be considered in determining the overall impact of an infrastructure security breach. Cost/benefit analysis is then incorporated in the security technology deployment decision process. Overall security risks based on system vulnerabilities and threat intelligence determines areas of potential benefit. Biometric countermeasures are often considered when additional security at intended points of entry would minimize vulnerabilities.

105KE Basin Area Radiation Monitor System (ARMS) Acceptance Test Procedure

DOE Office of Scientific and Technical Information (OSTI.GOV)

KINKEL, C.C.

1999-12-14

This procedure is intended for the Area Radiation Monitoring System, ARMS, that is replacing the existing Programmable Input-Output Processing System, PIOPS, radiation monitoring system in the 105KE basin. The new system will be referred to as the 105KE ARMS, 105KE Area Radiation Monitoring System. This ATP will ensure calibration integrity of the 105KE radiation detector loops. Also, this ATP will test and document the display, printing, alarm output, alarm acknowledgement, upscale check, and security functions. This ATP test is to be performed after completion of the 105KE ARMS installation. The alarm outputs of the 105KE ARMS will be connected tomore » the basin detector alarms, basin annunciator system, and security Alarm Monitoring System, AMS, located in the 200 area Central Alarm Station (CAS).« less

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2013 CFR

2013-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2014 CFR

2014-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2011 CFR

2011-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2012 CFR

2012-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

20 CFR 416.966 - Work which exists in the national economy.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... 416.966 Section 416.966 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses prepared for the Social Security Administration by various...

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

PubMed

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

Wolf Attack Probability: A Theoretical Security Measure in Biometric Authentication Systems

NASA Astrophysics Data System (ADS)

Une, Masashi; Otsuka, Akira; Imai, Hideki

This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

Ensuring reliability in expansion schemes.

PubMed

Kamal-Uddin, Abu Sayed; Williams, Donald Leigh

2005-01-01

Existing electricity power supplies must serve, or be adapted to serve, the expansion of hospital buildings. With the existing power supply assets of many hospitals being up to 20 years old, assessing the security and reliability of the power system must be given appropriate priority to avoid unplanned outages due to overloads and equipment failures. It is imperative that adequate contingency is planned for essential and non-essential electricity circuits. This article describes the methodology undertaken, and the subsequent recommendations that were made, when evaluating the security and reliability of electricity power supplies to a number of major London hospitals. The methodology described aligns with the latest issue of NHS Estates HTM 2011 'Primary Electrical Infrastructure Emergency Electrical Services Design Guidance' (to which ERA Technology has contributed).

Investigating existing medical CT segmentation techniques within automated baggage and package inspection

NASA Astrophysics Data System (ADS)

Megherbi, Najla; Breckon, Toby P.; Flitton, Greg T.

2013-10-01

3D Computed Tomography (CT) image segmentation is already well established tool in medical research and in routine daily clinical practice. However, such techniques have not been used in the context of 3D CT image segmentation for baggage and package security screening using CT imagery. CT systems are increasingly used in airports for security baggage examination. We propose in this contribution an investigation of the current 3D CT medical image segmentation methods for use in this new domain. Experimental results of 3D segmentation on real CT baggage security imagery using a range of techniques are presented and discussed.

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

PubMed

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-05-17

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

A solid state video recorder as a direct replacement of a mechanically driven disc recording device in a security system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Terry, P.L.

1989-01-01

Whether upgrading or developing a security system, investing in a solid state video recorder may prove to be quite prudent. Even though the initial cost of a solid state recorder may be more expensive, when comparing it to a disc recorder it is practically maintenance free. Thus, the cost effectiveness of a solid state video recorder over an extended period of time more than justifies the initial expense. This document illustrates the use of a solid state video recorder as a direct replacement. It replaces a mechanically driven disc recorder that existed in a synchronized video recording system. The originalmore » system was called the Universal Video Disc Recorder System. The modified system will now be referred to as the Solid State Video Recording System. 5 figs.« less

Smart security system for Indian rail wagons using IOT

NASA Astrophysics Data System (ADS)

Bhanuteja, S.; Shilpi, S.; Pragna, K.; Arun, M.

2017-11-01

The objective of this project is to create a Security System for the goods that are carried in open top freight trains. The most efficient way to secure anything from thieves is to have a continuous observation. So for continuous observation of the open top freight train, Camera module2 has been used. Passive Infrared Sensor (PIR) 1 has been used to detect the motion or to sense movement of people, animals, or any object. So whenever a motion is detected by the PIR sensor, the Camera takes a picture of that particular instance. That picture will be send to the Raspberry PI which does Skin Detection Algorithm and specifies whether that motion was created by a human or not. If a human makes it, then that picture will send to the drop box. Any Official can have a look at the same. The existing system has a CCTV installed at various critical locations like bridges, railway stations etc. but they does not provide a continuous observation. This paper describes about the Security System that provides continuous observation for open top freight trains so that goods can be carried safely to its destination.

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines.

PubMed

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-07-11

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs) as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Network (WSN) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs.

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines

PubMed Central

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-01-01

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs)as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Networks (WSNs) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs. PMID:28696390

Homeland Security: Compendium of Recommendations Relevant to House Committee Organization and Analysis of Considerations for the House, and 109th and 110th Congresses: Epilogue

DTIC Science & Technology

2007-03-02

strong indication that existing committees are capable of action. A third consideration in creating a homeland security committee is whether such a...current House committee system. Ranking Member Dingell of the Energy and Commerce Committee indicated that his experience with committees sharing oversight...Schlesinger reported spending half of his time as secretary of energy on Capitol Hill, “dealing with one problem or another.” He indicated the number of

Secure communication in fiber optic systems via transmission of broad-band optical noise.

PubMed

Buskila, O; Eyal, A; Shtaif, M

2008-03-03

We propose a new scheme for data encryption in the physical layer. Our scheme is based on the distribution of a broadband optical noise-like signal between Alice and Bob. The broadband signal is used for the establishment of a secret key that can be used for the secure transmission of information by using the one-time-pad method. We characterize the proposed scheme and study its applicability to the existing fiber-optics communications infrastructure.

SSL/TLS Vulnerability Detection Using Black Box Approach

NASA Astrophysics Data System (ADS)

Gunawan, D.; Sitorus, E. H.; Rahmat, R. F.; Hizriadi, A.

2018-03-01

Socket Secure Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that provide data encryption to secure the communication over a network. However, in some cases, there are vulnerability found in the implementation of SSL/TLS because of weak cipher key, certificate validation error or session handling error. One of the most vulnerable SSL/TLS bugs is heartbleed. As the security is essential in data communication, this research aims to build a scanner that detect the SSL/TLS vulnerability by using black box approach. This research will focus on heartbleed case. In addition, this research also gathers information about existing SSL in the server. The black box approach is used to test the output of a system without knowing the process inside the system itself. For testing purpose, this research scanned websites and found that some of the websites still have SSL/TLS vulnerability. Thus, the black box approach can be used to detect the vulnerability without considering the source code and the process inside the application.

Iraqi Army Facilities Under the Iraq Security Forces Fund, Diyanah and Debecha, Iraq

DTIC Science & Technology

2008-01-17

reinforcement bars and cast each building’s roof flatwork and horizontal beams to complete the structural aspects of the roof system . Steel header...included a mix of new construction and renovation of existing structures and facilities. The Statement of Requirements and Specifications provided...that renovation of existing structures , when possible, was preferred. In addition, the United States government encouraged the contractor to use

A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop

PubMed Central

Zhang, Lifu; Zhang, Heng

2016-01-01

Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas. PMID:27023559

Teamwork and the National Security Personnel System

DTIC Science & Technology

2007-03-18

and thereby improve organizational performance. However, concern exists that only rewarding individual performance may adversely impact teamwork...collaboration, and information sharing which could ultimately impact organizational performance. This paper explores the importance of teamwork for...indicates that pay-for-performance systems can harm teamwork suggesting that NSPS could negatively impact teamwork within the DoD. Recommendations are

Trends in Public Library Buildings.

ERIC Educational Resources Information Center

Holt, Raymond M.

1987-01-01

Review of trends in public library buildings covers cycles in building activity; financial support; site selection; expansion, remodeling, or conversion of existing buildings; size of buildings; and such architectural concerns as flexible space, lighting, power, accommodation of computer systems, heat and ventilation, fire protection, security,…

Food security and sustainability: can one exist without the other?

PubMed

Berry, Elliot M; Dernini, Sandro; Burlingame, Barbara; Meybeck, Alexandre; Conforti, Piero

2015-09-01

To position the concept of sustainability within the context of food security. An overview of the interrelationships between food security and sustainability based on a non-systematic literature review and informed discussions based principally on a quasi-historical approach from meetings and reports. International and global food security and nutrition. The Rome Declaration on World Food Security in 1996 defined its three basic dimensions as: availability, accessibility and utilization, with a focus on nutritional well-being. It also stressed the importance of sustainable management of natural resources and the elimination of unsustainable patterns of food consumption and production. In 2009, at the World Summit on Food Security, the concept of stability/vulnerability was added as the short-term time indicator of the ability of food systems to withstand shocks, whether natural or man-made, as part of the Five Rome Principles for Sustainable Global Food Security. More recently, intergovernmental processes have emphasized the importance of sustainability to preserve the environment, natural resources and agro-ecosystems (and thus the overlying social system), as well as the importance of food security as part of sustainability and vice versa. Sustainability should be considered as part of the long-term time dimension in the assessment of food security. From such a perspective the concept of sustainable diets can play a key role as a goal and a way of maintaining nutritional well-being and health, while ensuring the sustainability for future food security. Without integrating sustainability as an explicit (fifth?) dimension of food security, today's policies and programmes could become the very cause of increased food insecurity in the future.

Authentication, integrity, and confidentiality in DICOM-structured reporting: concept and implementation

NASA Astrophysics Data System (ADS)

Riesmeier, Joerg; Eichelberg, Marco; Kleber, Klaus; Groenemeyer, Dietrich H.; Oosterwijk, Herman J.; Jensch, Peter F.

2002-05-01

With the release of 'DICOM Structured Reporting' (SR) as an official extension of the standard about two years ago, DICOM has entered a new domain that is only indirectly related to medical imaging. Basically, DICOM SR is a general model allowing to encode medical reports in a structured manner in DICOM's tag-based format. Therefore, the existing DICOM infrastructure can be used to archive and communicate structured reports, with only relatively small changes to existing systems. As a consequence of the introduction of medical reports in a digital form, the relevance of security measures increases significantly. We have developed a prototype implementation of DICOM structured reporting together with the new security extensions for secure transport connections and digital signatures. The application allows to create, read and modify any SR document, to digitally sign an SR document in whole or part and to transmit such documents over a network. While the secure transport connection protects data from modifications or unauthorized access only during transmission, digital signatures provide a lifetime integrity check and, therefore, maintain the legal document status of structured reports. The application has been successfully demonstrated at RSNA 2000 and ECR 2001, and is freely available on the Internet.

Emotional security in the family system and psychological distress in female survivors of child sexual abuse.

PubMed

Cantón-Cortés, David; Cantón, José; Cortés, María Rosario

2016-01-01

The Emotional Security Theory (EST) was originally developed to investigate the association between high levels of interparental conflict and child maladaptative outcome. The objective of the present study was to analyze the effects of emotional security in the family system on psychological distress among a sample of young female adult survivors of child sexual abuse (CSA). The role of emotional security was investigated through the interactive effects of a number of factors including the type of abuse, the continuity of abuse, the relationship with the perpetrator and the existence of disclosure for the abuse. Participants were 167 female survivors of CSA. Information about the abuse was obtained from a self-reported questionnaire. Emotional security was assessed with the Security in the Family System (SIFS) Scale, and the Symptom Checklist-90-Revised (SCL-90-R) was used to assess psychological distress. In the total sample, insecurity (preoccupation and disengagement) was correlated with high psychological distress scores, whereas no relationship was found between security and psychological distress. The relationship between emotional insecurity and psychological distress was stronger in cases of continued abuse and non-disclosure, while the relationship between emotional security and distress was stronger in cases of extrafamilial abuse and especially isolated or several incidents and when a disclosure had been made. No interactive effect was found between any of the three emotional variables and the type of abuse committed. The results of the current study suggest that characteristics of CSA such as relationship with the perpetrator and, especially, continuity of abuse and whether or not disclosure had been made, can affect the impact of emotional security on psychological distress of CSA survivors. Copyright © 2015 Elsevier Ltd. All rights reserved.

A system for distributed intrusion detection

DOE Office of Scientific and Technical Information (OSTI.GOV)

Snapp, S.R.; Brentano, J.; Dias, G.V.

1991-01-01

The study of providing security in computer networks is a rapidly growing area of interest because the network is the medium over which most attacks or intrusions on computer systems are launched. One approach to solving this problem is the intrusion-detection concept, whose basic premise is that not only abandoning the existing and huge infrastructure of possibly-insecure computer and network systems is impossible, but also replacing them by totally-secure systems may not be feasible or cost effective. Previous work on intrusion-detection systems were performed on stand-alone hosts and on a broadcast local area network (LAN) environment. The focus of ourmore » present research is to extend our network intrusion-detection concept from the LAN environment to arbitarily wider areas with the network topology being arbitrary as well. The generalized distributed environment is heterogeneous, i.e., the network nodes can be hosts or servers from different vendors, or some of them could be LAN managers, like our previous work, a network security monitor (NSM), as well. The proposed architecture for this distributed intrusion-detection system consists of the following components: a host manager in each host; a LAN manager for monitoring each LAN in the system; and a central manager which is placed at a single secure location and which receives reports from various host and LAN managers to process these reports, correlate them, and detect intrusions. 11 refs., 2 figs.« less

Clone tag detection in distributed RFID systems.

PubMed

Kamaludin, Hazalila; Mahdin, Hairulnizam; Abawajy, Jemal H

2018-01-01

Although Radio Frequency Identification (RFID) is poised to displace barcodes, security vulnerabilities pose serious challenges for global adoption of the RFID technology. Specifically, RFID tags are prone to basic cloning and counterfeiting security attacks. A successful cloning of the RFID tags in many commercial applications can lead to many serious problems such as financial losses, brand damage, safety and health of the public. With many industries such as pharmaceutical and businesses deploying RFID technology with a variety of products, it is important to tackle RFID tag cloning problem and improve the resistance of the RFID systems. To this end, we propose an approach for detecting cloned RFID tags in RFID systems with high detection accuracy and minimal overhead thus overcoming practical challenges in existing approaches. The proposed approach is based on consistency of dual hash collisions and modified count-min sketch vector. We evaluated the proposed approach through extensive experiments and compared it with existing baseline approaches in terms of execution time and detection accuracy under varying RFID tag cloning ratio. The results of the experiments show that the proposed approach outperforms the baseline approaches in cloned RFID tag detection accuracy.

Using Secure Web Services to Visualize Poison Center Data for Nationwide Biosurveillance: A Case Study

PubMed Central

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M. Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Objectives Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. Methods As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Results Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. Discussion This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Conclusion Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance. PMID:23569581

A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

PubMed

Gope, Prosanta; Amin, Ruhul

2016-11-01

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety.

PubMed

Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Li, Fagen

2016-01-01

Patient medication safety is an important issue in patient medication systems. In order to prevent medication errors, integrating Radio Frequency Identification (RFID) technology into automated patient medication systems is required in hospitals. Based on RFID technology, such systems can provide medical evidence for patients' prescriptions and medicine doses, etc. Due to the mutual authentication between the medication server and the tag, RFID authentication scheme is the best choice for automated patient medication systems. In this paper, we present a RFID mutual authentication scheme based on elliptic curve cryptography (ECC) to enhance patient medication safety. Our scheme can achieve security requirements and overcome various attacks existing in other schemes. In addition, our scheme has better performance in terms of computational cost and communication overhead. Therefore, the proposed scheme is well suitable for patient medication systems.

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

Cardea: Providing Support for Dynamic Resource Access in a Distributed Computing Environment

NASA Technical Reports Server (NTRS)

Lepro, Rebekah

2003-01-01

The environment framing the modem authorization process span domains of administration, relies on many different authentication sources, and manages complex attributes as part of the authorization process. Cardea facilitates dynamic access control within this environment as a central function of an inter-operable authorization framework. The system departs from the traditional authorization model by separating the authentication and authorization processes, distributing the responsibility for authorization data and allowing collaborating domains to retain control over their implementation mechanisms. Critical features of the system architecture and its handling of the authorization process differentiate the system from existing authorization components by addressing common needs not adequately addressed by existing systems. Continuing system research seeks to enhance the implementation of the current authorization model employed in Cardea, increase the robustness of current features, further the framework for establishing trust and promote interoperability with existing security mechanisms.

Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems.

PubMed

Li, Chun-Ta; Shih, Dong-Her; Wang, Chun-Cheng

2018-04-01

 With the rapid development of wireless communication technologies and the growing prevalence of smart devices, telecare medical information system (TMIS) allows patients to receive medical treatments from the doctors via Internet technology without visiting hospitals in person. By adopting mobile device, cloud-assisted platform and wireless body area network, the patients can collect their physiological conditions and upload them to medical cloud via their mobile devices, enabling caregivers or doctors to provide patients with appropriate treatments at anytime and anywhere. In order to protect the medical privacy of the patient and guarantee reliability of the system, before accessing the TMIS, all system participants must be authenticated.  Mohit et al. recently suggested a lightweight authentication protocol for cloud-based health care system. They claimed their protocol ensures resilience of all well-known security attacks and has several important features such as mutual authentication and patient anonymity. In this paper, we demonstrate that Mohit et al.'s authentication protocol has various security flaws and we further introduce an enhanced version of their protocol for cloud-assisted TMIS, which can ensure patient anonymity and patient unlinkability and prevent the security threats of report revelation and report forgery attacks.  The security analysis proves that our enhanced protocol is secure against various known attacks as well as found in Mohit et al.'s protocol. Compared with existing related protocols, our enhanced protocol keeps the merits of all desirable security requirements and also maintains the efficiency in terms of computation costs for cloud-assisted TMIS.  We propose a more secure mutual authentication and privacy preservation protocol for cloud-assisted TMIS, which fixes the mentioned security weaknesses found in Mohit et al.'s protocol. According to our analysis, our authentication protocol satisfies most functionality features for privacy preservation and effectively cope with cloud-assisted TMIS with better efficiency. Copyright © 2018 Elsevier B.V. All rights reserved.

76 FR 33375 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-08

... Securities and Exchange Commission (``Commission'') is soliciting comments on the collection of information summarized below. The Commission plans to submit this existing collection of information to the Office of... Gathering, Analysis and Retrieval (``EDGAR'') system. Regulation S-T is assigned one burden hour for [[Page...

A Method of Retrospective Computerized System Validation for Drug Manufacturing Software Considering Modifications

NASA Astrophysics Data System (ADS)

Takahashi, Masakazu; Fukue, Yoshinori

This paper proposes a Retrospective Computerized System Validation (RCSV) method for Drug Manufacturing Software (DMSW) that relates to drug production considering software modification. Because DMSW that is used for quality management and facility control affects big impact to quality of drugs, regulatory agency required proofs of adequacy for DMSW's functions and performance based on developed documents and test results. Especially, the work that explains adequacy for previously developed DMSW based on existing documents and operational records is called RCSV. When modifying RCSV conducted DMSW, it was difficult to secure consistency between developed documents and test results for modified DMSW parts and existing documents and operational records for non-modified DMSW parts. This made conducting RCSV difficult. In this paper, we proposed (a) definition of documents architecture, (b) definition of descriptive items and levels in the documents, (c) management of design information using database, (d) exhaustive testing, and (e) integrated RCSV procedure. As a result, we could conduct adequate RCSV securing consistency.

Attachment, self-esteem, worldviews, and terror management: evidence for a tripartite security system.

PubMed

Hart, Joshua; Shaver, Phillip R; Goldenberg, Jamie L

2005-06-01

On the basis of prior work integrating attachment theory and terror management theory, the authors propose a model of a tripartite security system consisting of dynamically interrelated attachment, self-esteem, and worldview processes. Four studies are presented that, combined with existing evidence, support the prediction derived from the model that threats to one component of the security system result in compensatory defensive activation of other components. Further, the authors predicted and found that individual differences in attachment style moderate the defenses. In Studies 1 and 2, attachment threats motivated worldview defense among anxiously attached participants and motivated self-enhancement (especially among avoidant participants), effects similar to those caused by mortality salience. In Studies 3 and 4, a worldview threat and a self-esteem threat caused attachment-related proximity seeking among fearful participants and avoidance of proximity among dismissing participants. The authors' model provides an overarching framework within which to study attachment, self-esteem, and worldviews.

A Survey of Security Tools for the Industrial Control System Environment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hurd, Carl M.; McCarty, Michael V.

This report details the results of a survey conducted by Idaho National Laboratory (INL) to identify existing tools which could be used to prevent, detect, mitigate, or investigate a cyber-attack in an industrial control system (ICS) environment. This report compiles a list of potentially applicable tools and shows the coverage of the tools in an ICS architecture.

Food Security and the Justification of Productivism in New Zealand

ERIC Educational Resources Information Center

Rosin, Christopher

2013-01-01

The spike in food commodity prices in 2007-2008 is frequently represented as a crisis for the global food system. Interpreted as a failure to achieve the utopian imperative to feed the world, the crisis can potentially expose the distortions inherent to the productivist ideology framing the existing system. As a result, it can act as a shock that…

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation

PubMed Central

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-01-01

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional “encrypt-then-sign” or “sign-then-encrypt” strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation. PMID:29772840

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills,more » and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between those threats and the defensive capabilities of control systems can be analyzed. The results of the gap analysis drive changes in the cyber security of critical infrastructure networks to close the gap between current exploits and existing defenses. The analysis also provides defenders with an idea of how threat technology is evolving and how defenses will need to be modified to address these emerging trends.« less

Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2009-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. This paper proposes a Cyberspace Security Econometrics System (CSES) that provides a measure (i.e., a quantitative indication) of reliability, performance and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. Formore » a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. This paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings.« less

Building a gateway with open source software for secure-DICOM communication over insecure networks

NASA Astrophysics Data System (ADS)

Emmel, Dirk; Ricke, Jens; Stohlmann, Lutz; Haderer, Alexander; Felix, Roland

2002-05-01

For Teleradiology the exchange of DICOM-images is needed for several purposes. Existing solutions often don't consider about the needs for data security and data privacy. Communication is done without any encryption over insecure networks or with encryption using proprietary solutions, which reduces the data communication possibilities to partners with the same equipment. Our goal was to build a gateway, which offers a transparent solution for secure DICOM-communication in a heterogeneous environment We developed a PC-based gateway system with DICOM-communication to the in-house network and secure DICOM communication for the communication over the insecure network. One gateway installed at each location is responsible for encryption/decryption. The sender just transfers the image data over the DICOM protocol to the local gateway. The gateway forwards the data to the gateway on the destination site using the secure DICOM protocol, which is part of the DICOM standard. The receiving gateway forwards the image data to the final destination again using the DICOM-Protocol. The gateway is based on Open Source software and runs under several operating systems. Our experience shows a reliable solution, which solves security issues for DICOM communication of image data and integrates seamless into a heterogeneous DICOM environment.

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

17 CFR 230.145 - Reclassification of securities, mergers, consolidations and acquisitions of assets.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Reclassification of securities... Exchanges SECURITIES AND EXCHANGE COMMISSION GENERAL RULES AND REGULATIONS, SECURITIES ACT OF 1933 General... security in exchange for their existing security. Rule 145 embodies the Commission's determination that...

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

PubMed Central

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

A data-management system using sensor technology and wireless devices for port security

NASA Astrophysics Data System (ADS)

Saldaña, Manuel; Rivera, Javier; Oyola, Jose; Manian, Vidya

2014-05-01

Sensor technologies such as infrared sensors and hyperspectral imaging, video camera surveillance are proven to be viable in port security. Drawing from sources such as infrared sensor data, digital camera images and processed hyperspectral images, this article explores the implementation of a real-time data delivery system. In an effort to improve the manner in which anomaly detection data is delivered to interested parties in port security, this system explores how a client-server architecture can provide protected access to data, reports, and device status. Sensor data and hyperspectral image data will be kept in a monitored directory, where the system will link it to existing users in the database. Since this system will render processed hyperspectral images that are dynamically added to the server - which often occupy a large amount of space - the resolution of these images is trimmed down to around 1024×768 pixels. Changes that occur in any image or data modification that originates from any sensor will trigger a message to all users that have a relation with the aforementioned. These messages will be sent to the corresponding users through automatic email generation and through a push notification using Google Cloud Messaging for Android. Moreover, this paper presents the complete architecture for data reception from the sensors, processing, storage and discusses how users of this system such as port security personnel can use benefit from the use of this service to receive secure real-time notifications if their designated sensors have detected anomalies and/or have remote access to results from processed hyperspectral imagery relevant to their assigned posts.

[Goals in the discussion of old age insurance - a sketch].

PubMed

Schmähl, W

1980-01-01

In the Federal Republic of Germany often the discussion on social policy deals with instruments, yet seldom with goals to be realised. Scientific work on goals for old-age security policy is just starting. In this article the importance of distinctly defined goals is shown for rational economic and social policy, for an assessment of the existing situation, for a goal oriented selection and formation of measures and for success control. With reference to distributive goals in old-age security policy it is exemplified in which way scientific work can be helpful in defining goals in an operationalised form. For this it is important to deal with several distributive aspects, which are often mixed in discussions. As measures in one area of economic and social policy cannot be taken isolated, in order to avoid unwanted consequences, it is necessary for old-age security policies too, to take into consideration a general system of economic and social policy goals. As an example, it must be stated that e.g. aspects of business cycle and growth policy have to be considered while constructing a system of old-age security. Finally, some other criteria for old-age security policies, such as transparence, political feasibility and practicability are mentioned.

Obfuscatable multi-recipient re-encryption for secure privacy-preserving personal health record services.

PubMed

Shi, Yang; Fan, Hongfei; Xiong, Guoyue

2015-01-01

With the rapid development of cloud computing techniques, it is attractive for personal health record (PHR) service providers to deploy their PHR applications and store the personal health data in the cloud. However, there could be a serious privacy leakage if the cloud-based system is intruded by attackers, which makes it necessary for the PHR service provider to encrypt all patients' health data on cloud servers. Existing techniques are insufficiently secure under circumstances where advanced threats are considered, or being inefficient when many recipients are involved. Therefore, the objectives of our solution are (1) providing a secure implementation of re-encryption in white-box attack contexts and (2) assuring the efficiency of the implementation even in multi-recipient cases. We designed the multi-recipient re-encryption functionality by randomness-reusing and protecting the implementation by obfuscation. The proposed solution is secure even in white-box attack contexts. Furthermore, a comparison with other related work shows that the computational cost of the proposed solution is lower. The proposed technique can serve as a building block for supporting secure, efficient and privacy-preserving personal health record service systems.

Adherence to HIV and TB care and treatment, the role of food security and nutrition.

PubMed

Claros, Joan M; de Pee, Saskia; Bloem, Martin W

2014-10-01

Food security and nutrition play an important role in HIV and TB care and treatment, including for improving treatment outcomes, adherence and uptake of HIV and TB care. This AIDS and behaviour supplement on "Adherence to HIV and TB care and treatment, the role of food security and nutrition" provides an overview of the current evidence and knowledge about the barriers to uptake and retention in HIV and TB treatment and care and on whether and how food and nutrition assistance can help overcome these barriers. It contains nine papers on three topic areas discussing: (a) adherence and food and nutrition security in context of HIV and TB, their definitions, measurement tools and the current situation; (b) food and nutrition insecurity as barriers to uptake and retention; and (c) food and nutrition assistance to increase uptake and retention in care and treatment. Future interventions in the areas of food security, nutrition and social protection for increasing access and adherence should be from an HIV sensitive lens, linking the continuum of care with health systems, food systems and the community, complementing existing platforms through partnerships and integrated services.

Security aspects in teleradiology workflow

NASA Astrophysics Data System (ADS)

Soegner, Peter I.; Helweg, Gernot; Holzer, Heimo; zur Nedden, Dieter

2000-05-01

The medicolegal necessity of privacy, security and confidentiality was the aim of the attempt to develop a secure teleradiology workflow between the telepartners -- radiologist and the referring physician. To avoid the lack of dataprotection and datasecurity we introduced biometric fingerprint scanners in combination with smart cards to identify the teleradiology partners and communicated over an encrypted TCP/IP satellite link between Innsbruck and Reutte. We used an asymmetric kryptography method to guarantee authentification, integrity of the data-packages and confidentiality of the medical data. It was necessary to use a biometric feature to avoid a case of mistaken identity of persons, who wanted access to the system. Only an invariable electronical identification allowed a legal liability to the final report and only a secure dataconnection allowed the exchange of sensible medical data between different partners of Health Care Networks. In our study we selected the user friendly combination of a smart card and a biometric fingerprint technique, called SkymedTM Double Guard Secure Keyboard (Agfa-Gevaert) to confirm identities and log into the imaging workstations and the electronic patient record. We examined the interoperability of the used software with the existing platforms. Only the WIN-XX operating systems could be protected at the time of our study.

Security and privacy in molecular communication and networking: opportunities and challenges.

PubMed

Loscrí, Valeria; Marchal, César; Mitton, Nathalie; Fortino, Giancarlo; Vasilakos, Athanasios V

2014-09-01

Molecular Communication (MC) is an emerging and promising communication paradigm for several multi-disciplinary domains like bio-medical, industry and military. Differently to the traditional communication paradigm, the information is encoded on the molecules, that are then used as carriers of information. Novel approaches related to this new communication paradigm have been proposed, mainly focusing on architectural aspects and categorization of potential applications. So far, security and privacy aspects related to the molecular communication systems have not been investigated at all and represent an open question that need to be addressed. The main motivation of this paper lies on providing some first insights about security and privacy aspects of MC systems, by highlighting the open issues and challenges and above all by outlining some specific directions of potential solutions. Existing cryptographic methods and security approaches are not suitable for MC systems since do not consider the pecific issues and challenges, that need ad-hoc solutions. We will discuss directions in terms of potential solutions by trying to highlight the main advantages and potential drawbacks for each direction considered. We will try to answer to the main questions: 1) why this solution can be exploited in the MC field to safeguard the system and its reliability? 2) which are the main issues related to the specific approach?

Cyberspace Security Econometrics System (CSES)

DOE Office of Scientific and Technical Information (OSTI.GOV)

2012-07-27

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variancemore » that may exist among the stakes one attaches to meeting each requirement.« less

Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

NASA Astrophysics Data System (ADS)

Liang, Lin-Mei; Sun, Shi-Hai; Jiang, Mu-Sheng; Li, Chun-Yan

2014-10-01

In general, quantum key distribution (QKD) has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noncloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108: 130503].

Game Theory for Proactive Dynamic Defense and Attack Mitigation in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Letchford, Joshua

While there has been a great deal of security research focused on preventing attacks, there has been less work on how one should balance security and resilience investments. In this work we developed and evaluated models that captured both explicit defenses and other mitigations that reduce the impact of attacks. We examined these issues both in more broadly applicable general Stackelberg models and in more specific network and power grid settings. Finally, we compared these solutions to existing work in terms of both solution quality and computational overhead.

26 CFR 1.355-1 - Distribution of stock and securities of a controlled corporation.

Code of Federal Regulations, 2010 CFR

2010-04-01

... in income of) the shareholders and security holders, of one or more existing businesses formerly... to the separation of existing businesses that have been in active operation for at least five years.... Section 355 contemplates the continued operation of the business or businesses existing prior to the...

Using Public Network Infrastructures for UAV Remote Sensing in Civilian Security Operations

DTIC Science & Technology

2011-03-01

leveraging public wireless communication networks for UAV-based sensor networks with respect to existing constraints and user requirements...Detection with an Autonomous Micro UAV Mesh Network . In the near future police departments, fire brigades and other homeland security ...UAV-based sensor networks with respect to existing constraints and user requirements. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION

Big Data, Internet of Things and Cloud Convergence--An Architecture for Secure E-Health Applications.

PubMed

Suciu, George; Suciu, Victor; Martian, Alexandru; Craciunescu, Razvan; Vulpe, Alexandru; Marcu, Ioana; Halunga, Simona; Fratu, Octavian

2015-11-01

Big data storage and processing are considered as one of the main applications for cloud computing systems. Furthermore, the development of the Internet of Things (IoT) paradigm has advanced the research on Machine to Machine (M2M) communications and enabled novel tele-monitoring architectures for E-Health applications. However, there is a need for converging current decentralized cloud systems, general software for processing big data and IoT systems. The purpose of this paper is to analyze existing components and methods of securely integrating big data processing with cloud M2M systems based on Remote Telemetry Units (RTUs) and to propose a converged E-Health architecture built on Exalead CloudView, a search based application. Finally, we discuss the main findings of the proposed implementation and future directions.

A Security Architecture for Grid-enabling OGC Web Services

NASA Astrophysics Data System (ADS)

Angelini, Valerio; Petronzio, Luca

2010-05-01

In the proposed presentation we describe an architectural solution for enabling a secure access to Grids and possibly other large scale on-demand processing infrastructures through OGC (Open Geospatial Consortium) Web Services (OWS). This work has been carried out in the context of the security thread of the G-OWS Working Group. G-OWS (gLite enablement of OGC Web Services) is an international open initiative started in 2008 by the European CYCLOPS , GENESI-DR, and DORII Project Consortia in order to collect/coordinate experiences in the enablement of OWS's on top of the gLite Grid middleware. G-OWS investigates the problem of the development of Spatial Data and Information Infrastructures (SDI and SII) based on the Grid/Cloud capacity in order to enable Earth Science applications and tools. Concerning security issues, the integration of OWS compliant infrastructures and gLite Grids needs to address relevant challenges, due to their respective design principles. In fact OWS's are part of a Web based architecture that demands security aspects to other specifications, whereas the gLite middleware implements the Grid paradigm with a strong security model (the gLite Grid Security Infrastructure: GSI). In our work we propose a Security Architectural Framework allowing the seamless use of Grid-enabled OGC Web Services through the federation of existing security systems (mostly web based) with the gLite GSI. This is made possible mediating between different security realms, whose mutual trust is established in advance during the deployment of the system itself. Our architecture is composed of three different security tiers: the user's security system, a specific G-OWS security system, and the gLite Grid Security Infrastructure. Applying the separation-of-concerns principle, each of these tiers is responsible for controlling the access to a well-defined resource set, respectively: the user's organization resources, the geospatial resources and services, and the Grid resources. While the gLite middleware is tied to a consolidated security approach based on X.509 certificates, our system is able to support different kinds of user's security infrastructures. Our central component, the G-OWS Security Framework, is based on the OASIS WS-Trust specifications and on the OGC GeoRM architectural framework. This allows to satisfy advanced requirements such as the enforcement of specific geospatial policies and complex secure web service chained requests. The typical use case is represented by a scientist belonging to a given organization who issues a request to a G-OWS Grid-enabled Web Service. The system initially asks the user to authenticate to his/her organization's security system and, after verification of the user's security credentials, it translates the user's digital identity into a G-OWS identity. This identity is linked to a set of attributes describing the user's access rights to the G-OWS services and resources. Inside the G-OWS Security system, access restrictions are applied making use of the enhanced Geospatial capabilities specified by the OGC GeoXACML. If the required action needs to make use of the Grid environment the system checks if the user is entitled to access a Grid infrastructure. In that case his/her identity is translated to a temporary Grid security token using the Short Lived Credential Services (IGTF Standard). In our case, for the specific gLite Grid infrastructure, some information (VOMS Attributes) is plugged into the Grid Security Token to grant the access to the user's Virtual Organization Grid resources. The resulting token is used to submit the request to the Grid and also by the various gLite middleware elements to verify the user's grants. Basing on the presented framework, the G-OWS Security Working Group developed a prototype, enabling the execution of OGC Web Services on the EGEE Production Grid through the federation with a Shibboleth based security infrastructure. Future plans aim to integrate other Web authentication services such as OpenID, Kerberos and WS-Federation.

Competitive Cyber-Insurance and Internet Security

NASA Astrophysics Data System (ADS)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

Security of six-state quantum key distribution protocol with threshold detectors

PubMed Central

Kato, Go; Tamaki, Kiyoshi

2016-01-01

The security of quantum key distribution (QKD) is established by a security proof, and the security proof puts some assumptions on the devices consisting of a QKD system. Among such assumptions, security proofs of the six-state protocol assume the use of photon number resolving (PNR) detector, and as a result the bit error rate threshold for secure key generation for the six-state protocol is higher than that for the BB84 protocol. Unfortunately, however, this type of detector is demanding in terms of technological level compared to the standard threshold detector, and removing the necessity of such a detector enhances the feasibility of the implementation of the six-state protocol. Here, we develop the security proof for the six-state protocol and show that we can use the threshold detector for the six-state protocol. Importantly, the bit error rate threshold for the key generation for the six-state protocol (12.611%) remains almost the same as the one (12.619%) that is derived from the existing security proofs assuming the use of PNR detectors. This clearly demonstrates feasibility of the six-state protocol with practical devices. PMID:27443610

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

PubMed

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security verification of our scheme using the widely accepted AVISPA tool. High security and extra functionality features allow our proposed scheme to be applicable for telecare medicine information systems which is used for e-health care medical applications. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Advances and current state of the security and privacy in electronic health records: survey from a social perspective.

PubMed

Tejero, Antonio; de la Torre, Isabel

2012-10-01

E-Health systems are experiencing an impulse in these last years, when many medical agencies began to include digital solutions into their platforms. Electronic Health Records (EHRs) are one of the most important improvements, being in its most part a patient-oriented tool. To achieve a completely operational EHR platform, security and privacy problems have to be resolved, due to the importance of the data included within these records. But given all the different methods to address security and privacy, they still remain in most cases as an open issue. This paper studies existing and proposed solutions included in different scenarios, in order to offer an overview of the current state in EHR systems. Bibliographic material has been obtained mainly from MEDLINE and SCOPUS sources, and over 30 publications have been analyzed. Many EHR platforms are being developed, but most of them present weaknesses when they are opened to the public. These architectures gain significance when they cover all the requisites related to security and privacy.

Variability of African Farming Systems from Phenological Analysis of NDVI Time Series

NASA Technical Reports Server (NTRS)

Vrieling, Anton; deBeurs, K. M.; Brown, Molly E.

2011-01-01

Food security exists when people have access to sufficient, safe and nutritious food at all times to meet their dietary needs. The natural resource base is one of the many factors affecting food security. Its variability and decline creates problems for local food production. In this study we characterize for sub-Saharan Africa vegetation phenology and assess variability and trends of phenological indicators based on NDVI time series from 1982 to 2006. We focus on cumulated NDVI over the season (cumNDVI) which is a proxy for net primary productivity. Results are aggregated at the level of major farming systems, while determining also spatial variability within farming systems. High temporal variability of cumNDVI occurs in semiarid and subhumid regions. The results show a large area of positive cumNDVI trends between Senegal and South Sudan. These correspond to positive CRU rainfall trends found and relate to recovery after the 1980's droughts. We find significant negative cumNDVI trends near the south-coast of West Africa (Guinea coast) and in Tanzania. For each farming system, causes of change and variability are discussed based on available literature (Appendix A). Although food security comprises more than the local natural resource base, our results can perform an input for food security analysis by identifying zones of high variability or downward trends. Farming systems are found to be a useful level of analysis. Diversity and trends found within farming system boundaries underline that farming systems are dynamic.

GLOBAL ASSESSMENT OF WASTEWATER IRRIGATION: UNDERSTANDING HEALTH RISKS AND CONTRIBUTIONS TO FOOD SECURITY USING AN ENVIRONMENTAL SYSTEMS APPROACH

EPA Science Inventory

This research will quantify the extent of de facto reuse of untreated wastewater at the global scale. Through the integration of multiple existing spatial data sources, this project will produce rigorous analyses assessing the relationship between wastewater irrigation, hea...

The Problem of World Hunger.

ERIC Educational Resources Information Center

Czarra, Fred R.; Long, Cathryn J., Eds.

1983-01-01

The major hunger problem today is chronic undernutrition, the primary cause of which is poverty. Hunger can be alleviated through food supplements, nutrition programs, and disaster relief. It can be eliminated by redistributing existing wealth and producing enough food and through equitable economic growth and a world food security system. (CS)

78 FR 11701 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-19

... agencies will also have to provide training to staff members using the Electronic Form 19b-4 Filing System... will spend approximately 20 hours training all staff members who will use EFFS to submit Security-Based... training new compliance staff members and updating the training of existing compliance staff members to use...

Fostering next gen skills and communities of interest: Role of professional societies

USDA-ARS?s Scientific Manuscript database

Advancing toward the U.N. Millennium Development Goal to eradicate extreme poverty and hunger for a growing population will require the world’s agriculture to increase global food, feed, fiber, and fuel production on existing farmland with agricultural systems that enable food security; use resource...

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Clements, Samuel L.; Patrick, Scott W.

Securing high value and critical assets is one of the biggest challenges facing this nation and others around the world. In modern integrated systems, there are four potential modes of attack available to an adversary: • physical only attack, • cyber only attack, • physical-enabled cyber attack, • cyber-enabled physical attack. Blended attacks involve an adversary working in one domain to reduce system effectiveness in another domain. This enables the attacker to penetrate further into the overall layered defenses. Existing vulnerability assessment (VA) processes and software tools which predict facility vulnerabilities typically evaluate the physical and cyber domains separately. Vulnerabilitiesmore » which result from the integration of cyber-physical control systems are not well characterized and are often overlooked by existing assessment approaches. In this paper, we modified modification of the timely detection methodology, used for decades in physical security VAs, to include cyber components. The Physical and Cyber Risk Analysis Tool (PACRAT) prototype illustrates an integrated vulnerability assessment that includes cyber-physical interdependencies. Information about facility layout, network topology, and emplaced safeguards is used to evaluate how well suited a facility is to detect, delay, and respond to attacks, to identify the pathways most vulnerable to attack, and to evaluate how often safeguards are compromised for a given threat or adversary type. We have tested the PACRAT prototype on critical infrastructure facilities and the results are promising. Future work includes extending the model to prescribe the recommended security improvements via an automated cost-benefit analysis.« less

Federating Cyber and Physical Models for Event-Driven Situational Awareness

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stephan, Eric G.; Pawlowski, Ronald A.; Sridhar, Siddharth

The purpose of this paper is to describe a novel method to improve electric power system monitoring and control software application interoperability. This method employs the concept of federation, which is defined as the use of existing models that represent aspects of a system in specific domains (such as physical and cyber security domains) and building interface to link all of domain models.

U.S. Support of Plan Colombia: Rethinking the Ends and Means

DTIC Science & Technology

2001-05-01

to thrive as long as there are dark corners of the international systems where traditional sovereign controls are weak or non -existent. The illicit...security debate involving U.S. policy in Colombia and the implementation of Plan Colombia. DOUGLAS C. LOVELACE, JR. Director Strategic Studies...crime more efficiently through effective international cooperation, which includes the press, judicial systems, and government officials on a broad

Cost Considerations in Cloud Computing

DTIC Science & Technology

2014-01-01

investments. 2. Database Options The potential promise that “ big data ” analytics holds for many enterprise mission areas makes relevant the question of the...development of a range of new distributed file systems and data - bases that have better scalability properties than traditional SQL databases. Hadoop ... data . Many systems exist that extend or supplement Hadoop —such as Apache Accumulo, which provides a highly granular mechanism for managing security

Anatomy of a Security Operations Center

NASA Technical Reports Server (NTRS)

Wang, John

2010-01-01

Many agencies and corporations are either contemplating or in the process of building a cyber Security Operations Center (SOC). Those Agencies that have established SOCs are most likely working on major revisions or enhancements to existing capabilities. As principle developers of the NASA SOC; this Presenters' goals are to provide the GFIRST community with examples of some of the key building blocks of an Agency scale cyber Security Operations Center. This presentation viII include the inputs and outputs, the facilities or shell, as well as the internal components and the processes necessary to maintain the SOC's subsistence - in other words, the anatomy of a SOC. Details to be presented include the SOC architecture and its key components: Tier 1 Call Center, data entry, and incident triage; Tier 2 monitoring, incident handling and tracking; Tier 3 computer forensics, malware analysis, and reverse engineering; Incident Management System; Threat Management System; SOC Portal; Log Aggregation and Security Incident Management (SIM) systems; flow monitoring; IDS; etc. Specific processes and methodologies discussed include Incident States and associated Work Elements; the Incident Management Workflow Process; Cyber Threat Risk Assessment methodology; and Incident Taxonomy. The Evolution of the Cyber Security Operations Center viII be discussed; starting from reactive, to proactive, and finally to proactive. Finally, the resources necessary to establish an Agency scale SOC as well as the lessons learned in the process of standing up a SOC viII be presented.

Design of a steganographic virtual operating system

NASA Astrophysics Data System (ADS)

Ashendorf, Elan; Craver, Scott

2015-03-01

A steganographic file system is a secure file system whose very existence on a disk is concealed. Customarily, these systems hide an encrypted volume within unused disk blocks, slack space, or atop conventional encrypted volumes. These file systems are far from undetectable, however: aside from their ciphertext footprint, they require a software or driver installation whose presence can attract attention and then targeted surveillance. We describe a new steganographic operating environment that requires no visible software installation, launching instead from a concealed bootstrap program that can be extracted and invoked with a chain of common Unix commands. Our system conceals its payload within innocuous files that typically contain high-entropy data, producing a footprint that is far less conspicuous than existing methods. The system uses a local web server to provide a file system, user interface and applications through a web architecture.

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Martin, Mitchell Tyler; Hamlet, Jason

2015-04-01

Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and developmentmore » to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.« less

Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Paulsen, Phillip E.

2004-01-01

The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and mitigation of potential equipment malfunctions. As an additional benefit, team advancements were incorporated into open standards, ensuring technology transfer. Low-cost, commercial products incorporating the new technology are already available. Furthermore, these products are fully interoperable with legacy network technology equipment currently being used throughout the world.

Experimental Measurement-Device-Independent Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Liu, Yang; Chen, Teng-Yun; Wang, Liu-Jun; Liang, Hao; Shentu, Guo-Liang; Wang, Jian; Cui, Ke; Yin, Hua-Lei; Liu, Nai-Le; Li, Li; Ma, Xiongfeng; Pelc, Jason S.; Fejer, M. M.; Peng, Cheng-Zhi; Zhang, Qiang; Pan, Jian-Wei

2013-09-01

Quantum key distribution is proven to offer unconditional security in communication between two remote users with ideal source and detection. Unfortunately, ideal devices never exist in practice and device imperfections have become the targets of various attacks. By developing up-conversion single-photon detectors with high efficiency and low noise, we faithfully demonstrate the measurement-device-independent quantum-key-distribution protocol, which is immune to all hacking strategies on detection. Meanwhile, we employ the decoy-state method to defend attacks on a nonideal source. By assuming a trusted source scenario, our practical system, which generates more than a 25 kbit secure key over a 50 km fiber link, serves as a stepping stone in the quest for unconditionally secure communications with realistic devices.

Experimental measurement-device-independent quantum key distribution.

PubMed

Liu, Yang; Chen, Teng-Yun; Wang, Liu-Jun; Liang, Hao; Shentu, Guo-Liang; Wang, Jian; Cui, Ke; Yin, Hua-Lei; Liu, Nai-Le; Li, Li; Ma, Xiongfeng; Pelc, Jason S; Fejer, M M; Peng, Cheng-Zhi; Zhang, Qiang; Pan, Jian-Wei

2013-09-27

Quantum key distribution is proven to offer unconditional security in communication between two remote users with ideal source and detection. Unfortunately, ideal devices never exist in practice and device imperfections have become the targets of various attacks. By developing up-conversion single-photon detectors with high efficiency and low noise, we faithfully demonstrate the measurement-device-independent quantum-key-distribution protocol, which is immune to all hacking strategies on detection. Meanwhile, we employ the decoy-state method to defend attacks on a nonideal source. By assuming a trusted source scenario, our practical system, which generates more than a 25 kbit secure key over a 50 km fiber link, serves as a stepping stone in the quest for unconditionally secure communications with realistic devices.

Exploring the factors influencing the cloud computing adoption: a systematic study on cloud migration.

PubMed

Rai, Rashmi; Sahoo, Gadadhar; Mehfuz, Shabana

2015-01-01

Today, most of the organizations trust on their age old legacy applications, to support their business-critical systems. However, there are several critical concerns, as maintainability and scalability issues, associated with the legacy system. In this background, cloud services offer a more agile and cost effective platform, to support business applications and IT infrastructure. As the adoption of cloud services has been increasing recently and so has been the academic research in cloud migration. However, there is a genuine need of secondary study to further strengthen this research. The primary objective of this paper is to scientifically and systematically identify, categorize and compare the existing research work in the area of legacy to cloud migration. The paper has also endeavored to consolidate the research on Security issues, which is prime factor hindering the adoption of cloud through classifying the studies on secure cloud migration. SLR (Systematic Literature Review) of thirty selected papers, published from 2009 to 2014 was conducted to properly understand the nuances of the security framework. To categorize the selected studies, authors have proposed a conceptual model for cloud migration which has resulted in a resource base of existing solutions for cloud migration. This study concludes that cloud migration research is in seminal stage but simultaneously it is also evolving and maturing, with increasing participation from academics and industry alike. The paper also identifies the need for a secure migration model, which can fortify organization's trust into cloud migration and facilitate necessary tool support to automate the migration process.

Improving the in-flight security by employing seat occupancy sensors based on Fiber Bragg grating technology

NASA Astrophysics Data System (ADS)

Zhang, Hongtao; Wang, Pengfei

2012-06-01

The current schemes of detecting the status of passengers in airplanes cannot satisfy the more strict regulations recently released by the United States Transportation Security Administration. In basis of investigation on the current seat occupancy sensors for vehicles, in this paper we present a novel scheme of seat occupancy sensors based on Fiber Bragg Grating technology to improve the in-flight security of airplanes. This seat occupancy sensor system can be used to detect the status of passengers and to trigger the airbags to control the inflation of air bags, which have been installed in the airplanes of some major airlines under the new law. This scheme utilizes our previous research results of Weight-In- Motion sensor system based on optical fiber Bragg grating. In contrast to the current seat occupancy sensors for vehicles, this new seat occupancy sensor has so many merits that it is very suitable to be applied in aerospace industry or high speed railway system. Moreover, combined with existing Fiber Bragg Grating strain or temperature sensor systems built in airplanes, this proposed method can construct a complete airline passenger management system.

Privacy enhanced group communication in clinical environment

NASA Astrophysics Data System (ADS)

Li, Mingyan; Narayanan, Sreeram; Poovendran, Radha

2005-04-01

Privacy protection of medical records has always been an important issue and is mandated by the recent Health Insurance Portability and Accountability Act (HIPAA) standards. In this paper, we propose security architectures for a tele-referring system that allows electronic group communication among professionals for better quality treatments, while protecting patient privacy against unauthorized access. Although DICOM defines the much-needed guidelines for confidentiality of medical data during transmission, there is no provision in the existing medical security systems to guarantee patient privacy once the data has been received. In our design, we address this issue by enabling tracing back to the recipient whose received data is disclosed to outsiders, using watermarking technique. We present security architecture design of a tele-referring system using a distributed approach and a centralized web-based approach. The resulting tele-referring system (i) provides confidentiality during the transmission and ensures integrity and authenticity of the received data, (ii) allows tracing of the recipient who has either distributed the data to outsiders or whose system has been compromised, (iii) provides proof of receipt or origin, and (iv) can be easy to use and low-cost to employ in clinical environment.

Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

PubMed

Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

2014-05-01

Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

A life-cycle approach to food and nutrition security in India.

PubMed

Rai, Rajesh Kumar; Kumar, Sandhya; Sekher, Madhushree; Pritchard, Bill; Rammohan, Anu

2015-04-01

India's poor performance on critical food and nutrition security indicators despite substantial economic prosperity has been widely documented. These failings not only hamper national progress, but also contribute significantly to the global undernourished population, particularly children. While the recently passed National Food Security Act 2013 adopts a life-cycle approach to expand coverage of subsidized food grains to the most vulnerable households and address food security, there remains much to be desired in the legislation. Access to adequate food for 1.24 billion people is a multifaceted problem requiring an interconnected set of policy measures to tackle the various factors affecting food and nutrition security in India. In the present opinion paper, we discuss a fivefold strategy that incorporates a life-cycle approach, spanning reproductive health, bolstering citizen participation in existing national programmes, empowering women, advancing agriculture and better monitoring the Public Distribution System in order to fill the gaps in both access and adequacy of food and nutrition.

STS-1 environmental control and life support system. Consumables and thermal analysis

NASA Technical Reports Server (NTRS)

Steines, G.

1980-01-01

The Environmental Control and Life Support Systems (ECLSS)/thermal systems analysis for the Space Transportation System 1 Flight (STS-1) was performed using the shuttle environmental consumables usage requirements evaluation (SECURE) computer program. This program employs a nodal technique utilizing the Fortran Environmental Analysis Routines (FEAR). The output parameters evaluated were consumable quantities, fluid temperatures, heat transfer and rejection, and cabin atmospheric pressure. Analysis of these indicated that adequate margins exist for the nonpropulsive consumables and related thermal environment.

The development of control and monitoring system on marine current renewable energy Case study: strait of Toyapakeh - Nusa Penida, Bali

NASA Astrophysics Data System (ADS)

Arief, I. S.; Suherman, I. H.; Wardani, A. Y.; Baidowi, A.

2017-05-01

Control and monitoring system is a continuous process of securing the asset in the Marine Current Renewable Energy. A control and monitoring system is existed each critical components which is embedded in Failure Mode Effect Analysis (FMEA) method. As the result, the process in this paper developed through a matrix sensor. The matrix correlated to critical components and monitoring system which supported by sensors to conduct decision-making.

Control and Communication for a Secure and Reconfigurable Power Distribution System

NASA Astrophysics Data System (ADS)

Giacomoni, Anthony Michael

A major transformation is taking place throughout the electric power industry to overlay existing electric infrastructure with advanced sensing, communications, and control system technologies. This transformation to a smart grid promises to enhance system efficiency, increase system reliability, support the electrification of transportation, and provide customers with greater control over their electricity consumption. Upgrading control and communication systems for the end-to-end electric power grid, however, will present many new security challenges that must be dealt with before extensive deployment and implementation of these technologies can begin. In this dissertation, a comprehensive systems approach is taken to minimize and prevent cyber-physical disturbances to electric power distribution systems using sensing, communications, and control system technologies. To accomplish this task, an intelligent distributed secure control (IDSC) architecture is presented and validated in silico for distribution systems to provide greater adaptive protection, with the ability to proactively reconfigure, and rapidly respond to disturbances. Detailed descriptions of functionalities at each layer of the architecture as well as the whole system are provided. To compare the performance of the IDSC architecture with that of other control architectures, an original simulation methodology is developed. The simulation model integrates aspects of cyber-physical security, dynamic price and demand response, sensing, communications, intermittent distributed energy resources (DERs), and dynamic optimization and reconfiguration. Applying this comprehensive systems approach, performance results for the IEEE 123 node test feeder are simulated and analyzed. The results show the trade-offs between system reliability, operational constraints, and costs for several control architectures and optimization algorithms. Additional simulation results are also provided. In particular, the advantages of an IDSC architecture are highlighted when an intermittent DER is present on the system.

Clone tag detection in distributed RFID systems

PubMed Central

Kamaludin, Hazalila; Mahdin, Hairulnizam

2018-01-01

Although Radio Frequency Identification (RFID) is poised to displace barcodes, security vulnerabilities pose serious challenges for global adoption of the RFID technology. Specifically, RFID tags are prone to basic cloning and counterfeiting security attacks. A successful cloning of the RFID tags in many commercial applications can lead to many serious problems such as financial losses, brand damage, safety and health of the public. With many industries such as pharmaceutical and businesses deploying RFID technology with a variety of products, it is important to tackle RFID tag cloning problem and improve the resistance of the RFID systems. To this end, we propose an approach for detecting cloned RFID tags in RFID systems with high detection accuracy and minimal overhead thus overcoming practical challenges in existing approaches. The proposed approach is based on consistency of dual hash collisions and modified count-min sketch vector. We evaluated the proposed approach through extensive experiments and compared it with existing baseline approaches in terms of execution time and detection accuracy under varying RFID tag cloning ratio. The results of the experiments show that the proposed approach outperforms the baseline approaches in cloned RFID tag detection accuracy. PMID:29565982

Towards a Standard for Highly Secure SCADA Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlson, R.

1998-09-25

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied tomore » automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.« less

Usability of Security Management:Defining the Permissions of Guests

NASA Astrophysics Data System (ADS)

Johnson, Matthew; Stajano, Frank

Within the scenario of a Smart Home, we discuss the issues involved in allowing limited interaction with the environment for unidentified principals, or guests. The challenges include identifying and authenticating guests on one hand and delegating authorization to them on the other. While the technical mechanisms for doing so in generic distributed systems have been around for decades, existing solutions are in general not applicable to the smart home because they are too complex to manage. We focus on providing both security and usability; we therefore seek simple and easy to understand approaches that can be used by a normal computer-illiterate home owner, not just by a trained system administrator. This position paper describes ongoing research and does not claim to have all the answers.

WebCIS: large scale deployment of a Web-based clinical information system.

PubMed

Hripcsak, G; Cimino, J J; Sengupta, S

1999-01-01

WebCIS is a Web-based clinical information system. It sits atop the existing Columbia University clinical information system architecture, which includes a clinical repository, the Medical Entities Dictionary, an HL7 interface engine, and an Arden Syntax based clinical event monitor. WebCIS security features include authentication with secure tokens, authorization maintained in an LDAP server, SSL encryption, permanent audit logs, and application time outs. WebCIS is currently used by 810 physicians at the Columbia-Presbyterian center of New York Presbyterian Healthcare to review and enter data into the electronic medical record. Current deployment challenges include maintaining adequate database performance despite complex queries, replacing large numbers of computers that cannot run modern Web browsers, and training users that have never logged onto the Web. Although the raised expectations and higher goals have increased deployment costs, the end result is a far more functional, far more available system.

Research and design of smart grid monitoring control via terminal based on iOS system

NASA Astrophysics Data System (ADS)

Fu, Wei; Gong, Li; Chen, Heli; Pan, Guangji

2017-06-01

Aiming at a series of problems existing in current smart grid monitoring Control Terminal, such as high costs, poor portability, simple monitoring system, poor software extensions, low system reliability when transmitting information, single man-machine interface, poor security, etc., smart grid remote monitoring system based on the iOS system has been designed. The system interacts with smart grid server so that it can acquire grid data through WiFi/3G/4G networks, and monitor each grid line running status, as well as power plant equipment operating conditions. When it occurs an exception in the power plant, incident information can be sent to the user iOS terminal equipment timely, which will provide troubleshooting information to help the grid staff to make the right decisions in a timely manner, to avoid further accidents. Field tests have shown the system realizes the integrated grid monitoring functions, low maintenance cost, friendly interface, high security and reliability, and it possesses certain applicable value.

A Secure Alignment Algorithm for Mapping Short Reads to Human Genome.

PubMed

Zhao, Yongan; Wang, Xiaofeng; Tang, Haixu

2018-05-09

The elastic and inexpensive computing resources such as clouds have been recognized as a useful solution to analyzing massive human genomic data (e.g., acquired by using next-generation sequencers) in biomedical researches. However, outsourcing human genome computation to public or commercial clouds was hindered due to privacy concerns: even a small number of human genome sequences contain sufficient information for identifying the donor of the genomic data. This issue cannot be directly addressed by existing security and cryptographic techniques (such as homomorphic encryption), because they are too heavyweight to carry out practical genome computation tasks on massive data. In this article, we present a secure algorithm to accomplish the read mapping, one of the most basic tasks in human genomic data analysis based on a hybrid cloud computing model. Comparing with the existing approaches, our algorithm delegates most computation to the public cloud, while only performing encryption and decryption on the private cloud, and thus makes the maximum use of the computing resource of the public cloud. Furthermore, our algorithm reports similar results as the nonsecure read mapping algorithms, including the alignment between reads and the reference genome, which can be directly used in the downstream analysis such as the inference of genomic variations. We implemented the algorithm in C++ and Python on a hybrid cloud system, in which the public cloud uses an Apache Spark system.

Participatory Design Methods for C2 Systems (Proceedings/Presentation)

DTIC Science & Technology

2006-01-01

Cognitive Task Analysis (CTA) 16. SECURITY CLASSIFICATION OF: 17. LIMITATION 18. NUMBER 19a. NAME OF RESPONSIBLE PERSON OF ABSTRACT OF PAGES Janet E. Miller...systems to support cognitive work such as is accomplished in a network-centric -environment. Cognitive task analysis (CTA) methods are used to...of cognitive task analysis methodologies exist (Schraagen et al., 2000). However, many of these methods are skeptically viewed by a domain’s

77 FR 34416 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-11

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of... U.S.C. 78a et seq.). The Commission plans to submit the existing collection of information to the...

Multiobjective optimization of urban water resources: Moving toward more practical solutions

NASA Astrophysics Data System (ADS)

Mortazavi, Mohammad; Kuczera, George; Cui, Lijie

2012-03-01

The issue of drought security is of paramount importance for cities located in regions subject to severe prolonged droughts. The prospect of "running out of water" for an extended period would threaten the very existence of the city. Managing drought security for an urban water supply is a complex task involving trade-offs between conflicting objectives. In this paper a multiobjective optimization approach for urban water resource planning and operation is developed to overcome practically significant shortcomings identified in previous work. A case study based on the headworks system for Sydney (Australia) demonstrates the approach and highlights the potentially serious shortcomings of Pareto optimal solutions conditioned on short climate records, incomplete decision spaces, and constraints to which system response is sensitive. Where high levels of drought security are required, optimal solutions conditioned on short climate records are flawed. Our approach addresses drought security explicitly by identifying approximate optimal solutions in which the system does not "run dry" in severe droughts with expected return periods up to a nominated (typically large) value. In addition, it is shown that failure to optimize the full mix of interacting operational and infrastructure decisions and to explore the trade-offs associated with sensitive constraints can lead to significantly more costly solutions.

A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems.

PubMed

Mishra, Dheerendra; Srinivas, Jangirala; Mukhopadhyay, Sourav

2014-10-01

Advancement in network technology provides new ways to utilize telecare medicine information systems (TMIS) for patient care. Although TMIS usually faces various attacks as the services are provided over the public network. Recently, Jiang et al. proposed a chaotic map-based remote user authentication scheme for TMIS. Their scheme has the merits of low cost and session key agreement using Chaos theory. It enhances the security of the system by resisting various attacks. In this paper, we analyze the security of Jiang et al.'s scheme and demonstrate that their scheme is vulnerable to denial of service attack. Moreover, we demonstrate flaws in password change phase of their scheme. Further, our aim is to propose a new chaos map-based anonymous user authentication scheme for TMIS to overcome the weaknesses of Jiang et al.'s scheme, while also retaining the original merits of their scheme. We also show that our scheme is secure against various known attacks including the attacks found in Jiang et al.'s scheme. The proposed scheme is comparable in terms of the communication and computational overheads with Jiang et al.'s scheme and other related existing schemes. Moreover, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

Research on key technologies of data processing in internet of things

NASA Astrophysics Data System (ADS)

Zhu, Yangqing; Liang, Peiying

2017-08-01

The data of Internet of things (IOT) has the characteristics of polymorphism, heterogeneous, large amount and processing real-time. The traditional structured and static batch processing method has not met the requirements of data processing of IOT. This paper studied a middleware that can integrate heterogeneous data of IOT, and integrated different data formats into a unified format. Designed a data processing model of IOT based on the Storm flow calculation architecture, integrated the existing Internet security technology to build the Internet security system of IOT data processing, which provided reference for the efficient transmission and processing of IOT data.

Post-quantum cryptography.

PubMed

Bernstein, Daniel J; Lange, Tanja

2017-09-13

Cryptography is essential for the security of online communication, cars and implanted medical devices. However, many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer; post-quantum cryptosystems strive to remain secure even in this scenario. This relatively young research area has seen some successes in identifying mathematical operations for which quantum algorithms offer little advantage in speed, and then building cryptographic systems around those. The central challenge in post-quantum cryptography is to meet demands for cryptographic usability and flexibility without sacrificing confidence.

Post-quantum cryptography

NASA Astrophysics Data System (ADS)

Bernstein, Daniel J.; Lange, Tanja

2017-09-01

Cryptography is essential for the security of online communication, cars and implanted medical devices. However, many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer; post-quantum cryptosystems strive to remain secure even in this scenario. This relatively young research area has seen some successes in identifying mathematical operations for which quantum algorithms offer little advantage in speed, and then building cryptographic systems around those. The central challenge in post-quantum cryptography is to meet demands for cryptographic usability and flexibility without sacrificing confidence.

Data Retention and Anonymity Services

NASA Astrophysics Data System (ADS)

Berthold, Stefan; Böhme, Rainer; Köpsell, Stefan

The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We argue that data retention requires a review of existing security evaluations against a new class of realistic adversary models. In particular, we present theoretical results and first empirical evidence for intersection attacks by law enforcement authorities. The reference architecture for our study is the anonymity service AN.ON, from which we also collect empirical data. Our adversary model reflects an interpretation of the current implementation of the EC Directive on Data Retention in Germany.

Working Women, Marriage, and Retirement.

ERIC Educational Resources Information Center

Lapkoff, Shelley; Fierst, Edith

Women are at a disadvantage under both Social Security and private employee pension plans because the retirement systems were set up at a time when most women were non-working spouses of employed men, a condition that no longer exists. Today women workers, divorcees, and widows of retirees often find themselves with inadequate retirement benefits…

Beneficial outcomes of the air curtain project in Ghana, August 14-27, 2011

USDA-ARS?s Scientific Manuscript database

A number of questions existed about the feasibility of using the air curtain system in West Africa and after the project was completed many of the questions had been answered. Air curtains can be securely mounted on the truck mounted stairs used for passenger planning and deplaning. The Accra Airpor...

7 CFR 1735.46 - Loan security documents.

Code of Federal Regulations, 2010 CFR

2010-01-01

... obtains a first lien on all assets of the borrower. This lien shall be in the form of a mortgage by the...-existing encumbrances, or otherwise, to furnish a first mortgage lien on its entire system the..., and 326-1 for details. See 7 CFR part 1744, subpart B for information on lien accommodations and...

78 FR 24443 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-25

... agencies will also have to provide training to staff members using the Electronic Form 19b-4 Filing System... will spend approximately 20 hours training all staff members who will use EFFS to submit Security-Based... training new compliance staff members and updating the training of existing compliance staff members to use...

76 FR 22148 - Petitions for Modification of Application of Existing Mandatory Safety Standards

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-20

..., grounded phase, under-voltage, and ground monitoring protection; (b) the trailing cable short-circuit... activated; (c) the solenoid valves will be connected to the CO monitoring system through PLC programming... surface location, either the CO monitoring room or the security station. Either, two miners on each shift...

Developing a Value of Information (VoI) Enabled System from Collection to Analysis

DTIC Science & Technology

2016-11-01

Information, Android, smartphone , information dissemination, visual analytic 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF...List of Figures Fig. 1 Spot report main screen .........................................................................2 Fig. 2 Smartphone app...included the creation of 2 Android smartphone applications (apps) and the enhancement of an existing tool (Contour). Prior work with Android

A Multilevel Secure Constrained Intrusion Detection System Prototype

DTIC Science & Technology

2010-12-01

information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and...Reduction Project (0704-0188) Washington DC 20503. 1 . AGENCY USE ONLY (Leave blank) 2. REPORT DATE December 2010 3. REPORT TYPE AND DATES COVERED... 1 A. MOTIVATION....................................................................................... 1 B. PURPOSE OF STUDY

Foreign Medical Graduates in the 1980s: Trends in Specialization.

ERIC Educational Resources Information Center

Mick, Stephen S.; Worobey, Jacqueline Lowe

1984-01-01

Despite predictions of a physician surplus by 1990, graduates of foreign medical schools (both aliens and U.S. citizens) continue to flow into the United States. Secondary analysis of 1980 data suggests that graduates of foreign schools may secure their presence within the American medical system by selecting specialties where shortages exist. (KH)

46 CFR 105.90-1 - Existing commercial fishing vessels dispensing petroleum products.

Code of Federal Regulations, 2013 CFR

2013-10-01

... systems), 105.25 (Cargo tanks below decks), 105.30 (Electrical). However, these tanks or containers and... of the Officer in Charge, Marine Inspection. Major repairs or replacement of such tanks or containers... products. 105.90-1 Section 105.90-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CARGO...

46 CFR 105.90-1 - Existing commercial fishing vessels dispensing petroleum products.

Code of Federal Regulations, 2010 CFR

2010-10-01

... systems), 105.25 (Cargo tanks below decks), 105.30 (Electrical). However, these tanks or containers and... of the Officer in Charge, Marine Inspection. Major repairs or replacement of such tanks or containers... products. 105.90-1 Section 105.90-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CARGO...

46 CFR 105.90-1 - Existing commercial fishing vessels dispensing petroleum products.

Code of Federal Regulations, 2011 CFR

2011-10-01

... systems), 105.25 (Cargo tanks below decks), 105.30 (Electrical). However, these tanks or containers and... of the Officer in Charge, Marine Inspection. Major repairs or replacement of such tanks or containers... products. 105.90-1 Section 105.90-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CARGO...

46 CFR 105.90-1 - Existing commercial fishing vessels dispensing petroleum products.

Code of Federal Regulations, 2012 CFR

2012-10-01

... systems), 105.25 (Cargo tanks below decks), 105.30 (Electrical). However, these tanks or containers and... of the Officer in Charge, Marine Inspection. Major repairs or replacement of such tanks or containers... products. 105.90-1 Section 105.90-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CARGO...

46 CFR 105.90-1 - Existing commercial fishing vessels dispensing petroleum products.

Code of Federal Regulations, 2014 CFR

2014-10-01

... systems), 105.25 (Cargo tanks below decks), 105.30 (Electrical). However, these tanks or containers and... of the Officer in Charge, Marine Inspection. Major repairs or replacement of such tanks or containers... products. 105.90-1 Section 105.90-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CARGO...

Reliable Record Matching for a College Admissions System.

ERIC Educational Resources Information Center

Fitt, Paul D.

Prospective student data, supplied by various national college testing and student search services, can be matched with existing student records in a college admissions database. Instead of relying on one unique record identifier, such as the student's social security number, a technique has been developed that is based on a number of common data…

Attack and improvements of fair quantum blind signature schemes

NASA Astrophysics Data System (ADS)

Zou, Xiangfu; Qiu, Daowen

2013-06-01

Blind signature schemes allow users to obtain the signature of a message while the signer learns neither the message nor the resulting signature. Therefore, blind signatures have been used to realize cryptographic protocols providing the anonymity of some participants, such as: secure electronic payment systems and electronic voting systems. A fair blind signature is a form of blind signature which the anonymity could be removed with the help of a trusted entity, when this is required for legal reasons. Recently, a fair quantum blind signature scheme was proposed and thought to be safe. In this paper, we first point out that there exists a new attack on fair quantum blind signature schemes. The attack shows that, if any sender has intercepted any valid signature, he (she) can counterfeit a valid signature for any message and can not be traced by the counterfeited blind signature. Then, we construct a fair quantum blind signature scheme by improved the existed one. The proposed fair quantum blind signature scheme can resist the preceding attack. Furthermore, we demonstrate the security of the proposed fair quantum blind signature scheme and compare it with the other one.

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott F

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is amore » fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the UNFSF. The framework for integration of safeguards and security into the UNFSF will include 1) identification of applicable regulatory requirements, 2) selection of a common system that share dual safeguard and security functions, 3) development of functional design criteria and design requirements for the selected system, 4) identification and integration of the dual safeguards and security design requirements, and 5) assessment of the integration and potential benefit.« less

Leveraging Social Links for Trust and Privacy in Networks

NASA Astrophysics Data System (ADS)

Cutillo, Leucio Antonio; Molva, Refik; Strufe, Thorsten

Existing on-line social networks (OSN) such as Facebook suffer from several weaknesses regarding privacy and security due to their inherent handling of personal data. As pointed out in [4], a preliminary analysis of existing OSNs shows that they are subject to a number of vulnerabilities, ranging from cloning legitimate users to sybil attacks through privacy violations. Starting from these OSN vulnerabilities as the first step of a broader research activity, we came up with a new approach that is very promising in re-visiting security and privacy problems in distributed systems and networks. We suggest a solution that both aims at avoiding any centralized control and leverages on the real life trust between users, that is part of the social network application itself. An anonymization technique based on multi-hop routing among trusted nodes guarantees privacy in data access and, generally speaking, in all the OSN operations.

77 FR 39529 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-03

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of... Exchange Act of 1934 (15 U.S.C. 78a et seq.). The Commission plans to submit this existing collection of...

Secure Obfuscation for Encrypted Group Signatures

PubMed Central

Fan, Hongfei; Liu, Qin

2015-01-01

In recent years, group signature techniques are widely used in constructing privacy-preserving security schemes for various information systems. However, conventional techniques keep the schemes secure only in normal black-box attack contexts. In other words, these schemes suppose that (the implementation of) the group signature generation algorithm is running in a platform that is perfectly protected from various intrusions and attacks. As a complementary to existing studies, how to generate group signatures securely in a more austere security context, such as a white-box attack context, is studied in this paper. We use obfuscation as an approach to acquire a higher level of security. Concretely, we introduce a special group signature functionality-an encrypted group signature, and then provide an obfuscator for the proposed functionality. A series of new security notions for both the functionality and its obfuscator has been introduced. The most important one is the average-case secure virtual black-box property w.r.t. dependent oracles and restricted dependent oracles which captures the requirement of protecting the output of the proposed obfuscator against collision attacks from group members. The security notions fit for many other specialized obfuscators, such as obfuscators for identity-based signatures, threshold signatures and key-insulated signatures. Finally, the correctness and security of the proposed obfuscator have been proven. Thereby, the obfuscated encrypted group signature functionality can be applied to variants of privacy-preserving security schemes and enhance the security level of these schemes. PMID:26167686

Principles and techniques in the design of ADMS+. [advanced data-base management system

NASA Technical Reports Server (NTRS)

Roussopoulos, Nick; Kang, Hyunchul

1986-01-01

'ADMS+/-' is an advanced data base management system whose architecture integrates the ADSM+ mainframe data base system with a large number of work station data base systems, designated ADMS-; no communications exist between these work stations. The use of this system radically decreases the response time of locally processed queries, since the work station runs in a single-user mode, and no dynamic security checking is required for the downloaded portion of the data base. The deferred update strategy used reduces overhead due to update synchronization in message traffic.

A Third-Party E-payment Protocol Based on Quantum Multi-proxy Blind Signature

NASA Astrophysics Data System (ADS)

Niu, Xu-Feng; Zhang, Jian-Zhong; Xie, Shu-Cui; Chen, Bu-Qing

2018-05-01

A third-party E-payment protocol is presented in this paper. It is based on quantum multi-proxy blind signature. Adopting the techniques of quantum key distribution, one-time pad and quantum multi-proxy blind signature, our third-party E-payment system could protect user's anonymity as the traditional E-payment systems do, and also have unconditional security which the classical E-payment systems can not provide. Furthermore, compared with the existing quantum E-payment systems, the proposed system could support the E-payment which using the third-party platforms.

The research and implementation of a unified identity authentication in e-government network

NASA Astrophysics Data System (ADS)

Feng, Zhou

Current problem existing in e-government network is that the applications of information system are developed independently by various departments, and each has its own specific set of authentication and access control mechanism. To build a comprehensive information system in favor of sharing and exchanging information, a sound and secure unified e-government authentication system is firstly needed. The paper, combining with practical development of e-government network, carries out a thorough discussion on how to achieve data synchronization between unified authentication system and related application systems.

Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD

NASA Astrophysics Data System (ADS)

Länger, Thomas; Lenhart, Gaby

2009-05-01

In recent years, quantum key distribution (QKD) has been the object of intensive research activities and of rapid progress, and it is now developing into a competitive industry with commercial products. Once QKD systems are transferred from the controlled environment of physical laboratories into a real-world environment for practical use, a number of practical security, compatibility and connectivity issues need to be resolved. In particular, comprehensive security evaluation and watertight security proofs need to be addressed to increase trust in QKD. System interoperability with existing infrastructures and applications as well as conformance with specific user requirements have to be assured. Finding common solutions to these problems involving all actors can provide an advantage for the commercialization of QKD as well as for further technological development. The ETSI industry specification group for QKD (ISG-QKD) offers a forum for creating such universally accepted standards and will promote significant leverage effects on coordination, cooperation and convergence in research, technical development and business application of QKD.

Security middleware infrastructure for DICOM images in health information systems.

PubMed

Kallepalli, Vijay N V; Ehikioya, Sylvanus A; Camorlinga, Sergio; Rueda, Jose A

2003-12-01

In health care, it is mandatory to maintain the privacy and confidentiality of medical data. To achieve this, a fine-grained access control and an access log for accessing medical images are two important aspects that need to be considered in health care systems. Fine-grained access control provides access to medical data only to authorized persons based on priority, location, and content. A log captures each attempt to access medical data. This article describes an overall middleware infrastructure required for secure access to Digital Imaging and Communication in Medicine (DICOM) images, with an emphasis on access control and log maintenance. We introduce a hybrid access control model that combines the properties of two existing models. A trust relationship between hospitals is used to make the hybrid access control model scalable across hospitals. We also discuss events that have to be logged and where the log has to be maintained. A prototype of security middleware infrastructure is implemented.

A modular approach to disease registry design: successful adoption of an internet-based rare disease registry.

PubMed

Bellgard, Matthew I; Macgregor, Andrew; Janon, Fred; Harvey, Adam; O'Leary, Peter; Hunter, Adam; Dawkins, Hugh

2012-10-01

There is a need to develop Internet-based rare disease registries to support health care stakeholders to deliver improved quality patient outcomes. Such systems should be architected to enable multiple-level access by a range of user groups within a region or across regional/country borders in a secure and private way. However, this functionality is currently not available in many existing systems. A new approach to the design of an Internet-based architecture for disease registries has been developed for patients with clinical and genetic data in geographical disparate locations. The system addresses issues of multiple-level access by key stakeholders, security and privacy. The system has been successfully adopted for specific rare diseases in Australia and is open source. The results of this work demonstrate that it is feasible to design an open source Internet-based disease registry system in a scalable and customizable fashion and designed to facilitate interoperability with other systems. © 2012 Wiley Periodicals, Inc.

Fiber optic perimeter system for security in smart city

NASA Astrophysics Data System (ADS)

Cubik, Jakub; Kepak, Stanislav; Nedoma, Jan; Fajkus, Marcel; Zboril, Ondrej; Novak, Martin; Jargus, Jan; Vasinek, Vladimir

2017-10-01

Protection of persons and assets is the key challenge of Smart City safeguards technologies. Conventional security technologies are often outdated and easy to breach. Therefore, new technologies that could complement existing systems or replace them are developed. The use of optical fibers and their subsequent application in sensing is a trend of recent years. This article discusses the use of fiber-optic sensors in perimeter protection. The sensor consists of optical fibers and couplers only and being constructed without wires and metal parts bring many advantages. These include an absence of interference with electromagnetic waves, system presence can be difficult to detect as well as affect its operation. Testing installation of perimeter system was carried out under reinforced concrete structure. Subjects walked over the bridge at different speeds and over the different routes. The task for the system was an absolute detection of all subjects. The proposed system should find application mainly in areas with the presence of volatile substances, strong electromagnetic fields, or in explosive areas.

caTIES: a grid based system for coding and retrieval of surgical pathology reports and tissue specimens in support of translational research.

PubMed

Crowley, Rebecca S; Castine, Melissa; Mitchell, Kevin; Chavan, Girish; McSherry, Tara; Feldman, Michael

2010-01-01

The authors report on the development of the Cancer Tissue Information Extraction System (caTIES)--an application that supports collaborative tissue banking and text mining by leveraging existing natural language processing methods and algorithms, grid communication and security frameworks, and query visualization methods. The system fills an important need for text-derived clinical data in translational research such as tissue-banking and clinical trials. The design of caTIES addresses three critical issues for informatics support of translational research: (1) federation of research data sources derived from clinical systems; (2) expressive graphical interfaces for concept-based text mining; and (3) regulatory and security model for supporting multi-center collaborative research. Implementation of the system at several Cancer Centers across the country is creating a potential network of caTIES repositories that could provide millions of de-identified clinical reports to users. The system provides an end-to-end application of medical natural language processing to support multi-institutional translational research programs.

In the Face of Cybersecurity: How the Common Information Model Can Be Used

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skare, Paul; Falk, Herbert; Rice, Mark

2016-01-01

Efforts are underway to combine smart grid information, devices, networking, and emergency response information to create messages that are not dependent on specific standards development organizations (SDOs). This supports a future-proof approach of allowing changes in the canonical data models (CDMs) going forward without having to perform forklift replacements of solutions that use the messages. This also allows end users (electric utilities) to upgrade individual components of a larger system while keeping the message payload definitions intact. The goal is to enable public and private information sharing securely in a standards-based approach that can be integrated into existing operations. Wemore » provide an example architecture that could benefit from this multi-SDO, secure message approach. This article also describes how to improve message security« less

No information flow using statistical fluctuations and quantum cryptography

NASA Astrophysics Data System (ADS)

Larsson, Jan-Åke

2004-04-01

The communication protocol of Home and Whitaker [

A Hybrid Approach to Protect Palmprint Templates

PubMed Central

Sun, Dongmei; Xiong, Ke; Qiu, Zhengding

2014-01-01

Biometric template protection is indispensable to protect personal privacy in large-scale deployment of biometric systems. Accuracy, changeability, and security are three critical requirements for template protection algorithms. However, existing template protection algorithms cannot satisfy all these requirements well. In this paper, we propose a hybrid approach that combines random projection and fuzzy vault to improve the performances at these three points. Heterogeneous space is designed for combining random projection and fuzzy vault properly in the hybrid scheme. New chaff point generation method is also proposed to enhance the security of the heterogeneous vault. Theoretical analyses of proposed hybrid approach in terms of accuracy, changeability, and security are given in this paper. Palmprint database based experimental results well support the theoretical analyses and demonstrate the effectiveness of proposed hybrid approach. PMID:24982977

A hybrid approach to protect palmprint templates.

PubMed

Liu, Hailun; Sun, Dongmei; Xiong, Ke; Qiu, Zhengding

2014-01-01

Biometric template protection is indispensable to protect personal privacy in large-scale deployment of biometric systems. Accuracy, changeability, and security are three critical requirements for template protection algorithms. However, existing template protection algorithms cannot satisfy all these requirements well. In this paper, we propose a hybrid approach that combines random projection and fuzzy vault to improve the performances at these three points. Heterogeneous space is designed for combining random projection and fuzzy vault properly in the hybrid scheme. New chaff point generation method is also proposed to enhance the security of the heterogeneous vault. Theoretical analyses of proposed hybrid approach in terms of accuracy, changeability, and security are given in this paper. Palmprint database based experimental results well support the theoretical analyses and demonstrate the effectiveness of proposed hybrid approach.

Remote secure observing for the Faulkes Telescopes

NASA Astrophysics Data System (ADS)

Smith, Robert J.; Steele, Iain A.; Marchant, Jonathan M.; Fraser, Stephen N.; Mucke-Herzberg, Dorothea

2004-09-01

Since the Faulkes Telescopes are to be used by a wide variety of audiences, both powerful engineering level and simple graphical interfaces exist giving complete remote and robotic control of the telescope over the internet. Security is extremely important to protect the health of both humans and equipment. Data integrity must also be carefully guarded for images being delivered directly into the classroom. The adopted network architecture is described along with the variety of security and intrusion detection software. We use a combination of SSL, proxies, IPSec, and both Linux iptables and Cisco IOS firewalls to ensure only authenticated and safe commands are sent to the telescopes. With an eye to a possible future global network of robotic telescopes, the system implemented is capable of scaling linearly to any moderate (of order ten) number of telescopes.

Cryptography and the Internet: lessons and challenges

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCurley, K.S.

1996-12-31

The popularization of the Internet has brought fundamental changes to the world, because it allows a universal method of communication between computers. This carries enormous benefits with it, but also raises many security considerations. Cryptography is a fundamental technology used to provide security of computer networks, and there is currently a widespread engineering effort to incorporate cryptography into various aspects of the Internet. The system-level engineering required to provide security services for the Internet carries some important lessons for researchers whose study is focused on narrowly defined problems. It also offers challenges to the cryptographic research community by raising newmore » questions not adequately addressed by the existing body of knowledge. This paper attempts to summarize some of these lessons and challenges for the cryptographic research community.« less

A Flexible Component based Access Control Architecture for OPeNDAP Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

2010-05-01

Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC. These components filter requests to the service they protect and apply the required authentication and authorisation schemes. Filters have been developed for OpenID and SSL client based authentication. The latter enabling access with MyProxy issued credentials. By preserving a clear separation between the security and application functionality, multiple authentication technologies may be supported without the need for modification to the underlying OPeNDAP application. The software has been developed in the Python programming language securing the Python based OPeNDAP implementation, PyDAP. This utilises the Python WSGI (Web Server Gateway Interface) specification to create distinct security filter components. Work is also currently underway to develop a parallel Java based filter implementation to secure the THREDDS Data Server. Whilst the ability to apply this flexible approach to the server side security layer is important, the development of compatible client software is vital to the take up of these services across a wide user base. To date PyDAP and wget based clients have been tested and work is planned to integrate the required security interface into the netCDF API. This forms part of ongoing collaboration with the OPeNDAP user and development community to ensure interoperability.

Internetting tactical security sensor systems

NASA Astrophysics Data System (ADS)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control stations.

A survey of pandemic influenza preparedness and response capabilities in Chicago area hospital security departments.

PubMed

Kimmerly, David P

2009-01-01

This article is a summary based on a December 2007 paper prepared by the author in partial fulfillment of the requirements for a master's degree in business and organizational security management at Webster University. The project described was intended to assess Chicago-area healthcare organization security departments' preparedness and response capabilities for a potential influenza pandemic. While the author says healthcare organizations are learning from the pandemics of the past, little research has been conducted on the requirements necessary within hospital security departments. The article explores staffing, planning, preparation and response capabilities within a healthcare security context to determine existing resources available to the healthcare security community. Eleven completed surveys were received from hospital security managers throughout the geographical Chicago area. They reveal that hospital security managers are conscious of the risks of a pandemic influenza outbreak. Yet, it was found that several gaps existed within hospital security department staffing and response capabilities, as hospital security departments may not have the available resources necessary to adequately maintain their operations during a pandemic incident.

Water security for productive economies: Applying an assessment framework in southern Africa

NASA Astrophysics Data System (ADS)

Holmatov, Bunyod; Lautze, Jonathan; Manthrithilake, Herath; Makin, Ian

2017-08-01

Achieving water security has emerged as a major objective in Africa, yet an analytical or diagnostic framework for assessing water security in African countries is not known to exist. This paper applies one key dimension of the 2016 Asian Development Bank's (ADB) Asian Water Development Outlook (AWDO) to assess levels of water security for productive economies in countries of the Southern African Development Community (SADC). Economic aspects of water security cover four areas: economic activities in the broad sense, agriculture, electricity, and industry. Water security in each area is measured through application of a set of indicators; results of indicator application are then aggregated to determine economic water security at a country-level. Results show that economic water security in SADC is greatest in the Seychelles and South Africa, and lowest in Madagascar and Malawi. Opportunities for strengthening economic water security in the majority of SADC countries exist through improving agricultural water productivity, strengthening resilience, and expanding sustainable electricity generation. More profoundly, this paper suggests that there is clear potential and utility in applying approaches used elsewhere to assess economic water security in southern Africa.

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2014 CFR

2014-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2011 CFR

2011-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2013 CFR

2013-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2012 CFR

2012-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

20 CFR 404.1566 - Work which exists in the national economy.

Code of Federal Regulations, 2010 CFR

2010-04-01

.... 404.1566 Section 404.1566 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE... unskilled, sedentary, light, and medium jobs exist in the national economy (in significant numbers either in... of the Census; (4) Occupational Analyses, prepared for the Social Security Administration by various...

Investigation of Tri-Service Heat Distribution Systems (Modernization of Existing Underground Heat Distribution Systems).

DTIC Science & Technology

1984-06-01

carrier pipe is usually insulated with preformed calcium silicate or mineral wool insulation. The preformed insula- tion is secured with stainless steel...glass or mineral wool insula- tion. Each tile is installed in this manner. Repair is difficult, but can be done by local workers with readily available...corrosion S Site I and return lines in of condensate line ( mineral wool insulation). 2. Ft. Campbell, 12 Tile system B No insulation was installed on

Elements of ESA's policy on space and security

NASA Astrophysics Data System (ADS)

Giannopapa, Christina; Adriaensen, Maarten; Antoni, Ntorina; Schrogl, Kai-Uwe

2018-06-01

In the past decade Europe has been facing rising security threats, ranging from climate change, migrations, nearby conflicts and crises, to terrorism. The demand to tackle these critical challenges is increasing in Member States. Space is already contributing, and could further contribute with already existing systems and future ones. The increasing need for security in Europe and for safety and security of Europe's space activities has led to a growing number of activities in ESA in various domains. It has also driven new and strengthened partnerships with security stakeholders in Europe. At the European level, ESA is collaborating closely with the main European institutions dealing with space security. In addition, as an organisation ESA has evolved to conduct security-related projects and programmes and to address the threats to its own activities, thereby securing the investments of the Member States. Over the past years the Agency has set up a comprehensive regulatory framework in order to be able to cope with security related requirements. Over the past years, ESA has increased its exchanges with its Member States. The paper presents main elements of the ESA's policy on space and security. It introduces the current European context for space and security, the European goals in this domain and the specific objectives to which the Agency intends to contribute. Space and security in the ESA context is set out under two components: a) security from space and b) security in space, including the security of ESA's own activities (corporate security and the security of ESA's space missions). Subsequently, ESA's activities are elaborated around these two pillars, composed of different activities conducted in the most appropriate frameworks and in coordination with the relevant stakeholders and shareholders.

Martime Security: Ferry Security Measures Have Been Implemented, but Evaluating Existing Studies Could Further Enhance Security

DTIC Science & Technology

2010-12-01

relevant requirements, analyzed 2006 through 2009 security operations data, interviewed federal and industry officials, and made observations at five...warranted, acted on all findings and recommendations resulting from five agency- contracted studies on ferry security completed in 2005 and 2006 ...Figure 5: Security Deficiencies by Vessel Type, 2006 through 2009 27 Figure 6: Security Deficiencies by Facility Type, 2006 through 2009 28

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

Structuring Homeland Security

DTIC Science & Technology

2002-04-09

20 AIRPORT SECURITY .............................................................................................. 20...using an existing command and control structure. Since September 11, 2001 airport security has been of heightened importance to the American public...In order to use Reserves to provide airport security the airports themselves should be made federal property. This would allow greater flexibility for

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

12 CFR 41.21 - Affiliate marketing opt-out and exceptions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... relationship with the depository institution's securities affiliate for management of the consumer's securities... institution does not have a pre-existing business relationship with the consumer and none of the other... affiliate that has or has previously had a pre-existing business relationship with the consumer; or (ii) As...

Wireless sensors and sensor networks for homeland security applications.

PubMed

Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

2012-11-01

New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

Confidentiality, electronic health records, and the clinician.

PubMed

Graves, Stuart

2013-01-01

The advent of electronic health records (EHRs) to improve access and enable research in the everyday clinical world has simultaneously made medical information much more vulnerable to illicit, non-beneficent uses. This wealth of identified, aggregated data has and will attract attacks by domestic governments for surveillance and protection, foreign governments for espionage and sabotage, organized crime for illegal profits, and large corporations for "legal" profits. Against these powers with almost unlimited resources no security scheme is likely to prevail, so the design of such systems should include appropriate security measures. Unlike paper records, where the person maintaining and controlling the existence of the records also controls access to them, these two functions can be separated for EHRs. By giving physical control over access to individual records to their individual owners, the aggregate is dismantled, thereby protecting the nation's identified health information from large-scale data mining or tampering. Control over the existence and integrity of all the records--yet without the ability to examine their contents--would be left with larger institutions. This article discusses the implications of all of the above for the role of the clinician in assuring confidentiality (a cornerstone of clinical practice), for research and everyday practice, and for current security designs.

Organization of the secure distributed computing based on multi-agent system

NASA Astrophysics Data System (ADS)

Khovanskov, Sergey; Rumyantsev, Konstantin; Khovanskova, Vera

2018-04-01

Nowadays developing methods for distributed computing is received much attention. One of the methods of distributed computing is using of multi-agent systems. The organization of distributed computing based on the conventional network computers can experience security threats performed by computational processes. Authors have developed the unified agent algorithm of control system of computing network nodes operation. Network PCs is used as computing nodes. The proposed multi-agent control system for the implementation of distributed computing allows in a short time to organize using of the processing power of computers any existing network to solve large-task by creating a distributed computing. Agents based on a computer network can: configure a distributed computing system; to distribute the computational load among computers operated agents; perform optimization distributed computing system according to the computing power of computers on the network. The number of computers connected to the network can be increased by connecting computers to the new computer system, which leads to an increase in overall processing power. Adding multi-agent system in the central agent increases the security of distributed computing. This organization of the distributed computing system reduces the problem solving time and increase fault tolerance (vitality) of computing processes in a changing computing environment (dynamic change of the number of computers on the network). Developed a multi-agent system detects cases of falsification of the results of a distributed system, which may lead to wrong decisions. In addition, the system checks and corrects wrong results.

32 CFR 156.5 - National security positions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... of Existing Personnel Security Clearances” dated December 12, 2005 (Copies available on the Internet... 32 National Defense 1 2014-07-01 2014-07-01 false National security positions. 156.5 Section 156.5 National Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE...

A Unified Approach to Information Security Compliance

ERIC Educational Resources Information Center

Adler, M. Peter

2006-01-01

The increased number of government-mandated and private contractual information security requirements in recent years has caused higher education security professionals to view information security as another aspect of regulatory or contractual compliance. The existence of fines, penalties, or loss (including bad publicity) has also increased the…

75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration (SSA). ACTION: Notice of renewal of an existing...

75 FR 38164 - Self-Regulatory Organizations; Chicago Board Options Exchange, Incorporated; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-01

... time before the opening of trading in the underlying security when the Hybrid System will accept orders... related language in CBOE Rule 4.18 because the concept of leasing memberships no longer exists after the... Holder''). The Exchange is proposing to delete references to the concept of registering a membership for...

Measuring Institutional Effectiveness of California Community Colleges through Existing Governance Structures and External Funding Efforts

ERIC Educational Resources Information Center

Jameson-Meledy, Kathryn

2013-01-01

The purpose of this research was to compare the differing structures of governance within the California Community College (CCC) system in relation to resource development and grant management. This is to explain how governance may impact the effectiveness of institutions to strengthen services to students with funding resources secured through…

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

NASA Technical Reports Server (NTRS)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

Semaphore network encryption report

NASA Astrophysics Data System (ADS)

Johnson, Karen L.

1994-03-01

This paper documents the results of a preliminary assessment performed on the commercial off-the-shelf (COTS) Semaphore Communications Corporation (SCC) Network Security System (NSS). The Semaphore NSS is a family of products designed to address important network security concerns, such as network source address authentication and data privacy. The assessment was performed in the INFOSEC Core Integration Laboratory, and its scope was product usability focusing on interoperability and system performance in an existing operational network. Included in this paper are preliminary findings. Fundamental features and functionality of the Semaphore NSS are identified, followed by details of the assessment, including test descriptions and results. A summary of test results and future plans are also included. These findings will be useful to those investigating the use of commercially available solutions to network authentication and data privacy.

Addressing the vulnerabilities of pass-thoughts

NASA Astrophysics Data System (ADS)

Fernandez, Gabriel C.; Danko, Amanda S.

2016-05-01

As biometrics become increasingly pervasive, consumer electronics are reaping the benefits of improved authentication methods. Leveraging the physical characteristics of a user reduces the burden of setting and remembering complex passwords, while enabling stronger security. Multi-factor systems lend further credence to this model, increasing security via multiple passive data points. In recent years, brainwaves have been shown to be another feasible source for biometric authentication. Physically unique to an individual in certain circumstances, the signals can also be changed by the user at will, making them more robust than static physical characteristics. No paradigm is impervious however, and even well-established medical technologies have deficiencies. In this work, a system for biometric authentication via brainwaves is constructed with electroencephalography (EEG). The efficacy of EEG biometrics via existing consumer electronics is evaluated, and vulnerabilities of such a system are enumerated. Impersonation attacks are performed to expose the extent to which the system is vulnerable. Finally, a multimodal system combining EEG with additional factors is recommended and outlined.

Space and Time Partitioning with Hardware Support for Space Applications

NASA Astrophysics Data System (ADS)

Pinto, S.; Tavares, A.; Montenegro, S.

2016-08-01

Complex and critical systems like airplanes and spacecraft implement a very fast growing amount of functions. Typically, those systems were implemented with fully federated architectures, but the number and complexity of desired functions of todays systems led aerospace industry to follow another strategy. Integrated Modular Avionics (IMA) arose as an attractive approach for consolidation, by combining several applications into one single generic computing resource. Current approach goes towards higher integration provided by space and time partitioning (STP) of system virtualization. The problem is existent virtualization solutions are not ready to fully provide what the future of aerospace are demanding: performance, flexibility, safety, security while simultaneously containing Size, Weight, Power and Cost (SWaP-C).This work describes a real time hypervisor for space applications assisted by commercial off-the-shell (COTS) hardware. ARM TrustZone technology is exploited to implement a secure virtualization solution with low overhead and low memory footprint. This is demonstrated by running multiple guest partitions of RODOS operating system on a Xilinx Zynq platform.

Energy security of residential buildings as an aspect of managerial activity in the modern concept of globalization

NASA Astrophysics Data System (ADS)

Chumakova, Olga

2017-10-01

The paper shows the management aspects of ensuring the safety of residential buildings. The article presents an analytical review of the state of the existing heat supply systems in the Russian Federation, assesses their energy security, highlights the results of research into the causes of accidents in engineering systems in water-bearing communications, and provides methods and comparative calculations of failures of these systems. It is indicated that according to the results of the All-Russian Census of 2010, the total population of the Russian Federation at the time of the survey was 142 million 857 thousand people living in more than 1100 settlements that have the status of the city (subject to their identification by population, administrative and national economic significance and the nature of the building), as well as in almost 160,000 rural settlements. It should be noted that in accordance with the classification of settlements in the Russian Federation, there are five main categories, namely: The above classification of settlements has formed the basis for the analysis of the existing processes of functioning of the heat supply systems of the Russian Federation at the objects of housing, social and industrial development from the point of view of energy security. Thus, for example, it turned out that in large cities with multi-storey buildings the centralized heat supply system is dominated by a system consisting of one or several sources of heat, heat networks having different diameter of pipelines, their number and length, and also serving various types of heat consumers) from cogeneration plants (CHP) of public use, or industrial enterprises. As for the welterweight and small towns, including urban-type settlements with a multi-storey building of the post-war period, they, as a rule, have the majority of IGFs, fed from the city or district boiler houses.

Validity and reliability of food security measures.

PubMed

Cafiero, Carlo; Melgar-Quiñonez, Hugo R; Ballard, Terri J; Kepple, Anne W

2014-12-01

This paper reviews some of the existing food security indicators, discussing the validity of the underlying concept and the expected reliability of measures under reasonably feasible conditions. The main objective of the paper is to raise awareness on existing trade-offs between different qualities of possible food security measurement tools that must be taken into account when such tools are proposed for practical application, especially for use within an international monitoring framework. The hope is to provide a timely, useful contribution to the process leading to the definition of a food security goal and the associated monitoring framework within the post-2015 Development Agenda. © 2014 New York Academy of Sciences.

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

Metro Optical Networks for Homeland Security

NASA Astrophysics Data System (ADS)

Bechtel, James H.

Metro optical networks provide an enticing opportunity for strengthening homeland security. Many existing and emerging fiber-optic networks can be adapted for enhanced security applications. Applications include airports, theme parks, sports venues, and border surveillance systems. Here real-time high-quality video and captured images can be collected, transported, processed, and stored for security applications. Video and data collection are important also at correctional facilities, courts, infrastructure (e.g., dams, bridges, railroads, reservoirs, power stations), and at military and other government locations. The scaling of DWDM-based networks allows vast amounts of data to be collected and transported including biometric features of individuals at security check points. Here applications will be discussed along with potential solutions and challenges. Examples of solutions to these problems are given. This includes a discussion of metropolitan aggregation platforms for voice, video, and data that are SONET compliant for use in SONET networks and the use of DWDM technology for scaling and transporting a variety of protocols. Element management software allows not only network status monitoring, but also provides optimized allocation of network resources through the use of optical switches or electrical cross connects.

Managing medical and insurance information through a smart-card-based information system.

PubMed

Lambrinoudakis, C; Gritzalis, S

2000-08-01

The continuously increased mobility of patients and doctors, in conjunction with the existence of medical groups consisting of private doctors, general practitioners, hospitals, medical centers, and insurance companies, pose significant difficulties on the management of patients' medical data. Inevitably this affects the quality of the health care services provided. The evolving smart card technology can be utilized for the implementation of a secure portable electronic medical record, carried by the patient herself/himself. In addition to the medical data, insurance information can be stored in the smart card thus facilitating the creation of an "intelligent system" supporting the efficient management of patient's data. In this paper we present the main architectural and functional characteristics of such a system. We also highlight how the security features offered by smart cards can be exploited in order to ensure confidentiality and integrity of the medical data stored in the patient cards.

On the designing of a tamper resistant prescription RFID access control system.

PubMed

Safkhani, Masoumeh; Bagheri, Nasour; Naderi, Majid

2012-12-01

Recently, Chen et al. have proposed a novel tamper resistant prescription RFID access control system, published in the Journal of Medical Systems. In this paper we consider the security of the proposed protocol and identify some existing weaknesses. The main attack is a reader impersonation attack which allows an active adversary to impersonate a legitimate doctor, e.g. the patient's doctor, to access the patient's tag and change the patient prescription. The presented attack is quite efficient. To impersonate a doctor, the adversary should eavesdrop one session between the doctor and the patient's tag and then she can impersonate the doctor with the success probability of '1'. In addition, we present efficient reader-tag to back-end database impersonation, de-synchronization and traceability attacks against the protocol. Finally, we propose an improved version of protocol which is more efficient compared to the original protocol while provides the desired security against the presented attacks.

Risks and responses to universal drinking water security.

PubMed

Hope, Robert; Rouse, Michael

2013-11-13

Risks to universal drinking water security are accelerating due to rapid demographic, climate and economic change. Policy responses are slow, uneven and largely inadequate to address the nature and scale of the global challenges. The challenges relate both to maintaining water security in increasingly fragile supply systems and to accelerating reliable access to the hundreds of millions who remain water-insecure. A conceptual framework illustrates the relationship between institutional, operational and financial risks and drinking water security outcomes. We apply the framework to nine case studies from rural and urban contexts in South Asia and sub-Saharan Africa. Case studies are purposively selected based on established and emerging examples of political, technological or institutional reforms that address water security risks. We find broad evidence that improved information flows reduce institutional costs and promote stronger and more transparent operational performance to increase financial sustainability. However, political barriers need to be overcome in all cases through internal or external interventions that require often decadal time frames and catalytic investments. No single model exists, though there is sufficient evidence to demonstrate that risks to drinking water security can be reduced even in the most difficult and challenging contexts.

Adopting Internet Standards for Orbital Use

NASA Technical Reports Server (NTRS)

Wood, Lloyd; Ivancic, William; da Silva Curiel, Alex; Jackson, Chris; Stewart, Dave; Shell, Dave; Hodgson, Dave

2005-01-01

After a year of testing and demonstrating a Cisco mobile access router intended for terrestrial use onboard the low-Earth-orbiting UK-DMC satellite as part of a larger merged ground/space IP-based internetwork, we reflect on and discuss the benefits and drawbacks of integration and standards reuse for small satellite missions. Benefits include ease of operation and the ability to leverage existing systems and infrastructure designed for general use, as well as reuse of existing, known, and well-understood security and operational models. Drawbacks include cases where integration work was needed to bridge the gaps in assumptions between different systems, and where performance considerations outweighed the benefits of reuse of pre-existing file transfer protocols. We find similarities with the terrestrial IP networks whose technologies we have adopted and also some significant differences in operational models and assumptions that must be considered.

Secure Video Surveillance System (SVSS) for unannounced safeguards inspections.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Galdoz, Erwin G.; Pinkalla, Mark

2010-09-01

The Secure Video Surveillance System (SVSS) is a collaborative effort between the U.S. Department of Energy (DOE), Sandia National Laboratories (SNL), and the Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC). The joint project addresses specific requirements of redundant surveillance systems installed in two South American nuclear facilities as a tool to support unannounced inspections conducted by ABACC and the International Atomic Energy Agency (IAEA). The surveillance covers the critical time (as much as a few hours) between the notification of an inspection and the access of inspectors to the location in facility where surveillance equipment is installed.more » ABACC and the IAEA currently use the EURATOM Multiple Optical Surveillance System (EMOSS). This outdated system is no longer available or supported by the manufacturer. The current EMOSS system has met the project objective; however, the lack of available replacement parts and system support has made this system unsustainable and has increased the risk of an inoperable system. A new system that utilizes current technology and is maintainable is required to replace the aging EMOSS system. ABACC intends to replace one of the existing ABACC EMOSS systems by the Secure Video Surveillance System. SVSS utilizes commercial off-the shelf (COTS) technologies for all individual components. Sandia National Laboratories supported the system design for SVSS to meet Safeguards requirements, i.e. tamper indication, data authentication, etc. The SVSS consists of two video surveillance cameras linked securely to a data collection unit. The collection unit is capable of retaining historical surveillance data for at least three hours with picture intervals as short as 1sec. Images in .jpg format are available to inspectors using various software review tools. SNL has delivered two SVSS systems for test and evaluation at the ABACC Safeguards Laboratory. An additional 'proto-type' system remains at SNL for software and hardware testing. This paper will describe the capabilities of the new surveillance system, application and requirements, and the design approach.« less

77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-18

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0055] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration. ACTION: Notice of a renewal of an existing...

Driving profile modeling and recognition based on soft computing approach.

PubMed

Wahab, Abdul; Quek, Chai; Tan, Chin Keong; Takeda, Kazuya

2009-04-01

Advancements in biometrics-based authentication have led to its increasing prominence and are being incorporated into everyday tasks. Existing vehicle security systems rely only on alarms or smart card as forms of protection. A biometric driver recognition system utilizing driving behaviors is a highly novel and personalized approach and could be incorporated into existing vehicle security system to form a multimodal identification system and offer a greater degree of multilevel protection. In this paper, detailed studies have been conducted to model individual driving behavior in order to identify features that may be efficiently and effectively used to profile each driver. Feature extraction techniques based on Gaussian mixture models (GMMs) are proposed and implemented. Features extracted from the accelerator and brake pedal pressure were then used as inputs to a fuzzy neural network (FNN) system to ascertain the identity of the driver. Two fuzzy neural networks, namely, the evolving fuzzy neural network (EFuNN) and the adaptive network-based fuzzy inference system (ANFIS), are used to demonstrate the viability of the two proposed feature extraction techniques. The performances were compared against an artificial neural network (NN) implementation using the multilayer perceptron (MLP) network and a statistical method based on the GMM. Extensive testing was conducted and the results show great potential in the use of the FNN for real-time driver identification and verification. In addition, the profiling of driver behaviors has numerous other potential applications for use by law enforcement and companies dealing with buses and truck drivers.

Side-channel-free quantum key distribution.

PubMed

Braunstein, Samuel L; Pirandola, Stefano

2012-03-30

Quantum key distribution (QKD) offers the promise of absolutely secure communications. However, proofs of absolute security often assume perfect implementation from theory to experiment. Thus, existing systems may be prone to insidious side-channel attacks that rely on flaws in experimental implementation. Here we replace all real channels with virtual channels in a QKD protocol, making the relevant detectors and settings inside private spaces inaccessible while simultaneously acting as a Hilbert space filter to eliminate side-channel attacks. By using a quantum memory we find that we are able to bound the secret-key rate below by the entanglement-distillation rate computed over the distributed states.

Towards Device-Independent Information Processing on General Quantum Networks

NASA Astrophysics Data System (ADS)

Lee, Ciarán M.; Hoban, Matty J.

2018-01-01

The violation of certain Bell inequalities allows for device-independent information processing secure against nonsignaling eavesdroppers. However, this only holds for the Bell network, in which two or more agents perform local measurements on a single shared source of entanglement. To overcome the practical constraints that entangled systems can only be transmitted over relatively short distances, large-scale multisource networks have been employed. Do there exist analogs of Bell inequalities for such networks, whose violation is a resource for device independence? In this Letter, the violation of recently derived polynomial Bell inequalities will be shown to allow for device independence on multisource networks, secure against nonsignaling eavesdroppers.

Collaborative Access Control For Critical Infrastructures

NASA Astrophysics Data System (ADS)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Towards Device-Independent Information Processing on General Quantum Networks.

PubMed

Lee, Ciarán M; Hoban, Matty J

2018-01-12

The violation of certain Bell inequalities allows for device-independent information processing secure against nonsignaling eavesdroppers. However, this only holds for the Bell network, in which two or more agents perform local measurements on a single shared source of entanglement. To overcome the practical constraints that entangled systems can only be transmitted over relatively short distances, large-scale multisource networks have been employed. Do there exist analogs of Bell inequalities for such networks, whose violation is a resource for device independence? In this Letter, the violation of recently derived polynomial Bell inequalities will be shown to allow for device independence on multisource networks, secure against nonsignaling eavesdroppers.

What is the current state of the science of Cyber defense?

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hurd, Alan J.

My overall sense of the cyber defense field is one of an adolescent discipline currently bogged down in a cloud of issues, the most iconic of which is the great diversity of approaches that are being aggregated to form a coherent field. Because my own expertise is complex systems and materials physics research, I have limited direct experience in cyber security sciences except as a user of secure networks and computing resources. However, in producing this report, I have found with certainty that there exists no calculus for cyber risk assessment, mitigation, and response, although some hopeful precepts toward thismore » end are emerging.« less

Quantum technology and cryptology for information security

NASA Astrophysics Data System (ADS)

Naqvi, Syed; Riguidel, Michel

2007-04-01

Cryptology and information security are set to play a more prominent role in the near future. In this regard, quantum communication and cryptography offer new opportunities to tackle ICT security. Quantum Information Processing and Communication (QIPC) is a scientific field where new conceptual foundations and techniques are being developed. They promise to play an important role in the future of information Security. It is therefore essential to have a cross-fertilizing development between quantum technology and cryptology in order to address the security challenges of the emerging quantum era. In this article, we discuss the impact of quantum technology on the current as well as future crypto-techniques. We then analyse the assumptions on which quantum computers may operate. Then we present our vision for the distribution of security attributes using a novel form of trust based on Heisenberg's uncertainty; and, building highly secure quantum networks based on the clear transmission of single photons and/or bundles of photons able to withstand unauthorized reading as a result of secure protocols based on the observations of quantum mechanics. We argue how quantum cryptographic systems need to be developed that can take advantage of the laws of physics to provide long-term security based on solid assumptions. This requires a structured integration effort to deploy quantum technologies within the existing security infrastructure. Finally, we conclude that classical cryptographic techniques need to be redesigned and upgraded in view of the growing threat of cryptanalytic attacks posed by quantum information processing devices leading to the development of post-quantum cryptography.

Securing General Aviation

DTIC Science & Technology

2009-03-03

ajor vulnerabilities still exist in ... general aviation security ,”3 the commission did not further elaborate on the nature of those vulnerabilities...commercial operations may make them an attractive alternative to terrorists seeking to identify and exploit vulnerabilities in aviation security . In this...3, 2003, p. A7. 2 See Report of the Aviation Security Advisory Committee Working Group on General Aviation Airport Security (October 1, 2003); and

The Father Christmas worm

NASA Technical Reports Server (NTRS)

Green, James L.; Sisson, Patricia L.

1989-01-01

Given here is an overview analysis of the Father Christmas Worm, a computer worm that was released onto the DECnet Internet three days before Christmas 1988. The purpose behind the worm was to send an electronic mail message to all users on the computer system running the worm. The message was a Christmas greeting and was signed 'Father Christmas'. From the investigation, it was determined that the worm was released from a computer (node number 20597::) at a university in Switzerland. The worm was designed to travel quickly. Estimates are that it was copied to over 6,000 computer nodes. However, it was believed to have executed on only a fraction of those computers. Within ten minutes after it was released, the worm was detected at the Space Physics Analysis Network (SPAN), NASA's largest space and Earth science network. Once the source program was captured, a procedural cure, using the existing functionality of the computer operating systems, was quickly devised and distributed. A combination of existing computer security measures, the quick and accurate procedures devised to stop copies of the worm from executing, and the network itself, were used to rapidly provide the cure. These were the main reasons why the worm executed on such a small percentage of nodes. This overview of the analysis of the events concerning the worm is based on an investigation made by the SPAN Security Team and provides some insight into future security measures that will be taken to handle computer worms and viruses that may hit similar networks.

78 FR 70973 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-27

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: US Securities and Exchange Commission, Office of Investor Education and Advocacy... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of...

MAC layer security issues in wireless mesh networks

NASA Astrophysics Data System (ADS)

Reddy, K. Ganesh; Thilagam, P. Santhi

2016-03-01

Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

The decision to exclude agricultural and domestic workers from the 1935 Social Security Act.

PubMed

DeWitt, Larry

2010-01-01

The Social Security Act of 1935 excluded from coverage about half the workers in the American economy. Among the excluded groups were agricultural and domestic workers-a large percentage of whom were African Americans. This has led some scholars to conclude that policymakers in 1935 deliberately excluded African Americans from the Social Security system because of prevailing racial biases during that period. This article examines both the logic of this thesis and the available empirical evidence on the origins of the coverage exclusions. The author concludes that the racial-bias thesis is both conceptually flawed and unsupported by the existing empirical evidence. The exclusion of agricultural and domestic workers from the early program was due to considerations of administrative feasibility involving tax-collection procedures. The author finds no evidence of any other policy motive involving racial bias.

Cryptanalysis and security enhancement of optical cryptography based on computational ghost imaging

NASA Astrophysics Data System (ADS)

Yuan, Sheng; Yao, Jianbin; Liu, Xuemei; Zhou, Xin; Li, Zhongyang

2016-04-01

Optical cryptography based on computational ghost imaging (CGI) has attracted much attention of researchers because it encrypts plaintext into a random intensity vector rather than complexed-valued function. This promising feature of the CGI-based cryptography reduces the amount of data to be transmitted and stored and therefore brings convenience in practice. However, we find that this cryptography is vulnerable to chosen-plaintext attack because of the linear relationship between the input and output of the encryption system, and three feasible strategies are proposed to break it in this paper. Even though a large number of plaintexts need to be chosen in these attack methods, it means that this cryptography still exists security risks. To avoid these attacks, a security enhancement method utilizing an invertible matrix modulation is further discussed and the feasibility is verified by numerical simulations.

A game-theoretic method for cross-layer stochastic resilient control design in CPS

NASA Astrophysics Data System (ADS)

Shen, Jiajun; Feng, Dongqin

2018-03-01

In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Insecurity of position-based quantum-cryptography protocols against entanglement attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lau, Hoi-Kwan; Lo, Hoi-Kwong

2011-01-15

Recently, position-based quantum cryptography has been claimed to be unconditionally secure. On the contrary, here we show that the existing proposals for position-based quantum cryptography are, in fact, insecure if entanglement is shared among two adversaries. Specifically, we demonstrate how the adversaries can incorporate ideas of quantum teleportation and quantum secret sharing to compromise the security with certainty. The common flaw to all current protocols is that the Pauli operators always map a codeword to a codeword (up to an irrelevant overall phase). We propose a modified scheme lacking this property in which the same cheating strategy used to underminemore » the previous protocols can succeed with a rate of at most 85%. We prove the modified protocol is secure when the shared quantum resource between the adversaries is a two- or three-level system.« less

No information flow using statistical fluctuations and quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Larsson, Jan-Aake

2004-04-01

The communication protocol of Home and Whitaker [Phys. Rev. A 67, 022306 (2003)] is examined in some detail, and found to work equally well using a separable state. The protocol is in fact completely classical, based on postselection of suitable experimental runs. The quantum-cryptography protocol proposed in the same publication is also examined, and this protocol uses entanglement, a strictly quantum property of the system. An individual eavesdropping attack on each qubit pair would be detected by the security test proposed in the mentioned paper. However, the key is provided by groups of qubits, and there exists a coherent attack,more » internal to these groups, that will go unnoticed in that security test. A modified test is proposed here that will ensure security, even against such a coherent attack.« less

Quantum communication with coherent states of light

NASA Astrophysics Data System (ADS)

Khan, Imran; Elser, Dominique; Dirmeier, Thomas; Marquardt, Christoph; Leuchs, Gerd

2017-06-01

Quantum communication offers long-term security especially, but not only, relevant to government and industrial users. It is worth noting that, for the first time in the history of cryptographic encoding, we are currently in the situation that secure communication can be based on the fundamental laws of physics (information theoretical security) rather than on algorithmic security relying on the complexity of algorithms, which is periodically endangered as standard computer technology advances. On a fundamental level, the security of quantum key distribution (QKD) relies on the non-orthogonality of the quantum states used. So even coherent states are well suited for this task, the quantum states that largely describe the light generated by laser systems. Depending on whether one uses detectors resolving single or multiple photon states or detectors measuring the field quadratures, one speaks of, respectively, a discrete- or a continuous-variable description. Continuous-variable QKD with coherent states uses a technology that is very similar to the one employed in classical coherent communication systems, the backbone of today's Internet connections. Here, we review recent developments in this field in two connected regimes: (i) improving QKD equipment by implementing front-end telecom devices and (ii) research into satellite QKD for bridging long distances by building upon existing optical satellite links. This article is part of the themed issue 'Quantum technology for the 21st century'.

Quantum communication with coherent states of light.

PubMed

Khan, Imran; Elser, Dominique; Dirmeier, Thomas; Marquardt, Christoph; Leuchs, Gerd

2017-08-06

Quantum communication offers long-term security especially, but not only, relevant to government and industrial users. It is worth noting that, for the first time in the history of cryptographic encoding, we are currently in the situation that secure communication can be based on the fundamental laws of physics (information theoretical security) rather than on algorithmic security relying on the complexity of algorithms, which is periodically endangered as standard computer technology advances. On a fundamental level, the security of quantum key distribution (QKD) relies on the non-orthogonality of the quantum states used. So even coherent states are well suited for this task, the quantum states that largely describe the light generated by laser systems. Depending on whether one uses detectors resolving single or multiple photon states or detectors measuring the field quadratures, one speaks of, respectively, a discrete- or a continuous-variable description. Continuous-variable QKD with coherent states uses a technology that is very similar to the one employed in classical coherent communication systems, the backbone of today's Internet connections. Here, we review recent developments in this field in two connected regimes: (i) improving QKD equipment by implementing front-end telecom devices and (ii) research into satellite QKD for bridging long distances by building upon existing optical satellite links.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

A novel anti-theft security system for photovoltaic modules

NASA Astrophysics Data System (ADS)

Khan, Wasif Ali; Lim, Boon-Han; Lai, An-Chow; Chong, Kok-Keong

2017-04-01

Solar farms are considered as easy target for thieves because of insufficient protection measures. Existing anti-theft approaches are based on system level and are not very preventive and efficient because these can be bypassed with some technical knowledge. Additionally, it is difficult for security guards to tackle them as robbers come in a form of a gang equipped with heavy weapons. In this paper, a low power auto shut-off and non-destructive system is proposed for photovoltaic (PV) modules to achieve better level of security at module level. In proposed method, the power generation function of the PV module will be shut-off internally and cannot be re-activated by unauthorized personnel, in the case of theft. Hence, the PV module will not be functional even sold to new customers. The system comprises of a microcontroller, a low power position sensor, a controllable semiconductor switch and a wireless reactive-able system. The anti-theft system is developed to be laminated inside PV module and will be interconnected with solar cells so it becomes difficult for thieves to temper. The position of PV module is retrieved by position sensor and stored in a microcontroller as an initial reference value. Microcontroller uses this stored reference value to control power supply of PV module via power switch. The stored reference value can be altered using wireless circuitry by following authentication protocol. It makes the system non-destructive as anti-theft function can be reset again by authorized personnel, if it is recovered after theft or moved for maintenance purposes. The research component includes the design of a position sensing circuit, an auto shut-off circuit, a reactive-able wireless security protection algorithm and finally the integration of the multiple circuits.

openEHR Based Systems and the General Data Protection Regulation (GDPR).

PubMed

Sousa, Mariana; Ferreira, Duarte; Santos-Pereira, Cátia; Bacelar, Gustavo; Frade, Samuel; Pestana, Olívia; Cruz-Correia, Ricardo

2018-01-01

The concerns about privacy and personal data protection resulted in reforms of the existing legislation in European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing measures on the topic of personal data protection of the European Union citizens, with a strong input on the rights and freedoms of people and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records. This work aims to understand to what extent the openEHR standard can be considered a solution for the requirements needed by GDPR. A list of requirements for a Hospital Information Systems (HIS) compliant with GDPR and an identification of openEHR specifications was made. The requirements were categorized and compared with the specifications. The requirements identified for the systems were matched with the openEHR specifications, which result in 16 requirements matched with openEHR. All the specifications identified matched at least one requirement. OpenEHR is a solution for the development of HIS that reinforce privacy and personal data protection, ensuring that they are contemplated in the system development. The institutions can secure that their Eletronic Health Record are compliant with GDPR while safeguarding the medical data quality and, as a result, the healthcare delivery.

Towards an Enhancement of Organizational Information Security through Threat Factor Profiling (TFP) Model

NASA Astrophysics Data System (ADS)

Sidi, Fatimah; Daud, Maslina; Ahmad, Sabariah; Zainuddin, Naqliyah; Anneisa Abdullah, Syafiqa; Jabar, Marzanah A.; Suriani Affendey, Lilly; Ishak, Iskandar; Sharef, Nurfadhlina Mohd; Zolkepli, Maslina; Nur Majdina Nordin, Fatin; Amat Sejani, Hashimah; Ramadzan Hairani, Saiful

2017-09-01

Information security has been identified by organizations as part of internal operations that need to be well implemented and protected. This is because each day the organizations face a high probability of increase of threats to their networks and services that will lead to information security issues. Thus, effective information security management is required in order to protect their information assets. Threat profiling is a method that can be used by an organization to address the security challenges. Threat profiling allows analysts to understand and organize intelligent information related to threat groups. This paper presents a comparative analysis that was conducted to study the existing threat profiling models. It was found that existing threat models were constructed based on specific objectives, thus each model is limited to only certain components or factors such as assets, threat sources, countermeasures, threat agents, threat outcomes and threat actors. It is suggested that threat profiling can be improved by the combination of components found in each existing threat profiling model/framework. The proposed model can be used by an organization in executing a proactive approach to incident management.

Gathering Information from Transport Systems for Processing in Supply Chains

NASA Astrophysics Data System (ADS)

Kodym, Oldřich; Unucka, Jakub

2016-12-01

Paper deals with complex system for processing information from means of transport acting as parts of train (rail or road). It focuses on automated information gathering using AutoID technology, information transmission via Internet of Things networks and information usage in information systems of logistic firms for support of selected processes on MES and ERP levels. Different kinds of gathered information from whole transport chain are discussed. Compliance with existing standards is mentioned. Security of information in full life cycle is integral part of presented system. Design of fully equipped system based on synthesized functional nodes is presented.

78 FR 17781 - Transportation Worker Identification Credential (TWIC)-Reader Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-22

...In this Notice of Proposed Rulemaking (NPRM), the Coast Guard proposes to require owners and operators of certain vessels and facilities regulated by the Coast Guard to use electronic readers designed to work with the Transportation Worker Identification Credential (TWIC) as an access control measure. This NPRM also proposes additional requirements associated with electronic TWIC readers, including recordkeeping requirements for those owners and operators required to use an electronic TWIC reader, and security plan amendments to incorporate TWIC requirements. The TWIC program, including the proposed TWIC reader requirements in this rule, is an important component of the Coast Guard's multi-layered system of access control requirements and other measures designed to enhance maritime security. This rulemaking action, once final, would build upon existing Coast Guard regulations designed to ensure that only individuals who hold a TWIC are granted unescorted access to secure areas at those locations. The Coast Guard has already promulgated regulations pursuant to the Maritime Transportation Security Act of 2002 (MTSA) that require mariners and other individuals to obtain a TWIC and present it for inspection by security personnel prior to gaining access to such secure areas. By requiring certain vessels and facilities to perform TWIC inspections using electronic TWIC readers, this rulemaking would further enhance security at those locations. This rulemaking would also implement the Security and Accountability For Every Port Act of 2006 electronic TWIC reader requirements.

Nuclear security policy in the context of counter-terrorism in Cambodia

NASA Astrophysics Data System (ADS)

Khun, Vuthy; Wongsawaeng, Doonyapong

2016-01-01

The risk of nuclear or dirty bomb attack by terrorists is one of the most urgent and threatening danger. The Cambodian national strategy to combat weapons of mass destruction (WMD) depicts a layered system of preventive measures ranging from securing materials at foreign sources to interdicting weapons or nuclear or other radioactive materials at ports, border crossings, and within the Cambodian institutions dealing with the nuclear security to manage the preventive programs. The aim of this study is to formulate guidance, to identify scenario of threat and risk, and to pinpoint necessary legal frameworks on nuclear security in the context of counterterrorism based on the International Atomic Energy Agency nuclear security series. The analysis of this study is guided by theoretical review, the review of international laws and politics, by identifying and interpreting applicable rules and norms establishing the nuclear security regime and how well enforcement of the regime is carried out and, what is the likelihood of the future reform might be. This study will examine the existing national legal frameworks of Cambodia in the context of counterterrorism to prevent acts of nuclear terrorism and the threat of a terrorist nuclear attack within the Cambodia territory. It will shed light on departmental lanes of national nuclear security responsibility, and provide a holistic perspective on the needs of additional resources and emphasis regarding nuclear security policy in the context of counterterrorism in Cambodia.

31 CFR 601.4 - Use of paper; interest-bearing securities of the United States.

Code of Federal Regulations, 2010 CFR

2010-07-01

... PAPER FOR UNITED STATES CURRENCY AND OTHER SECURITIES § 601.4 Use of paper; interest-bearing securities of the United States. The existing distinctive papers shall be used for the printing of interest...

76 FR 65220 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-20

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: U.S. Securities and Exchange Commission, Office of Investor Education and Advocacy... Securities and Exchange Commission (``Commission'') is soliciting comments on the existing collection of...

77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0089] Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Homeland Security (DHS))--Match Number 1010 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that...

Securing medical research: a cybersecurity point of view.

PubMed

Schneier, Bruce

2012-06-22

The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.

The assessment of global thermo-energy performances of existing district heating systems optimized by harnessing renewable energy sources

NASA Astrophysics Data System (ADS)

Şoimoşan, Teodora M.; Danku, Gelu; Felseghi, Raluca A.

2017-12-01

Within the thermo-energy optimization process of an existing heating system, the increase of the system's energy efficiency and speeding-up the transition to green energy use are pursued. The concept of multi-energy district heating system, with high harnessing levels of the renewable energy sources (RES) in order to produce heat, is expected to be the key-element in the future urban energy infrastructure, due to the important role it can have in the strategies of optimizing and decarbonizing the existing district heating systems. The issues that arise are related to the efficient integration of different technologies of harnessing renewable energy sources in the energy mix and to the increase of the participation levels of RES, respectively. For the holistic modeling of the district heating system, the concept of the energy hub was used, where the synergy of different primary forms of entered energy provides the system a high degree energy security and flexibility in operation. The optimization of energy flows within the energy hub allows the optimization of the thermo-energy district system in order to approach the dual concept of smart city & smart energy.

Quantum attack-resistent certificateless multi-receiver signcryption scheme.

PubMed

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

A new kind of universal smart home security safety monitoring system

NASA Astrophysics Data System (ADS)

Li, Biqing; Li, Zhao

2018-04-01

With the current level of social development, improved quality of life, existence and security issues of law and order has become an important issue. This graduation project adopts the form of wireless transmission, to STC89C52 microcontroller as the host control human infrared induction anti-theft monitoring system. The system mainly consists of main control circuit, power supply circuit, activities of the human body detection module, sound and light alarm circuit, record and display circuit. The main function is to achieve exploration activities on the human body, then the information is transmitted to the control panel, according to the system microcontroller program control sound and light alarm circuit, while recording the alarm location and time, and always check the record as required, and ultimately achieve the purpose of monitoring. The advantage of using pyroelectric infrared sensor can be installed in a hidden place, not easy to find, and low cost, good detection results, and has broad prospects for development.

Using microgrids to enhance energy security and resilience

DOE PAGES

Lu, Xiaonan; Wang, Jianhui; Guo, Liping

2016-12-05

Although microgrids are now widely studied, challenges still exist. A reliable control architecture needs to be developed to coordinate different devices. Advanced forecasting and demand response management approaches should be implemented to cope with the intermittence of renewable generation. Furthermore, interconnection issues should be further studied to eliminate the influence of microgrid integration and achieve coordinated operation throughout the system.

76 FR 31639 - Notice of the Availability of the Finding of No Significant Impact Concerning a Proposal To Award...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-01

... Significant Impact Concerning a Proposal To Award a Contract to House Federal, Low- Security, Criminal Aliens... aliens within one or more existing contractor-owned and operated correctional facilities. Background... Federal, low-security, adult male, non-U.S. citizen, criminal aliens within one or more existing...

Engineering Infrastructures: Problems of Safety and Security in the Russian Federation

NASA Astrophysics Data System (ADS)

Makhutov, Nikolay A.; Reznikov, Dmitry O.; Petrov, Vitaly P.

Modern society cannot exist without stable and reliable engineering infrastructures (EI), whose operation is vital for any national economy. These infrastructures include energy, transportation, water and gas supply systems, telecommunication and cyber systems, etc. Their performance is commensurate with storing and processing huge amounts of information, energy and hazardous substances. Ageing infrastructures are deteriorating — with operating conditions declining from normal to emergency and catastrophic. The complexity of engineering infrastructures and their interdependence with other technical systems makes them vulnerable to emergency situations triggered by natural and manmade catastrophes or terrorist attacks.

Gait recognition based on integral outline

NASA Astrophysics Data System (ADS)

Ming, Guan; Fang, Lv

2017-02-01

Biometric identification technology replaces traditional security technology, which has become a trend, and gait recognition also has become a hot spot of research because its feature is difficult to imitate and theft. This paper presents a gait recognition system based on integral outline of human body. The system has three important aspects: the preprocessing of gait image, feature extraction and classification. Finally, using a method of polling to evaluate the performance of the system, and summarizing the problems existing in the gait recognition and the direction of development in the future.

Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Obaidat, Mohammad S

2015-11-01

In order to access remote medical server, generally the patients utilize smart card to login to the server. It has been observed that most of the user (patient) authentication protocols suffer from smart card stolen attack that means the attacker can mount several common attacks after extracting smart card information. Recently, Lu et al.'s proposes a session key agreement protocol between the patient and remote medical server and claims that the same protocol is secure against relevant security attacks. However, this paper presents several security attacks on Lu et al.'s protocol such as identity trace attack, new smart card issue attack, patient impersonation attack and medical server impersonation attack. In order to fix the mentioned security pitfalls including smart card stolen attack, this paper proposes an efficient remote mutual authentication protocol using smart card. We have then simulated the proposed protocol using widely-accepted AVISPA simulation tool whose results make certain that the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. Moreover, the rigorous security analysis proves that the proposed protocol provides strong security protection on the relevant security attacks including smart card stolen attack. We compare the proposed scheme with several related schemes in terms of computation cost and communication cost as well as security functionalities. It has been observed that the proposed scheme is comparatively better than related existing schemes.

Using information technology for an improved pharmaceutical care delivery in developing countries. Study case: Benin.

PubMed

Edoh, Thierry Oscar; Teege, Gunnar

2011-10-01

One of the problems in health care in developing countries is the bad accessibility of medicine in pharmacies for patients. Since this is mainly due to a lack of organization and information, it should be possible to improve the situation by introducing information and communication technology. However, for several reasons, standard solutions are not applicable here. In this paper, we describe a case study in Benin, a West African developing country. We identify the problem and the existing obstacles for applying standard ECommerce solutions. We develop an adapted system approach and describe a practical test which has shown that the approach has the potential of actually improving the pharmaceutical care delivery. Finally, we consider the security aspects of the system and propose an organizational solution for some specific security problems.

Simulation Data Management - Requirements and Design Specification

DOE Office of Scientific and Technical Information (OSTI.GOV)

Clay, Robert L.; Friedman-Hill, Ernest J.; Gibson, Marcus J.

Simulation Data Management (SDM), the ability to securely organize, archive, and share analysis models and the artifacts used to create them, is a fundamental requirement for modern engineering analysis based on computational simulation. We have worked separately to provide secure, network SDM services to engineers and scientists at our respective laboratories for over a decade. We propose to leverage our experience and lessons learned to help develop and deploy a next-generation SDM service as part of a multi-laboratory team. This service will be portable across multiple sites and platforms, and will be accessible via a range of command-line tools andmore » well-documented APIs. In this document, we’ll review our high-level and low-level requirements for such a system, review one existing system, and briefly discuss our proposed implementation.« less

Recent Experience with a Hybrid SCADA/PMU On-Line State Estimator

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rizy, D Tom

2009-01-01

PMU devices are expected to grow in number from a few to several hundreds in the next five years. Some relays are already global positioning system-capable and could provide the same type of data as any PMU. This introduces a new paradigm of very fast accurate synchrophasor measurements from across the grid in real-time that augment and parallel existing slower SCADA measurements. Control center applications will benefit from this PMU data; for example, use of PMU data in state estimation is expected to improve accuracy and robustness, which in turn will result in more timely and accurate N-1 security analysis,more » resulting in an overall improvement of grid system reliability and security. This paper describes results from a recent implementation of this technology, the benefits and future work.« less

NFC Internal: An Indoor Navigation System

PubMed Central

Ozdenizci, Busra; Coskun, Vedat; Ok, Kerem

2015-01-01

Indoor navigation systems have recently become a popular research field due to the lack of GPS signals indoors. Several indoors navigation systems have already been proposed in order to eliminate deficiencies; however each of them has several technical and usability limitations. In this study, we propose NFC Internal, a Near Field Communication (NFC)-based indoor navigation system, which enables users to navigate through a building or a complex by enabling a simple location update, simply by touching NFC tags those are spread around and orient users to the destination. In this paper, we initially present the system requirements, give the design details and study the viability of NFC Internal with a prototype application and a case study. Moreover, we evaluate the performance of the system and compare it with existing indoor navigation systems. It is seen that NFC Internal has considerable advantages and significant contributions to existing indoor navigation systems in terms of security and privacy, cost, performance, robustness, complexity, user preference and commercial availability. PMID:25825976

A study of low-cost, robust assistive listening system (ALS) based on digital wireless technology.

PubMed

Israsena, P; Dubsok, P; Pan-Ngum, S

2008-11-01

We have developed a simple, low-cost digital wireless broadcasting system prototype, intended for a classroom of hearing impaired students. The system is designed to be a low-cost alternative to an existing FM system. The system implemented is for short-range communication, with a one-transmitter, multiple-receiver configuration, which is typical for these classrooms. The data is source-coded for voice-band quality, FSK modulated, and broadcasted via a 915 MHz radio frequency. A DES encryption can optionally be added for better information security. Test results show that the system operating range is approximately ten metres, and the sound quality is close to telephone quality as intended. We also discuss performance issues such as sound, power and size, as well as transmission protocols. The test results are the proof of concept that the prototype is a viable alternative to an existing FM system. Improvements can be made to the system's sound quality via techniques such as channel coding, which is also discussed.

Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

NASA Technical Reports Server (NTRS)

Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

2017-01-01

NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto principle. Specifically, for all three datasets, from 86 to 88 the security related issues were located in two to four subsystems.- The severity levels of most security issues were moderate, in all three datasets.- Out of 21 primary security classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, these classes contributed from around 80 to 90 of all security issues in each dataset. This again proves the Pareto principle of uneven distribution of security issues, in this case across CWE classes, and supports the fact that addressing these dominant security classes provides the most cost efficient way to improve missions' security. The findings presented in this report uncovered the security vulnerability profiles and identified the common trends and dominant classes of security issues, which in turn can be used to select the most efficient secure design and coding best practices compiled by the part of the SARP project team associated with the NASA's Johnson Space Center. In addition, these findings provide valuable input to the NASA IVV initiative aimed at identification of the two 25 CWEs of ground and flight missions.

Integrated quantum key distribution sender unit for daily-life implementations

NASA Astrophysics Data System (ADS)

Mélen, Gwenaelle; Vogl, Tobias; Rau, Markus; Corrielli, Giacomo; Crespi, Andrea; Osellame, Roberto; Weinfurter, Harald

2016-03-01

Unlike currently implemented encryption schemes, Quantum Key Distribution provides a secure way of generating and distributing a key among two parties. Although a multitude of research platforms has been developed, the integration of QKD units within classical communication systems remains a tremendous challenge. The recently achieved maturity of integrated photonic technologies could be exploited to create miniature QKD add-ons that could extend the primary function of various existing systems such as mobile devices or optical stations. In this work we report on an integrated optics module enabling secure short-distance communication for, e.g., quantum access schemes. Using BB84-like protocols, Alice's mobile low-cost device can exchange secure key and information everywhere within a trusted node network. The new optics platform (35×20×8mm) compatible with current smartphone's technology generates NIR faint polarised laser pulses with 100MHz repetition rate. Fully automated beam tracking and live basis-alignment on Bob's side ensure user-friendly operation with a quantum link efficiency as high as 50% stable over a few seconds.

DOE Office of Scientific and Technical Information (OSTI.GOV)

McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.

mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants frameworkmore » is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.« less

The need for integration of drought monitoring tools for proactive food security management in sub-Saharan Africa

USGS Publications Warehouse

Tadesse, T.; Haile, M.; Senay, G.; Wardlow, B.D.; Knutson, C.L.

2008-01-01

Reducing the impact of drought and famine remains a challenge in sub-Saharan Africa despite ongoing drought relief assistance in recent decades. This is because drought and famine are primarily addressed through a crisis management approach when a disaster occurs, rather than stressing preparedness and risk management. Moreover, drought planning and food security efforts have been hampered by a lack of integrated drought monitoring tools, inadequate early warning systems (EWS), and insufficient information flow within and between levels of government in many sub-Saharan countries. The integration of existing drought monitoring tools for sub-Saharan Africa is essential for improving food security systems to reduce the impacts of drought and famine on society in this region. A proactive approach emphasizing integration requires the collective use of multiple tools, which can be used to detect trends in food availability and provide early indicators at local, national, and regional scales on the likely occurrence of food crises. In addition, improving the ability to monitor and disseminate critical drought-related information using available modern technologies (e.g., satellites, computers, and modern communication techniques) may help trigger timely and appropriate preventive responses and, ultimately, contribute to food security and sustainable development in sub-Saharan Africa. ?? 2008 United Nations.

Device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Hänggi, Esther

2010-12-01

In this thesis, we study two approaches to achieve device-independent quantum key distribution: in the first approach, the adversary can distribute any system to the honest parties that cannot be used to communicate between the three of them, i.e., it must be non-signalling. In the second approach, we limit the adversary to strategies which can be implemented using quantum physics. For both approaches, we show how device-independent quantum key distribution can be achieved when imposing an additional condition. In the non-signalling case this additional requirement is that communication is impossible between all pairwise subsystems of the honest parties, while, in the quantum case, we demand that measurements on different subsystems must commute. We give a generic security proof for device-independent quantum key distribution in these cases and apply it to an existing quantum key distribution protocol, thus proving its security even in this setting. We also show that, without any additional such restriction there always exists a successful joint attack by a non-signalling adversary.

Airborne biological hazards and urban transport infrastructure: current challenges and future directions.

PubMed

Nasir, Zaheer Ahmad; Campos, Luiza Cintra; Christie, Nicola; Colbeck, Ian

2016-08-01

Exposure to airborne biological hazards in an ever expanding urban transport infrastructure and highly diverse mobile population is of growing concern, in terms of both public health and biosecurity. The existing policies and practices on design, construction and operation of these infrastructures may have severe implications for airborne disease transmission, particularly, in the event of a pandemic or intentional release of biological of agents. This paper reviews existing knowledge on airborne disease transmission in different modes of transport, highlights the factors enhancing the vulnerability of transport infrastructures to airborne disease transmission, discusses the potential protection measures and identifies the research gaps in order to build a bioresilient transport infrastructure. The unification of security and public health research, inclusion of public health security concepts at the design and planning phase, and a holistic system approach involving all the stakeholders over the life cycle of transport infrastructure hold the key to mitigate the challenges posed by biological hazards in the twenty-first century transport infrastructure.

Medicaid management information systems performance standards: Health Care Financing Administration. Notice with comment period.

PubMed

1981-06-30

This notice contains performance standards (review elements and factors). We are required by section 1903(r)(6)(E) of the Social Security Act to notify all States of proposed procedures, standards, and other requirements at least one quarter prior to the fiscal year in which the procedures, standards, and other requirements will be used for Medicaid Management Information Systems reapproval reviews. This Notice meets that statutory requirements. By October 1, 1981, we will use the performance standards and existing systems requirements when conducting the annual review of State system performance.

Security issues in healthcare applications using wireless medical sensor networks: a survey.

PubMed

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

A Security Analysis of the 802.11s Wireless Mesh Network Routing Protocol and Its Secure Routing Protocols

PubMed Central

Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

2013-01-01

Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP. PMID:24002231

A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

PubMed

Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

2013-09-02

Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

PubMed Central

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

Photonic quantum digital signatures operating over kilometer ranges in installed optical fiber

NASA Astrophysics Data System (ADS)

Collins, Robert J.; Fujiwara, Mikio; Amiri, Ryan; Honjo, Toshimori; Shimizu, Kaoru; Tamaki, Kiyoshi; Takeoka, Masahiro; Andersson, Erika; Buller, Gerald S.; Sasaki, Masahide

2016-10-01

The security of electronic communications is a topic that has gained noteworthy public interest in recent years. As a result, there is an increasing public recognition of the existence and importance of mathematically based approaches to digital security. Many of these implement digital signatures to ensure that a malicious party has not tampered with the message in transit, that a legitimate receiver can validate the identity of the signer and that messages are transferable. The security of most digital signature schemes relies on the assumed computational difficulty of solving certain mathematical problems. However, reports in the media have shown that certain implementations of such signature schemes are vulnerable to algorithmic breakthroughs and emerging quantum processing technologies. Indeed, even without quantum processors, the possibility remains that classical algorithmic breakthroughs will render these schemes insecure. There is ongoing research into information-theoretically secure signature schemes, where the security is guaranteed against an attacker with arbitrary computational resources. One such approach is quantum digital signatures. Quantum signature schemes can be made information-theoretically secure based on the laws of quantum mechanics while comparable classical protocols require additional resources such as anonymous broadcast and/or a trusted authority. Previously, most early demonstrations of quantum digital signatures required dedicated single-purpose hardware and operated over restricted ranges in a laboratory environment. Here, for the first time, we present a demonstration of quantum digital signatures conducted over several kilometers of installed optical fiber. The system reported here operates at a higher signature generation rate than previous fiber systems.

Methods for reliability evaluation of trust and reputation systems

NASA Astrophysics Data System (ADS)

Janiszewski, Marek B.

2016-09-01

Trust and reputation systems are a systematic approach to build security on the basis of observations of node's behaviour. Exchange of node's opinions about other nodes is very useful to indicate nodes which act selfishly or maliciously. The idea behind trust and reputation systems gets significance because of the fact that conventional security measures (based on cryptography) are often not sufficient. Trust and reputation systems can be used in various types of networks such as WSN, MANET, P2P and also in e-commerce applications. Trust and reputation systems give not only benefits but also could be a thread itself. Many attacks aim at trust and reputation systems exist, but such attacks still have not gain enough attention of research teams. Moreover, joint effects of many of known attacks have been determined as a very interesting field of research. Lack of an acknowledged methodology of evaluation of trust and reputation systems is a serious problem. This paper aims at presenting various approaches of evaluation such systems. This work also contains a description of generalization of many trust and reputation systems which can be used to evaluate reliability of such systems in the context of preventing various attacks.

Space Station Information System - Concepts and international issues

NASA Technical Reports Server (NTRS)

Williams, R. B.; Pruett, David; Hall, Dana L.

1987-01-01

The Space Station Information System (SSIS) is outlined in terms of its functions and probable physical facilities. The SSIS includes flight element systems as well as existing and planned institutional systems such as the NASA Communications System, the Tracking and Data Relay Satellite System, and the data and communications networks of the international partners. The SSIS strives to provide both a 'user friendly' environment and a software environment which will allow for software transportability and interoperability across the SSIS. International considerations are discussed as well as project management, software commonality, data communications standards, data security, documentation commonality, transaction management, data flow cross support, and key technologies.

Questionnaire about psychology/disease correlation–I

PubMed Central

Ojog, DG; Pănescu, OM; Rusu, EC; Tănăsescu, MD

2011-01-01

Rationale: The existing personality inventories are exploring too general psychological features so that the possible psychology/disease associations might be leveled out. Objective: We attempt to build a tool to explore the possible correlation between certain psychological features and the most common internal disorders. Method: We have used two questionnaires containing many pairs of synonymous items (necessary for assessing the consistency of the answers). The items are divided into four main domains: preoccupation for the basal conditions of existence (health/ disease/ death, fear, money, lodging); interaction with other people; action, will/ volition, self-assertion; and preoccupation with the exterior. In this first article we are presenting the correlations between items of the first domain, based on the answers from our first 3138 respondents. Results and discussion: The concern about health is best reflected by general formulations. The desire for security is best expressed by items combining the worry about money and dwelling, and worst by items reflecting the eagerness to gain, keep or judiciously spend money. Among the various fears, those of future, darkness, and loneliness are better indicators of security concern. In assessing the anxiety about safety/ security, specific worries are more revelatory than the general ones. Precaution and inclination for order are the best indicators for the aspiration to stability. Poorer ones are the desire for cleanliness and the tendency to attachment. Health and security concerns seem to be consistently linked. The consistency evaluating system will be based upon pairs of synonymous items correlated with a10–200 or less error probability Abbreviations: PP = psychological profile; PF = personality feature; Q1/ Q2/ Q3 = first/ second/ third questionnaire; HeSD = health subdomain; SeSD = security subdomain; StSD = stability subdomain; ChiSq = chi square; ErrProb = error probability (probability of error). PMID:21505574

Alexa, Can I Trust You?

PubMed Central

Chung, Hyunji; Iorga, Michaela; Voas, Jeffrey; Lee, Sangjin

2017-01-01

Security diagnostics expose vulnerabilities and privacy threats that exist in commercial Intelligent Virtual Assistants (IVA) – diagnostics offer the possibility of securer IVA ecosystems. PMID:29213147

Compact Microscope Imaging System Developed

NASA Technical Reports Server (NTRS)

McDowell, Mark

2001-01-01

The Compact Microscope Imaging System (CMIS) is a diagnostic tool with intelligent controls for use in space, industrial, medical, and security applications. The CMIS can be used in situ with a minimum amount of user intervention. This system, which was developed at the NASA Glenn Research Center, can scan, find areas of interest, focus, and acquire images automatically. Large numbers of multiple cell experiments require microscopy for in situ observations; this is only feasible with compact microscope systems. CMIS is a miniature machine vision system that combines intelligent image processing with remote control capabilities. The software also has a user-friendly interface that can be used independently of the hardware for post-experiment analysis. CMIS has potential commercial uses in the automated online inspection of precision parts, medical imaging, security industry (examination of currency in automated teller machines and fingerprint identification in secure entry locks), environmental industry (automated examination of soil/water samples), biomedical field (automated blood/cell analysis), and microscopy community. CMIS will improve research in several ways: It will expand the capabilities of MSD experiments utilizing microscope technology. It may be used in lunar and Martian experiments (Rover Robot). Because of its reduced size, it will enable experiments that were not feasible previously. It may be incorporated into existing shuttle orbiter and space station experiments, including glove-box-sized experiments as well as ground-based experiments.

Breaking down the barriers of using strong authentication and encryption in resource constrained embedded systems

NASA Astrophysics Data System (ADS)

Knobler, Ron; Scheffel, Peter; Jackson, Scott; Gaj, Kris; Kaps, Jens Peter

2013-05-01

Various embedded systems, such as unattended ground sensors (UGS), are deployed in dangerous areas, where they are subject to compromise. Since numerous systems contain a network of devices that communicate with each other (often times with commercial off the shelf [COTS] radios), an adversary is able to intercept messages between system devices, which jeopardizes sensitive information transmitted by the system (e.g. location of system devices). Secret key algorithms such as AES are a very common means to encrypt all system messages to a sufficient security level, for which lightweight implementations exist for even very resource constrained devices. However, all system devices must use the appropriate key to encrypt and decrypt messages from each other. While traditional public key algorithms (PKAs), such as RSA and Elliptic Curve Cryptography (ECC), provide a sufficiently secure means to provide authentication and a means to exchange keys, these traditional PKAs are not suitable for very resource constrained embedded systems or systems which contain low reliability communication links (e.g. mesh networks), especially as the size of the network increases. Therefore, most UGS and other embedded systems resort to pre-placed keys (PPKs) or other naïve schemes which greatly reduce the security and effectiveness of the overall cryptographic approach. McQ has teamed with the Cryptographic Engineering Research Group (CERG) at George Mason University (GMU) to develop an approach using revolutionary cryptographic techniques that provides both authentication and encryption, but on resource constrained embedded devices, without the burden of large amounts of key distribution or storage.

Determining Barriers and Facilitators Associated With Willingness to Use a Personal Health Information Management System to Support Worksite Wellness Programs.

PubMed

Neyens, David M; Childers, Ashley Kay

2017-07-01

To determine the barriers and facilitators associated with willingness to use personal health information management (PHIM) systems to support an existing worksite wellness program (WWP). The study design involved a Web-based survey. The study setting was a regional hospital. Hospital employees comprised the study subjects. Willingness, barriers, and facilitators associated with PHIM were measured. Bivariate logit models were used to model two binary dependent variables. One model predicted the likelihood of believing PHIM systems would positively affect overall health and willingness to use. Another predicted the likelihood of worrying about online security and not believing PHIM systems would benefit health goals. Based on 333 responses, believing PHIM systems would positively affect health was highly associated with willingness to use PHIM systems (p < .01). Those comfortable online were 7.22 times more willing to use PHIM systems. Participants in exercise-based components of WWPs were 3.03 times more likely to be willing to use PHIM systems. Those who worried about online security were 5.03 times more likely to believe PHIM systems would not help obtain health goals. Comfort with personal health information online and exercise-based WWP experience was associated with willingness to use PHIM systems. However, nutrition-based WWPs did not have similar effects. Implementation barriers relate to technology anxiety and trust in security, as well as experience with specific WWP activities. Identifying differences between WWP components and addressing technology concerns before implementation of PHIM systems into WWPs may facilitate improved adoption and usage.

Unobtrusive Multimodal Biometric Authentication: The HUMABIO Project Concept

NASA Astrophysics Data System (ADS)

Damousis, Ioannis G.; Tzovaras, Dimitrios; Bekiaris, Evangelos

2008-12-01

Human Monitoring and Authentication using Biodynamic Indicators and Behavioural Analysis (HUMABIO) (2007) is an EU Specific Targeted Research Project (STREP) where new types of biometrics are combined with state of the art sensorial technologies in order to enhance security in a wide spectrum of applications. The project aims to develop a modular, robust, multimodal biometrics security authentication and monitoring system which utilizes a biodynamic physiological profile, unique for each individual, and advancements of the state-of-the art in behavioural and other biometrics, such as face, speech, gait recognition, and seat-based anthropometrics. Several shortcomings in biometric authentication will be addressed in the course of HUMABIO which will provide the basis for improving existing sensors, develop new algorithms, and design applications, towards creating new, unobtrusive biometric authentication procedures in security sensitive, controlled environments. This paper presents the concept of this project, describes its unobtrusive authentication demonstrator, and reports some preliminary results.

Efficient Secure and Privacy-Preserving Route Reporting Scheme for VANETs

NASA Astrophysics Data System (ADS)

Zhang, Yuanfei; Pei, Qianwen; Dai, Feifei; Zhang, Lei

2017-10-01

Vehicular ad-hoc network (VANET) is a core component of intelligent traffic management system which could provide various of applications such as accident prediction, route reporting, etc. Due to the problems caused by traffic congestion, route reporting becomes a prospective application which can help a driver to get optimal route to save her travel time. Before enjoying the convenience of route reporting, security and privacy-preserving issues need to be concerned. In this paper, we propose a new secure and privacy-preserving route reporting scheme for VANETs. In our scheme, only an authenticated vehicle can use the route reporting service provided by the traffic management center. Further, a vehicle may receive the response from the traffic management center with low latency and without violating the privacy of the vehicle. Experiment results show that our scheme is much more efficiency than the existing one.

A Policy Language for Modelling Recommendations

NASA Astrophysics Data System (ADS)

Abou El Kalam, Anas; Balbiani, Philippe

While current and emergent applications become more and more complex, most of existing security policies and models only consider a yes/no response to the access requests. Consequently, modelling, formalizing and implementing permissions, obligations and prohibitions do not cover the richness of all the possible scenarios. In fact, several applications have access rules with the recommendation access modality. In this paper we focus on the problem of formalizing security policies with recommendation needs. The aim is to provide a generic domain-independent formal system for modelling not only permissions, prohibitions and obligations, but also recommendations. In this respect, we present our logic-based language, the semantics, the truth conditions, our axiomatic as well as inference rules. We also give a representative use case with our specification of recommendation requirements. Finally, we explain how our logical framework could be used to query the security policy and to check its consistency.

Ethical Guidelines for Computer Security Researchers: "Be Reasonable"

NASA Astrophysics Data System (ADS)

Sassaman, Len

For most of its existence, the field of computer science has been lucky enough to avoid ethical dilemmas by virtue of its relatively benign nature. The subdisciplines of programming methodology research, microprocessor design, and so forth have little room for the greater questions of human harm. Other, more recently developed sub-disciplines, such as data mining, social network analysis, behavioral profiling, and general computer security, however, open the door to abuse of users by practitioners and researchers. It is therefore the duty of the men and women who chart the course of these fields to set rules for themselves regarding what sorts of actions on their part are to be considered acceptable and what should be avoided or handled with caution out of ethical concerns. This paper deals solely with the issues faced by computer security researchers, be they vulnerability analysts, privacy system designers, malware experts, or reverse engineers.

Redefining Maritime Security Threats in the Eastern Indian Ocean Region.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Banerjee, Arjun

This occasional paper analyzes the general security issues and trends relating to maritime trafficking of radiological and nuclear material using small vessels, minor ports, and unchecked areas of coastline existing in the Eastern Indian Ocean Region today. By the Eastern Indian Ocean Region is meant the area starting from the tip of the Indian peninsula in the west to the Straits of Malacca in the east. It lays focus on the potential sources of nuclear or radiological material that may be trafficked here. It further undertakes a study of the terrorist groups active in the region as well as themore » multinational or national interdiction organizations that have been created to counter maritime threats. It also seeks to discern the various technologies for detecting materials of concern available in the area. Finally, it ascertains possible methods and technologies to improve the maritime security system in the region.« less

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

PubMed

Bernik, Igor; Prislan, Kaja

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

The Health Insurance Portability and Accountability Act: security and privacy requirements.

PubMed

Tribble, D A

2001-05-01

The security and privacy requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and their implications for pharmacy are discussed. HIPAA was enacted to improve the portability of health care insurance for persons leaving jobs. A section of the act encourages the use of electronic communications for health care claims adjudication, mandates the use of new standard code sets and transaction sets, and establishes the need for regulations to protect the security and privacy of individually identifiable health care information. Creating these regulations became the task of the Department of Health and Human Services. Regulations on security have been published for comment. Regulations on privacy and the definition of standard transaction sets and code sets are complete. National identifiers for patients, providers, and payers have not yet been established. The HIPAA regulations on security and privacy will require that pharmacies adopt policies and procedures that limit access to health care information. Existing pharmacy information systems may require upgrading or replacement. Costs of implementation nationwide are estimated to exceed $8 billion. The health care community has two years from the finalization of each regulation to comply with that regulation. The security and privacy requirements of HIPAA will require pharmacies to review their practices regarding the storage, use, and disclosure of protected health care information.

Governing through time: preparing for future threats to health and security.

PubMed

Samimian-Darash, Limor

2011-09-01

During preparations for the Second Gulf War, Israel considered universal smallpox vaccination. In doing so, it faced a problem: how to legitimise carrying out a security action against an uncertain future danger (smallpox pandemic), when this action carried specific, known risks (vaccine complications). To solve this problem, the Israeli preparedness system created a new domain through which the security action could reach its goal with minimum risk: first responders (a group of medical personnel and security forces). First-responder vaccination represents a shift in the form of 'securing health' and in the governmental technology applied to this goal, in which past, present, and future occurrences are governed to enable the execution of a security action. Through this practice, risks are not located in the present or in the future but in a 'shared' temporal space and thus can be seen as existing simultaneously. Preparedness for emerging future biological events, then, involves more than questioning how the future is contingent on the present and how the present is contingent on the future's perception; it also recognises the need for a new time positioning that allows operating on both present and future risks simultaneously. Governing these risks, then, means governing through time. © 2011 The Author. Sociology of Health & Illness © 2011 Foundation for the Sociology of Health & Illness/Blackwell Publishing Ltd.

Healthcare security staffing for smaller facilities: where science meets art.

PubMed

Warren, Bryan

2013-01-01

Obtaining effective security resourcing and staffing for smaller healthcare facilities presents many difficulties, according to the author In this article, he provides guidance to security practitioners on taking existing data and translating it into a language that administration will understand and appreciate.

77 FR 66862 - Agency Information Collection Activities: Extension, Without Change, of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-07

... DEPARTMENT OF HOMELAND SECURITY United States Immigration and Customs Enforcement Agency... Department of Homeland Security, U.S. Immigration and Customs Enforcement (ICE), will submit the following... United States Immigration and Customs Enforcement, Department of Homeland Security, and sent via...

Enabling the MLSpOC (Multi-Level Space Operations Center) of the Future

NASA Astrophysics Data System (ADS)

Missal, D.

2012-09-01

The Intelligence Reform and Terrorism Prevention Act, passed by Congress in 2004, established the expectation that the "vast intelligence enterprise" of the United States would become more unified, coordinated, and effective. This law charged the intelligence community and government agencies to integrate foreign intelligence and domestic US intelligence components to reduce gaps in understanding threats to our national security and to improve our reaction. This intelligence strategy — designed to provide more comprehensive and accurate intelligence analysis—substantially increases requirements for secure data sharing capabilities. An information system must be Certified & Accredited (C&A) by the appropriate Accreditation Authority in accordance with each Authority's prescribed compliance requirements and governance. Cross-Domain Solutions (CDSs) can provide the ability to share data between multiple operating domains (e.g. among users on Top Secret and Secret networks). However, sharing sensitive data across security domains and networks has been impeded by both technical and cultural challenges. A viable CDS requires a tremendous investment for initial C&A and many solutions are limited with respect to the integration of an organization's applications. As a result, most of today's highly secured systems have been designed to restrict access to entire user populations rather than implement data sharing on the basis of mandatory access controls and an individual's need-to-know. Most CDSs today are based on one-way replication through data transfer guards that copy data from one network to another. This model inherently builds in additional and extensive Operations and Maintenance (O&M) costs. Oracle's National Security Group challenged its top engineers and security architects to engineer the first Cross-Domain database providing a practical and robust solution to the Cross-Domain security problem. The result is the MLSpOC, which is deployed, fielded, and accredited today at multiple sites both CONUS and OCONUS. It is designed to assist information systems developers achieve DCID 6/3 Protection Level 4 or 5 (PL4 or PL5) or DoD SABI C&A for SECRET-to-UNCLASSIFIED systems (PL3). The product is on the DoD/DNI Unified Cross-domain Management Office's (UCDMO) Baseline of accredited solutions, and is the only solution on the Baseline which the Government considers to be an "All-in-One" approach to the Cross-domain Security challenge. Our solution is also the only PL-4 Cloud in existence and that is deployed and operational in the entire world today (at DIA). The Space marketplace is a very unique cross-domain challenge, as a need exists for Unclassified SSA Data Sharing at a deeper and more fundamental level than anywhere else in the IC or DoD. For instance, certain Agencies and/or Programs have a requirement to share information with Partner Nations that are not considered to be "friendly" (e.g. China). Our Solution is the ONLY solution in the world today that's achieved C&A, and that is uniquely positioned to enable the Multi-level Space Operations Center (MLSpOC) of the Future.

Design, implementation and migration of security systems as an extreme project.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Scharmer, Carol; Trujillo, David

2010-08-01

Decision Trees, algorithms, software code, risk management, reports, plans, drawings, change control, presentations, and analysis - all useful tools and efforts but time consuming, resource intensive, and potentially costly for projects that have absolute schedule and budget constraints. What are necessary and prudent efforts when a customer calls with a major security problem that needs to be fixed with a proven, off-the-approval-list, multi-layered integrated system with high visibility and limited funding and expires at the end of the Fiscal Year? Whether driven by budget cycles, safety, or by management decree, many such projects begin with generic scopes and funding allocatedmore » based on a rapid management 'guestimate.' Then a Project Manager (PM) is assigned a project with a predefined and potentially limited scope, compressed schedule, and potentially insufficient funding. The PM is tasked to rapidly and cost effectively coordinate a requirements-based design, implementation, test, and turnover of a fully operational system to the customer, all while the customer is operating and maintaining an existing security system. Many project management manuals call this an impossible project that should not be attempted. However, security is serious business and the reality is that rapid deployment of proven systems via an 'Extreme Project' is sometimes necessary. Extreme Projects can be wildly successful but require a dedicated team of security professionals lead by an experienced project manager using a highly-tailored and agile project management process with management support at all levels, all combined with significant interface with the customer. This paper does not advocate such projects or condone eliminating the valuable analysis and project management techniques. Indeed, having worked on a well-planned project provides the basis for experienced team members to complete Extreme Projects. This paper does, however, provide insight into what it takes for projects to be successfully implemented and accepted when completed under extreme conditions.« less

Design implementation and migration of security systems as an extreme project.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Scharmer, Carol

2010-10-01

Decision Trees, algorithms, software code, risk management, reports, plans, drawings, change control, presentations, and analysis - all useful tools and efforts but time consuming, resource intensive, and potentially costly for projects that have absolute schedule and budget constraints. What are necessary and prudent efforts when a customer calls with a major security problem that needs to be fixed with a proven, off-the-approval-list, multi-layered integrated system with high visibility and limited funding and expires at the end of the Fiscal Year? Whether driven by budget cycles, safety, or by management decree, many such projects begin with generic scopes and funding allocatedmore » based on a rapid management 'guestimate.' Then a Project Manager (PM) is assigned a project with a predefined and potentially limited scope, compressed schedule, and potentially insufficient funding. The PM is tasked to rapidly and cost effectively coordinate a requirements-based design, implementation, test, and turnover of a fully operational system to the customer, all while the customer is operating and maintaining an existing security system. Many project management manuals call this an impossible project that should not be attempted. However, security is serious business and the reality is that rapid deployment of proven systems via an 'Extreme Project' is sometimes necessary. Extreme Projects can be wildly successful but require a dedicated team of security professionals lead by an experienced project manager using a highly-tailored and agile project management process with management support at all levels, all combined with significant interface with the customer. This paper does not advocate such projects or condone eliminating the valuable analysis and project management techniques. Indeed, having worked on a well-planned project provides the basis for experienced team members to complete Extreme Projects. This paper does, however, provide insight into what it takes for projects to be successfully implemented and accepted when completed under extreme conditions.« less

Soil Security Assessment of Tasmania

NASA Astrophysics Data System (ADS)

Field, Damien; Kidd, Darren; McBratney, Alex

2017-04-01

The concept of soil security aligns well with the aspirational and marketing policies of the Tasmanian Government, where increased agricultural expansion through new irrigation schemes and multiple-use State managed production forests co-exists beside pristine World Heritage conservation land, a major drawcard of the economically important tourism industry . Regarding the Sustainable Development Gaols (SDG's) this could be seen as a exemplar of the emerging tool for quantification of spatial soil security to effectively protect our soil resource in terms of food (SDG 2.4, 3.9) and water security (SDG 6.4, 6.6), biodiversity maintenance and safeguarding fragile ecosystems (SDG 15.3, 15.9). The recent development and application of Digital Soil Mapping and Assessment capacities in Tasmania to stimulate agricultural production and better target appropriate soil resources has formed the foundational systems that can enable the first efforts in quantifying and mapping Tasmanian Soil Security, in particular the five Soil Security dimensions (Capability, Condition, Capital, Codification and Connectivity). However, to provide a measure of overall soil security, it was necessary to separately assess the State's three major soil uses; Agriculture, Conservation and Forestry. These products will provide an indication of where different activities are sustainable or at risk, where more soil data is needed, and provide a tool to better plan for a State requiring optimal food and fibre production, without depleting its natural soil resources and impacting on the fragile ecosystems supporting environmental benefits and the tourism industry.

Security Vulnerability Profiles of Mission Critical Software: Empirical Analysis of Security Related Bug Reports

NASA Technical Reports Server (NTRS)

Goseva-Popstojanova, Katerina; Tyo, Jacob

2017-01-01

While some prior research work exists on characteristics of software faults (i.e., bugs) and failures, very little work has been published on analysis of software applications vulnerabilities. This paper aims to contribute towards filling that gap by presenting an empirical investigation of application vulnerabilities. The results are based on data extracted from issue tracking systems of two NASA missions. These data were organized in three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified security related software bugs and classified them in specific vulnerability classes. Then, we created the security vulnerability profiles, i.e., determined where and when the security vulnerabilities were introduced and what were the dominating vulnerabilities classes. Our main findings include: (1) In IVV issues datasets the majority of vulnerabilities were code related and were introduced in the Implementation phase. (2) For all datasets, around 90 of the vulnerabilities were located in two to four subsystems. (3) Out of 21 primary classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, they contributed from 80 to 90 of vulnerabilities in each dataset.

Quantum Attack-Resistent Certificateless Multi-Receiver Signcryption Scheme

PubMed Central

Li, Huixian; Chen, Xubao; Pang, Liaojun; Shi, Weisong

2013-01-01

The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC), which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC) based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ) problem and its unforgeability under the Isomorphism of Polynomials (IP) assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards. PMID:23967037

Biodiversity, Factor Endowments and National Security: The Next Great Game?

DTIC Science & Technology

2009-11-08

biomass, the genetic material of biological systems, that exist largely in the global south8 in biodiversity hotspots.9 Through the increasing use of...including pharmaceutical bio-prospecting, ethno-botanical bio-prospecting, botanical medicines, nano-technology, biological control and crop protection...production mainly focuses on material that is extracted from areas where biological diversity is highest, i.e. genetic material from 10 developing

Optical Verification Laboratory Demonstration System for High Security Identification Cards

NASA Technical Reports Server (NTRS)

Javidi, Bahram

1997-01-01

Document fraud including unauthorized duplication of identification cards and credit cards is a serious problem facing the government, banks, businesses, and consumers. In addition, counterfeit products such as computer chips, and compact discs, are arriving on our shores in great numbers. With the rapid advances in computers, CCD technology, image processing hardware and software, printers, scanners, and copiers, it is becoming increasingly easy to reproduce pictures, logos, symbols, paper currency, or patterns. These problems have stimulated an interest in research, development and publications in security technology. Some ID cards, credit cards and passports currently use holograms as a security measure to thwart copying. The holograms are inspected by the human eye. In theory, the hologram cannot be reproduced by an unauthorized person using commercially-available optical components; in practice, however, technology has advanced to the point where the holographic image can be acquired from a credit card-photographed or captured with by a CCD camera-and a new hologram synthesized using commercially-available optical components or hologram-producing equipment. Therefore, a pattern that can be read by a conventional light source and a CCD camera can be reproduced. An optical security and anti-copying device that provides significant security improvements over existing security technology was demonstrated. The system can be applied for security verification of credit cards, passports, and other IDs so that they cannot easily be reproduced. We have used a new scheme of complex phase/amplitude patterns that cannot be seen and cannot be copied by an intensity-sensitive detector such as a CCD camera. A random phase mask is bonded to a primary identification pattern which could also be phase encoded. The pattern could be a fingerprint, a picture of a face, or a signature. The proposed optical processing device is designed to identify both the random phase mask and the primary pattern [1-3]. We have demonstrated experimentally an optical processor for security verification of objects, products, and persons. This demonstration is very important to encourage industries to consider the proposed system for research and development.

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

33 CFR 165.768 - Security Zone; MacDill Air Force Base, Tampa Bay, FL.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security Zone; MacDill Air Force....768 Security Zone; MacDill Air Force Base, Tampa Bay, FL. (a) Location. The following area is a security zone which exists concurrent with an Army Corps of Engineers restricted area in § 334.635 of this...

Morbidity and mortality amongst Indian Hajj pilgrims: A 3-year experience of Indian Hajj medical mission in mass-gathering medicine.

PubMed

Khan, Inam D; Khan, Shahbaz A; Asima, Bushra; Hussaini, Syed B; Zakiuddin, M; Faisal, F A

The Hajj, a mass-gathering of over 3.5-million pilgrims, faces challenges to global health-security, housing, food, water, transportation, communication, sanitation, crowd-control and security. The Indian Medical Mission extended health-security to approximately 140,000 pilgrims, through outreach medical teams, primary-care clinics, tent-clinics, secondary-care hospitals and evacuation capabilities. Data on medical attendance, bed-occupancy, investigations, referrals, medication usage and deaths was compared. Outpatient attendance was 374,475 in static-clinics, 5135 in tent-clinics and 13,473 through task-forces. 585 (62.90%) in-patients were hospitalized amongst 930 secondary-care referrals. Secondary-care bed-days were 2106 with average bed-occupancy being 77.78%. 495 patients were institutionalized in tertiary-care Saudi-Arabian hospitals. Infectious diseases were most commonly (53.26%) encountered due to overwhelming respiratory-infections, followed by trauma (24.40%). Analgesics (66.38/100 patients) and antibacterials (48.34/100 patients) were frequently prescribed. Crude mortality amongst Indian pilgrims was 11.99/10,000. Risk-factors associated with high morbidity were old-age and pre-existing comorbidities. Overwhelming surge of patients facilitates transmission of communicable infections and leads to stress induced physical, mental and compassion fatigue amongst healthcare personnel. Respiratory infections are highly prevalent and easily transmissible during Hajj leading to significant morbidity, increased burden to existing health facilities, overwhelming costs on health systems and globalization of multiresistant pathogens. Diabetic patients should avoid heat exposure and use protective footwear during Hajj rituals. Mass-gathering medicine at Hajj can be optimized by improving patient knowledge on performing Hajj at a younger age, medicine compliance, avoiding self-medication, self-monitoring of hypertension, blood glucose, and preventive health measures; screening of pre-existing comorbidities; and resource augmentation with telemedicine networks and decision-support systems. Copyright © 2017 The Authors. Published by Elsevier Ltd.. All rights reserved.

Library Operations Policies and Procedures, Volume 2. Central Archive for Reusable Defense Software (CARDS)

DTIC Science & Technology

1994-02-28

improvements. Pare 10 ka•- V •DkI U Release Manager The Release Manager provides franchisees with media copies of existing libraries, as needed. Security...implementors, and potential library franchisees . Security Team The Security Team assists the Security Officer with security analysis. Team members are...and Franchisees . A Potential User is an individual who requests a Library Account. A User Recruit has been sent a CARDS Library Account Registration

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

2015-11-01

In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks †

PubMed Central

Hayajneh, Thaier; Mohd, Bassam J; Imran, Muhammad; Almashaqbeh, Ghada; Vasilakos, Athanasios V.

2016-01-01

There is broad consensus that remote health monitoring will benefit all stakeholders in the healthcare system and that it has the potential to save billions of dollars. Among the major concerns that are preventing the patients from widely adopting this technology are data privacy and security. Wireless Medical Sensor Networks (MSNs) are the building blocks for remote health monitoring systems. This paper helps to identify the most challenging security issues in the existing authentication protocols for remote patient monitoring and presents a lightweight public-key-based authentication protocol for MSNs. In MSNs, the nodes are classified into sensors that report measurements about the human body and actuators that receive commands from the medical staff and perform actions. Authenticating these commands is a critical security issue, as any alteration may lead to serious consequences. The proposed protocol is based on the Rabin authentication algorithm, which is modified in this paper to improve its signature signing process, making it suitable for delay-sensitive MSN applications. To prove the efficiency of the Rabin algorithm, we implemented the algorithm with different hardware settings using Tmote Sky motes and also programmed the algorithm on an FPGA to evaluate its design and performance. Furthermore, the proposed protocol is implemented and tested using the MIRACL (Multiprecision Integer and Rational Arithmetic C/C++) library. The results show that secure, direct, instant and authenticated commands can be delivered from the medical staff to the MSN nodes. PMID:27023540

Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks.

PubMed

Hayajneh, Thaier; Mohd, Bassam J; Imran, Muhammad; Almashaqbeh, Ghada; Vasilakos, Athanasios V

2016-03-24

There is broad consensus that remote health monitoring will benefit all stakeholders in the healthcare system and that it has the potential to save billions of dollars. Among the major concerns that are preventing the patients from widely adopting this technology are data privacy and security. Wireless Medical Sensor Networks (MSNs) are the building blocks for remote health monitoring systems. This paper helps to identify the most challenging security issues in the existing authentication protocols for remote patient monitoring and presents a lightweight public-key-based authentication protocol for MSNs. In MSNs, the nodes are classified into sensors that report measurements about the human body and actuators that receive commands from the medical staff and perform actions. Authenticating these commands is a critical security issue, as any alteration may lead to serious consequences. The proposed protocol is based on the Rabin authentication algorithm, which is modified in this paper to improve its signature signing process, making it suitable for delay-sensitive MSN applications. To prove the efficiency of the Rabin algorithm, we implemented the algorithm with different hardware settings using Tmote Sky motes and also programmed the algorithm on an FPGA to evaluate its design and performance. Furthermore, the proposed protocol is implemented and tested using the MIRACL (Multiprecision Integer and Rational Arithmetic C/C++) library. The results show that secure, direct, instant and authenticated commands can be delivered from the medical staff to the MSN nodes.

Forging a poison prevention and control system: report of an Institute of Medicine committee.

PubMed

Guyer, Bernard; Mavor, Anne

2005-01-01

The Committee forged a vision for a national poison prevention and control system that broadly integrates the current network of poison control centers with state and local public health departments responsible for monitoring populations. Implementing the Committee's recommendations, however, will require leadership from the Congress and the federal agencies to whom the report is addressed: HRSA and CDC. The next steps include amendments to existing legislation to establish the national system and to secure federal funding to assure stability of the system and systematic oversight by the federal agencies to hold all parties accountable for the performance of the system.

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

Nuclear security policy in the context of counter-terrorism in Cambodia

DOE Office of Scientific and Technical Information (OSTI.GOV)

Khun, Vuthy, E-mail: vuthy.khun@gmail.com; Wongsawaeng, Doonyapong

The risk of nuclear or dirty bomb attack by terrorists is one of the most urgent and threatening danger. The Cambodian national strategy to combat weapons of mass destruction (WMD) depicts a layered system of preventive measures ranging from securing materials at foreign sources to interdicting weapons or nuclear or other radioactive materials at ports, border crossings, and within the Cambodian institutions dealing with the nuclear security to manage the preventive programs. The aim of this study is to formulate guidance, to identify scenario of threat and risk, and to pinpoint necessary legal frameworks on nuclear security in the contextmore » of counterterrorism based on the International Atomic Energy Agency nuclear security series. The analysis of this study is guided by theoretical review, the review of international laws and politics, by identifying and interpreting applicable rules and norms establishing the nuclear security regime and how well enforcement of the regime is carried out and, what is the likelihood of the future reform might be. This study will examine the existing national legal frameworks of Cambodia in the context of counterterrorism to prevent acts of nuclear terrorism and the threat of a terrorist nuclear attack within the Cambodia territory. It will shed light on departmental lanes of national nuclear security responsibility, and provide a holistic perspective on the needs of additional resources and emphasis regarding nuclear security policy in the context of counterterrorism in Cambodia.« less

77 FR 18255 - Agency Information Collection Activities: Form N-565; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-27

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization/Citizenship Document; OMB Control No. 1615-0091. The Department of Homeland Security, U.S... Security (DHS), USCIS, Chief, Regulatory Coordination Division, 20 Massachusetts Avenue NW., Washington, DC...

75 FR 80835 - Agency Information Collection Activities: Form N-565; Extension of an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information... Naturalization/Citizenship Document; OMB Control No. 1615-0091. The Department of Homeland Security, U.S... Security (DHS), USCIS, Chief, Regulatory Products Division, 20 Massachusetts Avenue, NW., Washington, DC...

Globus Identity, Access, and Data Management: Platform Services for Collaborative Science

NASA Astrophysics Data System (ADS)

Ananthakrishnan, R.; Foster, I.; Wagner, R.

2016-12-01

Globus is software-as-a-service for research data management, developed at, and operated by, the University of Chicago. Globus, accessible at www.globus.org, provides high speed, secure file transfer; file sharing directly from existing storage systems; and data publication to institutional repositories. 40,000 registered users have used Globus to transfer tens of billions of files totaling hundreds of petabytes between more than 10,000 storage systems within campuses and national laboratories in the US and internationally. Web, command line, and REST interfaces support both interactive use and integration into applications and infrastructures. An important component of the Globus system is its foundational identity and access management (IAM) platform service, Globus Auth. Both Globus research data management and other applications use Globus Auth for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and a range of clients, including web, mobile, and desktop applications, and other services. Compliant with important standards such as OAuth, OpenID, and SAML, Globus Auth provides mechanisms required for an extensible, integrated ecosystem of services and clients for the research and education community. It underpins projects such as the US National Science Foundation's XSEDE system, NCAR's Research Data Archive, and the DOE Systems Biology Knowledge Base. Current work is extending Globus services to be compliant with FEDRAMP standards for security assessment, authorization, and monitoring for cloud services. We will present Globus IAM solutions and give examples of Globus use in various projects for federated access to resources. We will also describe how Globus Auth and Globus research data management capabilities enable rapid development and low-cost operations of secure data sharing platforms that leverage Globus services and integrate them with local policy and security.

A Survey on Anomaly Based Host Intrusion Detection System

NASA Astrophysics Data System (ADS)

Jose, Shijoe; Malathi, D.; Reddy, Bharath; Jayaseeli, Dorathi

2018-04-01

An intrusion detection system (IDS) is hardware, software or a combination of two, for monitoring network or system activities to detect malicious signs. In computer security, designing a robust intrusion detection system is one of the most fundamental and important problems. The primary function of system is detecting intrusion and gives alerts when user tries to intrusion on timely manner. In these techniques when IDS find out intrusion it will send alert massage to the system administrator. Anomaly detection is an important problem that has been researched within diverse research areas and application domains. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. From the existing anomaly detection techniques, each technique has relative strengths and weaknesses. The current state of the experiment practice in the field of anomaly-based intrusion detection is reviewed and survey recent studies in this. This survey provides a study of existing anomaly detection techniques, and how the techniques used in one area can be applied in another application domain.

Social Security: a financial appraisal for the median voter.

PubMed

Galasso, V

Several explanations have been proposed for why voters continue to support unfunded social security systems. Browning (1975) suggests that the extremely large unfunded pension systems of most democracies depend on the existence of a voting majority composed of middle-aged and older people who fail to fully internalize the cost of financing the system. In fact, when voting, economically rational workers consider only their current and future contributions to the system and their expected pension benefits--not their past contributions, which they regard as sunk costs. If, for a majority of voters, the expected continuation return from social security exceeds the return from alternative assets, an unfunded social security system is politically sustainable. This article explores the validity of Browning's proposition by quantifying the returns that U.S. voters in presidential elections from 1964 to 1996 have obtained, or expect to obtain, from Social Security. Did "investments" in Social Security outperform alternative forms of investment, such as mutual funds or pension funds, for a majority of the voters? What can be expected for the future? The U.S. Social Security system redistributes income within age cohorts on the basis of sex, income, and marital status. To account for some of these features, the median voter is represented by a family unit whose members--a husband who accounts for 70 percent of household earnings and a wife who accounts for 30 percent--make joint economic and voting decisions. Thus, retirement and survival benefits paid out to the spouse of an insured worker can be included in the calculation of Social Security returns. Interval estimates of voters' family incomes from the U.S. Census Bureau were used to obtain the median voter's household earnings. The median voter's age is derived from the ages of those who voted in presidential elections, not from the ages of the entire electorate. The median voter's contributions to Social Security are the product of the joint employer/employee Old-Age and Survivors Insurance (OASI) tax rate and employee earnings. Data on actual contributions are available for median voters in the 1964 to 1976 elections; Social Security Administration (SSA) estimates are used for future tax rates and average wage growth rates. Data on actual old-age, retirement, and survivor benefits, as well as estimates of future benefits, are also available from SSA. Analysis of ex-post returns from "investing" in Social Security and from a buy-and-hold strategy applied to three alternative assets--the Standard & Poor's Composite Index (S&P), the Dow Jones Industrial Average (DJIA), and U.S. government bonds--shows surprising results. In 1964 and 1968, Social Security largely outperformed the other three assets. In 1972, Social Security and the stock market performed almost equally. In 1976, however, the median voter would have been better off in the stock market. The expected returns for median voters in later elections cannot be directly compared with realized returns from alternative assets. However, estimates range from 5.7 percent in 1984 to 7.0 percent in 1996 and thus compare favorably with average returns of 5.6 percent for S&P, 5.3 percent for DJIA, and 2.1 percent for government bonds over the 1964-1996 period. Although these findings must be taken with caution since they compare ex-post returns, they show that, despite a continuous reduction in profitability, Social Security still represents a safe, high-return asset for a majority of families.

A remote data access architecture for home-monitoring health-care applications.

PubMed

Lin, Chao-Hung; Young, Shuenn-Tsong; Kuo, Te-Son

2007-03-01

With the aging of the population and the increasing patient preference for receiving care in their own homes, remote home care is one of the fastest growing areas of health care in Taiwan and many other countries. Many remote home-monitoring applications have been developed and implemented to enable both formal and informal caregivers to have remote access to patient data so that they can respond instantly to any abnormalities of in-home patients. The aim of this technology is to give both patients and relatives better control of the health care, reduce the burden on informal caregivers and reduce visits to hospitals and thus result in a better quality of life for both the patient and his/her family. To facilitate their widespread adoption, remote home-monitoring systems take advantage of the low-cost features and popularity of the Internet and PCs, but are inherently exposed to several security risks, such as virus and denial-of-service (DoS) attacks. These security threats exist as long as the in-home PC is directly accessible by remote-monitoring users over the Internet. The purpose of the study reported in this paper was to improve the security of such systems, with the proposed architecture aimed at increasing the system availability and confidentiality of patient information. A broker server is introduced between the remote-monitoring devices and the in-home PCs. This topology removes direct access to the in-home PC, and a firewall can be configured to deny all inbound connections while the remote home-monitoring application is operating. This architecture helps to transfer the security risks from the in-home PC to the managed broker server, on which more advanced security measures can be implemented. The pros and cons of this novel architecture design are also discussed and summarized.

Health Inequalities and Infectious Disease Epidemics: A Challenge for Global Health Security

PubMed Central

Kumar, Supriya

2014-01-01

In today's global society, infectious disease outbreaks can spread quickly across the world, fueled by the rapidity with which we travel across borders and continents. Historical accounts of influenza pandemics and contemporary reports on infectious diseases clearly demonstrate that poverty, inequality, and social determinants of health create conditions for the transmission of infectious diseases, and existing health disparities or inequalities can further contribute to unequal burdens of morbidity and mortality. Yet, to date, studies of influenza pandemic plans across multiple countries find little to no recognition of health inequalities or attempts to engage disadvantaged populations to explicitly address the differential impact of a pandemic on them. To meet the goals and objectives of the Global Health Security Agenda, we argue that international partners, from WHO to individual countries, must grapple with the social determinants of health and existing health inequalities and extend their vision to include these factors so that disease that may start among socially disadvantaged subpopulations does not go unnoticed and spread across borders. These efforts will require rethinking surveillance systems to include sociodemographic data; training local teams of researchers and community health workers who are able to not only analyze data to recognize risk factors for disease, but also use simulation methods to assess the impact of alternative policies on reducing disease; integrating social science disciplines to understand local context; and proactively anticipating shortfalls in availability of adequate healthcare resources, including vaccines. Without explicit attention to existing health inequalities and underlying social determinants of health, the Global Health Security Agenda is unlikely to succeed in its goals and objectives. PMID:25254915

Hybrid breeding in wheat: technologies to improve hybrid wheat seed production.

PubMed

Whitford, Ryan; Fleury, Delphine; Reif, Jochen C; Garcia, Melissa; Okada, Takashi; Korzun, Viktor; Langridge, Peter

2013-12-01

Global food security demands the development and delivery of new technologies to increase and secure cereal production on finite arable land without increasing water and fertilizer use. There are several options for boosting wheat yields, but most offer only small yield increases. Wheat is an inbred plant, and hybrids hold the potential to deliver a major lift in yield and will open a wide range of new breeding opportunities. A series of technological advances are needed as a base for hybrid wheat programmes. These start with major changes in floral development and architecture to separate the sexes and force outcrossing. Male sterility provides the best method to block self-fertilization, and modifying the flower structure will enhance pollen access. The recent explosion in genomic resources and technologies provides new opportunities to overcome these limitations. This review outlines the problems with existing hybrid wheat breeding systems and explores molecular-based technologies that could improve the hybrid production system to reduce hybrid seed production costs, a prerequisite for a commercial hybrid wheat system.