17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

The Digital Divide and Patient Portals: Internet Access Explained Differences in Patient Portal Use for Secure Messaging by Age, Race, and Income.

PubMed

Graetz, Ilana; Gordon, Nancy; Fung, Vick; Hamity, Courtnee; Reed, Mary E

2016-08-01

Online access to health records and the ability to exchange secure messages with physicians can improve patient engagement and outcomes; however, the digital divide could limit access to web-based portals among disadvantaged groups. To understand whether sociodemographic differences in patient portal use for secure messaging can be explained by differences in internet access and care preferences. Cross-sectional survey to examine the association between patient sociodemographic characteristics and internet access and care preferences; then, the association between sociodemographic characteristics and secure message use with and without adjusting for internet access and care preference. One thousand forty-one patients with chronic conditions in a large integrated health care delivery system (76% response rate). Internet access, portal use for secure messaging, preference for in-person or online care, and sociodemographic and health characteristics. Internet access and preference mediated some of the differences in secure message use by age, race, and income. For example, using own computer to access the internet explained 52% of the association between race and secure message use and 60% of the association between income and use (Sobel-Goodman mediation test, P<0.001 for both). Education and sex-related differences in portal use remained statistically significant when controlling for internet access and preference. As the availability and use of patient portals increase, it is important to understand which patients have limited access and the barriers they may face. Improving internet access and making portals available across multiple platforms, including mobile, may reduce some disparities in secure message use.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

Online Safety: Fraud, Security, Phishing, Vishing

MedlinePlus

... Theft Online Safety Privacy Report Scams and Frauds Online Safety Be aware of these scams when you' ... Security and Safety Internet Fraud Phishing and Vishing Online Security and Safety The internet makes many everyday ...

Security Techniques for Sensor Systems and the Internet of Things

ERIC Educational Resources Information Center

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

Security for Multimedia Space Data Distribution over the Internet

NASA Technical Reports Server (NTRS)

Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

1995-01-01

Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

Securing the Internet frontier.

PubMed

Morrissey, J

1996-10-21

Just as in the Wild West, security strategies are being mobilized for the untamed Internet frontier. Technology developed by settlers from the banking and merchandising industries is being retooled for healthcare, where security-conscious industries see a big market opportunity.

The Impact of Information Richness on Information Security Awareness Training Effectiveness

ERIC Educational Resources Information Center

Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

2009-01-01

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

Development of an Internet Security Policy for health care establishments.

PubMed

Ilioudis, C; Pangalos, G

2000-01-01

The Internet provides unprecedented opportunities for interaction and data sharing among health care providers, patients and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. This paper defines the basic security requirements that must be addressed in order to use the Internet to safely transmit patient and/or other sensitive Health Care information. It describes a suitable Internet Security Policy for Health Care Establishments and provides the set of technical measures that are needed for its implementation. The proposed security policy and technical approaches have been based on an extensive study of the related recommendations from the security and standard groups both in EU amid USA and our related work and experience. The results have been utilized in the framework of the Intranet Health Clinic project, where the use of the Internet for the transmission of sensitive Health Care information is of vital importance.

[Security aspects on the Internet].

PubMed

Seibel, R M; Kocher, K; Landsberg, P

2000-04-01

Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet.

Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2009-01-01

A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

Evaluating Common Privacy Vulnerabilities in Internet Service Providers

NASA Astrophysics Data System (ADS)

Kotzanikolaou, Panayiotis; Maniatis, Sotirios; Nikolouzou, Eugenia; Stathopoulos, Vassilios

Privacy in electronic communications receives increased attention in both research and industry forums, stemming from both the users' needs and from legal and regulatory requirements in national or international context. Privacy in internet-based communications heavily relies on the level of security of the Internet Service Providers (ISPs), as well as on the security awareness of the end users. This paper discusses the role of the ISP in the privacy of the communications. Based on real security audits performed in national-wide ISPs, we illustrate privacy-specific threats and vulnerabilities that many providers fail to address when implementing their security policies. We subsequently provide and discuss specific security measures that the ISPs can implement, in order to fine-tune their security policies in the context of privacy protection.

Security in the Cache and Forward Architecture for the Next Generation Internet

NASA Astrophysics Data System (ADS)

Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

Information Security and the Internet.

ERIC Educational Resources Information Center

Doddrell, Gregory R.

1996-01-01

As business relies less on "fortress" style central computers and more on distributed systems, the risk of disruption increases because of inadequate physical security, support services, and site monitoring. This article discusses information security and why protection is required on the Internet, presents a best practice firewall, and…

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Obligations of registrants to...

Security of Mobile Agents on the Internet.

ERIC Educational Resources Information Center

Corradi, Antonio; Montanari, Rebecca; Stefanelli, Cesare

2001-01-01

Discussion of the Internet focuses on new programming paradigms based on mobile agents. Considers the security issues associated with mobile agents and proposes a security architecture composed of a wide set of services and components capable of adapting to a variety of applications, particularly electronic commerce. (Author/LRW)

An Encryption Scheme for Communication Internet SCADA Components

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network. SCADA is considered a critical infrastructure, and connecting to the internet is putting the society on jeopardy, some operators hold back on connecting it to the internet. But since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Supervisory Control and Data Acquisition Systems (SCADA) through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2012 CFR

2012-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2014 CFR

2014-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE U.S. TREASURY SECURITIES...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2013 CFR

2013-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

Supporting Research and Development of Security Technologies through Network and Security Data Collection

DTIC Science & Technology

Research and development targeted at identifying and mitigating Internet security threats require current network data. To fulfill this need... researchers working for the Center for Applied Internet Data Analysis (CAIDA), a program at the San Diego Supercomputer Center (SDSC) which is based at the...vetted network and security researchers using the PREDICT/IMPACT portal and legal framework. We have also contributed to community building efforts that

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

Crisis-management and the Security in the Internet

NASA Astrophysics Data System (ADS)

Harada, Izumi

This paper discusses about the crisis-management and the security in the Internet. The crime that not is so far occurs during widespread to the society of the Internet, and a big social trouble. Moreover, the problem of a new security such as a cyber war and cyber terrorism appeared, too. It is necessary to recognize such a situation, and to do both correspondences corresponding to the environmental transformation by government and the people.

Security issues of Internet-based biometric authentication systems: risks of Man-in-the-Middle and BioPhishing on the example of BioWebAuth

NASA Astrophysics Data System (ADS)

Zeitz, Christian; Scheidat, Tobias; Dittmann, Jana; Vielhauer, Claus; González Agulla, Elisardo; Otero Muras, Enrique; García Mateo, Carmen; Alba Castro, José L.

2008-02-01

Beside the optimization of biometric error rates the overall security system performance in respect to intentional security attacks plays an important role for biometric enabled authentication schemes. As traditionally most user authentication schemes are knowledge and/or possession based, firstly in this paper we present a methodology for a security analysis of Internet-based biometric authentication systems by enhancing known methodologies such as the CERT attack-taxonomy with a more detailed view on the OSI-Model. Secondly as proof of concept, the guidelines extracted from this methodology are strictly applied to an open source Internet-based biometric authentication system (BioWebAuth). As case studies, two exemplary attacks, based on the found security leaks, are investigated and the attack performance is presented to show that during the biometric authentication schemes beside biometric error performance tuning also security issues need to be addressed. Finally, some design recommendations are given in order to ensure a minimum security level.

Security Issues on the Internet.

ERIC Educational Resources Information Center

Bar-Ilan, Judit

1996-01-01

Discusses some basic notions of modern cryptography: public key systems and digital signatures. Describes how theoretical modern cryptography can help solve security problems on the Internet. (Author/JKP)

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2014 CFR

2014-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Schedule 14C. Information...

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2013 CFR

2013-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Schedule 14C. Information...

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2012 CFR

2012-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Schedule 14C. Information...

Federated Security: The Shibboleth Approach

ERIC Educational Resources Information Center

Morgan, R. L.; Cantor, Scott; Carmody, Steven; Hoehn, Walter; Klingenstein, Ken

2004-01-01

The Fifth Annual Educause Current Issues Survey ranked "security and identity management" near the top of the list of critical IT challenges on campus today. Recognition of the crucial importance of securing networked resources led Internet2 to establish its Middleware Initiative (I2MI) in 1999. While Internet2 was founded to develop and deploy…

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

76 FR 45898 - Self-Regulatory Organizations; EDGA Exchange, Inc.; Notice of Filing and Immediate Effectiveness...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-01

... over the Internet); Securities Exchange Act Release No. 63197 (October 27, 2010), 75 FR 67791 (November... $200 to $600 per Internet port that is used to deliver market data); Securities Exchange Act Release No... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-64964; File No. SR-EDGA-2011-22] Self...

Security, privacy, and confidentiality issues on the Internet

PubMed Central

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

Security, privacy, and confidentiality issues on the Internet.

PubMed

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Internet firewalls: questions and answers

NASA Astrophysics Data System (ADS)

Ker, Keith

1996-03-01

As organizations consider connecting to the Internet, the issue of internetwork security becomes more important. There are many tools and components that can be used to secure a network, one of which is a firewall. Modern firewalls offer highly flexible private network security by controlling and monitoring all communications passing into or out of the private network. Specifically designed for security, firewalls become the private network's single point of attack from Internet intruders. Application gateways (or proxies) that have been written to be secure against even the most persistent attacks ensure that only authorized users and services access the private network. One-time passwords prevent intruders from `sniffing' and replaying the usernames and passwords of authorized users to gain access to the private network. Comprehensive logging permits constant and uniform system monitoring. `Address spoofing' attacks are prevented. The private network may use registered or unregistered IP addresses behind the firewall. Firewall-to-firewall encryption establishes a `virtual private network' across the Internet, preventing intruders from eavesdropping on private communications, eliminating the need for costly dedicated lines.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

77 FR 67724 - Rescission of Social Security Acquiescence Ruling 05-1(9)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-13

...-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0058] Rescission of Social Security Acquiescence Ruling 05-1(9) AGENCY: Social Security Administration. [[Page 67725

Design for Security Workshop

DTIC Science & Technology

2014-09-30

fingerprint sensor etc.  Secure application execution  Trust established outwards  With normal world apps  With internet/cloud apps...Xilinx Zynq Security Components and Capabilities © Copyright 2014 Xilinx . Security Features Inherited from FPGAs Zynq Secure Boot TrustZone...2014 Xilinx . Security Features Inherited from FPGAs Zynq Secure Boot TrustZone Integration 4 Agenda © Copyright 2014 Xilinx . Device DNA and User

Building a Successful Security Infrastructure: What You Want vs. What You Need vs. What You Can Afford

NASA Technical Reports Server (NTRS)

Crabb, Michele D.; Woodrow, Thomas S. (Technical Monitor)

1995-01-01

With the fast growing popularity of the Internet, many organizations are racing to get onto the on-ramp to the Information Superhighway. However, with frequent headlines such as 'Hackers' break in at General Electric raises questions about the Net's Security', 'Internet Security Imperiled - Hackers steal data that could threaten computers world-wide' and 'Stanford Computer system infiltrated; Security fears grow', organizations find themselves rethinking their approach to the on-ramp. Is the Internet safe? What do I need to do to protect my organization? Will hackers try to break into my systems? These are questions many organizations are asking themselves today. In order to safely travel along the Information Superhighway, organizations need a strong security framework. Developing such a framework for a computer site, whether it be just a few dozen hosts or several thousand hosts is not an easy task. The security infrastructure for a site is often developed piece-by-piece in response to security incidents which have affected that site over time. Or worse yet, no coordinated effort has been dedicated toward security. The end result is that many sites are still poorly prepared to handle the security dangers of the Internet. This paper presents guidelines for building a successful security infrastructure. The problem is addressed in a cookbook style method. First is a discussion on how to identify your assets and evaluate the threats to those assets; next are suggestions and tips for identifying the weak areas in your security armor. Armed with this information we can begin to think about what you really need for your site and what you can afford. In this stage of the process we examine the different categories of security tools and products that are available and then present some tips for deciding what is best for your site.

GINSU: Guaranteed Internet Stack Utilization

DTIC Science & Technology

2005-11-01

Computer Architecture Data Links, Internet , Protocol Stacks 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT UNCLASSIFIED 18. SECURITY...AFRL-IF-RS-TR-2005-383 Final Technical Report November 2005 GINSU: GUARANTEED INTERNET STACK UTILIZATION Trusted... Information Systems, Inc. Sponsored by Defense Advanced Research Projects Agency DARPA Order No. ARPS APPROVED FOR PUBLIC

DICOM image secure communications with Internet protocols IPv6 and IPv4.

PubMed

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

Guidelines for Network Security in the Learning Environment.

ERIC Educational Resources Information Center

Littman, Marlyn Kemper

1996-01-01

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

A Survey on Cyber Security awareness among college students in Tamil Nadu

NASA Astrophysics Data System (ADS)

Senthilkumar, K.; Easwaramoorthy, Sathishkumar

2017-11-01

The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview

NASA Astrophysics Data System (ADS)

Zhang, Junqing; Duong, Trung; Woods, Roger; Marshall, Alan

2017-08-01

The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered.

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2010 CFR

2010-04-01

...) A registrant will be considered to have delivered a Notice of Internet Availability of Proxy... Notice of Internet Availability of Proxy Materials, annual report to security holders or information...

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

A Security Checklist for ERP Implementations

ERIC Educational Resources Information Center

Hughes, Joy R.; Beer, Robert

2007-01-01

The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

78 FR 15797 - Service Delivery Plan

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0048] Service Delivery Plan AGENCY: Social... information, such as Social Security numbers or medical information. 1. Internet: We strongly recommend that... Regulations and Reports Clearance, Social Security Administration, 107 Altmeyer Building, 6401 Security...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2011 CFR

2011-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2013 CFR

2013-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2010 CFR

2010-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2012 CFR

2012-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2014 CFR

2014-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

Teaching Internet Security, Safety in Our Classrooms

ERIC Educational Resources Information Center

DeFranco, Joanna F.

2011-01-01

Internet security is an important topic for educators due to curriculums now incorporating tools such as the Internet, Google docs, e-portfolios, and course management systems. Those tools require students to spend more time online, where they are susceptible to manipulation or intimidation if they do not stay on task. Kids of all ages lack…

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2013 CFR

2013-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2014 CFR

2014-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

2008 Homeland Security Symposium and Exposition

DTIC Science & Technology

2008-09-10

Untitled Document 2008 Homeland Security Symposium and Exposition.html[5/19/2016 8:49:43 AM] 2008 Homeland Security Symposium and Exposition "New...national defenSe magazine Advertise in National Defense and increase your company exposure at this symposium! National Defense will be distributed to all...use the Internet Cafe to check their e-mail and search the Internet. Brand your name with maximum exposure at this high traffic area. Benefits

Fingerprinting Reverse Proxies Using Timing Analysis of TCP Flows

DTIC Science & Technology

2013-09-01

bayes classifier,” in Cloud Computing Security , ser. CCSW ’09. New York City, NY: ACM, 2009, pp. 31–42. [30] J. Zhang, R. Perdisci, W. Lee, U. Sarfraz...FSM Finite State Machine HTML Hypertext Markup Language HTTP Hypertext Transfer Protocol HTTPS Hypertext Transfer Protocol Secure ICMP Internet Control...This hidden traffic concept supports network access control, security protection through obfuscation, and performance boosts at the Internet facing

Healthcare teams over the Internet: towards a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2002-01-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modem healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has therefore become a major concern for healthcare applications over the Internet. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security policy is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

PubMed

Ghanti, Shaila; Naik, G M

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

PubMed Central

Ghanti, Shaila

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

PubMed Central

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Security analysis and improvements of authentication and access control in the Internet of Things.

PubMed

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

PubMed Central

Masys, D. R.; Baker, D. B.

1997-01-01

The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks. PMID:9357644

An Energy Efficient Protocol For The Internet Of Things

NASA Astrophysics Data System (ADS)

Venčkauskas, Algimantas; Jusas, Nerijus; Kazanavičius, Egidijus; Štuikys, Vytautas

2015-01-01

The Internet of Things (IoT) is a technological revolution that represents the future of computing and communications. One of the most important challenges of IoT is security: protection of data and privacy. The SSL protocol is the de-facto standard for secure Internet communications. The extra energy cost of encrypting and authenticating of the application data with SSL is around 15%. For IoT devices, where energy resources are limited, the increase in the cost of energy is a very significant factor. In this paper we present the energy efficient SSL protocol which ensures the maximum bandwidth and the required level of security with minimum energy consumption. The proper selection of the security level and CPU multiplier, can save up to 85% of the energy required for data encryption.

20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Federal Register, and are available on-line at the Social Security Administration's Internet site, http... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its...

20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Federal Register, and are available on-line at the Social Security Administration's Internet site, http... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its...

Privacy-enhanced electronic mail

NASA Astrophysics Data System (ADS)

Bishop, Matt

1990-06-01

The security of electronic mail sent through the Internet may be described in exactly three words: there is none. The Privacy and Security Research Group has recommended implementing mechanisms designed to provide security enhancements. The first set of mechanisms provides a protocol to provide privacy, integrity, and authentication for electronic mail; the second provides a certificate-based key management infrastructure to support key distribution throughout the internet, to support the first set of mechanisms. These mechanisms are described, as well as the reasons behind their selection and how these mechanisms can be used to provide some measure of security in the exchange of electronic mail.

Science and Technology Resources on the Internet: Computer Security.

ERIC Educational Resources Information Center

Kinkus, Jane F.

2002-01-01

Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

32 CFR 156.5 - National security positions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... of Existing Personnel Security Clearances” dated December 12, 2005 (Copies available on the Internet... 32 National Defense 1 2014-07-01 2014-07-01 false National security positions. 156.5 Section 156.5 National Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE...

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

PubMed

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-06-08

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

PubMed Central

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-01-01

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

PubMed

Caruso, Ronald D

2003-01-01

Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

Insecurity on the Net.

ERIC Educational Resources Information Center

Brandt, D. Scott

1998-01-01

Examines Internet security risks and how users can protect themselves. Discusses inadvertent bugs in software; programming problems with Common Gateway Interface (CGI); viruses; tracking of Web users; and preventing access to selected Web pages and filtering software. A glossary of Internet security-related terms is included. (AEF)

Security

ERIC Educational Resources Information Center

Technology & Learning, 2008

2008-01-01

Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

Can Cyberloafing and Internet Addiction Affect Organizational Information Security?

PubMed

Hadlington, Lee; Parsons, Kathryn

2017-09-01

Researchers have noted potential links between Internet addiction, the use of work computers for nonwork purposes and an increased risk of threat to the organization from breaches in cybersecurity. However, much of this research appears conjectural in nature and lacks clear empirical evidence to support such claims. To fill this knowledge gap, a questionnaire-based study explored the link between cyberloafing, Internet addiction, and information security awareness (ISA). A total of 338 participants completed an online questionnaire, which comprised of the Online Cognition Scale, Cyberloafing Scale, and the Human Aspects of Information Security Questionnaire. Participants who reported higher Internet addiction and cyberloafing tendencies had lower ISA, and Internet addiction and cyberloafing predicted a significant 45 percent of the variance in ISA. Serious cyberloafing, such as the propensity to visit adult websites and online gambling, was shown to be the significant predictor for poorer ISA. Implications for organizations and recommendations to reduce or manage inappropriate Internet use are discussed.

A Framework for an Institutional High Level Security Policy for the Processing of Medical Data and their Transmission through the Internet

PubMed Central

Pangalos, George

2001-01-01

Background The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. Objective To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. Methods We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. Results We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. Conclusions The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented. PMID:11720956

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

PubMed

Ilioudis, C; Pangalos, G

2001-01-01

The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented.

Three Essays on Information Security Policies

ERIC Educational Resources Information Center

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

Security: Progress and Challenges

ERIC Educational Resources Information Center

Luker, Mark A.

2004-01-01

The Homepage column in the March/April 2003 issue of "EDUCAUSE Review" explained the national implication of security vulnerabilities in higher education and the role of the EDUCAUSE/Internet2 Computer and Network Security Task Force in representing the higher education sector in the development of the National Strategy to Secure Cyberspace. Among…

Trust Management and Accountability for Internet Security

ERIC Educational Resources Information Center

Liu, Wayne W.

2011-01-01

Adversarial yet interacting interdependent relationships in information sharing and service provisioning have been a pressing issue of the Internet. Such relationships exist among autonomous software agents, in networking system peers, as well as between "service users and providers." Traditional "ad hoc" security approaches effective in…

Endpoint Security Using Biometric Authentication for Secure Remote Mission Operations

NASA Technical Reports Server (NTRS)

Donohue, John T.; Critchfield, Anna R.

2000-01-01

We propose a flexible security authentication solution for the spacecraft end-user, which will allow the user to interact over Internet with the spacecraft, its instruments, or with the ground segment from anywhere, anytime based on the user's pre-defined set of privileges. This package includes biometrics authentication products, such as face, voice or fingerprint recognition, authentication services and procedures, such as: user registration and verification over the Internet and user database maintenance, with a configurable schema of spacecraft users' privileges. This fast and reliable user authentication mechanism will become an integral part of end-to-end ground-to-space secure Internet communications and migration from current practice to the future. All modules and services of the proposed package are commercially available and built to the NIST BioAPI standard, which facilitates "pluggability" and interoperability.

A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

NASA Astrophysics Data System (ADS)

Saito, Takamichi

Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

45 CFR 95.621 - ADP reviews.

Code of Federal Regulations, 2011 CFR

2011-10-01

... use; (C) Software and data security; (D) Telecommunications security; (E) Personnel security; (F... Federal review. (f) ADP System Security Requirements and Review Process—(1) ADP System Security Requirement. State agencies are responsible for the security of all ADP projects under development, and...

Analytical Characterization of Internet Security Attacks

ERIC Educational Resources Information Center

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Do You Lock Your Network Doors? Some Network Management Precautions.

ERIC Educational Resources Information Center

Neray, Phil

1997-01-01

Discusses security problems and solutions for networked organizations with Internet connections. Topics include access to private networks from electronic mail information; computer viruses; computer software; corporate espionage; firewalls, that is computers that stand between a local network and the Internet; passwords; and physical security.…

Data mining technique for a secure electronic payment transaction using MJk-RSA in mobile computing

NASA Astrophysics Data System (ADS)

G. V., Ramesh Babu; Narayana, G.; Sulaiman, A.; Padmavathamma, M.

2012-04-01

Due to the evolution of the Electronic Learning (E-Learning), one can easily get desired information on computer or mobile system connected through Internet. Currently E-Learning materials are easily accessible on the desktop computer system, but in future, most of the information shall also be available on small digital devices like Mobile, PDA, etc. Most of the E-Learning materials are paid and customer has to pay entire amount through credit/debit card system. Therefore, it is very important to study about the security of the credit/debit card numbers. The present paper is an attempt in this direction and a security technique is presented to secure the credit/debit card numbers supplied over the Internet to access the E-Learning materials or any kind of purchase through Internet. A well known method i.e. Data Cube Technique is used to design the security model of the credit/debit card system. The major objective of this paper is to design a practical electronic payment protocol which is the safest and most secured mode of transaction. This technique may reduce fake transactions which are above 20% at the global level.

NSI security task: Overview

NASA Technical Reports Server (NTRS)

Tencati, Ron

1991-01-01

An overview is presented of the NASA Science Internet (NSI) security task. The task includes the following: policies and security documentation; risk analysis and management; computer emergency response team; incident handling; toolkit development; user consulting; and working groups, conferences, and committees.

Secure or Insure: An Economic Analysis of Security Interdependencies and Investment Types

ERIC Educational Resources Information Center

Grossklags, Jens

2009-01-01

Computer users express a strong desire to prevent attacks, and to reduce the losses from computer and information security breaches. However, despite the widespread availability of various technologies, actual investments in security remain highly variable across the Internet population. As a result, attacks such as distributed denial-of-service…

Exploring Factors that Influence Students' Behaviors in Information Security

ERIC Educational Resources Information Center

Yoon, Cheolho; Hwang, Jae-Won; Kim, Rosemary

2012-01-01

Due to the ever-increasing use of the Internet, information security has become a critical issue in society. This is especially the case for young adults who have different attitudes towards information security practices. In this research, we examine factors that motivate college students' information security behaviors. Based on the concept of…

[A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

PubMed

Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

2004-04-01

We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2014 CFR

2014-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2010 CFR

2010-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2012 CFR

2012-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2013 CFR

2013-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

77 FR 1971 - Supplemental Security Income and Homeless Individuals

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

... these individuals (nearly 80 percent) spent time only in an emergency shelter.\\2\\ \\1\\ United States...-- Internet, fax, or mail. Do not submit the same comments multiple times or by more than one method... visit our Internet site, Social Security Online, at http://www.socialsecurity.gov . SUPPLEMENTARY...

Cryptography and the Internet: lessons and challenges

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCurley, K.S.

1996-12-31

The popularization of the Internet has brought fundamental changes to the world, because it allows a universal method of communication between computers. This carries enormous benefits with it, but also raises many security considerations. Cryptography is a fundamental technology used to provide security of computer networks, and there is currently a widespread engineering effort to incorporate cryptography into various aspects of the Internet. The system-level engineering required to provide security services for the Internet carries some important lessons for researchers whose study is focused on narrowly defined problems. It also offers challenges to the cryptographic research community by raising newmore » questions not adequately addressed by the existing body of knowledge. This paper attempts to summarize some of these lessons and challenges for the cryptographic research community.« less

Privacy, security and access with sensitive health information.

PubMed

Croll, Peter

2010-01-01

This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes

PubMed Central

2018-01-01

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes. PMID:29518023

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes.

PubMed

Ali, Bako; Awad, Ali Ismail

2018-03-08

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or "things" to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes.

Home security system using internet of things

NASA Astrophysics Data System (ADS)

Anitha, A.

2017-11-01

IoT refers to the infrastructure of connected physical devices which is growing at a rapid rate as huge number of devices and objects are getting associated to the Internet. Home security is a very useful application of IoT and we are using it to create an inexpensive security system for homes as well as industrial use. The system will inform the owner about any unauthorized entry or whenever the door is opened by sending a notification to the user. After the user gets the notification, he can take the necessary actions. The security system will use a microcontroller known as Arduino Uno to interface between the components, a magnetic Reed sensor to monitor the status, a buzzer for sounding the alarm, and a WiFi module, ESP8266 to connect and communicate using the Internet. The main advantages of such a system includes the ease of setting up, lower costs and low maintenance.

Physical-layer encryption on the public internet: A stochastic approach to the Kish-Sethuraman cipher

NASA Astrophysics Data System (ADS)

Gunn, Lachlan J.; Chappell, James M.; Allison, Andrew; Abbott, Derek

2014-09-01

While information-theoretic security is often associated with the one-time pad and quantum key distribution, noisy transport media leave room for classical techniques and even covert operation. Transit times across the public internet exhibit a degree of randomness, and cannot be determined noiselessly by an eavesdropper. We demonstrate the use of these measurements for information-theoretically secure communication over the public internet.

Internet Governance and National Security

DTIC Science & Technology

2012-01-01

the conflict created by headline- grabbing exploits of ad hoc hacker networks or nation-state-inspired cor­ porate espionage.5 Malicious actors add...governance of critical Internet re­ sources and their impact on US national security are often overlooked. Foreign efforts to alter the technical...crime, espio­ nage, and other forms of cyber conflict rather than on the issues related to governance of critical Internet resources, development of

Secure Web-based Ground System User Interfaces over the Open Internet

NASA Technical Reports Server (NTRS)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

DTIC Science & Technology

2010-09-01

secure ad-hoc networks of mobile sensors deployed in a hostile environment . These sensors are normally small 86 and resource...Communications Magazine, 51, 2008. 45. Kumar, S.A. “Classification and Review of Security Schemes in Mobile Comput- ing”. Wireless Sensor Network , 2010... Networks ”. Wireless /Mobile Network Security , 2008. 85. Xiao, Y. “Accountability for Wireless LANs, Ad Hoc Networks , and Wireless

Security Verification of Secure MANET Routing Protocols

DTIC Science & Technology

2012-03-22

SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Matthew F. Steele, Captain, USAF AFIT/GCS/ ENG /12-03 DEPARTMENT OF THE AIR FORCE AIR...States AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Presented to the Faculty Department of Electrical and Computer...DISTRIBUTION UNLIMITED AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS Matthew F. Steele, B.S.E.E. Captain, USAF

Trustworthiness as a Limitation on Network Neutrality

DTIC Science & Technology

2007-01-01

June 24, 2005) (Civil No. 1:05CV01272), available at http://www.usdoj.gov/atr/cases/f209700/209728.htm (alleging that actuarial consulting firms moved...43 David D. Clark, Requirements for a Future Internet: Security as a Case Study , ver. 2.0...general solutions; and several high-profile cases had data re-indentified after release. See Bruce Schneier, Anonymity and the Netflix Dataset

Use of a secure Internet Web site for collaborative medical research.

PubMed

Marshall, W W; Haley, R W

2000-10-11

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849.

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

Internet Roadside Cafe #6. [Videotape.

ERIC Educational Resources Information Center

American Library Association Video/Library Video Network, Towson, MD.

This 30-minute videotape takes an in-depth look at World Wide Web business transactions, potential risks, client privacy and security issues by asking businesses and consumers how they do business on the Internet. Also featured in the program is advice about choosing a secure password, the use of credit cards for Web purchasing and a review of…

17 CFR 240.12f-3 - Termination or suspension of unlisted trading privileges.

Code of Federal Regulations, 2011 CFR

2011-04-01

... unlisted trading privileges. 240.12f-3 Section 240.12f-3 Commodity and Securities Exchanges SECURITIES AND... Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-3 Termination or suspension of unlisted trading privileges. (a) The issuer of any security for which unlisted trading privileges...

17 CFR 240.12f-3 - Termination or suspension of unlisted trading privileges.

Code of Federal Regulations, 2013 CFR

2013-04-01

... unlisted trading privileges. 240.12f-3 Section 240.12f-3 Commodity and Securities Exchanges SECURITIES AND... Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-3 Termination or suspension of unlisted trading privileges. (a) The issuer of any security for which unlisted trading privileges...

17 CFR 240.12f-3 - Termination or suspension of unlisted trading privileges.

Code of Federal Regulations, 2012 CFR

2012-04-01

... unlisted trading privileges. 240.12f-3 Section 240.12f-3 Commodity and Securities Exchanges SECURITIES AND... Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-3 Termination or suspension of unlisted trading privileges. (a) The issuer of any security for which unlisted trading privileges...

17 CFR 240.12f-3 - Termination or suspension of unlisted trading privileges.

Code of Federal Regulations, 2014 CFR

2014-04-01

... unlisted trading privileges. 240.12f-3 Section 240.12f-3 Commodity and Securities Exchanges SECURITIES AND... Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-3 Termination or suspension of unlisted trading privileges. (a) The issuer of any security for which unlisted trading privileges...

17 CFR 240.12f-3 - Termination or suspension of unlisted trading privileges.

Code of Federal Regulations, 2010 CFR

2010-04-01

... unlisted trading privileges. 240.12f-3 Section 240.12f-3 Commodity and Securities Exchanges SECURITIES AND... Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-3 Termination or suspension of unlisted trading privileges. (a) The issuer of any security for which unlisted trading privileges...

Security of medical data transfer and storage in Internet. Cryptography, antiviral security and electronic signature problems, which must be solved in nearest future in practical context.

PubMed

Kasztelowicz, Piotr; Czubenko, Marek; Zieba, Iwona

2003-01-01

The informatical revolution in computer age, which gives significant benefit in transfer of medical information requests to pay still more attention for aspect of network security. All known advantages of network technologies--first of all simplicity of copying, multiplication and sending information to many individuals can be also dangerous, if illegal, not permitted persons get access to medical data bases. Internet is assumed to be as especially "anarchic" medium, therefore in order to use it in professional work any security principles should be bewared. In our presentation we will try to find the optimal security solution in organisational and technological aspects for any medical network. In our opinion the harmonious co-operation between users, medical authorities and network administrators is core of the success.

77 FR 5734 - New Medical Criteria for Evaluating Language and Speech Disorders

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-06

... Medical Criteria for Evaluating Language and Speech Disorders AGENCY: Social Security Administration... Security numbers or medical information. 1. Internet: We strongly recommend that you submit your comments... INFORMATION CONTACT: Cheryl A. Williams, Office of Medical Listings Improvement, Social Security...

Healthcare teams over the Internet: programming a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2003-07-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modern healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has, therefore, become a major concern. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security model is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control (HAC) security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

PubMed

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security verification of our scheme using the widely accepted AVISPA tool. High security and extra functionality features allow our proposed scheme to be applicable for telecare medicine information systems which is used for e-health care medical applications. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Infusing Aging and Public Policy Content into Gerontology Courses: Collaborative Learning Methods To Teach about Social Security and Medicare.

ERIC Educational Resources Information Center

Cianciolo, Patricia K.; Henderson, Tammy L.

2003-01-01

Describes modules on Social Security and Medicare for gerontology policy courses. Discusses collaborative exercises in which students explore Internet resources on Social Security and health care finance, identity major concerns about reforms, and enact scenarios about retirees with varying degrees of income and health care security. (Contains 33…

Performance evaluation of secured DICOM image communication with next generation internet protocol IPv6

NASA Astrophysics Data System (ADS)

Yu, Fenghai; Zhang, Jianguo; Chen, Xiaomeng; Huang, H. K.

2005-04-01

Next Generation Internet (NGI) technology with new communication protocol IPv6 emerges as a potential solution for low-cost and high-speed networks for image data transmission. IPv6 is designed to solve many of the problems of the current version of IP (known as IPv4) with regard to address depletion, security, autoconfiguration, extensibility, and more. We choose CTN (Central Test Node) DICOM software developed by The Mallinckrodt Institute of Radiology to implement IPv6/IPv4 enabled DICOM communication software on different operating systems (Windows/Linux), and used this DICOM software to evaluate the performance of the IPv6/IPv4 enabled DICOM image communication with different security setting and environments. We compared the security communications of IPsec with SSL/TLS on different TCP/IP protocols (IPv6/IPv4), and find that there are some trade-offs to choose security solution between IPsec and SSL/TLS in the security implementation of IPv6/IPv4 communication networks.

Security Frameworks for Machine-to-Machine Devices and Networks

NASA Astrophysics Data System (ADS)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orvis, W J; Krystosek, P; Smith, J

2002-11-27

With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does notmore » consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these items do not take a lot of work, but require an awareness of the risks involved in not doing them or doing them incorrectly. The security of home networks and communications with company networks can be significantly improved by adding an appropriate software or hardware firewall to the home network and using a protected protocol such as Secure Sockets Layer (SSL), a Virtual Private Network (VPN), or Secure Shell (SSH) for connecting to the company network.« less

Enhanced Security for Online Exams Using Group Cryptography

ERIC Educational Resources Information Center

Jung, I. Y.; Yeom, H. Y.

2009-01-01

While development of the Internet has contributed to the spread of online education, online exams have not been widely adopted. An online exam is defined here as one that takes place over the insecure Internet, and where no proctor is in the same location as the examinees. This paper proposes an enhanced secure online exam management environment…

17 CFR 240.12f-4 - Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16.

Code of Federal Regulations, 2011 CFR

2011-04-01

... admitted to unlisted trading privileges from sections 13, 14 and 16. 240.12f-4 Section 240.12f-4 Commodity... Trading § 240.12f-4 Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16. (a) Any security for which unlisted trading privileges on any national securities exchange...

17 CFR 240.12f-4 - Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16.

Code of Federal Regulations, 2013 CFR

2013-04-01

... admitted to unlisted trading privileges from sections 13, 14 and 16. 240.12f-4 Section 240.12f-4 Commodity... Trading § 240.12f-4 Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16. (a) Any security for which unlisted trading privileges on any national securities exchange...

17 CFR 240.12f-4 - Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16.

Code of Federal Regulations, 2012 CFR

2012-04-01

... admitted to unlisted trading privileges from sections 13, 14 and 16. 240.12f-4 Section 240.12f-4 Commodity... Trading § 240.12f-4 Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16. (a) Any security for which unlisted trading privileges on any national securities exchange...

17 CFR 240.12f-4 - Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16.

Code of Federal Regulations, 2010 CFR

2010-04-01

... admitted to unlisted trading privileges from sections 13, 14 and 16. 240.12f-4 Section 240.12f-4 Commodity... Trading § 240.12f-4 Exemption of securities admitted to unlisted trading privileges from sections 13, 14 and 16. (a) Any security for which unlisted trading privileges on any national securities exchange...

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices.

PubMed

Marin, Leandro; Pawlowski, Marcin Piotr; Jara, Antonio

2015-08-28

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol.

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2010 CFR

2010-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2014 CFR

2014-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2012 CFR

2012-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

Practical Computer Security through Cryptography

NASA Technical Reports Server (NTRS)

McNab, David; Twetev, David (Technical Monitor)

1998-01-01

The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

The impact of internet-connected control systems on the oil and gas industry

NASA Astrophysics Data System (ADS)

Martel, Ruth T.

In industry and infrastructure today, communication is a way of life. In the oil and gas industry, the use of devices that communicate with the network at large is both commonplace and expected. Unfortunately, security on these devices is not always best. Many industrial control devices originate from legacy devices not originally configured with security in mind. All infrastructure and industry today has seen an increase in attacks on their networks and in some cases, a very dramatic increase, which should be a cause for alarm and action. The purpose of this research was to highlight the threat that Internet-connected devices present to an organization's network in the oil and gas industry and ultimately, to the business and possibly even human life. Although there are several previous studies that highlight the problem of these Internet-connected devices, there remains evidence that security response has not been adequate. The analysis conducted on only one easily discovered device serves as an example of the ongoing issue of the security mindset in the oil and gas industry. The ability to connect to a network through an Internet-connected device gives a hacker an anonymous backdoor to do great damage in that network. The hope is that the approach to security in infrastructure and especially the oil and gas industry, changes before a major catastrophe occurs involving human life.

Glucoweb: a case study of secure, remote biomonitoring and communication.

PubMed

Nigrin, D J; Kohane, I S

2000-01-01

As the Internet begins to play a greater role in many healthcare processes, it is inevitable that remote monitoring of patients' physiological parameters over the Internet will become increasingly commonplace. Internet-based communication between patients and their healthcare providers has already become prevalent, and has gained significant attention in terms of confidentiality issues. However, transmission of data directly from patients' physiological biomonitoring devices over the Web has garnered significantly less focus, especially in the area of authentication and security. In this paper, we describe a prototype system called Glucoweb, which allows patients with diabetes mellitus to transmit their self-monitored blood glucose data directly from their personal glucometer device to their diabetes care provider over the Internet. No customized software is necessary on the patient's computer, only a Web browser and active Internet connection. We use this example to highlight key authentication and security measures that should be considered for devices that transmit healthcare data to remote locations.

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

DTIC Science & Technology

2010-07-01

Cloud computing , an emerging form of computing in which users have access to scalable, on-demand capabilities that are provided through Internet... cloud computing , (2) the information security implications of using cloud computing services in the Federal Government, and (3) federal guidance and...efforts to address information security when using cloud computing . The complete report is titled Information Security: Federal Guidance Needed to

75 FR 68395 - Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-05

...-800-325- 0778, or visit our Internet site, Social Security Online, at http://www.socialsecurity.gov... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2010-0069] Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973 AGENCY: Social Security Administration. ACTION: Notice and request...

77 FR 35464 - Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-13

...-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0029] Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability Redesign Features AGENCY: Social Security...

78 FR 45010 - Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-25

...-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2013-0030] Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability Redesign Features AGENCY: Social Security...

76 FR 16531 - Technical Correction for Neurological Listing Cross-Reference

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-24

... 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www.socialsecurity.gov... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 404 [Docket No. SSA-2011-0019] RIN 0960-AH33 Technical Correction for Neurological Listing Cross-Reference AGENCY: Social Security Administration. ACTION: Final...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 232.12 - Business hours of the Commission.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Business hours of the Commission. 232.12 Section 232.12 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... documents may be submitted by direct transmission, via dial-up modem or Internet, to the Commission each day...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 232.12 - Business hours of the Commission.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Business hours of the Commission. 232.12 Section 232.12 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... documents may be submitted by direct transmission, via dial-up modem or Internet, to the Commission each day...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

ERIC Educational Resources Information Center

Waguespack, Leslie J.

2014-01-01

With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

Congressional Oversight of Homeland Security: Help or Hinderance?

DTIC Science & Technology

2012-12-01

http://thinkprogress.org/security/2009/01/21/35052/congress- f22 -fail/?mobile=nc . 246 Ferran, “Final F-22 Fighter Delivered, McCain Says $79B Jets...Program, Claims It’s ‘Too Big To Fail’.” Think Progress Security. Jan 21, 2009. http://thinkprogress.org/security/2009/01/21/35052/congress- f22 -fail

Research on information security in big data era

NASA Astrophysics Data System (ADS)

Zhou, Linqi; Gu, Weihong; Huang, Cheng; Huang, Aijun; Bai, Yongbin

2018-05-01

Big data is becoming another hotspot in the field of information technology after the cloud computing and the Internet of Things. However, the existing information security methods can no longer meet the information security requirements in the era of big data. This paper analyzes the challenges and a cause of data security brought by big data, discusses the development trend of network attacks under the background of big data, and puts forward my own opinions on the development of security defense in technology, strategy and product.

Implementation of the Internet of Things on Public Security

NASA Astrophysics Data System (ADS)

Lu, Kesheng; Li, Xichun

The development of the Internet of Things will occur within a new ecosystem that will be driven by a number of key players. The public security as one of the key players is going to make real-time communications will be possible not only by humans but also by things at anytime and from anywhere. This research will present the advent of the Internet of Things to create a plethora of innovative applications and services, which will enhance quality of life and reduce inequalities.

Research on Influence of Cloud Environment on Traditional Network Security

NASA Astrophysics Data System (ADS)

Ming, Xiaobo; Guo, Jinhua

2018-02-01

Cloud computing is a symbol of the progress of modern information network, cloud computing provides a lot of convenience to the Internet users, but it also brings a lot of risk to the Internet users. Second, one of the main reasons for Internet users to choose cloud computing is that the network security performance is great, it also is the cornerstone of cloud computing applications. This paper briefly explores the impact on cloud environment on traditional cybersecurity, and puts forward corresponding solutions.

Building an authorization model for external means of protection of APCS based on the Internet of things

NASA Astrophysics Data System (ADS)

Zaharov, A. A.; Nissenbaum, O. V.; Ponomaryov, K. Y.; Nesgovorov, E. S.

2018-01-01

In this paper we study application of Internet of Thing concept and devices to secure automated process control systems. We review different approaches in IoT (Internet of Things) architecture and design and propose them for several applications in security of automated process control systems. We consider an Attribute-based encryption in context of access control mechanism implementation and promote a secret key distribution scheme between attribute authorities and end devices.

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

Online Privacy, Security and Ethical Dilemma: A Recent Study.

ERIC Educational Resources Information Center

Karmakar, Nitya L.

The Internet remains as a wonder for the 21st century and its growth is phenomenon. According to a recent survey, the online population is now about 500 million globally and if this trend continues, it should reach 700 million by the end of 2002. This exponential growth of the Internet has given rise to several security, privacy and ethical…

Network-based reading system for lung cancer screening CT

NASA Astrophysics Data System (ADS)

Fujino, Yuichi; Fujimura, Kaori; Nomura, Shin-ichiro; Kawashima, Harumi; Tsuchikawa, Megumu; Matsumoto, Toru; Nagao, Kei-ichi; Uruma, Takahiro; Yamamoto, Shinji; Takizawa, Hotaka; Kuroda, Chikazumi; Nakayama, Tomio

2006-03-01

This research aims to support chest computed tomography (CT) medical checkups to decrease the death rate by lung cancer. We have developed a remote cooperative reading system for lung cancer screening over the Internet, a secure transmission function, and a cooperative reading environment. It is called the Network-based Reading System. A telemedicine system involves many issues, such as network costs and data security if we use it over the Internet, which is an open network. In Japan, broadband access is widespread and its cost is the lowest in the world. We developed our system considering human machine interface and security. It consists of data entry terminals, a database server, a computer aided diagnosis (CAD) system, and some reading terminals. It uses a secure Digital Imaging and Communication in Medicine (DICOM) encrypting method and Public Key Infrastructure (PKI) based secure DICOM image data distribution. We carried out an experimental trial over the Japan Gigabit Network (JGN), which is the testbed for the Japanese next-generation network, and conducted verification experiments of secure screening image distribution, some kinds of data addition, and remote cooperative reading. We found that network bandwidth of about 1.5 Mbps enabled distribution of screening images and cooperative reading and that the encryption and image distribution methods we proposed were applicable to the encryption and distribution of general DICOM images via the Internet.

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

Research on key technologies of data processing in internet of things

NASA Astrophysics Data System (ADS)

Zhu, Yangqing; Liang, Peiying

2017-08-01

The data of Internet of things (IOT) has the characteristics of polymorphism, heterogeneous, large amount and processing real-time. The traditional structured and static batch processing method has not met the requirements of data processing of IOT. This paper studied a middleware that can integrate heterogeneous data of IOT, and integrated different data formats into a unified format. Designed a data processing model of IOT based on the Storm flow calculation architecture, integrated the existing Internet security technology to build the Internet security system of IOT data processing, which provided reference for the efficient transmission and processing of IOT data.

Secure authentication protocol for Internet applications over CATV network

NASA Astrophysics Data System (ADS)

Chin, Le-Pond

1998-02-01

An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

Mechanical Verification of Cryptographic Protocols

NASA Astrophysics Data System (ADS)

Cheng, Xiaochun; Ma, Xiaoqi; Huang, Scott C.-H.; Cheng, Maggie

Information security is playing an increasingly important role in modern society, driven especially by the uptake of the Internet for information transfer. Large amount of information is transmitted everyday through the Internet, which is often the target of malicious attacks. In certain areas, this issue is vital. For example, military departments of governments often transmit a great amount of top-secret data, which, if divulged, could become a huge threat to the public and to national security. Even in our daily life, it is also necessary to protect information. Consider e-commerce systems as an example. No one is willing to purchase anything over the Internet before being assured that all their personal and financial information will always be kept secure and will never be leaked to any unauthorised person or organisation.

17 CFR 239.34 - Form F-4, for registration of securities of foreign private issuers issued in certain business...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Form F-4, for registration of securities of foreign private issuers issued in certain business combination transactions. 239.34 Section 239.34 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION FORMS PRESCRIBED UNDER THE...

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices

PubMed Central

Marin, Leandro; Piotr Pawlowski, Marcin; Jara, Antonio

2015-01-01

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol. PMID:26343677

Department of Defense High Performance Computing Modernization Program. 2008 Annual Report

DTIC Science & Technology

2009-04-01

place to another on the network. Without it, a computer could only talk to itself - no email, no web browsing, and no iTunes . Most of the Internet...Your SecurID Card ), Ken Renard Secure Wireless, Rob Scott and Stephen Bowman Securing Today’s Networks, Rich Whittney, Juniper Networks, Federal

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2013 CFR

2013-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2014 CFR

2014-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2012 CFR

2012-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

31 CFR 363.5 - How do I contact Fiscal Service?

Code of Federal Regulations, 2014 CFR

2014-07-01

...) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE REGULATIONS GOVERNING SECURITIES...” feature within TreasuryDirect ® to communicate information to us over a secure Internet connection. (b... otherwise. We are not responsible for the security of e-mail messages you may send to us, or replies we may...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

75 FR 67363 - Notice of Public Information Collection(s) Being Reviewed by the Federal Communications...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-02

... proceeding were required to file system security statements under the Commission's rules. (Security systems..., including broadband Internet access and interconnected VoIP providers, must file updates to their systems... Commission's rules, the information in the CALEA security system filings and petitions will not be made...

Security Considerations of Doing Business via the Internet: Cautions To Be Considered.

ERIC Educational Resources Information Center

Aldridge, Alicia; White, Michele; Forcht, Karen

1997-01-01

Lack of security is perceived as a major roadblock to doing business online. This article examines system, user, and commercial transaction privacy on the World Wide Web and discusses methods of protection: operating systems security, file and data protection, user education, access restrictions, data authentication, perimeter and transaction…

Information Security in the 1990s: Keeping the Locks on.

ERIC Educational Resources Information Center

Kovac, Ron J.

1999-01-01

As the Internet proliferates, it drastically increases an institution's level of data insecurity. Hacker attacks can result in denial of service, data corruption or erasure, and passive theft (via spoofing, splicing, or session stealing). To ensure data security, a firewall (screening software program) and a security policy should be implemented.…

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks

PubMed Central

Castillo, Encarnación; López-Ramos, Juan A.; Morales, Diego P.

2018-01-01

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature. PMID:29337921

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks.

PubMed

Parrilla, Luis; Castillo, Encarnación; López-Ramos, Juan A; Álvarez-Bermejo, José A; García, Antonio; Morales, Diego P

2018-01-16

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature.

Interrelationship between food security status, home availability of variety of fruits and vegetables and their dietary intake among low-income pregnant women.

PubMed

Nunnery, Danielle L; Labban, Jeffrey D; Dharod, Jigna M

2018-03-01

To (i) determine differences in the availability of variety of fruits and vegetables (F&V) at home by food security status; and (ii) examine the inter-associations between food security status, availability of variety of F&V at home and frequency of F&V intake, among low-income pregnant women. Design/Setting Participants were interviewed to collect food security status, home availability of variety of F&V and frequency of F&V intake. Bivariate analyses, multivariate regression and exploratory mediation analyses were conducted using IBM SPSS Statistics version 23.0 and the PROCESS macro. Low-income pregnant women (n 198) were interviewed if they were ≥18 years of age, in the second trimester of pregnancy, and spoke English or Spanish. Low/very low food security was found among 43 % of participants. Compared with fully food-secure participants, very low food-secure participants reported a lower variety of fruits (P=0·028) and vegetables (P=0·058) available at home. Mediation analyses indicated that through home availability of variety of fresh F&V, food security status was associated with the daily intake of F&V (indirect effect (95 % CI): fresh fruits, -0·039 (-0·074, -0·013); fresh vegetables, -0·048 (-0·083, -0·023)). As food security worsened, the available variety of fresh F&V decreased, which was associated with lower intake. The study highlights the interlink between food security, home food environment and diet quality, and the importance of nutrition education intervention to promote a healthy home food environment and improved pregnancy outcomes among low-income women.

The National Security of Mexico for 2010

DTIC Science & Technology

2002-01-01

Constituci6n politica de los Estados Unidos Mexicanos) 40 Alvaro Vallarta, "Lealtad militar", (Military loyalty), Reforma (M6xico, D.F.), 11 February 2002...Dolia Estevez, "Busca Incorporar a Mexico en Comando Norteamericano," El Financiero , 12 April 2002. 52 Maria de la Luz Gonzalez, "Proponen redefinir...Politica de los Estados Unidos Mexicanos", 5 February 2002; available from < http://www.presidencia.gob.mx >; Internet, accessed 6 February 2002. 62

How to Be a Better Consumer of Security Maturity Models

DTIC Science & Technology

2014-10-21

Health Care wellcent1ve Health Care Network !Maturity IModel: Posted on July 15, 2013 by Paul D. Taylor, M.D., CMIO, Wellcentive, Inc. Time and...expectations and delivery are aligned 10 DevOps Collaboration Automation Process Initial ( Defined Measured 11 Marketing A ih ’ f·, )j ,lcp... networked systems CERT – Anticipating and solving our nation’s cybersecurity challenges • Largest technical program at SEI • Focused on internet

Development and Application of Skill Standards for Security Practitioners

DTIC Science & Technology

2006-07-01

Development and Application of Skill Standards for Security Practitioners Henry K. Simpson Northrop Grumman Technical Services Lynn F. Fischer...and Application of Skill Standards for Security Practitioners Henry K. Simpson, Northrop Grumman Technical Services Lynn F. Fischer, Defense...described in the present report was driven by a JSTC tasking to develop skill standards for security practitioners in seven different security

Lessons Learned from the Afghan Mission Network: Developing a Coalition Contingency Network

DTIC Science & Technology

2014-01-01

SIPRNet Secret Internet Protocol Router Network SOP Standard Operating Procedure SVTC Secure Video Teleconference (or –Conferencing) TTP Tactics...Voice over internet protocol (VOIP) telephone connectivity • Email • Web browsing • Secure video teleconferencing (SVTC...10, 2012. As of January 15, 2013: http://www.guardian.co.uk/world/2012/oct/10/us-troops-jordan-syria-crisis Baldor, Lolita C., and Pauline Jelinek

17 CFR 239.39 - Form F-9, for registration under the Securities Act of 1933 of certain investment grade debt or...

Code of Federal Regulations, 2010 CFR

2010-04-01

... under the Securities Act of 1933 of certain investment grade debt or investment grade preferred... Statements § 239.39 Form F-9, for registration under the Securities Act of 1933 of certain investment grade debt or investment grade preferred securities of certain Canadian issuers. (a) Form F-9 may be used for...

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

Technical solutions for mitigating security threats caused by health professionals in clinical settings.

PubMed

Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

2015-08-01

The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

PubMed Central

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

2015-01-01

Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff. PMID:26618034

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

PubMed

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

2015-10-01

Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

17 CFR 249.250 - Form F-X, for appointment of agent for service of process by issuers registering securities on...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form F-X, for appointment of... F-X, for appointment of agent for service of process by issuers registering securities on Form F-8... registered on Form F-7 (§ 249.37 of this chapter), F-8, F-9, F-10 or F-80. Form F-X shall be filed with the...

17 CFR 249.250 - Form F-X, for appointment of agent for service of process by issuers registering securities on...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form F-X, for appointment of... F-X, for appointment of agent for service of process by issuers registering securities on Form F-8... registered on Form F-7 (§ 249.37 of this chapter), F-8, F-9, F-10 or F-80. Form F-X shall be filed with the...

IoT security with one-time pad secure algorithm based on the double memory technique

NASA Astrophysics Data System (ADS)

Wiśniewski, Remigiusz; Grobelny, Michał; Grobelna, Iwona; Bazydło, Grzegorz

2017-11-01

Secure encryption of data in Internet of Things is especially important as many information is exchanged every day and the number of attack vectors on IoT elements still increases. In the paper a novel symmetric encryption method is proposed. The idea bases on the one-time pad technique. The proposed solution applies double memory concept to secure transmitted data. The presented algorithm is considered as a part of communication protocol and it has been initially validated against known security issues.

Study on Information Security and e-Trust in Spanish households

NASA Astrophysics Data System (ADS)

Aguado, José

The study on Information Security and e-Trust in Spanish households has been conducted by INTECO (The National Institute of Communication Technologies) through the Information Security Observatory. It is a study on the incidence and trust of users in the Internet by means of measuring the frequency of the episodes of individual risk in a wide sample of users that are monitored online on a monthly basis, combining quantitative data of incidences (monthly scans of home computers) and qualitative perception data (quarterly surveys). The study is supplied with data from more than 3,000 households with Internet connection, spread across the whole country.

A malicious pattern detection engine for embedded security systems in the Internet of Things.

PubMed

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-12-16

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns.

78 FR 66638 - Extension of the Expiration Date for State Disability Examiner Authority To Make Fully Favorable...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-06

...-800-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION 20 CFR Parts 404 and 416 [Docket No. SSA-2013-0023] RIN 0960-AH59... Disability Determinations and Compassionate Allowances AGENCY: Social Security Administration. ACTION: Final...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2012 CFR

2012-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2013 CFR

2013-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2011 CFR

2011-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

In Internet-Based Visualization System Study about Breakthrough Applet Security Restrictions

NASA Astrophysics Data System (ADS)

Chen, Jie; Huang, Yan

In the process of realization Internet-based visualization system of the protein molecules, system needs to allow users to use the system to observe the molecular structure of the local computer, that is, customers can generate the three-dimensional graphics from PDB file on the client computer. This requires Applet access to local file, related to the Applet security restrictions question. In this paper include two realization methods: 1.Use such as signature tools, key management tools and Policy Editor tools provided by the JDK to digital signature and authentication for Java Applet, breakthrough certain security restrictions in the browser. 2. Through the use of Servlet agent implement indirect access data methods, breakthrough the traditional Java Virtual Machine sandbox model restriction of Applet ability. The two ways can break through the Applet's security restrictions, but each has its own strengths.

Finding Effective Responses Against Cyber Attacks for Divided Nations

DTIC Science & Technology

2015-12-01

Coordination Center LTE Long Term Evolution MAC Media Access Control MCRC Master Control and Reporting Center MEI Ministry of Electronics...satellites that aid Internet connections. Individual users can access the Internet via not only a wired connection up to 1 Gbps, but also by 4G LTE ...operate air-gapped intranets with security measures such as cryptographic modules that correspond to security levels. The MND does maintain the public

From Fob to Noc: A Pathway to a Cyber Career for Combat Veterans

DTIC Science & Technology

2014-06-01

Assurance Certifications GS general schedule HSAC Homeland Security Advisory Council IDS intrusion detection system IP internet protocol IPS...NIPRNET non-secure internet protocol router network NIST National Institute for Standards and Technology NOC network operations center NSA National...twice a day on an irregular schedule or during contact with the enemy to keep any observing enemy wary of the force protection 13 condition at any

17 CFR 269.5 - Form F-X, for appointment of agent for service of process by issuers registering securities on...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form F-X, for appointment of... INDENTURE ACT OF 1939 § 269.5 Form F-X, for appointment of agent for service of process by issuers..., F-10 or F-80. Form F-X shall be filed with the Commission: (a) By any issuer registering securities...

17 CFR 269.5 - Form F-X, for appointment of agent for service of process by issuers registering securities on...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form F-X, for appointment of... INDENTURE ACT OF 1939 § 269.5 Form F-X, for appointment of agent for service of process by issuers..., F-10 or F-80. Form F-X shall be filed with the Commission: (a) By any issuer registering securities...

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

NASA Technical Reports Server (NTRS)

Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

Survey of cyber security issues in smart grids

NASA Astrophysics Data System (ADS)

Chen, Thomas M.

2010-04-01

The future smart grid will enable cost savings and lower energy use by means of smart appliances and smart meters which support dynamic load management and real-time monitoring of energy use and distribution. The introduction of two-way communications and control into power grid introduces security and privacy concerns. This talk will survey the security and privacy issues in smart grids using the NIST reference model, and relate these issues to cyber security in the Internet.

Simple & Secure: Attitude and behaviour towards security and usability in internet products and services at home

NASA Astrophysics Data System (ADS)

Wolthuis, Reinder; Broenink, Gerben; Fransen, Frank; Schultz, Sven; de Vries, Arnout

This paper is the result of research on the security perception of users in ICT services and equipment. We analyze the rationale of users to have an interest in security and to decide to change security parameters of equipment and services. We focus on the home environment, where more and more devices are (inter)connected to form a complex end-to-end chain in using online services. In our research, we constructed a model to determine the delta between the perceived overall security and the real security in home networks. To achieve an understanding of perception and how to identify the delta between perceived and real security, our work forms the basis for examining how perception relates to behaviour. Since humans are referred to as the weakest link in security, there are also differences in behaviour and desired behaviour from a security perspective.

17 CFR 249.325 - Form 13F, report of institutional investment manager pursuant to section 13(f) of the Securities...

Code of Federal Regulations, 2010 CFR

2010-04-01

... institutional investment manager pursuant to section 13(f) of the Securities Exchange Act of 1934. 249.325... manager pursuant to section 13(f) of the Securities Exchange Act of 1934. This form shall be used by institutional investment managers which are required to furnish reports pursuant to section 13(f) of the...

17 CFR 239.42 - Form F-X, for appointment of agent for service of process and undertaking for issuers registering...

Code of Federal Regulations, 2010 CFR

2010-04-01

..., rights offering or business combination. 239.42 Section 239.42 Commodity and Securities Exchanges... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Form F-X, for appointment of agent for service of process and undertaking for issuers registering securities on Form F-8, F-9, F-10...

Development of a telediagnosis endoscopy system over secure internet.

PubMed

Ohashi, K; Sakamoto, N; Watanabe, M; Mizushima, H; Tanaka, H

2008-01-01

We developed a new telediagnosis system to securely transmit high-quality endoscopic moving images over the Internet in real time. This system would enable collaboration between physicians seeking advice from endoscopists separated by long distances, to facilitate diagnosis. We adapted a new type of digital video streaming system (DVTS) to our teleendoscopic diagnosis system. To investigate its feasibility, we conducted a two-step experiment. A basic experiment was first conducted to transmit endoscopic video images between hospitals using a plain DVTS. After investigating the practical usability, we incorporated a secure and reliable communication function into the system, by equipping DVTS with "TCP2", a new security technology that establishes secure communication in the transport layer. The second experiment involved international transmission of teleendoscopic image between Hawaii and Japan using the improved system. In both the experiments, no serious transmission delay was observed to disturb physicians' communications and, after subjective evaluation by endoscopists, the diagnostic qualities of the images were found to be adequate. Moreover, the second experiment showed that "TCP2-equipped DVTS" successfully executed high-quality secure image transmission over a long distance network. We conclude that DVTS technology would be promising for teleendoscopic diagnosis. It was also shown that a high quality, secure teleendoscopic diagnosis system can be developed by equipping DVTS with TCP2.

Influence of parental attitudes towards Internet use on the employment of online safety measures at home.

PubMed

Floros, Georgios; Siomos, Konstantinos; Dafouli, Evaggelia; Fisoun, Virginia; Geroukalis, Dimitrios

2012-01-01

In this paper we present the results of a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet safety-related practices and attitudes towards the Internet. Total sample was 2017 students and 1214 parent responders. Research material included extended demographics and an Internet security questionnaire, the Internet Attitudes Scale (IAS) for parents and the Adolescent Computer Addiction Test (ACAT) for children and both parents. Both parents thus provided their views on their children's computer use and an estimate for their degree of computer addiction which was tested against their child's self-report. Results indicated that fathers and mothers who had negative views of the Internet, tended to encourage less their children to engage in online activities and worried more for the possibility that their child is addicted to computer use; their worries weren't correlated with their children's results. Parental views on the Internet had no effect on the level of security precautions they employed at home. Those parents who reported a low level of security knowledge and were unsure as to what their children were doing online, tended to consider their children more likely to be addicted to computer use; those views were confirmed by their children' self-reported results.

17 CFR 270.17f-4 - Custody of investment company assets with a securities depository.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Custody of investment company... SECURITIES AND EXCHANGE COMMISSION (CONTINUED) RULES AND REGULATIONS, INVESTMENT COMPANY ACT OF 1940 § 270.17f-4 Custody of investment company assets with a securities depository. (a) Custody arrangement with...

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

A Critical Analysis of the SRI Lankan Governments Counterinsurgency Campaign.

DTIC Science & Technology

1999-01-01

http://www. lacnet.org/ srilanka /issues/kumari.html, 1987), 1. 6Thomas. A. Marks, "Disintegration of the Revolution in Sri Lanka," in Maoist Insurgency...2Kumari Jayawardana, Ethnic Conflict in Sri Lanka and Regional Security (Internet: http-www.lacnet.org/ sriLanka /issues/kumari.html. 1987), 9. 3F.M 100...Sri Lanka: 1996), 17. 113 STABLE 5 VITAL STATISTICS: SRI LANKA COMPARED WITH SELECTED COUNTRIES IN ASIA Item Year SriLanka Bangladesh India Pakistan

Automatic Response to Intrusion

DTIC Science & Technology

2002-10-01

Computing Corporation Sidewinder Firewall [18] SRI EMERALD Basic Security Module (BSM) and EMERALD File Transfer Protocol (FTP) Monitors...the same event TCP Wrappers [24] Internet Security Systems RealSecure [31] SRI EMERALD IDIP monitor NAI Labs Generic Software Wrappers Prototype...included EMERALD , NetRadar, NAI Labs UNIX wrappers, ARGuE, MPOG, NetRadar, CyberCop Server, Gauntlet, RealSecure, and the Cyber Command System

A security analysis of version 2 of the Network Time Protocol (NTP): A report to the privacy and security research group

NASA Technical Reports Server (NTRS)

Bishop, Matt

1991-01-01

The Network Time Protocol is being used throughout the Internet to provide an accurate time service. The security requirements are examined of such a service, version 2 of the NTP protocol is analyzed to determine how well it meets these requirements, and improvements are suggested where appropriate.

A Multifactor Secure Authentication System for Wireless Payment

NASA Astrophysics Data System (ADS)

Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

17 CFR 240.12f-5 - Exchange rules for securities to which unlisted trading privileges are extended.

Code of Federal Regulations, 2011 CFR

2011-04-01

... to which unlisted trading privileges are extended. 240.12f-5 Section 240.12f-5 Commodity and... EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-5 Exchange rules for securities to which unlisted trading privileges are extended. A national...

17 CFR 240.12f-5 - Exchange rules for securities to which unlisted trading privileges are extended.

Code of Federal Regulations, 2013 CFR

2013-04-01

... to which unlisted trading privileges are extended. 240.12f-5 Section 240.12f-5 Commodity and... EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-5 Exchange rules for securities to which unlisted trading privileges are extended. A national...

17 CFR 240.12f-5 - Exchange rules for securities to which unlisted trading privileges are extended.

Code of Federal Regulations, 2012 CFR

2012-04-01

... to which unlisted trading privileges are extended. 240.12f-5 Section 240.12f-5 Commodity and... EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-5 Exchange rules for securities to which unlisted trading privileges are extended. A national...

17 CFR 240.12f-5 - Exchange rules for securities to which unlisted trading privileges are extended.

Code of Federal Regulations, 2010 CFR

2010-04-01

... to which unlisted trading privileges are extended. 240.12f-5 Section 240.12f-5 Commodity and... EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-5 Exchange rules for securities to which unlisted trading privileges are extended. A national...

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

Mobile Virtual Private Networking

NASA Astrophysics Data System (ADS)

Pulkkis, Göran; Grahn, Kaj; Mårtens, Mathias; Mattsson, Jonny

Mobile Virtual Private Networking (VPN) solutions based on the Internet Security Protocol (IPSec), Transport Layer Security/Secure Socket Layer (SSL/TLS), Secure Shell (SSH), 3G/GPRS cellular networks, Mobile IP, and the presently experimental Host Identity Protocol (HIP) are described, compared and evaluated. Mobile VPN solutions based on HIP are recommended for future networking because of superior processing efficiency and network capacity demand features. Mobile VPN implementation issues associated with the IP protocol versions IPv4 and IPv6 are also evaluated. Mobile VPN implementation experiences are presented and discussed.

Secure Recognition of Voice-Less Commands Using Videos

NASA Astrophysics Data System (ADS)

Yau, Wai Chee; Kumar, Dinesh Kant; Weghorn, Hans

Interest in voice recognition technologies for internet applications is growing due to the flexibility of speech-based communication. The major drawback with the use of sound for internet access with computers is that the commands will be audible to other people in the vicinity. This paper examines a secure and voice-less method for recognition of speech-based commands using video without evaluating sound signals. The proposed approach represents mouth movements in the video data using 2D spatio-temporal templates (STT). Zernike moments (ZM) are computed from STT and fed into support vector machines (SVM) to be classified into one of the utterances. The experimental results demonstrate that the proposed technique produces a high accuracy of 98% in a phoneme classification task. The proposed technique is demonstrated to be invariant to global variations of illumination level. Such a system is useful for securely interpreting user commands for internet applications on mobile devices.

17 CFR 270.17f-7 - Custody of investment company assets with a foreign securities depository.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Custody of investment company... Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) RULES AND REGULATIONS, INVESTMENT COMPANY ACT OF 1940 § 270.17f-7 Custody of investment company assets with a foreign securities depository. (a) Custody...

Bundle Security Protocol for ION

NASA Technical Reports Server (NTRS)

Burleigh, Scott C.; Birrane, Edward J.; Krupiarz, Christopher

2011-01-01

This software implements bundle authentication, conforming to the Delay-Tolerant Networking (DTN) Internet Draft on Bundle Security Protocol (BSP), for the Interplanetary Overlay Network (ION) implementation of DTN. This is the only implementation of BSP that is integrated with ION.

Information Systems at Enterprise. Design of Secure Network of Enterprise

NASA Astrophysics Data System (ADS)

Saigushev, N. Y.; Mikhailova, U. V.; Vedeneeva, O. A.; Tsaran, A. A.

2018-05-01

No enterprise and company can do without designing its own corporate network in today's information society. It accelerates and facilitates the work of employees at any level, but contains a big threat to confidential information of the company. In addition to the data theft attackers, there are plenty of information threats posed by modern malware effects. In this regard, the computational security of corporate networks is an important component of modern information technologies of computer security for any enterprise. This article says about the design of the protected corporate network of the enterprise that provides the computers on the network access to the Internet, as well interoperability with the branch. The access speed to the Internet at a high level is provided through the use of high-speed access channels and load balancing between devices. The security of the designed network is performed through the use of VLAN technology as well as access lists and AAA server.

Prototype of smart office system using based security system

NASA Astrophysics Data System (ADS)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

Competitive Cyber-Insurance and Internet Security

NASA Astrophysics Data System (ADS)

Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

The Regulatory Framework for Privacy and Security

NASA Astrophysics Data System (ADS)

Hiller, Janine S.

The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

PubMed Central

Hu, Hequn; Liao, Xuewen

2017-01-01

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission (PSST), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. PSST is analyzed for the proposed secure schemes, and the closed form expressions of PSST for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better PSST than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar PSST, the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations. PMID:28869540

17 CFR 240.12f-2 - Extending unlisted trading privileges to a security that is the subject of an initial public...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Extending unlisted trading... Unlisted Trading § 240.12f-2 Extending unlisted trading privileges to a security that is the subject of an initial public offering. (a) General provision. A national securities exchange may extend unlisted trading...

17 CFR 274.220 - Form N-17f-2, cover page for each certificate of accounting of securities and similar investments...

Code of Federal Regulations, 2010 CFR

2010-04-01

... each certificate of accounting of securities and similar investments in the custody of a registered management investment company, filed pursuant to rule 17f-2. 274.220 Section 274.220 Commodity and Securities... accounting of securities and similar investments in the custody of a registered management investment company...

17 CFR 239.38 - Form F-8, for registration under the Securities Act of 1933 of securities of certain Canadian...

Code of Federal Regulations, 2010 CFR

2010-04-01

... completed fiscal years immediately prior to the business combination, when combined with the listing history... offers or a business combination. 239.38 Section 239.38 Commodity and Securities Exchanges SECURITIES AND... issuers to be issued in exchange offers or a business combination. (a) Form F-8 may be used for...

17 CFR 239.41 - Form F-80, for registration under the Securities Act of 1933 of securities of certain Canadian...

Code of Federal Regulations, 2010 CFR

2010-04-01

... completed fiscal years immediately prior to the business combination, when combined with the listing history... offers or a business combination. 239.41 Section 239.41 Commodity and Securities Exchanges SECURITIES AND... issuers to be issued in exchange offers or a business combination. (a) Form F-80 may be used for...

17 CFR 240.12f-2 - Extending unlisted trading privileges to a security that is the subject of an initial public...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Extending unlisted trading... Unlisted Trading § 240.12f-2 Extending unlisted trading privileges to a security that is the subject of an initial public offering. (a) General provision. A national securities exchange may extend unlisted trading...

17 CFR 240.12f-2 - Extending unlisted trading privileges to a security that is the subject of an initial public...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Extending unlisted trading... Unlisted Trading § 240.12f-2 Extending unlisted trading privileges to a security that is the subject of an initial public offering. (a) General provision. A national securities exchange may extend unlisted trading...

17 CFR 240.12f-2 - Extending unlisted trading privileges to a security that is the subject of an initial public...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Extending unlisted trading... Unlisted Trading § 240.12f-2 Extending unlisted trading privileges to a security that is the subject of an initial public offering. (a) General provision. A national securities exchange may extend unlisted trading...

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

CrossTalk. The Journal of Defense Software Engineering. Volume 25, Number 6

DTIC Science & Technology

2012-12-01

Cyber Security Threat Definition Communicable Noncommunicable Based on Risky Behavior Coordinated Trojan horse programs Threats hidden in a...for Cyber Security Threats Cyber Security Threat Communicable Noncommunicable Risky Behaviors Coordinated Type of Intervention (at the System...types of data are breached. Further, educational materials on risky behaviors (e.g., for home Internet users) as well as recommended guide- lines for

Scalable Trust of Next-Generation Management (STRONGMAN)

DTIC Science & Technology

2004-10-01

remote logins might be policy controlled to allow only strongly encrypted IPSec tunnels to log in remotely, to access selected files, etc. The...and Angelos D. Keromytis. Drop-in Security for Distributed and Portable Computing Elements. Emerald Journal of Internet Research. Electronic...Security and Privacy, pp. 17-31, May 1999. [2] S. M. Bellovin. Distributed Firewalls. ; login : magazine, special issue on security, November 1999. [3] M

Defense Message System Way Ahead: Conclusions and Recommendations from the Industry Advisory Panel

DTIC Science & Technology

2000-03-01

access terminals • Increasing requirement for authentication and data security for conducting business • Mergers and acquisitions in Internet space...market, used to carry PKI certificates for all types of security services including access control, confidentiality, integrity, and non-repudiation...Wireless access widespread § Unified messaging pervasive § Security /privacy dependent on service provider Long-term § Highly reliable systems

Awaiting Cyber 9/11

DTIC Science & Technology

2013-01-01

tremendously dangerous and sophisticated virus that successfully attacked a SCADA system is now available for free on the Internet, where one can find...security for the public and private sectors. To develop this capability, the Nation needs to undergo a paradigm shift on how it views the cyber... for communications and trade were extraordinarily important for the security and prosperity of Britain. Today, the security and prosperity of the

Health care data security: one size does not fit all.

PubMed

Krohn, R

2001-11-01

In the wake of the Internet, E-commerce, and particularly the Health Insurance Portability and Accountability Act, data security has risen to the top of health care information technology priorities. What is the correct mix of data security tools, policies, and technologies for the doctor, the hospital, the insurer, the vendor, and everyone else who does business in the health care industry?

Considering IIOT and security for the DoD

NASA Astrophysics Data System (ADS)

Klawon, Kevin; Gold, Josh; Bachman, Kristen; Landoll, Darren

2016-05-01

The Internet of Things (IoT) has come of age and domestic and industrial devices are all "smart". But how can they be universally classified and queried? How do we know that the underlying architecture is secure enough to deploy on a defense network? By leverage existing platforms designed for interoperability, extensibility, and security that can manage data across multiple domains and runs on any platform.

Information Assurance Study

DTIC Science & Technology

1998-01-01

usually written up by Logistics or Maintenance (4790 is the Maintenance “ Bible ”). If need be, and if resources are available, one could collect all...Public domain) SATAN (System Administration Tool for Analyzing Networks) (Public Domain) STAT ( Security Test and Analysis Tool) (Harris Corporation...Service-Filtering Tools 1. TCP/IP wrapper program • Tools to Scan Hosts for Known Vulnerabilities 1. ISS (Internet Security Scanner) 2. SATAN (Security

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

NASA Astrophysics Data System (ADS)

Sklavos, N.; Selimis, G.; Koufopavlou, O.

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

A Malicious Pattern Detection Engine for Embedded Security Systems in the Internet of Things

PubMed Central

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-01-01

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns. PMID:25521382

17 CFR 240.17f-1 - Requirements for reporting and inquiry with respect to missing, lost, counterfeit or stolen...

Code of Federal Regulations, 2013 CFR

2013-04-01

... inquiry with respect to missing, lost, counterfeit or stolen securities. 240.17f-1 Section 240.17f-1... and inquiry with respect to missing, lost, counterfeit or stolen securities. (a) Definitions. For...). (8) The term missing shall include any securities certificate that: (i) Cannot be located or...

17 CFR 240.17f-1 - Requirements for reporting and inquiry with respect to missing, lost, counterfeit or stolen...

Code of Federal Regulations, 2012 CFR

2012-04-01

... inquiry with respect to missing, lost, counterfeit or stolen securities. 240.17f-1 Section 240.17f-1... and inquiry with respect to missing, lost, counterfeit or stolen securities. (a) Definitions. For...). (8) The term missing shall include any securities certificate that: (i) Cannot be located or...

17 CFR 240.17f-1 - Requirements for reporting and inquiry with respect to missing, lost, counterfeit or stolen...

Code of Federal Regulations, 2011 CFR

2011-04-01

... inquiry with respect to missing, lost, counterfeit or stolen securities. 240.17f-1 Section 240.17f-1... and inquiry with respect to missing, lost, counterfeit or stolen securities. (a) Definitions. For...). (8) The term missing shall include any securities certificate that: (i) Cannot be located or...

17 CFR 240.17f-1 - Requirements for reporting and inquiry with respect to missing, lost, counterfeit or stolen...

Code of Federal Regulations, 2014 CFR

2014-04-01

... inquiry with respect to missing, lost, counterfeit or stolen securities. 240.17f-1 Section 240.17f-1... and inquiry with respect to missing, lost, counterfeit or stolen securities. (a) Definitions. For...). (8) The term missing shall include any securities certificate that: (i) Cannot be located or...

76 FR 51438 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-18

... Rule 17f-2(e) (17 CFR 240.17f-2(e)) under the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.). Rule 17f-2(e) requires members of national securities exchanges, brokers, dealers, registered transfer... SECURITIES AND EXCHANGE COMMISSION Submission for OMB Review; Comment Request Upon Written Request...

Simple group password-based authenticated key agreements for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

Functional Internet Literacy: Required Cognitive Skills with Implications for Instruction

ERIC Educational Resources Information Center

Johnson, Genevieve Marie

2007-01-01

Patterns of typical Internet use provide the basis for defining "functional Internet literacy." Internet use commonly includes communication, information, recreation, and commercial activities. Technical competence with connectivity, security, and downloads is a prerequisite for using the Internet for such activities. Bloom's taxonomy of cognitive…

17 CFR 249.1200 - Form X-17F-1A-Report for missing, lost, stolen or counterfeit securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Form X-17F-1A-Report for... Reporting and Inquiry With Respect to Missing, Lost, Stolen, or Counterfeit Securities § 249.1200 Form X-17F...] Editorial Note: For Federal Register citations affecting Form X-17F-1A, see the List of CFR Sections...

17 CFR 249.1200 - Form X-17F-1A-Report for missing, lost, stolen or counterfeit securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form X-17F-1A-Report for... Reporting and Inquiry With Respect to Missing, Lost, Stolen, or Counterfeit Securities § 249.1200 Form X-17F...] Editorial Note: For Federal Register citations affecting Form X-17F-1A, see the List of CFR Sections...

17 CFR 249.1200 - Form X-17F-1A-Report for missing, lost, stolen or counterfeit securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Form X-17F-1A-Report for... Reporting and Inquiry With Respect to Missing, Lost, Stolen, or Counterfeit Securities § 249.1200 Form X-17F...] Editorial Note: For Federal Register citations affecting Form X-17F-1A, see the List of CFR Sections...

17 CFR 249.1200 - Form X-17F-1A-Report for missing, lost, stolen or counterfeit securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form X-17F-1A-Report for... Reporting and Inquiry With Respect to Missing, Lost, Stolen, or Counterfeit Securities § 249.1200 Form X-17F...] Editorial Note: For Federal Register citations affecting Form X-17F-1A, see the List of CFR Sections...

17 CFR 249.1200 - Form X-17F-1A-Report for missing, lost, stolen or counterfeit securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Form X-17F-1A-Report for... Reporting and Inquiry With Respect to Missing, Lost, Stolen, or Counterfeit Securities § 249.1200 Form X-17F...] Editorial Note: For Federal Register citations affecting Form X-17F-1A, see the List of CFR Sections...

Outsourcing Security Services for Low Performance Portable Devices

NASA Astrophysics Data System (ADS)

Szentgyörgyi, Attila; Korn, András

The number of portable devices using wireless network technologies is on the rise. Some of these devices are incapable of, or at a disadvantage at using secure Internet services, because secure communication often requires comparatively high computing capacity. In this paper, we propose a solution which can be used to offer secure network services for low performance portable devices without severely degrading data transmission rates. We also show that using our approach these devices can utilize some secure network services which were so far unavailable to them due to a lack of software support. In order to back up our claims, we present performance measurement results obtained in a test network.

17 CFR 239.33 - Form F-3, for registration under the Securities Act of 1933 of securities of certain foreign...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Form F-3, for registration... CFR 230.405); or (v) Discloses in the registration statement that it has a reasonable belief that it... offering of non-convertible investment grade securities, discloses the basis for such belief, and files a...

17 CFR 239.33 - Form F-3, for registration under the Securities Act of 1933 of securities of certain foreign...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Form F-3, for registration... CFR 230.405); or (v) Discloses in the registration statement that it has a reasonable belief that it... offering of non-convertible investment grade securities, discloses the basis for such belief, and files a...

17 CFR 239.33 - Form F-3, for registration under the Securities Act of 1933 of securities of certain foreign...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Form F-3, for registration... CFR 230.405); or (v) Discloses in the registration statement that it has a reasonable belief that it... offering of non-convertible investment grade securities, discloses the basis for such belief, and files a...

The enhancement of security in healthcare information systems.

PubMed

Liu, Chia-Hui; Chung, Yu-Fang; Chen, Tzer-Shyong; Wang, Sheng-De

2012-06-01

With the progress and the development of information technology, the internal data in medical organizations have become computerized and are further established the medical information system. Moreover, the use of the Internet enhances the information communication as well as affects the development of the medical information system that a lot of medical information is transmitted with the Internet. Since there is a network within another network, when all networks are connected together, they will form the "Internet". For this reason, the Internet is considered as a high-risk and public environment which is easily destroyed and invaded so that a relevant protection is acquired. Besides, the data in the medical network system are confidential that it is necessary to protect the personal privacy, such as electronic patient records, medical confidential information, and authorization-controlled data in the hospital. As a consequence, a medical network system is considered as a network requiring high security that excellent protections and managerial strategies are inevitable to prevent illegal events and external attacks from happening. This study proposes secure medical managerial strategies being applied to the network environment of the medical organization information system so as to avoid the external or internal information security events, allow the medical system to work smoothly and safely that not only benefits the patients, but also allows the doctors to use it more conveniently, and further promote the overall medical quality. The objectives could be achieved by preventing from illegal invasion or medical information being stolen, protecting the completeness and security of medical information, avoiding the managerial mistakes of the internal information system in medical organizations, and providing the highly-reliable medical information system.

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

PubMed

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to other related schemes. As a result, our scheme is very appropriate for practical applications in TMIS.

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

Design and Implementation of a Secure Modbus Protocol

NASA Astrophysics Data System (ADS)

Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

A study of the security technology and a new security model for WiFi network

NASA Astrophysics Data System (ADS)

Huang, Jing

2013-07-01

The WiFi network is one of the most rapidly developing wireless communication networks, which makes wireless office and wireless life possible and greatly expands the application form and scope of the internet. At the same time, the WiFi network security has received wide attention, and this is also the key factor of WiFi network development. This paper makes a systematic introduction to the WiFi network and WiFi network security problems, and the WiFi network security technology are reviewed and compared. In order to solve the security problems in WiFi network, this paper presents a new WiFi network security model and the key exchange algorithm. Experiments are performed to test the performance of the model, the results show that the new security model can withstand external network attack and ensure stable and safe operation of WiFi network.

The Security Email Based on Smart Card

NASA Astrophysics Data System (ADS)

Lina, Zhang; Jiang, Meng Hai.

Email has become one of the most important communication tools in modern internet society, and its security is an important issue that can't be ignored. The security requirements of Email can be summarized as confidentiality, integrity, authentication and non-repudiation. Recently many researches on IBE (identify based encrypt) have been carried out to solve these security problems. However, because of IBE's fatal flaws and great advantages of PKI (Public Key Infrastructure), PKI is found to be still irreplaceable especially in the applications based on smart card. In this paper, a construction of security Email is presented, then the design of relatively cryptography algorithms and the configuration of certificates are elaborated, and finally the security for the proposed system is discussed.

DOE DISS/ET pilot system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Strait, R.S.; Wagner, E.E.

1994-07-01

The US Department of Energy (DOE) Office of Safeguards and Security initiated the DOE Integrated Security System / Electronic Transfer (DISS/ET) for the purpose of reducing the time required to process security clearance requests. DISS/ET will be an integrated system using electronic commerce technologies for the collection and processing of personnel security clearance data, and its transfer between DOE local security clearance offices, DOE Operations Offices, and the Office of Personnel Management. The system will use electronic forms to collect clearance applicant data. The forms data will be combined with electronic fingerprint images and packaged in a secure encrypted electronicmore » mail envelope for transmission across the Internet. Information provided by the applicant will be authenticated using digital signatures. All processing will be done electronically.« less

Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chevassut, Olivier; Milner, Joseph; Pointcheval, David

2008-04-21

The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on anmore » analysis of relevant patents in the area.« less

Secure quantum key distribution

NASA Astrophysics Data System (ADS)

Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

2014-08-01

Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2012 CFR

2012-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2011 CFR

2011-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

Change Detection Algorithms for Information Assurance of Computer Networks

DTIC Science & Technology

2002-01-01

original document contains color images. 14. ABSTRACT see report 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18...number of computer attacks increases steadily per year. At the time of this writing the Internet Security Systems’ baseline assessment is that a new...across a network by exploiting security flaws in widely-used services offered by vulnerable computers. In order to locate the vulnerable computers, the

Session Initiation Protocol Network Encryption Device Plain Text Domain Discovery Service

DTIC Science & Technology

2007-12-07

MONITOR’S REPORT NUMBER(S) 12. DISTRIBUTION / AVAILABILITY STATEMENT 13. SUPPLEMENTARY NOTES 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: a...such as the TACLANE, have developed unique discovery methods to establish Plain Text Domain (PTD) Security Associations (SA). All of these techniques...can include network and host Internet Protocol (IP) addresses, Information System Security Office (ISSO) point of contact information and PTD status

Safe at Any Speed: Securing Your Wi-Fi Network Is Easier and More Important than You Might Think

ERIC Educational Resources Information Center

Branzburg, Jeffrey

2007-01-01

In this article, the author relates how he discovered that not all Wi-Fi networks are secure. As such, he developed several strategies on how he can be secured whenever he connects to the Internet through a Wi-Fi connection. He discusses how one can change passwords, explains the process of encryption, and provides suggestions on other security…

Public views on multiple dimensions of security : nuclear waepons, terrorism, energy, and the environment : 2007.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Herron, Kerry Gale; Jenkins-Smith, Hank C.

2008-01-01

We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support formore » domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.« less

In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security

NASA Astrophysics Data System (ADS)

Danidou, Yianna; Schafer, Burkhard

This paper analyses potential legal responses and consequences to the anticipated roll out of Trusted Computing (TC). It is argued that TC constitutes such a dramatic shift in power away from users to the software providers, that it is necessary for the legal system to respond. A possible response is to mirror the shift in power by a shift in legal responsibility, creating new legal liabilities and duties for software companies as the new guardians of internet security.

46 CFR 232.2 - General instructions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Administration (such as reports filed with the Securities and Exchange Commission, public service commissions or... electronic options (such as facsimile and Internet), if practicable, any question involving the... and Rate Approvals, for the Maritime Security Program, or Director, Office of Ship Financing, for the...

75 FR 5865 - Proposed Collection; Comment Request for Publication 1075

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-04

... Publication 1075, Tax Information Security Guidelines for Federal, State, and Local Agencies. [[Page 5866... internet at [email protected] . SUPPLEMENTARY INFORMATION: Title: Tax Information Security Guidelines... on proposed and/or continuing information collections, as required by the Paperwork Reduction Act of...

Designing Secure Library Networks.

ERIC Educational Resources Information Center

Breeding, Michael

1997-01-01

Focuses on designing a library network to maximize security. Discusses UNIX and file servers; connectivity to campus, corporate networks and the Internet; separation of staff from public servers; controlling traffic; the threat of network sniffers; hubs that eliminate eavesdropping; dividing the network into subnets; Switched Ethernet;…

Secure HL7 transactions using Internet mail (Internet draft).

PubMed

Schadow, Gunther; Tucker, Mark; Rishel, Wes

2002-01-01

The document describes the applicability of the Internet standardisation efforts on secure electronic data interchange (EDI) transactions for Health Level-7 (HL7), an EDI standard for Healthcare used world-wide. The document heavily relies on the work in progress by the IETF EDIINT working group. It is in most parts a restatement of the EDIINTs requirements document and application statement 1 (AS#1) tailored to the needs of the HL7 audience. The authors tried to make the document as self consistent as possible. The goal is to give to the reader who is not a security or Internet standards expert enough foundational and detail information to enable him to build communication software that complies to the Internet standards. Even though the authors rely on and promote the respective Internet standards and drafts, they did not withstand from commenting on and criticising the work where they see upcoming problems in use with HL7 or other EDI protocols that have not been in the initial focus of the EDIINT working group. The authors make suggestions to add parameters to the specification of the MIME type for EDI messages in RFC 1767 in order to enhance functionality. The authors give use cases for a larger subset of disposition types and modifiers of message disposition notifications. One key issue where the document goes beyond the current EDIINT drafts is the concept of non-repudiation of commitment to an EDI transaction. Secure EDI transactions should be regarded as "distributed contracts," i.e. not only the sending and receiving of single messages should be non-refutable but also the connection between messages interchanges. In anticipation of this requirement HL7 usually requires a response message to be sent to acknowledge every transaction. The authors therefore have the requirement to securely couple an EDI response message to its request message. Given the current shape of RFC 1767 this is generally possible only if a response message is coupled with an MDN receipt and the combination of both signed by the responder. The document describes a protocol to bundle MDN and response that uses the MIME multi-part/related content type in RFC 2112.

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

PubMed

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System.

PubMed

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-12-15

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients' personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack.

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

PubMed Central

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-01

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

PubMed

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-06

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

Adolescent online gambling: the impact of parental practices and correlates with online activities.

PubMed

Floros, Georgios D; Siomos, Konstantinos; Fisoun, Virginia; Geroukalis, Dimitrios

2013-03-01

We present results from a cross-sectional study of the entire adolescent student population aged 12-19 of the island of Kos and their parents, on the relationship between their Internet gambling and respective parental practices, including aspects of psychological bonding and online security measures. The sample consisted of 2,017 students (51.8% boys, 48.2% girls). Our results indicate that gender, parenting practices as perceived by the adolescents and distinct patterns of adolescent Internet activities are among the best predictor variables for Internet gambling. Security practices exercised by the parents failed to make an impact on the extent of Internet gambling, demonstrating the need for specific measures to tackle this phenomenon since the provision of simple education on the dangers of the Internet is not sufficient to this regard.

How to Establish Security Awareness in Schools

NASA Astrophysics Data System (ADS)

Beyer, Anja; Westendorf, Christiane

The internet is a fast changing medium and comprises several websites fraught with risk. In this context especially young age groups are endangered. They have less experience using the media and little knowledge on existing internet risks. There are a number of initiatives, which are engaged in the topic of internet safety. They provide information about measures on how to prevent and to deal with internet risks. However it is not certain if these initiatives do reach their target group (children and adolescents). In this regard schools bear a special relevance, since they have the knowledge about didactic methods and the chance to address measures directly to children and adolescents. The authors of this paper provide an overview of current security education in German schools, problems and open questions. Finally the authors make recommendations on how to establish internet safety in schools.

77 FR 56625 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... Internet at http://www.regulations.gov as they are received without change, including any personal.... George G. Meade, MD 20755-6000. Decentralized segments: Defense Intelligence Agency (DIA) Headquarters... decentralized system locations, write to the National Security Agency/Central Security Service, Freedom of...

77 FR 70176 - Previous Participation Certification

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-23

... percent automated and digital submission of all data and certifications is available via HUD's secure... information is designed to be 100 percent automated and digital submission of all data and certifications is available via HUD's secure Internet systems. However HUD will provide for both electronic and paper...

9 CFR 121.15 - Training.

Code of Federal Regulations, 2012 CFR

2012-01-01

... must provide information and training on biosafety and security to each individual with access approval... or entity must provide information and training on biosafety and security to each individual not... Internet at http://www.aphis.usda.gov/programs/ag_selectagent/index.html. (b) Refresher training must be...

Application Security Automation

ERIC Educational Resources Information Center

Malaika, Majid A.

2011-01-01

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Retailing and Shopping on the Internet.

ERIC Educational Resources Information Center

Rowley, Jennifer

1996-01-01

Internet advertising and commercial activity are increasing. This article examines challenges facing the retail industry on the Internet: location; comparison shopping; security, especially financial transactions; customer base and profile; nature of the shopping experience; and legal and marketplace controls. (PEN)

76 FR 35055 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-15

... provided for in the following rule: Rule 17f-2(e) (17 CFR 240.17f-2(e)) under the Securities Exchange Act... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: U.S. Securities and Exchange Commission, Office of Investor Education and Advocacy...

77 FR 3485 - Agency Information Collection Activities: Form I-129F, Extension of a Currently Approved...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services Agency Information...). The Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS) will be... Department of Homeland Security sponsoring the collection: Form I-129F. U.S. Citizenship and Immigration...

Army Communicator. Volume 28, Number 1, Spring 2003

DTIC Science & Technology

2003-01-01

SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT Same as Report (SAR) 18. NUMBER OF PAGES 72 19a. NAME OF RESPONSIBLE PERSON ...does business to meet these requirements and the growing expectations from the president and his staff for instantaneous, global, secure , reliable and...by COL Tim Gibson Do you have access to a secure Internet-protocol router network terminal on a regular basis? If you answered yes, you’re wrong

Secure Networks for First Responders and Special Forces

NASA Technical Reports Server (NTRS)

2005-01-01

When NASA needed help better securing its communications with orbiting satellites, the Agency called on Western DataCom Co., Inc., to help develop a prototype Internet Protocol (IP) router. Westlake, Ohio-based Western DataCom designs, develops, and manufactures hardware that secures voice, video, and data transmissions over any IP-based network. The technology that it jointly developed with NASA is now serving as a communications solution in military and first-response situations.

Structural Causes and Cyber Effects: A Response to Our Critics

DTIC Science & Technology

2015-01-01

the incident, saying “North Korea’s attack on [Sony] reaf- firms that cyber threats pose one of the gravest national security dangers to the United...around the world to strengthen cyber - security , promote norms of acceptable state behavior, uphold freedom of expression, and ensure that the Internet... cyber working group that made progress toward “interna- tional cyberspace rules, and measures to boost dialogue and cooperation on cyber security .”15

Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

PubMed

Arshad, Hamed; Nikooghadam, Morteza

2014-12-01

Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

Conclusions

NASA Astrophysics Data System (ADS)

Ahonen, Pasi; Alahuhta, Petteri; Daskala, Barbara; Delaitre, Sabine; Hert, Paul De; Lindner, Ralf; Maghiros, Ioannis; Moscibroda, Anna; Schreurs, Wim; Verlinden, Michiel

Some say that an increase in security does not necessarily mean a further encroachment on privacy - indeed, security is necessary to protect personal data and our privacy. Networks must be secure, our personal devices, reliable, dependable and trustworthy. But security is a multifaceted term, with many dimensions. We are of the view that an increase in security most likely will encroach upon our privacy in an ambient intelligence world. Surveillance cameras will continue to proliferate. We assume that, whatever the law is, whatever privacy protections government and business say they honour, our telecommunications, e-mails and Internet usage will be monitored to an increasing degree. The same will be true of our interfaces with the world of ambient intelligence.

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay.

PubMed

Hu, Hequn; Gao, Zhenzhen; Liao, Xuewen; Leung, Victor C M

2017-09-04

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device's messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission ( P S S T ), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. P S S T is analyzed for the proposed secure schemes, and the closed form expressions of P S S T for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better P S S T than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar P S S T , the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations.

Research and realization implementation of monitor technology on illegal external link of classified computer

NASA Astrophysics Data System (ADS)

Zhang, Hong

2017-06-01

In recent years, with the continuous development and application of network technology, network security has gradually entered people's field of vision. The host computer network external network of violations is an important reason for the threat of network security. At present, most of the work units have a certain degree of attention to network security, has taken a lot of means and methods to prevent network security problems such as the physical isolation of the internal network, install the firewall at the exit. However, these measures and methods to improve network security are often not comply with the safety rules of human behavior damage. For example, the host to wireless Internet access and dual-network card to access the Internet, inadvertently formed a two-way network of external networks and computer connections [1]. As a result, it is possible to cause some important documents and confidentiality leak even in the the circumstances of user unaware completely. Secrecy Computer Violation Out-of-band monitoring technology can largely prevent the violation by monitoring the behavior of the offending connection. In this paper, we mainly research and discuss the technology of secret computer monitoring.

17 CFR Appendix F to Part 30 - Acknowledgment Letter for CFTC Regulation 30.7 Customer Secured Money Market Mutual Fund Account

Code of Federal Regulations, 2014 CFR

2014-04-01

... by you or by us to secure or guarantee any obligations that we might owe to you, and they may not be... Regulation 30.7 Customer Secured Money Market Mutual Fund Account F Appendix F to Part 30 Commodity and... Money Market Mutual Fund Account [Date] [Name and Address of Money Market Mutual Fund] We propose to...

77 FR 51842 - Social Security Acquiescence Ruling (AR) 12-X(8); Petersen v. Astrue, 633 F.3d 633 (8th Cir. 2011...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-27

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0046] Social Security Acquiescence Ruling (AR) 12-X(8); Petersen v. Astrue, 633 F.3d 633 (8th Cir. 2011); Whether a National Guard Technician Who.... Acquiescence Ruling 12-X(8) Petersen v. Astrue, 633 F.3d 633 (8th Cir. 2011): Whether a National Guard...

The study and implementation of the wireless network data security model

NASA Astrophysics Data System (ADS)

Lin, Haifeng

2013-03-01

In recent years, the rapid development of Internet technology and the advent of information age, people are increasing the strong demand for the information products and the market for information technology. Particularly, the network security requirements have become more sophisticated. This paper analyzes the wireless network in the data security vulnerabilities. And a list of wireless networks in the framework is the serious defects with the related problems. It has proposed the virtual private network technology and wireless network security defense structure; and it also given the wireless networks and related network intrusion detection model for the detection strategies.

Prototype system of secure VOD

NASA Astrophysics Data System (ADS)

Minemura, Harumi; Yamaguchi, Tomohisa

1997-12-01

Secure digital contents delivery systems are to realize copyright protection and charging mechanism, and aim at secure delivery service of digital contents. Encrypted contents delivery and history (log) management are means to accomplish this purpose. Our final target is to realize a video-on-demand (VOD) system that can prevent illegal usage of video data and manage user history data to achieve a secure video delivery system on the Internet or Intranet. By now, mainly targeting client-server systems connected with enterprise LAN, we have implemented and evaluated a prototype system based on the investigation into the delivery method of encrypted video contents.

77 FR 1915 - Proposed Information Collection; Comment Request; Licensing Responsibilities and Enforcement

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

... Commerce, Room 6616, 14th and Constitution Avenue NW., Washington, DC 20230 (or via the Internet at JJessup... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment Request; Licensing Responsibilities and Enforcement AGENCY: Bureau of Industry and Security, Commerce...

Cyber security issues in online games

NASA Astrophysics Data System (ADS)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

Routing architecture and security for airborne networks

NASA Astrophysics Data System (ADS)

Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

2009-05-01

Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

75 FR 9073 - Amendments to Rules Requiring Internet Availability of Proxy Materials

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-26

... Internet Availability of Proxy Materials; Final Rule #0;#0;Federal Register / Vol. 75 , No. 38 / Friday... to Rules Requiring Internet Availability of Proxy Materials AGENCY: Securities and Exchange... Notice of Internet Availability of Proxy Materials that is sent to shareholders and to permit issuers and...

78 FR 57371 - Agency Information Collection Activities; Comment Request; Student Aid Internet Gateway (SAIG...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-18

...; Comment Request; Student Aid Internet Gateway (SAIG) Enrollment Document AGENCY: Federal Student Aid (FSA... Internet Gateway (SAIG) Enrollment Document. OMB Control Number: 1845-0002. Type of Review: A revision of... Internet Gateway (SAIG) allows eligible entities to securely exchange Title IV, Higher Education Act (HEA...

Unofficial Technology Marvel of the Millennium.

ERIC Educational Resources Information Center

Ricart, Glenn

2000-01-01

Discusses the impact of the Internet, particularly on higher education. Highlights include a history of the development of the Internet; a leadership plan for higher education; authentication of personal identity; security; information quality; the concept of Internet time; and future possibilities. (LRW)

Approximation in Optimal Control and Identification of Large Space Structures.

DTIC Science & Technology

1985-01-01

I ease I Cr ’. ’. -4 . r*_...1- UN(D aSIFIED SECURITY CLAS.’ICATION OF fHIS P^.GE REPORT DOCUMENTATION PAGE 1 REPORT SECURITY CLASSIFICATION 1...RESTRICTIVE MARKINGS UNCLASSIFIED 2 SECURITY CLASSIFICATION AUTHORITY 3. DISTRIBUTION/AVAILABILITY OF REPORT Approved for public release; distribution 2b...NOS. PROGRAM PROJECT TASK WORK UNIT ELEMENT NO. NO. NO. NO Bolling AFB DC 20332-6448 61102F 2304 Al 11. TITLE IlnRCiude Security Claas.ifcation

48 CFR 32.202-4 - Security for Government financing.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 1 2010-10-01 2010-10-01 false Security for Government... for Government financing. (a) Policy. (1) 10 U.S.C. 2307(f) and 41 U.S.C. 255(f) require the Government to obtain adequate security for Government financing. The contracting officer shall specify in the...

A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

PubMed

Das, Ashok Kumar

2015-03-01

Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

An end-to-end secure patient information access card system.

PubMed

Alkhateeb, A; Singer, H; Yakami, M; Takahashi, T

2000-03-01

The rapid development of the Internet and the increasing interest in Internet-based solutions has promoted the idea of creating Internet-based health information applications. This will force a change in the role of IC cards in healthcare card systems from a data carrier to an access key medium. At the Medical Informatics Department of Kyoto University Hospital we are developing a smart card patient information project where patient databases are accessed via the Internet. Strong end-to-end data encryption is performed via Secure Socket Layers, transparent to transmit patient information. The smart card is playing the crucial role of access key to the database: user authentication is performed internally without ever revealing the actual key. For easy acceptance by healthcare professionals, the user interface is integrated as a plug-in for two familiar Web browsers, Netscape Navigator and MS Internet Explorer.

Internet: An Overview of Key Technology Policy Issues Affecting Its Use and Growth

DTIC Science & Technology

2004-12-29

Alliance OSS Open Source Software SSA Social Security Administration SSN Social Security Number TLD Top Level Domain UCE Unsolicited Commercial E-mail... Alliance General Types of Internet Services B2B Business-to-Business B2G Business-to-Government G2B Government-to-Business G2C Government-to-Citizen G2G...response. Such software is called “adware.” Software CRS-7 programs that include spyware can be sold or provided for free, on a disk (or other media ) or

78 FR 63159 - Amendment to Certification of Nebraska's Central Filing System

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-23

... system for Nebraska to permit the conversion of all debtor social security and taxpayer identification... automatically convert social security numbers and taxpayer identification numbers into ten number unique... certified central filing systems is available through the Internet on the GIPSA Web site ( http://www.gipsa...

Securing TCP/IP and Dial-up Access to Administrative Data.

ERIC Educational Resources Information Center

Conrad, L. Dean

1992-01-01

This article describes Arizona State University's solution to security risk inherent in general access systems such as TCP/IP (Transmission Control Protocol/INTERNET Protocol). Advantages and disadvantages of various options are compared, and the process of selecting a log-on authentication approach involving generation of a different password at…

The Defense Message System and the U.S. Coast Guard

DTIC Science & Technology

1992-06-01

these mail services, the Internet also provides a File Transfer Protocol (FTP) and remote login between host computers (TELNET) capabilities. 17 [Ref...the Joint Maritime Intelligence Element (JMIE), Zincdust, and Emerald . [Ref. 27] 4. Secure Data Network The Coast Guard’s Secure Data Network (SDN

78 FR 56266 - Consent Based Social Security Number Verification (CBSV) Service

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... developed CBSV as a user- friendly, internet-based application with safeguards that protect the public's information. In addition to the benefit of providing high volume, centralized SSN verification services to users in a secure manner, CBSV provides us with cost and workload management benefits. New Information...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2014 CFR

2014-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2012 CFR

2012-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2013 CFR

2013-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2013 CFR

2013-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2013 CFR

2013-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2012 CFR

2012-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2012 CFR

2012-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2011 CFR

2011-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2014 CFR

2014-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2014 CFR

2014-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

IT Security: Target: The Web

ERIC Educational Resources Information Center

Waters, John K.

2009-01-01

In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

An Analysis of Fraud on the Internet.

ERIC Educational Resources Information Center

Baker, C. Richard

1999-01-01

Examines the issue of fraud on the Internet and discusses three areas with significant potential for misleading and fraudulent practices: securities sales and trading; electronic commerce, including privacy and information protection; and the rapid growth of Internet companies, including advertising issues. (Author/LRW)

Help

Science.gov Websites

DUF6 Management and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home  . Looking for other resources? Try the Internet Resources page Search through relevant online newspapers News | FAQs | Internet Resources | Glossary Help | Mailing Services | Contact Us | About Us | Security

Saving the internet.

PubMed

Zittrain, Jonathan

2007-06-01

The Internet goose has laid countless golden eggs, along with a growing number of rotten ones. But it's the rotten ones that now tempt commercial, governmental, and consumer interests to threaten the Internet's uniquely creative power. The expediently selected, almost accidentally generative properties of the Internet - its technical openness, ease of access and mastery, and adaptability - have combined, especially when coupled with those of the PC, to produce an unsurpassed environment for innovative experiment. Those same properties, however, also make the Internet hospitable to various forms of wickedness: hacking, porn, spam, fraud, theft, predation, and attacks on the network itself. As these undesirable phenomena proliferate, business, government, and many users find common cause for locking down Internet and PC architecture in the interests of security and order. PC and Internet security vulnerabilities are a legitimate menace. However, the most likely reactions - if they are not forestalled - will be at least as unfortunate as the security problems themselves. Consider the growing profusion of "tethered appliances" - devices whose functions cannot readily be altered by their owners (think TiVo). Such appliances take Internet innovations and wrap them up in a neat, easy-to-use package, which is good - but only if the Internet and PC can remain sufficiently in the center of the digital ecosystem to produce the next round of innovations and to generate competition. People buy these devices for their convenience or functionality and may appreciate the fact that they are safer to use (they limit the damage users can do through ignorance or carelessness). But the risk is that users, by migrating to such appliances, will unwittingly trade away the future benefits of generativity - a loss that will go unappreciated even as innovation tapers off.

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System

PubMed Central

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-01-01

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients’ personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack. PMID:29244776

Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

NASA Astrophysics Data System (ADS)

Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

2016-11-01

Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

78 FR 72131 - Notice of Applications for Deregistration Under Section 8(f) of the Investment Company Act of 1940

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-02

... securities and does not propose to make a public offering or engage in business of any kind. Filing Dates... SECURITIES AND EXCHANGE COMMISSION [Release No. IC-30804] Notice of Applications for... by writing to the Secretary, U.S. Securities and Exchange Commission, 100 F Street NE., Washington...

A Security Audit Framework to Manage Information System Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

Automating Risk Analysis of Software Design Models

PubMed Central

Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P.

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance. PMID:25136688

Automating risk analysis of software design models.

PubMed

Frydman, Maxime; Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance.

DUF6 Conversion Facility EIS Schedule

Science.gov Websites

and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home » Conversion News | FAQs | Internet Resources | Glossary Help | Mailing Services | Contact Us | About Us | Security

Older Adults' Knowledge of Internet Hazards

ERIC Educational Resources Information Center

Grimes, Galen A.; Hough, Michelle G.; Mazur, Elizabeth; Signorella, Margaret L.

2010-01-01

Older adults are less likely to be using computers and less knowledgeable about Internet security than are younger users. The two groups do not differ on trust of Internet information. The younger group shows no age or gender differences. Within the older group, computer users are more trusting of Internet information, and along with those with…

Evolution of Internet addiction in Greek adolescent students over a two-year period: the impact of parental bonding.

PubMed

Siomos, Konstantinos; Floros, Georgios; Fisoun, Virginia; Evaggelia, Dafouli; Farkonas, Nikiforos; Sergentani, Elena; Lamprou, Maria; Geroukalis, Dimitrios

2012-04-01

We present results from a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet abuse, parental bonding and parental online security practices. We also compared the level of over involvement with personal computers of the adolescents to the respective estimates of their parents. Our results indicate that Internet addiction is increased in this population where no preventive attempts were made to combat the phenomenon from the initial survey, 2 years ago. This increase is parallel to an increase in Internet availability. The best predictor variables for Internet and computer addiction were parental bonding variables and not parental security practices. Parents tend to underestimate the level of computer involvement when compared to their own children estimates. Parental safety measures on Internet browsing have only a small preventive role and cannot protect adolescents from Internet addiction. The three online activities most associated with Internet addiction were watching online pornography, online gambling and online gaming. © Springer-Verlag 2012

Get Linked or Get Lost: Marketing Strategy for the Internet.

ERIC Educational Resources Information Center

Aldridge, Alicia; Forcht, Karen; Pierson, Joan

1997-01-01

To cultivate an online market share, companies must design marketing strategies specifically for the Internet. This article examines the nature of business on the Internet, highlighting demographics, user control, accessibility, communication, authenticity, competition, and security and proposes a marketing strategy, including targeting and…

[The Internet and its security].

PubMed

Masić, Izet; Ahmetović, Ademir; Jakupović, Safet; Masić, Zlatan; Zunić, Lejla

2002-01-01

Internet, is the greatest world net by by means of which nowadays the planet communicates, rapidly goes forward. The last years of the university in USA the commonly develop the more progressive concept of the net (Internet 2), thanks to the constant growing technologies, with the goal to answer the needs of the scientific and the educational institutions, but also the commercial institutions and the organizations. Almost the there is no more significant institution in the world which has not developed their web pages and data bases with the most actual contents available to the wider circle of the users. In this paper we have given the section of the most actual web pages. However, Internet is not immune to those users who are not benevolent and who have developed the different tools in the goal of the destroying or unabling of the normal use of all the Internet conveniences. The authors is considering the protection problem and the data security which get distributed by Internet.

Framework for Managing Metadata Security Tags as the Basis for Making Security Decisions.

DTIC Science & Technology

2002-12-01

and Performance,” D.H. Associates, Inc., Sep 2001. [3] Deitel , H. M., and Deitel , P. J., Java How to Program , 3rd Edition, Prentice Hall Inc...1999. [4] Deitel , H. M., Deitel , P. J., and Nieto, T. R., Internet and The World Wide Web: How to Program , 2nd Edition, 2002. [5] Grohn, M. J., A...words) This thesis presents an analysis of a capability to employ CAPCO (Controlled Access Program Coordination Office) compliant Metadata security

Subjective Audio Quality over a Secure IEEE 802.11n Draft 2.0 Wireless Local Area Network

DTIC Science & Technology

2009-03-01

hereafter referred to as 802.11) provide users with mobile connectivity without the need for expensive and inflexible wiring. The 802.11n extension, for...through another protocol, such as Secure / Multipurpose Internet Mail Extensions ( S /MIME). SDPS is, therefore, not a complete solution for secure key...number of packets per second (“Pkts/ s ”) are visible. Audio recordings are taken at AFIT within range of several other 802.11g APs as shown in Figure

A Web-based, secure, light weight clinical multimedia data capture and display system.

PubMed

Wang, S S; Starren, J

2000-01-01

Computer-based patient records are traditionally composed of textual data. Integration of multimedia data has been historically slow. Multimedia data such as image, audio, and video have been traditionally more difficult to handle. An implementation of a clinical system for multimedia data is discussed. The system implementation uses Java, Secure Socket Layer (SSL), and Oracle 8i. The system is on top of the Internet so it is architectural independent, cross-platform, cross-vendor, and secure. Design and implementations issues are discussed.

12 CFR 223.24 - What valuation principles apply to extensions of credit secured by affiliate securities?

Code of Federal Regulations, 2010 CFR

2010-01-01

... paragraphs (f)(1) and (5) of § 223.42. (c) Exclusion of eligible affiliated mutual fund securities—(1) The exclusion. Eligible affiliated mutual fund securities are not considered to be securities issued by an... extension of credit will be used to purchase the eligible affiliated mutual fund securities collateral or...

12 CFR 223.24 - What valuation principles apply to extensions of credit secured by affiliate securities?

Code of Federal Regulations, 2011 CFR

2011-01-01

... paragraphs (f)(1) and (5) of § 223.42. (c) Exclusion of eligible affiliated mutual fund securities—(1) The exclusion. Eligible affiliated mutual fund securities are not considered to be securities issued by an... extension of credit will be used to purchase the eligible affiliated mutual fund securities collateral or...

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

PubMed

You, Ilsun; Kwon, Soonhyun; Choudhary, Gaurav; Sharma, Vishal; Seo, Jung Taek

2018-06-08

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).

Authentication Binding between SSL/TLS and HTTP

NASA Astrophysics Data System (ADS)

Saito, Takamichi; Sekiguchi, Kiyomi; Hatsugai, Ryosuke

While the Secure Socket Layer or Transport Layer Security (SSL/TLS) is assumed to provide secure communications over the Internet, many web applications utilize basic or digest authentication of Hyper Text Transport Protocol (HTTP) over SSL/TLS. Namely, in the scheme, there are two different authentication schemes in a session. Since they are separated by a layer, these are not convenient for a web application. Moreover, the scheme may also cause problems in establishing secure communication. Then we provide a scheme of authentication binding between SSL/TLS and HTTP without modifying SSL/TLS protocols and its implementation, and we show the effectiveness of our proposed scheme.

A security mediator for health care information.

PubMed Central

Wiederhold, G.; Bilello, M.; Sarathy, V.; Qian, X.

1996-01-01

The TIHI (Trusted Interoperation of Healthcare Information) project addresses a security issue that arises when some information is being shared among collaborating enterprises, although not all enterprise information is sharable. It assumes that protection exists to prevent intrusion by adversaries through secure transmission and firewalls. The TIHI system design provides a gateway, owned by the enterprise security officer, to mediate queries and responses. The latter are typically transmitted via the Internet. The enterprise policy is determined by rules provided to the mediator. We show examples of typical rules. The problem and our solution, although developed in a healthcare context, is equally valid among collaborating enterprises. PMID:8947640

17 CFR 270.8f-1 - Deregistration of certain registered investment companies.

Code of Federal Regulations, 2010 CFR

2010-04-01

... registered investment companies. 270.8f-1 Section 270.8f-1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) RULES AND REGULATIONS, INVESTMENT COMPANY ACT OF 1940 § 270.8f-1 Deregistration of certain registered investment companies. A registered investment company that seeks a...

33 CFR 127.305 - Operations Manual.

Code of Federal Regulations, 2010 CFR

2010-07-01

... security personnel; (e) A description of the security systems for the marine transfer area for LNG; (f) The...) Transfer operations start-up and shutdown; (3) Security violations; and (4) The communications systems; and... Section 127.305 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED...

LIS–lnterlink—connecting laboratory information systems to remote primary health–care centres via the Internet

PubMed Central

Clark, Barry; Wachowiak, Bartosz; Crawford, Ewan W.; Jakubowski, Zenon; Kabata, Janusz

1998-01-01

A pilot study was performed to evaluate the feasibility of using the Internet to securely deliver patient laboratory results, and the system has subsequently gone into routine use in Poland. The system went from design to pilot and then to live implementation within a four-month period, resulting in the LIS-Interlink software product. Test results are retrieved at regular intervals from the BioLinkTM LIS (Laboratory Information System), encrypted and transferred to a secure area on the Web server. The primary health-care centres dial into the Internet using a local-cell service provided by Polish Telecom (TP), obtain a TCP/IP address using the TP DHCP server, and perform HTTP ‘get’ and ‘post’ operations to obtain the files by secure handshaking. The data are then automatically inserted into a local SQL database (with optional printing of incoming reports)for cumulative reporting and searching functions. The local database is fully multi-user and can be accessed from different clinics within the centres by a variety of networking protocols. PMID:18924820

Design and Analysis of Optimization Algorithms to Minimize Cryptographic Processing in BGP Security Protocols.

PubMed

Sriram, Vinay K; Montgomery, Doug

2017-07-01

The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers. This study proposes and evaluates the performance and efficiency of various optimization algorithms for validation of digitally signed BGP updates. In particular, this investigation focuses on the BGPSEC (BGP with SECurity extensions) protocol, currently under consideration for standardization in the Internet Engineering Task Force. We analyze three basic BGPSEC update processing algorithms: Unoptimized, Cache Common Segments (CCS) optimization, and Best Path Only (BPO) optimization. We further propose and study cache management schemes to be used in conjunction with the CCS and BPO algorithms. The performance metrics used in the analyses are: (1) routing table convergence time after BGPSEC peering reset or router reboot events and (2) peak-second signature verification workload. Both analytical modeling and detailed trace-driven simulation were performed. Results show that the BPO algorithm is 330% to 628% faster than the unoptimized algorithm for routing table convergence in a typical Internet core-facing provider edge router.

State of the Art of Network Security Perspectives in Cloud Computing

NASA Astrophysics Data System (ADS)

Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

LIS-lnterlink-connecting laboratory information systems to remote primary health-care centres via the Internet.

PubMed

Clark, B; Wachowiak, B; Crawford, E W; Jakubowski, Z; Kabata, J

1998-01-01

A pilot study was performed to evaluate the feasibility of using the Internet to securely deliver patient laboratory results, and the system has subsequently gone into routine use in Poland. The system went from design to pilot and then to live implementation within a four-month period, resulting in the LIS-Interlink software product. Test results are retrieved at regular intervals from the BioLink(TM) LIS (Laboratory Information System), encrypted and transferred to a secure area on the Web server. The primary health-care centres dial into the Internet using a local-cell service provided by Polish Telecom (TP), obtain a TCP/IP address using the TP DHCP server, and perform HTTP 'get' and 'post' operations to obtain the files by secure handshaking. The data are then automatically inserted into a local SQL database (with optional printing of incoming reports)for cumulative reporting and searching functions. The local database is fully multi-user and can be accessed from different clinics within the centres by a variety of networking protocols.

Security Implications of Electronic Commerce: A Survey of Consumers and Businesses.

ERIC Educational Resources Information Center

Furnell, S. M.; Karweni, T.

1999-01-01

Examines general requirement for security technologies that provide a basis for trust in the electronic commerce environment. Discusses the results of two surveys that included general Internet users who are potential customers as well as commercial businesses, that considered attitudes to electronic commerce in general and options relating to…

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

17 CFR 10.22 - Complaint and notice of hearing.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Complaint and notice of hearing. 10.22 Section 10.22 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES... Internet web site during the period referred to in paragraph (b)(1) of this section. [41 FR 2511, Jan. 16...

17 CFR 10.22 - Complaint and notice of hearing.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Complaint and notice of hearing. 10.22 Section 10.22 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES... Internet web site during the period referred to in paragraph (b)(1) of this section. [41 FR 2511, Jan. 16...

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

Transformative Rendering of Internet Resources

DTIC Science & Technology

2012-10-01

4 Securing WiFi Connections...comes from legitimate web sites that have themselves been hacked . There is no way of anticipating which of these sites have been hacked and therefore...pose a security threat to visitors. The purpose of most of this web page hacking is to plant malicious code on the web site that will attack any

77 FR 71201 - Order Extending Temporary Conditional Exemption for Nationally Recognized Statistical Rating...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-29

... following conflict of interest: Issuing or maintaining a credit rating for a security or money market... that was paid for by the issuer, sponsor, or underwriter of the security or money market instrument. 17...; Provide free and unlimited access to such password- protected Internet Web site during the applicable...

A New Look at Security Education: YouTube as YouTool

ERIC Educational Resources Information Center

Werner, Laurie A.; Frank, Charles E.

2010-01-01

Teaching a computer security course which includes network administration and protection software is especially challenging because textbook tools are out of date by the time the text is published. In an effort to use lab activities that work effectively, we turned to the internet. This paper describes several resources for teaching computer…

78 FR 54756 - Extension of Expiration Dates for Two Body System Listings

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-06

... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 404 [Docket No. SSA-2013-0039] RIN 0960-AH60 Extension of Expiration Dates for Two Body System Listings AGENCY: Social Security Administration. ACTION... national toll-free number, 1-800-772-1213, or TTY 1-800-325-0778, or visit our Internet site, Social...

76 FR 1559 - Guidelines for the Use of Electronic Voting Systems in Union Officer Elections

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-11

... voting. Id. However, there are still concerns regarding on-line computer security, viruses and attacks... casting votes at polling sites; electronic voting from remote site personal computers via the Internet..., Washington, DC 20210. Because of security precautions, the Department continues to experience delays in U.S...

17 CFR 274.219 - Form N-17f-1, cover page for each certificate of accounting of securities and similar investments...

Code of Federal Regulations, 2010 CFR

2010-04-01

... each certificate of accounting of securities and similar investments of a management investment company... PRESCRIBED UNDER THE INVESTMENT COMPANY ACT OF 1940 Forms for Other Statements § 274.219 Form N-17f-1, cover page for each certificate of accounting of securities and similar investments of a management...

Development of protected endorsement for online banking using mobile phones

NASA Astrophysics Data System (ADS)

Narayana, Galla; Venkateswarlu, Tammineni; Kumar, G. S. P.; Padmavathamma, Mokkala; Sreekanth, G.; Delhibabu, K.; Prasad, A. R.

2013-03-01

Securing Online Banking transactions for customer is the primary goal of financial institutions that provides Internet banking facility. Mobile phones play an important role in our society as more and more functions having been integrated within mobile phones, such as Internet browsing, mobile banking, and shopping. Mobiles phones can be used to secure ATM card pins by sending to the customer directly rather than in emails or by other means which has a possibility of hacking. In this paper we have proposed method of generating a Private Key Security Token by bank authentication servers which uses IMSI registers and IMEI number of client's mobile registered. The key is generated by implementing RIPE MD160 and Hex Encode Algorithm. Token received is valid only for that client mobile only and can be generated upon request by customer dynamically. The client is given a PIN and a Master Key when registered to the Online Banking Services. If in case a client's mobile is lost, authentication is done using Unique Master Key, else the Private Key Token is used there by making transactions secured and simple without the need of carrying any USB Tokens. The additional functionality provides the client more security on their transactions. Due to this Phishing attacks by the hackers is avoided.

An Internet-Based Accounting Information Systems Project

ERIC Educational Resources Information Center

Miller, Louise

2012-01-01

This paper describes a student project assignment used in an accounting information systems course. We are now truly immersed in the internet age, and while many required accounting information systems courses and textbooks introduce database design, accounting software development, cloud computing, and internet security, projects involving the…

Implementation of the Web-based laboratory

NASA Astrophysics Data System (ADS)

Ying, Liu; Li, Xunbo

2005-12-01

With the rapid developments of Internet technologies, remote access and control via Internet is becoming a reality. A realization of the web-based laboratory (the W-LAB) was presented. The main target of the W-LAB was to allow users to easily access and conduct experiments via the Internet. While realizing the remote communication, a system, which adopted the double client-server architecture, was introduced. It ensures the system better security and higher functionality. The experimental environment implemented in the W-Lab was integrated by both virtual lab and remote lab. The embedded technology in the W-LAB system as an economical and efficient way to build the distributed infrastructural network was introduced. Furthermore, by introducing the user authentication mechanism in the system, it effectively secures the remote communication.

RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code

NASA Astrophysics Data System (ADS)

Gonggrijp, Rop; Hengeveld, Willem-Jan; Hotting, Eelco; Schmidt, Sebastian; Weidemann, Frederik

The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which - among other things - appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down-to-earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.

17 CFR 249.220f - Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g), annual and transition reports pursuant to sections 13 and 15(d), and shell company reports required under Rule 13a-19 or 15d-19 (§ 240.13a-19 or § 240.15d-19 of this chapter). 24...

17 CFR 249.220f - Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g), annual and transition reports pursuant to sections 13 and 15(d), and shell company reports required under Rule 13a-19 or 15d-19 (§ 240.13a-19 or § 240.15d-19 of this chapter). 24...

17 CFR 249.220f - Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g), annual and transition reports pursuant to sections 13 and 15(d), and shell company reports required under Rule 13a-19 or 15d-19 (§ 240.13a-19 or § 240.15d-19 of this chapter). 24...

17 CFR 249.220f - Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g), annual and transition reports pursuant to sections 13 and 15(d), and shell company reports required under Rule 13a-19 or 15d-19 (§ 240.13a-19 or § 240.15d-19 of this chapter). 24...

17 CFR 249.220f - Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Form 20-F, registration of securities of foreign private issuers pursuant to section 12(b) or (g), annual and transition reports pursuant to sections 13 and 15(d), and shell company reports required under Rule 13a-19 or 15d-19 (§ 240.13a-19 or § 240.15d-19 of this chapter). 24...

Genomics-Based Security Protocols: From Plaintext to Cipherprotein

NASA Technical Reports Server (NTRS)

Shaw, Harry; Hussein, Sayed; Helgert, Hermann

2011-01-01

The evolving nature of the internet will require continual advances in authentication and confidentiality protocols. Nature provides some clues as to how this can be accomplished in a distributed manner through molecular biology. Cryptography and molecular biology share certain aspects and operations that allow for a set of unified principles to be applied to problems in either venue. A concept for developing security protocols that can be instantiated at the genomics level is presented. A DNA (Deoxyribonucleic acid) inspired hash code system is presented that utilizes concepts from molecular biology. It is a keyed-Hash Message Authentication Code (HMAC) capable of being used in secure mobile Ad hoc networks. It is targeted for applications without an available public key infrastructure. Mechanics of creating the HMAC are presented as well as a prototype HMAC protocol architecture. Security concepts related to the implementation differences between electronic domain security and genomics domain security are discussed.

Security Policy and Infrastructure in the Context of a Multi-Centeric Information System Dedicated to Autism Spectrum Disorder.

PubMed

Ben Said, Mohamed; Robel, Laurence; Golse, Bernard; Jais, Jean Philippe

2017-01-01

Autism spectrum disorders (ASD) are complex neuro-developmental disorders affecting children in their early age. The diagnosis of ASD relies on multidisciplinary investigations, in psychiatry, neurology, genetics, electrophysiology, neuro-imagery, audiology and ophthalmology. In order to support clinicians, researchers and public health decision makers, we designed an information system dedicated to ASD, called TEDIS. TEDIS was designed to manage systematic, exhaustive and continuous multi-centric patient data collection via secured Internet connections. In this paper, we present the security policy and security infrastructure we developed to protect ASD' patients' clinical data and patients' privacy. We tested our system on 359 ASD patient records in a local secured intranet environment and showed that the security system is functional, with a consistent, transparent and safe encrypting-decrypting behavior. It is ready for deployment in the nine ASD expert assessment centers in the Ile de France district.

20 CFR 416.919f - Type of purchased examinations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Type of purchased examinations. 416.919f Section 416.919f Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE... studies, or an electrocardiogram. [56 FR 36965, Aug. 1, 1991] ...

20 CFR 416.919f - Type of purchased examinations.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Type of purchased examinations. 416.919f Section 416.919f Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE... studies, or an electrocardiogram. [56 FR 36965, Aug. 1, 1991] ...

20 CFR 416.919f - Type of purchased examinations.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Type of purchased examinations. 416.919f Section 416.919f Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE... studies, or an electrocardiogram. [56 FR 36965, Aug. 1, 1991] ...

20 CFR 416.919f - Type of purchased examinations.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Type of purchased examinations. 416.919f Section 416.919f Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE... studies, or an electrocardiogram. [56 FR 36965, Aug. 1, 1991] ...

20 CFR 416.919f - Type of purchased examinations.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Type of purchased examinations. 416.919f Section 416.919f Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE... studies, or an electrocardiogram. [56 FR 36965, Aug. 1, 1991] ...

Effectiveness of the Civil Aviation Security Program.

DTIC Science & Technology

1980-10-14

CEASE FUNDING OF TRAINING"OF LAW ENFORCEMENT OFFICERS SUPPORTING AIRPORT SECURITY ACTIVITIES. F. FEDERAL AIR MARSHALS PROVIDE LAW ENFORCEMENT SUPPORT...enforcement officer authority through special deputations by the U.S. Marshals Service on an annual basis. Airport Security - Continuing activities...which contributed signifi- cantly to airport security include the training of local law enforcement officers supporting airport security programs, the

The Social Side of Information Networking.

ERIC Educational Resources Information Center

Katz, James E.

1997-01-01

Explores the social issues, including manners, security, crime (fraud), and social control associated with information networking, with emphasis on the Internet. Also addresses the influence of cellular phones, the Internet and other information technologies on society. (GR)

31 CFR 132.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2011 CFR

2011-07-01

... UNLAWFUL INTERNET GAMBLING § 132.1 Authority, purpose, collection of information, and incorporation by... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

Data threats analysis and prevention on iOS platform

NASA Astrophysics Data System (ADS)

Gao, Bo; Wang, Yi; Chen, Zhou; Tang, Jiqiang

2015-12-01

Background: The rapid growth of mobile internet has driven the rapid popularity of smart mobiles. iOS device is chosen by more and more people for its humanity, stability and excellent industrial design, and the data security problem that followed it has gradually attracted the researchers' attention. Method & Result: This thesis focuses on the analysis of current situation of data security on iOS platform, from both security mechanism and data risk, and proposes countermeasures. Conclusion: From practical work, many problems of data security mechanism on iOS platform still exist. At present, the problem of malicious software towards iOS system has not been severe, but how to ensure the security of data on iOS platform will inevitably become one of the directions for our further study.

Pre-Employment Testing on the Internet: Put Candidates a Click Away and Hire at Modem Speed.

ERIC Educational Resources Information Center

Mooney, John

2002-01-01

The experience of a county government illustrates factors to consider in implementing online employment testing for job candidates: (1) selection of the appropriate Internet-based test; (2) passwords, timing, security, and technical difficulties; and (3) provisions for applicants who lack Internet access. (SK)

Banking on the Internet.

ERIC Educational Resources Information Center

Internet Research, 1996

1996-01-01

Electronic ground was broken in 1995 with the development of the completely Internet-based bank Security First Network Bank. This article discusses the need for developing online services, outlines the reasons for the formation of an Internet-based bank and argues that to remain competitive financial services providers must provide easier customer…

Designing for the Elderly User: Internet Safety Training

ERIC Educational Resources Information Center

Appelt, Lianne C.

2016-01-01

The following qualitative study examines the usability of a custom-designed Internet safety tutorial, targeted at elderly individuals who use the Internet regularly, for effectively conveying critical information regarding online fraud, scams, and other cyber security. The elderly population is especially at risk when it comes to fraudulent…

17 CFR 240.12f-1 - Applications for permission to reinstate unlisted trading privileges.

Code of Federal Regulations, 2011 CFR

2011-04-01

... reinstate unlisted trading privileges. 240.12f-1 Section 240.12f-1 Commodity and Securities Exchanges... Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-1 Applications for permission to reinstate unlisted trading privileges. (a) An application to reinstate unlisted...

17 CFR 270.17f-2 - Custody of investments by registered management investment company.

Code of Federal Regulations, 2010 CFR

2010-04-01

... registered management investment company. 270.17f-2 Section 270.17f-2 Commodity and Securities Exchanges....17f-2 Custody of investments by registered management investment company. (a) The securities and similar investments of a registered management investment company may be maintained in the custody of such...

17 CFR 240.12f-1 - Applications for permission to reinstate unlisted trading privileges.

Code of Federal Regulations, 2014 CFR

2014-04-01

... reinstate unlisted trading privileges. 240.12f-1 Section 240.12f-1 Commodity and Securities Exchanges... Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-1 Applications for permission to reinstate unlisted trading privileges. (a) An application to reinstate unlisted...

17 CFR 240.12f-1 - Applications for permission to reinstate unlisted trading privileges.

Code of Federal Regulations, 2012 CFR

2012-04-01

... reinstate unlisted trading privileges. 240.12f-1 Section 240.12f-1 Commodity and Securities Exchanges... Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-1 Applications for permission to reinstate unlisted trading privileges. (a) An application to reinstate unlisted...

17 CFR 240.12f-1 - Applications for permission to reinstate unlisted trading privileges.

Code of Federal Regulations, 2013 CFR

2013-04-01

... reinstate unlisted trading privileges. 240.12f-1 Section 240.12f-1 Commodity and Securities Exchanges... Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-1 Applications for permission to reinstate unlisted trading privileges. (a) An application to reinstate unlisted...

17 CFR 200.80f - Appendix F-Records control schedule.

Code of Federal Regulations, 2010 CFR

2010-04-01

... ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Information and Requests § 200.80f Appendix F... in purchasing new issues of securities from underwriters 6 years. 821- Reports by registered small... state or federal laws in the purchase and sale of securities Until date of last reported action plus 10...

17 CFR 240.12f-1 - Applications for permission to reinstate unlisted trading privileges.

Code of Federal Regulations, 2010 CFR

2010-04-01

... reinstate unlisted trading privileges. 240.12f-1 Section 240.12f-1 Commodity and Securities Exchanges... Rules and Regulations Under the Securities Exchange Act of 1934 Unlisted Trading § 240.12f-1 Applications for permission to reinstate unlisted trading privileges. (a) An application to reinstate unlisted...

20 CFR 229.11 - 100 percent overall minimum.

Code of Federal Regulations, 2010 CFR

2010-04-01

... SOCIAL SECURITY OVERALL MINIMUM GUARANTEE Social Security Overall Minimum Guarantee Defined § 229.11 100..., will not be less than 100 percent of the total family benefits payable under the Social Security Act if the employee's railroad service after 1936 were credited as social security earnings. Subpart F...

Advancing the science of forensic data management

NASA Astrophysics Data System (ADS)

Naughton, Timothy S.

2002-07-01

Many individual elements comprise a typical forensics process. Collecting evidence, analyzing it, and using results to draw conclusions are all mutually distinct endeavors. Different physical locations and personnel are involved, juxtaposed against an acute need for security and data integrity. Using digital technologies and the Internet's ubiquity, these diverse elements can be conjoined using digital data as the common element. This result is a new data management process that can be applied to serve all elements of the community. The first step is recognition of a forensics lifecycle. Evidence gathering, analysis, storage, and use in legal proceedings are actually just distinct parts of a single end-to-end process, and thus, it is hypothesized that a single data system that can also accommodate each constituent phase using common network and security protocols. This paper introduces the idea of web-based Central Data Repository. Its cornerstone is anywhere, anytime Internet upload, viewing, and report distribution. Archives exist indefinitely after being created, and high-strength security and encryption protect data and ensure subsequent case file additions do not violate chain-of-custody or other handling provisions. Several legal precedents have been established for using digital information in courts of law, and in fact, effective prosecution of cyber crimes absolutely relies on its use. An example is a US Department of Agriculture division's use of digital images to back up its inspection process, with pictures and information retained on secure servers to enforce the Perishable Agricultural Commodities Act. Forensics is a cumulative process. Secure, web-based data management solutions, such as the Central Data Repository postulated here, can support each process step. Logically marrying digital technologies with Internet accessibility should help nurture a thought process to explore alternatives that make forensics data accessible to authorized individuals, whenever and wherever they need it.

Internetting tactical security sensor systems

NASA Astrophysics Data System (ADS)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control stations.

Influence of Security Mechanisms on the Quality of Service of VoIP

NASA Astrophysics Data System (ADS)

Backs, Peter; Pohlmann, Norbert

While Voice over IP (VoIP) is advancing rapidly in the telecommunications market, the interest to protect the data transmitted by this new service is also rising. However, in contrast to other internet services such as email or HTTP, VoIP is real-time media, and therefore must meet a special requirement referred to as Quality-of-Service to provide a comfortable flow of speech. Speech quality is worsened when transmitted over the network due to delays in transmission or loss of packets. Often, voice quality is at a level that even prevents comprehensive dialog. Therefore, an administrator who is to setup a VoIP infrastructure might consider avoiding additional decreases in voice quality resulting from security mechanisms, and might leave internet telephony unprotected as a result. The inspiration for this paper is to illustrate that security mechanisms have negligible impact on speech quality and should in fact be encouraged.

Threats and risks to information security: a practical analysis of free access wireless networks

NASA Astrophysics Data System (ADS)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

Electronic Commerce--Would, Could and Should You Use Current Internet Payment Mechanisms?

ERIC Educational Resources Information Center

Buck, S. Peter

1996-01-01

Discussion of use of the Internet for online payments focuses on payment mechanisms for conducting transactions. Highlights include commercial requirements; security requirements; various proposed and currently used mechanisms; and future possibilities. (LRW)

Evaluation on Electronic Securities Settlements Systems by AHP Methods

NASA Astrophysics Data System (ADS)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

77 FR 47688 - Agency Information Collection Activities: Proposed Request and Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-09

... Security number (SSN). In addition, the employee's name and SSN must match SSA's records for SSA to post... information either through the Internet or via telephone. The respondents are employers who need to verify SSN... Security payments to Canada and (2) mandate the reclamation of funds paid erroneously to a Canadian bank or...

Flexible and Secure Computer-Based Assessment Using a Single Zip Disk

ERIC Educational Resources Information Center

Ko, C. C.; Cheng, C. D.

2008-01-01

Electronic examination systems, which include Internet-based system, require extremely complicated installation, configuration and maintenance of software as well as hardware. In this paper, we present the design and development of a flexible, easy-to-use and secure examination system (e-Test), in which any commonly used computer can be used as a…

Knowledge-Base Semantic Gap Analysis for the Vulnerability Detection

NASA Astrophysics Data System (ADS)

Wu, Raymond; Seki, Keisuke; Sakamoto, Ryusuke; Hisada, Masayuki

Web security became an alert in internet computing. To cope with ever-rising security complexity, semantic analysis is proposed to fill-in the gap that the current approaches fail to commit. Conventional methods limit their focus to the physical source codes instead of the abstraction of semantics. It bypasses new types of vulnerability and causes tremendous business loss.

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2010 CFR

2010-04-01

... RELATED STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202... amount of a carrier's required security deposit, the Office will consider the extent to which a State... Internet at http://www.dol.gov/esa/owcp/dlhwc/lstable.htm. These findings will indicate the extent of any...

The Perceptions of U.S.-Based IT Security Professionals about the Effectiveness of IT Security Frameworks: A Quantitative Study

ERIC Educational Resources Information Center

Warfield, Douglas L.

2011-01-01

The evolution of information technology has included new methodologies that use information technology to control and manage various industries and government activities. Information Technology has also evolved as its own industry with global networks of interconnectivity, such as the Internet, and frameworks, models, and methodologies to control…

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

ERIC Educational Resources Information Center

Patten, Karen P.; Harris, Mark A.

2013-01-01

Mobile devices, including smartphones and tablets, enable users to access corporate data from anywhere. In 2013, people will purchase 1.2 billion mobile devices, surpassing personal computers as the most common method for accessing the Internet. However, security of these mobile devices is a major concern for organizations. The two leading…

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System.more » Selected papers were processed separately for inclusion in the Energy Science and Technology Database.« less

A Web-based, secure, light weight clinical multimedia data capture and display system.

PubMed Central

Wang, S. S.; Starren, J.

2000-01-01

Computer-based patient records are traditionally composed of textual data. Integration of multimedia data has been historically slow. Multimedia data such as image, audio, and video have been traditionally more difficult to handle. An implementation of a clinical system for multimedia data is discussed. The system implementation uses Java, Secure Socket Layer (SSL), and Oracle 8i. The system is on top of the Internet so it is architectural independent, cross-platform, cross-vendor, and secure. Design and implementations issues are discussed. Images Figure 2 Figure 3 PMID:11080014

Cloud Computing Security Issue: Survey

NASA Astrophysics Data System (ADS)

Kamal, Shailza; Kaur, Rajpreet

2011-12-01

Cloud computing is the growing field in IT industry since 2007 proposed by IBM. Another company like Google, Amazon, and Microsoft provides further products to cloud computing. The cloud computing is the internet based computing that shared recourses, information on demand. It provides the services like SaaS, IaaS and PaaS. The services and recourses are shared by virtualization that run multiple operation applications on cloud computing. This discussion gives the survey on the challenges on security issues during cloud computing and describes some standards and protocols that presents how security can be managed.

Individuals’ Uncertainty about Future Social Security Benefits and Portfolio Choice

PubMed Central

Delavande, Adeline

2013-01-01

Summary Little is known about the degree to which individuals are uncertain about their future Social Security benefits, how this varies within the U.S. population, and whether this uncertainty influences financial decisions related to retirement planning. To illuminate these issues, we present empirical evidence from the Health and Retirement Study Internet Survey and document systematic variation in respondents’ uncertainty about their future Social Security benefits by individual characteristics. We find that respondents with higher levels of uncertainty about future benefits hold a smaller share of their wealth in stocks. PMID:23914049

LISA, the next generation: from a web-based application to a fat client.

PubMed

Pierlet, Noëlla; Aerts, Werner; Vanautgaerden, Mark; Van den Bosch, Bart; De Deurwaerder, André; Schils, Erik; Noppe, Thomas

2008-01-01

The LISA application, developed by the University Hospitals Leuven, permits referring physicians to consult the electronic medical records of their patients over the internet in a highly secure way. We decided to completely change the way we secured the application, discard the existing web application and build a completely new application, based on the in-house developed hospital information system, used in the University Hospitals Leuven. The result is a fat Java client, running on a Windows Terminal Server, secured by a commercial SSL-VPN solution.

Reducing Food Insecurity and Improving Fruit and Vegetable Intake Among Farmers' Market Incentive Program Participants.

PubMed

Savoie-Roskos, Mateja; Durward, Carrie; Jeweks, Melanie; LeBlanc, Heidi

2016-01-01

To determine whether participation in a farmers' market incentive pilot program had an impact on food security and fruit and vegetable (F&V) intake of participants. Participants in the Supplemental Nutrition Assistance Program were eligible to receive a dollar-per-dollar match up to $10/wk in farmers' market incentives. The researchers used a pretest-posttest design to measure F&V intake and food security status of 54 adult participants before and after receiving farmers' market incentives. The 6-item Behavior Risk Factor Surveillance System questionnaire and US Household Food Security Survey Module were used to measure F&V intake and food security, respectively. Wilcoxon signed-rank test was used to compare scores of F&V intake. After receiving incentives, fewer individuals reported experiencing food insecurity-related behaviors. A significantly increased intake (P < .05) was found among selected vegetables. Participation in a farmers' market incentive program was positively related to greater food security and intake of select vegetables among participants in the Supplemental Nutrition Assistance Program. Copyright © 2016 Society for Nutrition Education and Behavior. Published by Elsevier Inc. All rights reserved.

ESS-FH: Enhanced Security Scheme for Fast Handover in Hierarchical Mobile IPv6

NASA Astrophysics Data System (ADS)

You, Ilsun; Lee, Jong-Hyouk; Sakurai, Kouichi; Hori, Yoshiaki

Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang and Park proposed a security scheme, which is seamlessly integrated into F-HMIPv6. In this paper, we reveal that Kang-Park's scheme cannot defend against the Denial of Service (DoS) and redirect attacks while largely relying on the group key. Then, we propose an Enhanced Security Scheme for F-HMIPv6 (ESS-FH) that achieves the strong key exchange and the key independence as well as addresses the weaknesses of Kang-Park's scheme. More importantly, it enables fast handover between different MAP domains. The proposed scheme is formally verified based on BAN-logic, and its handover latency is analyzed and compared with that of Kang-Park's scheme.

17 CFR 239.43 - Form F-N, appointment of agent for service of process by foreign banks and foreign insurance...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Form F-N, appointment of agent for service of process by foreign banks and foreign insurance companies and certain of their holding companies and finance subsidiaries making public offerings of securities in the United States. 239.43 Section 239.43 Commodity and Securities...

17 CFR 239.43 - Form F-N, appointment of agent for service of process by foreign banks and foreign insurance...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Form F-N, appointment of agent for service of process by foreign banks and foreign insurance companies and certain of their holding companies and finance subsidiaries making public offerings of securities in the United States. 239.43 Section 239.43 Commodity and Securities...

17 CFR 210.3-10 - Financial statements of guarantors and issuers of guaranteed securities registered or being...

Code of Federal Regulations, 2010 CFR

2010-04-01

..., no independent assets or operations, minor, finance subsidiary and operating subsidiary. Paragraph (i....220f of this chapter). (b) Finance subsidiary issuer of securities guaranteed by its parent company. When a finance subsidiary issues securities and its parent company guarantees those securities, the...

17 CFR 240.17f-1 - Requirements for reporting and inquiry with respect to missing, lost, counterfeit or stolen...

Code of Federal Regulations, 2010 CFR

2010-04-01

... securities exchange who effects securities transactions through the trading facilities of the exchange and... can obtain a negotiable securities certificate; or (3) A reporting institution whose business... the securities certificate has been missing or lost for a period of two business days. Such report...

Development of Security Measures: Implementation Instructions for MIL-STD on Physical Security for DCS Facilities.

DTIC Science & Technology

1981-07-01

security measures to in- crease the survivability of these assets. However, sabotage, terrorism and vandalism continue to be serious threats to DCS and its...Closed circuit television. e. Comunication cables. f. Fuel storage. g. Fuel lines. h. Air conditioning. The primary benefits of security measures

Countering Internet Extremism

DTIC Science & Technology

2009-01-01

early stages of the conflict, and secure an information warfare victory. Extremists’ use of the Internet has developed rapidly since the Chechen...activities Countering Internet Extremism By Mr. Timothy L. Thomas Editorial Abstract: The author examines the modern informational environment, and...spite of all of these resources—plus all of the money the west has thrown into information (read Internet ) security—an individual known as Irhabi

A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

PubMed

Amin, Ruhul; Biswas, G P

2015-08-01

Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

E-Commerce and Security Governance in Developing Countries

NASA Astrophysics Data System (ADS)

Sanayei, Ali.; Rajabion, Lila

Security is very often mentioned as one of the preconditions for the faster growth of e-commerce. Without a secure and reliable internet, customer will continue to be reluctant to provide confidential information online, such as credit card number. Moreover, organizations of all types and sizes around the world rely heavily on technologies of electronic commerce (e-commerce) for conducting their day-to-day business transaction. Providing organizations with a secure e-commerce environment is a major issue and challenging one especially in Middle Eastern countries. Without secure e-commerce, it is almost impossible to take advantage of the opportunities offered by e-commerce technologies. E-commerce can create opportunities for small entrepreneurs in Middle Eastern countries. This requires removing infrastructure blockages in telecommunications and logistics alongside the governance of e-commerce with policies on consumer protection, security of transactions, privacy of records and intellectual property. In this paper, we will explore the legal implications of e-commerce security governance by establishing who is responsible for ensuring compliance with this discipline, demonstrating the value to be derived from information security governance, the methodology of applying information security governance, and liability for non-compliance with this discipline. Our main focus will be on analyzing the importance and implication of e-commerce security governance in developing countries.

Physical Security Modeling for the Shipboard Nuclear Weapons Security Program,

DTIC Science & Technology

1982-04-01

I AOA1IR 396 NAVAL SURFACE WEAPONS CENTER SILVER SPRING MO F/G 15/3 PHYSICAL SECURITY MODELING FOR THE SHIPROARD NUCLEAR WEAPONS SE--ETEEU) APR A2 E ...WEAPONS SECURITY )PROGRAM 0% BY E . G. JACOUES D. L BARTUSEK R. W. MONROE M. S. SCHWARTZ WEAPONS SYSTEMS DEPARTMENT 1 APRIL 1982 A4pm lvW for p uic r...ASSIPICATIO N O F Tb IS PAGE t’W "mu Dat e E DLeT R)....... t READ W~STRUCTIoNs’ REPORT DOCUMENTATION PAGE BEFORE COMPLETNG FORM4 . REPiQRT NUM1e[i ja. VT

Security and Privacy Grand Challenges for the Internet of Things

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Zarzhitsky, Dimitri V.; Carroll, Thomas E.

Abstract— The growth of the Internet of Things (IoT) is driven by market pressures, and while security is being considered, the relationship between the unintended consequences of billions of such devices connecting to the Internet cannot be described with existing mathematical methods. The possibilities for illicit surveillance through lifestyle analysis, unauthorized access to information, and new attack vectors will continue to increase by 2020, when up-to 50 billion devices may be connected. This paper discusses various kinds of vulnerabilities that can be expected to arise, and presents a research agenda for mitigating the worst of the impacts. We hope tomore » draw research attention to the potential dangers of IoT so that many of these problems can be avoided.« less

Security on the Internet: is your system vulnerable?

PubMed

Neray, P

1997-07-01

Internet technology does not discriminate. Whether or not your system is an intentional target really doesn't matter; you have a duty to ensure its safekeeping. Ten simple steps are given to protect your system from viruses, hackers, etc.

An Analysis of Federal Airport and Air Carrier Employee Access Control, Screening. and Training Regulations

DTIC Science & Technology

1998-03-01

traveling public, air carriers, and persons employed by or conducting business at public airports. 14. SUBJECT TERMS Airport Security , Federal...26 4. Sterile Area 28 5. Exclusive Area 28 E. SECURITY ALERT LEVELS 29 F. AIRPORT SECURITY TOOLS 30 1. Electronic Detection System 31 a... Security Coordinator ASP Airport Security Program BIS Biometrie Identification System CCTV Closed Circuit Television CJIS Criminal Justice Information

Image-based electronic patient records for secured collaborative medical applications.

PubMed

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2010 CFR

2010-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2012 CFR

2012-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2013 CFR

2013-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2011 CFR

2011-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2014 CFR

2014-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

78 FR 54707 - Self-Regulatory Organizations; The Options Clearing Corporation; Notice of Filing of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-05

... Statement Adopted Under Rule 205 Entitled ``Back-up Communication Channel to Internet Access'' August 29... ``Back-up Communication Channel to Internet Access'' requiring clearing members that use the Internet as their primary means to access OCC's information and data systems to maintain a secure back-up means of...

Privacy/Security Policy

Science.gov Websites

automatically is: The Internet Protocol (IP) address of the domain from which you access the Internet (i.e DUF6 Management and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home  , to access, obtain, alter, damage, or destroy information, or otherwise to interfere with the system

77 FR 75683 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-21

... things, the telephone services provided by third-party carriers to the Exchange were still not fully... intermittent phone and internet service. Specifically, the wired telephone lines and internet connections for... and Internet issues. \\6\\ See Securities Exchange Act Release No. 68161 (Nov. 5, 2012), 77 FR 67704...

78 FR 5848 - Self-Regulatory Organizations; NYSE MKT LLC; Notice of Filing and Immediate Effectiveness of...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-28

.... Among other things, the telephone services provided by third-party carriers to the Exchange were still... Internet service. Specifically, the wired telephone lines and Internet connections for Floor brokers... aspects of Rules 36.20 and 36.21 because of ongoing telephone and Internet issues. \\5\\ See Securities...

Combination of Rivest-Shamir-Adleman Algorithm and End of File Method for Data Security

NASA Astrophysics Data System (ADS)

Rachmawati, Dian; Amalia, Amalia; Elviwani

2018-03-01

Data security is one of the crucial issues in the delivery of information. One of the ways which used to secure the data is by encoding it into something else that is not comprehensible by human beings by using some crypto graphical techniques. The Rivest-Shamir-Adleman (RSA) cryptographic algorithm has been proven robust to secure messages. Since this algorithm uses two different keys (i.e., public key and private key) at the time of encryption and decryption, it is classified as asymmetric cryptography algorithm. Steganography is a method that is used to secure a message by inserting the bits of the message into a larger media such as an image. One of the known steganography methods is End of File (EoF). In this research, the cipher text resulted from the RSA algorithm is compiled into an array form and appended to the end of the image. The result of the EoF is the image which has a line with black gradations under it. This line contains the secret message. This combination of cryptography and steganography in securing the message is expected to increase the security of the message, since the message encryption technique (RSA) is mixed with the data hiding technique (EoF).

Enabling Secure XMPP Communications in Federated IoT Clouds Through XEP 0027 and SAML/SASL SSO

PubMed Central

Celesti, Antonio; Fazio, Maria; Villari, Massimo

2017-01-01

Nowadays, in the panorama of Internet of Things (IoT), finding a right compromise between interactivity and security is not trivial at all. Currently, most of pervasive communication technologies are designed to work locally. As a consequence, the development of large-scale Internet services and applications is not so easy for IoT Cloud providers. The main issue is that both IoT architectures and services have started as simple but they are becoming more and more complex. Consequently, the web service technology is often inappropriate. Recently, many operators in both academia and industry fields are considering the possibility to adopt the eXtensible Messaging and Presence Protocol (XMPP) for the implementation of IoT Cloud communication systems. In fact, XMPP offers many advantages in term of real-time capabilities, efficient data distribution, service discovery and inter-domain communication compared to other technologies. Nevertheless, the protocol lacks of native security, data confidentiality and trustworthy federation features. In this paper, considering an XMPP-based IoT Cloud architectural model, we discuss how can be possible to enforce message signing/encryption and Single-Sign On (SSO) authentication respectively for secure inter-module and inter-domain communications in a federated environment. Experiments prove that security mechanisms introduce an acceptable overhead, considering the obvious advantages achieved in terms of data trustiness and privacy. PMID:28178214

Enabling Secure XMPP Communications in Federated IoT Clouds Through XEP 0027 and SAML/SASL SSO.

PubMed

Celesti, Antonio; Fazio, Maria; Villari, Massimo

2017-02-07

Nowadays, in the panorama of Internet of Things (IoT), finding a right compromise between interactivity and security is not trivial at all. Currently, most of pervasive communication technologies are designed to work locally. As a consequence, the development of large-scale Internet services and applications is not so easy for IoT Cloud providers. The main issue is that both IoT architectures and services have started as simple but they are becoming more and more complex. Consequently, the web service technology is often inappropriate. Recently, many operators in both academia and industry fields are considering the possibility to adopt the eXtensible Messaging and Presence Protocol (XMPP) for the implementation of IoT Cloud communication systems. In fact, XMPP offers many advantages in term of real-time capabilities, efficient data distribution, service discovery and inter-domain communication compared to other technologies. Nevertheless, the protocol lacks of native security, data confidentiality and trustworthy federation features. In this paper, considering an XMPP-based IoT Cloud architectural model, we discuss how can be possible to enforce message signing/encryption and Single-Sign On (SSO) authentication respectively for secure inter-module and inter-domain communications in a federated environment. Experiments prove that security mechanisms introduce an acceptable overhead, considering the obvious advantages achieved in terms of data trustiness and privacy.

Secure Base Priming Diminishes Conflict-Based Anger and Anxiety

PubMed Central

Koren, Tamara; Bartholomew, Kim

2016-01-01

This study examines the impact of a visual representation of a secure base (i.e. a secure base prime) on attenuating experimentally produced anger and anxiety. Specifically, we examined the assuaging of negative emotions through exposure to an image of a mother-infant embrace or a heterosexual couple embracing. Subjects seated at a computer terminal rated their affect (Pre Affect) using the Affect Adjective Checklist (AAC) then listened to two sets of intense two person conflicts. After the first conflict exposure they rated affect again (Post 1 AAC). Following the second exposure they saw a blank screen (control condition), pictures of everyday objects (distraction condition) or a photo of two people embracing (Secure Base Prime condition). They then reported emotions using the Post 2 AAC. Compared to either control or distraction subjects, Secure Base Prime (SBP) subjects reported significantly less anger and anxiety. These results were then replicated using an internet sample with control, SBP and two new controls: Smiling Man (to control for expression of positive affect) and Cold Mother (an unsmiling mother with infant). The SBP amelioration of anger and anxiety was replicated with the internet sample. No control groups produced this effect, which was generated only by a combination of positive affect in a physically embracing dyad. The results are discussed in terms of attachment theory and research on spreading activation. PMID:27606897

77 FR 17102 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-23

... Rule Change To Adopt a New Order Type March 19, 2012. Pursuant to Section 19(b)(1) of the Securities... of the Proposed Rule Change The Exchange proposes to amend Rule 715 (Types of Orders) to adopt a new order type. The text of the proposed rule change is available on the Exchange's Internet Web site at...