48 CFR 39.101 - Policy.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., including consideration of security of resources, protection of privacy, national security and emergency... information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of...

School Security and Crisis Preparedness: Make It Your Business.

ERIC Educational Resources Information Center

Trump, Kenneth S.

1999-01-01

The top five security risks in today's schools include aggressive behavior, weapons possession or use, drug trafficking, gangs, and "stranger danger." Home-made bomb threats are common. This article also discusses security system costs, risk-reduction frameworks, security assessments, crisis-preparedness guidelines, and security-related…

12 CFR 390.309 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 5 2013-01-01 2013-01-01 false Security. 390.309 Section 390.309 Banks and... Associations § 390.309 Security. The term security means any non-withdrawable account, note, stock, treasury... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 161.44 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 1 2013-01-01 2013-01-01 false Security. 161.44 Section 161.44 Banks and... SAVINGS ASSOCIATIONS § 161.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 561.44 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 12 Banks and Banking 6 2014-01-01 2012-01-01 true Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 561.44 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 6 2013-01-01 2012-01-01 true Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 561.44 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 12 Banks and Banking 6 2012-01-01 2012-01-01 false Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 390.309 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 12 Banks and Banking 5 2014-01-01 2014-01-01 false Security. 390.309 Section 390.309 Banks and... Associations § 390.309 Security. The term security means any non-withdrawable account, note, stock, treasury... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 390.309 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 12 Banks and Banking 5 2012-01-01 2012-01-01 false Security. 390.309 Section 390.309 Banks and... Associations § 390.309 Security. The term security means any non-withdrawable account, note, stock, treasury... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 561.44 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 12 Banks and Banking 5 2011-01-01 2011-01-01 false Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 561.44 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Security. 561.44 Section 561.44 Banks and... SAVINGS ASSOCIATIONS § 561.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 161.44 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 12 Banks and Banking 1 2014-01-01 2014-01-01 false Security. 161.44 Section 161.44 Banks and... SAVINGS ASSOCIATIONS § 161.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 161.44 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 12 Banks and Banking 1 2012-01-01 2012-01-01 false Security. 161.44 Section 161.44 Banks and... SAVINGS ASSOCIATIONS § 161.44 Security. The term security means any non-withdrawable account, note, stock... commonly known as a security, or any certificate of interest or participation in, temporary or interim...

12 CFR 541.7 - Corporate debt security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 12 Banks and Banking 6 2012-01-01 2012-01-01 false Corporate debt security. 541.7 Section 541.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 541.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 141.7 - Corporate debt security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 1 2013-01-01 2013-01-01 false Corporate debt security. 141.7 Section 141.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 141.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 541.7 - Corporate debt security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 12 Banks and Banking 6 2014-01-01 2012-01-01 true Corporate debt security. 541.7 Section 541.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 541.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 141.7 - Corporate debt security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 12 Banks and Banking 1 2012-01-01 2012-01-01 false Corporate debt security. 141.7 Section 141.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 141.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 541.7 - Corporate debt security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 12 Banks and Banking 5 2011-01-01 2011-01-01 false Corporate debt security. 541.7 Section 541.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 541.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 141.7 - Corporate debt security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 12 Banks and Banking 1 2014-01-01 2014-01-01 false Corporate debt security. 141.7 Section 141.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 141.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 541.7 - Corporate debt security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Corporate debt security. 541.7 Section 541.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 541.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

12 CFR 541.7 - Corporate debt security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 6 2013-01-01 2012-01-01 true Corporate debt security. 541.7 Section 541.7... AFFECTING FEDERAL SAVINGS ASSOCIATIONS § 541.7 Corporate debt security. The term corporate debt security..., note and/or debenture which is commonly regarded as a debt security and is not predominantly...

The nature of international health security.

PubMed

Chiu, Ya-Wen; Weng, Yi-Hao; Su, Yi-Yuan; Huang, Ching-Yi; Chang, Ya-Chen; Kuo, Ken N

2009-01-01

Health issues occasionally intersect security issues. Health security has been viewed as an essential part of human security. Policymakers and health professionals, however, do not share a common definition of health security. This article aims to characterize the notions of health security in order to clarify what constitutes the nexus of health and security. The concept of health security has evolved over time so that it encompasses many entities. Analyzing the health reports of four multilateral organizations (the United Nations, World Health Organization, Asia-Pacific Economic Cooperation, and the European Union) produced eight categories of most significant relevance to contemporary health security, allowing comparison of the definitions. The four categories are: emerging diseases; global infectious disease; deliberate release of chemical and biological materials; violence, conflict, and humanitarian emergencies. Two other categories of common concern are natural disasters and environmental change, as well as chemical and radioactive accidents. The final two categories, food insecurity and poverty, are discussed less frequently. Nevertheless, food security is emerging as an increasingly important issue in public health. Health security is the first line of defence against health emergencies. As globalization brings more complexities, dealing with the increased scale and extent of health security will require greater international effort and political support.

32 CFR 223.4 - Policy.

Code of Federal Regulations, 2013 CFR

2013-07-01

... dissemination of unclassified information pertaining to security measures, including security plans, procedures... security by significantly increasing the likelihood of the illegal production of nuclear weapons or the... the public or the common defense and security. (d) This part and title 10 of the Code of Federal...

32 CFR 223.4 - Policy.

Code of Federal Regulations, 2014 CFR

2014-07-01

... dissemination of unclassified information pertaining to security measures, including security plans, procedures... security by significantly increasing the likelihood of the illegal production of nuclear weapons or the... the public or the common defense and security. (d) This part and title 10 of the Code of Federal...

Cyber security issues in online games

NASA Astrophysics Data System (ADS)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

Telling metabolic stories to explore metabolomics data: a case study on the yeast response to cadmium exposure.

PubMed

Milreu, Paulo Vieira; Klein, Cecilia Coimbra; Cottret, Ludovic; Acuña, Vicente; Birmelé, Etienne; Borassi, Michele; Junot, Christophe; Marchetti-Spaccamela, Alberto; Marino, Andrea; Stougie, Leen; Jourdan, Fabien; Crescenzi, Pierluigi; Lacroix, Vincent; Sagot, Marie-France

2014-01-01

The increasing availability of metabolomics data enables to better understand the metabolic processes involved in the immediate response of an organism to environmental changes and stress. The data usually come in the form of a list of metabolites whose concentrations significantly changed under some conditions, and are thus not easy to interpret without being able to precisely visualize how such metabolites are interconnected. We present a method that enables to organize the data from any metabolomics experiment into metabolic stories. Each story corresponds to a possible scenario explaining the flow of matter between the metabolites of interest. These scenarios may then be ranked in different ways depending on which interpretation one wishes to emphasize for the causal link between two affected metabolites: enzyme activation, enzyme inhibition or domino effect on the concentration changes of substrates and products. Equally probable stories under any selected ranking scheme can be further grouped into a single anthology that summarizes, in a unique subnetwork, all equivalently plausible alternative stories. An anthology is simply a union of such stories. We detail an application of the method to the response of yeast to cadmium exposure. We use this system as a proof of concept for our method, and we show that we are able to find a story that reproduces very well the current knowledge about the yeast response to cadmium. We further show that this response is mostly based on enzyme activation. We also provide a framework for exploring the alternative pathways or side effects this local response is expected to have in the rest of the network. We discuss several interpretations for the changes we see, and we suggest hypotheses that could in principle be experimentally tested. Noticeably, our method requires simple input data and could be used in a wide variety of applications. The code for the method presented in this article is available at http://gobbolino.gforge.inria.fr.

10 CFR 780.8 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 4 2014-01-01 2014-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

10 CFR 780.8 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Security. 780.8 Section 780.8 Energy DEPARTMENT OF ENERGY PATENT COMPENSATION BOARD REGULATIONS General Provisions § 780.8 Security. In any proceeding under this... the Act to assure compliance with Department security regulations and the common defense. ...

IT Security Standards and Legal Metrology - Transfer and Validation

NASA Astrophysics Data System (ADS)

Thiel, F.; Hartmann, V.; Grottker, U.; Richter, D.

2014-08-01

Legal Metrology's requirements can be transferred into the IT security domain applying a generic set of standardized rules provided by the Common Criteria (ISO/IEC 15408). We will outline the transfer and cross validation of such an approach. As an example serves the integration of Legal Metrology's requirements into a recently developed Common Criteria based Protection Profile for a Smart Meter Gateway designed under the leadership of the Germany's Federal Office for Information Security. The requirements on utility meters laid down in the Measuring Instruments Directive (MID) are incorporated. A verification approach to check for meeting Legal Metrology's requirements by their interpretation through Common Criteria's generic requirements is also presented.

Common Criteria related security design patterns--validation on the intelligent sensor example designed for mine environment.

PubMed

Bialas, Andrzej

2010-01-01

The paper discusses the security issues of intelligent sensors that are able to measure and process data and communicate with other information technology (IT) devices or systems. Such sensors are often used in high risk applications. To improve their robustness, the sensor systems should be developed in a restricted way to provide them with assurance. One of assurance creation methodologies is Common Criteria (ISO/IEC 15408), used for IT products and systems. The contribution of the paper is a Common Criteria compliant and pattern-based method for the intelligent sensors security development. The paper concisely presents this method and its evaluation for the sensor detecting methane in a mine, focusing on the security problem of the intelligent sensor definition and solution. The aim of the validation is to evaluate and improve the introduced method.

Sweden After the Cold War: Implications for US Regional Strategies

DTIC Science & Technology

1993-09-01

transient threats to common interests rather than formal alliance structures." [Ref. 3:p. 9] Such was the case in the recent Gulf War. But as Colonel...European Union, Sweden will participate fully in the common security and foreign policy which was laid down in the Maastricht Treaty... A "policy of...34defense policy": The EC is developing in the direction for a European Union, with a common security and foreign policy, and possibly a common

78 FR 782 - Energy Northwest; Columbia Generating Station; Exemption

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-04

... health or safety, and are consistent with the common defense and security; and (2) when special... temporary relief from the applicable regulation and the licensee or applicant has made good faith efforts to... Common Defense and Security The proposed exemption would extend the time interval between the 2011 and...

10 CFR 110.121 - Security clearances and access to classified information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... be granted unless required security clearances have been obtained. (h) For good cause, the Commission... the common defense and security; and (2) Which it has received from another Government agency, without...

Security Aspects of an Enterprise-Wide Network Architecture.

ERIC Educational Resources Information Center

Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

1999-01-01

Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

Chaos-based CAZAC scheme for secure transmission in OFDM-PON

NASA Astrophysics Data System (ADS)

Fu, Xiaosong; Bi, Meihua; Zhou, Xuefang; Yang, Guowei; Lu, Yang; Hu, Miao

2018-01-01

To effectively resist malicious eavesdropping and performance deterioration, a novel chaos-based secure transmission scheme is proposed to enhance the physical layer security and reduce peak-to-average power ratio (PAPR) in orthogonal frequency division multiplexing passive optical network (OFDM-PON). By the randomly extracting operation of common CAZAC values, the specially-designed constant amplitude zero autocorrelation (CAZAC) is created for system encryption and PAPR reduction enhancing the transmission security. This method is verified in {10-Gb/s encrypted OFDM-PON with 20-km fiber transmission. Results show that, compared to common OFDM-PON, our scheme achieves {3-dB PAPR reduction and {1-dB receiver sensitivity improvement.

Common Criteria Related Security Design Patterns—Validation on the Intelligent Sensor Example Designed for Mine Environment

PubMed Central

Bialas, Andrzej

2010-01-01

The paper discusses the security issues of intelligent sensors that are able to measure and process data and communicate with other information technology (IT) devices or systems. Such sensors are often used in high risk applications. To improve their robustness, the sensor systems should be developed in a restricted way to provide them with assurance. One of assurance creation methodologies is Common Criteria (ISO/IEC 15408), used for IT products and systems. The contribution of the paper is a Common Criteria compliant and pattern-based method for the intelligent sensors security development. The paper concisely presents this method and its evaluation for the sensor detecting methane in a mine, focusing on the security problem of the intelligent sensor definition and solution. The aim of the validation is to evaluate and improve the introduced method. PMID:22399888

Learning Locked down: Evaluating the Treatment of Students' Rights in High Security School Environments

ERIC Educational Resources Information Center

Bracy, Nicole L.

2009-01-01

Public schools have transformed significantly over the past several decades in response to broad concerns about rising school violence. Today's public schools are high security environments employing tactics commonly found in jails and prisons such as police officers, security cameras, identification systems, and secure building strategies.…

47 CFR 0.332 - Actions taken under delegated authority.

Code of Federal Regulations, 2012 CFR

2012-10-01

... safety, homeland security, national security, emergency management and preparedness, and disaster management communications—the Public Safety and Homeland Security Bureau. (d) Complaints involving equal... frequencies shared with broadcast, common carrier, or government services—Office of Engineering and Technology...

Synthesis of securement device options and strategies

DOT National Transportation Integrated Search

2002-03-01

The Americans with Disabilities Act of 1990 (ADA) requires that public transit vehicles be equipped with securement location(s) and device(s) that are able to secure common wheelchairs," as defined in the ADA regulations. The definition and size spec...

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

17 CFR 41.11 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2012 CFR

2012-04-01

... securities with the largest market capitalization shall be identified from the universe of all NMS securities... identified from the universe of all NMS securities as defined in § 242.600 that are common stock or...

17 CFR 41.11 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2014 CFR

2014-04-01

... securities with the largest market capitalization shall be identified from the universe of all NMS securities... identified from the universe of all NMS securities as defined in § 242.600 that are common stock or...

17 CFR 41.11 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2011 CFR

2011-04-01

... securities with the largest market capitalization shall be identified from the universe of all NMS securities... identified from the universe of all NMS securities as defined in § 242.600 that are common stock or...

17 CFR 41.11 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2013 CFR

2013-04-01

... securities with the largest market capitalization shall be identified from the universe of all NMS securities... identified from the universe of all NMS securities as defined in § 242.600 that are common stock or...

17 CFR 41.11 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2010 CFR

2010-04-01

... securities with the largest market capitalization shall be identified from the universe of all NMS securities... identified from the universe of all NMS securities as defined in § 242.600 that are common stock or...

Practical Computer Security through Cryptography

NASA Technical Reports Server (NTRS)

McNab, David; Twetev, David (Technical Monitor)

1998-01-01

The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

PubMed Central

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions. PMID:26258165

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment.

PubMed

Dorairaj, Sudha Devi; Kaliannan, Thilagavathy

2015-01-01

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party's premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott Francis; Miller, Michael Conrad

Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fullymore » integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may lead to more proliferation resistant and physically secure design features for SMRs.« less

49 CFR 231.17 - Specifications common to all steam locomotives.

Code of Federal Regulations, 2011 CFR

2011-10-01

... shall be securely fastened with bolts, rivets, or studs. (ii) Locomotives having Wootten type boilers... inches above outside edge of running boards, securely fastened with bolts, rivets, or studs. (c... inches in height, measured from the top of end sill, and securely fastened with bolts or rivets. (f...

SOCIAL MEDIA SECURITY

Science.gov Websites

, exciting, entertaining, and useful for maintaining relationships. Professionally, people can use social HomeVISITORS AND PERSONNELSOCIAL MEDIA SECURITY FAQ on Security for Social Media Due to the widespread use of world. CENTCOM Personnel are reminded to use common sense when using social media. What are social media

7 CFR 1744.207 - Investment not to jeopardize loan security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 11 2010-01-01 2010-01-01 false Investment not to jeopardize loan security. 1744.207... SERVICE, DEPARTMENT OF AGRICULTURE POST-LOAN POLICIES AND PROCEDURES COMMON TO GUARANTEED AND INSURED TELEPHONE LOANS Borrower Investments § 1744.207 Investment not to jeopardize loan security. A borrower shall...

10 CFR 150.3 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... and security, or in such manner as to affect the health and safety of the public; or (2) Any important... Energy, the Secretary of Homeland Security, and the head of any other appropriate Federal agency... health and safety or the common defense and security; and (ii) Before, on, or after August 8, 2005, is...

Maternal Caregiving and Infant Security in Two Cultures.

ERIC Educational Resources Information Center

Posada, German; Jacobs, Amanda; Richmond, Melissa Y.; Carbonell, Olga A.; Alzate, Gloria; Bhstamante, Maria R.; Quiceno, Julio

2002-01-01

Examined maternal care and infant attachment security in a sample from the United States (Colorado) and one from Colombia. Found that maternal sensitivity and infant security were significantly associated in both samples. Identified six common and two noncommon domains (one per sample) of caregiving; associations between domains of maternal…

School Security.

ERIC Educational Resources Information Center

Bete, Tim, Ed.

1998-01-01

Presents the opinions of four security experts on the issue of guns in schools. The experts respond to the following questions: will schools ever be free of weapons; will card access systems become common in public schools; will metal detectors solve school security problems; and will students ever be issued bullet-proof vests along with…

26 CFR 1.1091-2 - Basis of stock or securities acquired in “wash sales”.

Code of Federal Regulations, 2010 CFR

2010-04-01

... (CONTINUED) INCOME TAX (CONTINUED) INCOME TAXES Wash Sales of Stock Or Securities § 1.1091-2 Basis of stock... illustrated by the following examples: Example 1. A purchased a share of common stock of the X Corporation for... common stock of the same corporation for $90. No loss from the sale is recognized under section 1091. The...

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

Cyber Security Audit and Attack Detection Toolkit

DOE Office of Scientific and Technical Information (OSTI.GOV)

Peterson, Dale

2012-05-31

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Parental Involvement in School and the Role of School Security Measures

ERIC Educational Resources Information Center

Mowen, Thomas J.

2015-01-01

Over the past three decades, the United States has experienced a significant increase in the use of security measures in public and private secondary schools. Measures including police officers, metal detectors, and security cameras are becoming more common in the hallways of American schools. Following this surge, a number of academics have…

A Hands-On Approach for Teaching Denial of Service Attacks: A Case Study

ERIC Educational Resources Information Center

Trabelsi, Zouheir; Ibrahim, Walid

2013-01-01

Nowadays, many academic institutions are including ethical hacking in their information security and Computer Science programs. Information security students need to experiment common ethical hacking techniques in order to be able to implement the appropriate security solutions. This will allow them to more efficiently protect the confidentiality,…

College law enforcement and security department responses to alcohol-related incidents: a national study.

PubMed

Bernat, Debra H; Lenk, Kathleen M; Nelson, Toben F; Winters, Ken C; Toomey, Traci L

2014-08-01

Campus police and security personnel are often the first to respond to alcohol-related incidents on campus. The purpose of this study is to examine how campus law enforcement and security respond to alcohol-related incidents, and how consequences and communication differ based on characteristics of the incident. Directors of campus police/security from 343 colleges across the United States completed a survey regarding usual practice following serious, underage, and less serious alcohol incidents on and off campus. Campus law enforcement and security most commonly reported contacting campus officials. A minority reported issuing citations and referring students to the health center. Enforcement actions were more commonly reported for serious and underage incidents than for less serious incidents. Large (vs. small) colleges, public (vs. private) colleges, and those located in small (vs. large) towns more consistently reported taking actions against drinkers. Understanding how campus police and security respond to alcohol-related incidents is essential for reducing alcohol-related problems on college campuses. Copyright © 2014 by the Research Society on Alcoholism.

Common Criteria Evaluation and Validation Scheme for Information Technology Security: Guidance to Validators of IT Security Evaluations

DTIC Science & Technology

2002-02-01

NVLAP procedures are compatible with, among others, the most recent official publications of ISO / IEC 17025 (formally ISO / IEC Guide 25), ISO Guides 2, 30... IEC Guide 17025 and the relevant requirements of ISO 9002-1994. NVLAP Handbook 150-20 contains information that is specific to Common Criteria...Evaluation Technical Report EAP Evaluation Acceptance Package IEC International Electrotechnical Commission ISO International

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

A national-scale authentication infrastructure.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Butler, R.; Engert, D.; Foster, I.

2000-12-01

Today, individuals and institutions in science and industry are increasingly forming virtual organizations to pool resources and tackle a common goal. Participants in virtual organizations commonly need to share resources such as data archives, computer cycles, and networks - resources usually available only with restrictions based on the requested resource's nature and the user's identity. Thus, any sharing mechanism must have the ability to authenticate the user's identity and determine if the user is authorized to request the resource. Virtual organizations tend to be fluid, however, so authentication mechanisms must be flexible and lightweight, allowing administrators to quickly establish andmore » change resource-sharing arrangements. However, because virtual organizations complement rather than replace existing institutions, sharing mechanisms cannot change local policies and must allow individual institutions to maintain control over their own resources. Our group has created and deployed an authentication and authorization infrastructure that meets these requirements: the Grid Security Infrastructure. GSI offers secure single sign-ons and preserves site control over access policies and local security. It provides its own versions of common applications, such as FTP and remote login, and a programming interface for creating secure applications.« less

Security surveillance challenges and proven thermal imaging capabilities in real-world applications

NASA Astrophysics Data System (ADS)

Francisco, Glen L.; Roberts, Sharon

2004-09-01

Uncooled thermal imaging was first introduced to the public in early 1980's by Raytheon (legacy Texas Instruments Defense Segment Electronics Group) as a solution for military applications. Since the introduction of this technology, Raytheon has remained the leader in this market as well as introduced commercial versions of thermal imaging products specifically designed for security, law enforcement, fire fighting, automotive and industrial uses. Today, low cost thermal imaging for commercial use in security applications is a reality. Organizations of all types have begun to understand the advantages of using thermal imaging as a means to solve common surveillance problems where other popular technologies fall short. Thermal imaging has proven to be a successful solution for common security needs such as: ¸ vision at night where lighting is undesired and 24x7 surveillance is needed ¸ surveillance over waterways, lakes and ports where water and lighting options are impractical ¸ surveillance through challenging weather conditions where other technologies will be challenged by atmospheric particulates ¸ low maintenance requirements due to remote or difficult locations ¸ low cost over life of product Thermal imaging is now a common addition to the integrated security package. Companies are relying on thermal imaging for specific applications where no other technology can perform.

Securing the High Seas: America’s Global Maritime Constabulatory Power

DTIC Science & Technology

2008-03-12

at www.heritage.org/ Research/HomelandSecurity/bg1950.cfm. 29. Construcciones Aeronáuticas, SA. 16 Securing the High Seas: America’s Global Maritime...Coast Guard ships (National Security Cutter, Off-Shore Patrol Cutter, and Fast Response Cutter) and many Navy ships currently in design or construction ...forge complementary maritime strategies. Only by developing common doctrine, creating greater synergy in the construction of core assets, and forging a

Teaching Case: IS Security Requirements Identification from Conceptual Models in Systems Analysis and Design: The Fun & Fitness, Inc. Case

ERIC Educational Resources Information Center

Spears, Janine L.; Parrish, James L., Jr.

2013-01-01

This teaching case introduces students to a relatively simple approach to identifying and documenting security requirements within conceptual models that are commonly taught in systems analysis and design courses. An introduction to information security is provided, followed by a classroom example of a fictitious company, "Fun &…

Securing the Downside Up: Client and Care Factors Associated with Outcomes of Secure Residential Youth Care

ERIC Educational Resources Information Center

Harder, Annemiek T.; Knorth, Erik J.; Kalverboer, Margrite E.

2012-01-01

Background: Although secure residential care has the potential of reducing young people's behavioral problems, it is often difficult to achieve positive outcomes. Research suggests that there are several common success factors of treatment, of which the client's motivation for treatment and the quality of the therapeutic relationship between…

VIEW LOOKING SOUTHWEST AT BUILDING 121, THE PLANT SECURITY BUILDING. ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

VIEW LOOKING SOUTHWEST AT BUILDING 121, THE PLANT SECURITY BUILDING. BUILDING 121 WAS ONE OF THE ORIGINAL STRUCTURES AT THE ROCKY FLATS PLANT. IT SHARES A COMMON WALL WITH BUILDING 122, THE EMERGENCY MEDICAL BUILDING. (7/29/52) - Rocky Flats Plant, Security & Armory, West of Third Street, south of Central Avenue, Golden, Jefferson County, CO

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Common Operating Picture: UAV Security Study

NASA Technical Reports Server (NTRS)

2004-01-01

This initial communication security study is a top-level assessment of basic security issues related to the operation of Unmanned Aerial Vehicles (UAVs) in the National Airspace System (NAS). Security considerations will include information relating to the use of International Civil Aviation Organization (ICAO) Aeronautical Telecommunications Network (ATN) protocols and applications identifying their maturity, as well as the use of IPV4 and a version of mobile IPV6. The purpose of this assessment is to provide an initial analysis of the security implications of introducing UAVs into the NAS.

Telling metabolic stories to explore metabolomics data: a case study on the yeast response to cadmium exposure

PubMed Central

Milreu, Paulo Vieira; Klein, Cecilia Coimbra; Cottret, Ludovic; Acuña, Vicente; Birmelé, Etienne; Borassi, Michele; Junot, Christophe; Marchetti-Spaccamela, Alberto; Marino, Andrea; Stougie, Leen; Jourdan, Fabien; Crescenzi, Pierluigi; Lacroix, Vincent; Sagot, Marie-France

2014-01-01

Motivation: The increasing availability of metabolomics data enables to better understand the metabolic processes involved in the immediate response of an organism to environmental changes and stress. The data usually come in the form of a list of metabolites whose concentrations significantly changed under some conditions, and are thus not easy to interpret without being able to precisely visualize how such metabolites are interconnected. Results: We present a method that enables to organize the data from any metabolomics experiment into metabolic stories. Each story corresponds to a possible scenario explaining the flow of matter between the metabolites of interest. These scenarios may then be ranked in different ways depending on which interpretation one wishes to emphasize for the causal link between two affected metabolites: enzyme activation, enzyme inhibition or domino effect on the concentration changes of substrates and products. Equally probable stories under any selected ranking scheme can be further grouped into a single anthology that summarizes, in a unique subnetwork, all equivalently plausible alternative stories. An anthology is simply a union of such stories. We detail an application of the method to the response of yeast to cadmium exposure. We use this system as a proof of concept for our method, and we show that we are able to find a story that reproduces very well the current knowledge about the yeast response to cadmium. We further show that this response is mostly based on enzyme activation. We also provide a framework for exploring the alternative pathways or side effects this local response is expected to have in the rest of the network. We discuss several interpretations for the changes we see, and we suggest hypotheses that could in principle be experimentally tested. Noticeably, our method requires simple input data and could be used in a wide variety of applications. Availability and implementation: The code for the method presented in this article is available at http://gobbolino.gforge.inria.fr. Contact: pvmilreu@gmail.com; vincent.lacroix@univ-lyon1.fr; marie-france.sagot@inria.fr Supplementary information: Supplementary data are available at Bioinformatics online. PMID:24167155

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

Is the Secure Base Phenomenon Evident Here, There, and Anywhere? A Cross-Cultural Study of Child Behavior and Experts' Definitions

ERIC Educational Resources Information Center

Posada, German; Lu, Ting; Trumbell, Jill; Kaloustian, Garene; Trudel, Marcel; Plata, Sandra J.; Peña, Paola P.; Perez, Jennifer; Tereno, Susana; Dugravier, Romain; Coppola, Gabrielle; Constantini, Alessandro; Cassibba, Rosalinda; Kondo-Ikemura, Kiyomi; Nóblega, Magaly; Haya, Ines M.; Pedraglio, Claudia; Verissimo, Manuela; Santos, Antonio J.; Monteiro, Ligia; Lay, Keng-Ling

2013-01-01

The evolutionary rationale offered by Bowlby implies that secure base relationships are common in child-caregiver dyads and thus, child secure behavior observable across diverse social contexts and cultures. This study offers a test of the universality hypothesis. Trained observers in nine countries used the Attachment Q-set to describe the…

76 FR 21086 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing of Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-14

... other things, the issuer of the debt security must have at least one class of common or preferred equity... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-64287; File No. SR-NYSE-2011-15] Self... 1401 To Modify the Initial Trading Market Value for Debt Securities April 8, 2011. Pursuant to Section...

IT security evaluation - “hybrid” approach and risk of its implementation

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is relevant to evolve processes of evaluation of the IT security nowadays. Creating and application of the common evaluation approaches for an IT component, which are processed by the governmental and civil organizations, are still not solving problem. It is suggested to create a more precise and complex assessment tool for an IT security – the “hybrid” method of the IT security evaluation for a particular object, which is based on a range of adequate assessment tools.

42 CFR 447.520 - FFP: Conditions relating to physician-administered drugs.

Code of Federal Regulations, 2011 CFR

2011-10-01

... using Healthcare Common Procedure Coding System codes or NDC numbers in order to secure rebates. (2) As... Medicaid Program using NDC numbers in order to secure rebates. (b) As of January 1, 2007, a State must...

42 CFR 447.520 - FFP: Conditions relating to physician-administered drugs.

Code of Federal Regulations, 2013 CFR

2013-10-01

... using Healthcare Common Procedure Coding System codes or NDC numbers in order to secure rebates. (2) As... Medicaid Program using NDC numbers in order to secure rebates. (b) As of January 1, 2007, a State must...

42 CFR 447.520 - FFP: Conditions relating to physician-administered drugs.

Code of Federal Regulations, 2012 CFR

2012-10-01

... using Healthcare Common Procedure Coding System codes or NDC numbers in order to secure rebates. (2) As... Medicaid Program using NDC numbers in order to secure rebates. (b) As of January 1, 2007, a State must...

42 CFR 447.520 - FFP: Conditions relating to physician-administered drugs.

Code of Federal Regulations, 2014 CFR

2014-10-01

... using Healthcare Common Procedure Coding System codes or NDC numbers in order to secure rebates. (2) As... Medicaid Program using NDC numbers in order to secure rebates. (b) As of January 1, 2007, a State must...

42 CFR 447.520 - FFP: Conditions relating to physician-administered drugs.

Code of Federal Regulations, 2010 CFR

2010-10-01

... using Healthcare Common Procedure Coding System codes or NDC numbers in order to secure rebates. (2) As... Medicaid Program using NDC numbers in order to secure rebates. (b) As of January 1, 2007, a State must...

17 CFR Appendix C to Part 40 - [Reserved

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false [Reserved] C Appendix C to Part 40 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES Appendix C to Part 40 [Reserved] ...

Integrating QoS and security functions in an IP-VPN gateway

NASA Astrophysics Data System (ADS)

Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

2001-10-01

IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation.

PubMed

Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

2015-06-26

The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

PubMed Central

Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

2015-01-01

The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both. PMID:26131669

African Security Challenges: Now and Over the Horizon Improving African Security Through the Use of Non/Less-Than -Lethal Force: Challenges , Issues and Approaches

DTIC Science & Technology

2010-05-01

donor funding is no longer available. For instance, Brazil and Colombia were unable to sustain their CP programs when funding from donors to establish...forces. Other more advanced forms of non/less-than-lethal weapons which are common in the West, such as Tasers , are far less common on the continent...31 As part of this discussion, several experts discussed Tasers , in particular, though one expert also mentioned

75 FR 50030 - Self-Regulatory Organizations; The Options Clearing Corporation; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-16

... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-62685; File No. SR-OCC-2010-12] Self-Regulatory... Interest and Principal Securities on Treasury Inflation Protected Securities, Commonly Known as TIP-STRIPS... change from interested parties. \\1\\ 15 U.S.C. 78s(b)(1). \\2\\ 15 U.S.C. 78s(b)(3)(A)(i). \\3\\ 17 CFR 240...

Risk Unbound: Threat, Catastrophe, and the End of Homeland Security

DTIC Science & Technology

2015-09-01

Defense (DOD) models ) is now the prevalent model for developing plans.63 Capabilities- based within the national preparedness system is defined as...capabilities- based planning is the accounting for scenarios through organizational capability development , and the search for commonality and structure...of providing perfect security, and demonstrate the limitations of risk- based security practices. This thesis presents an argument in three parts

32 CFR 187.4 - Policy.

Code of Federal Regulations, 2010 CFR

2010-07-01

... further foreign policy and national security interests while at the same time taking into consideration important environmental concerns. (b) The Department of Defense acts with care in the global commons because... be through the Assistant Secretary of Defense (International Security Affairs). (e) Executive Order...

Simple group password-based authenticated key agreements for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

The ISACA Business Model for Information Security: An Integrative and Innovative Approach

NASA Astrophysics Data System (ADS)

von Roessing, Rolf

In recent years, information security management has matured into a professional discipline that covers both technical and managerial aspects in an organisational environment. Information security is increasingly dependent on business-driven parameters and interfaces to a variety of organisational units and departments. In contrast, common security models and frameworks have remained largely technical. A review of extant models ranging from [LaBe73] to more recent models shows that technical aspects are covered in great detail, while the managerial aspects of security are often neglected.Likewise, the business view on organisational security is frequently at odds with the demands of information security personnel or information technology management. In practice, senior and executive level management remain comparatively distant from technical requirements. As a result, information security is generally regarded as a cost factor rather than a benefit to the organisation.

When trust defies common security sense.

PubMed

Williams, Patricia A H

2008-09-01

Primary care medical practices fail to recognize the seriousness of security threats to their patient and practice information. This can be attributed to a lack of understanding of security concepts, underestimation of potential threats and the difficulty in configuration of security technology countermeasures. To appreciate the factors contributing to such problems, research into general practitioner security practice and perceptions of security was undertaken. The investigation focused on demographics, actual practice, issues and barriers, and practitioner perception. Poor implementation, lack of relevant knowledge and inconsistencies between principles and practice were identified as key themes. Also the results revealed an overwhelming reliance on trust in staff and in computer information systems. This clearly identified that both cultural and technical attributes contribute to the deficiencies in information security practice. The aim of this research is to understand user needs and problems when dealing with information security practice.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Knipper, W.

This presentation builds on our response to events that pose, or have the potential to pose, a serious security or law enforcement risk and must be responded to and controlled in a clear a decisive fashion. We will examine some common concepts in the command and control of security-centric events.

Insecurity on the Net.

ERIC Educational Resources Information Center

Brandt, D. Scott

1998-01-01

Examines Internet security risks and how users can protect themselves. Discusses inadvertent bugs in software; programming problems with Common Gateway Interface (CGI); viruses; tracking of Web users; and preventing access to selected Web pages and filtering software. A glossary of Internet security-related terms is included. (AEF)

10 CFR 2.4 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... and safety or the common defense and security; security measures for the physical protection and... computer that contains the participant's name, e-mail address, and participant's digital signature, proves... inspection. It is also the place where NRC makes computer terminals available to access the Publicly...

10 CFR 2.4 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... and safety or the common defense and security; security measures for the physical protection and... computer that contains the participant's name, e-mail address, and participant's digital signature, proves... inspection. It is also the place where NRC makes computer terminals available to access the Publicly...

Proactive Security Testing and Fuzzing

NASA Astrophysics Data System (ADS)

Takanen, Ari

Software is bound to have security critical flaws, and no testing or code auditing can ensure that software is flaw-less. But software security testing requirements have improved radically during the past years, largely due to criticism from security conscious consumers and Enterprise customers. Whereas in the past, security flaws were taken for granted (and patches were quietly and humbly installed), they now are probably one of the most common reasons why people switch vendors or software providers. The maintenance costs from security updates often add to become one of the biggest cost items to large Enterprise users. Fortunately test automation techniques have also improved. Techniques like model-based testing (MBT) enable efficient generation of security tests that reach good confidence levels in discovering zero-day mistakes in software. This technique is called fuzzing.

Afghan National Police Training Program Would Benefit from Better Compliance with the Economy Act and Reimbursable Agreements

DTIC Science & Technology

2011-08-25

Security Cooperation Agency INL Bureau of International Narcotics and Law Enforcement Affairs JSSP Justice Sector Security Program PAE Pacific...regional training centers. The programs were the Justice Sector Security Program ( JSSP ), the Corrections System Support Program (CSSP), and the...Civilian Police International. JSSP and CSSP are considered rule of law programs. Rule of law is most commonly understood to be a foundational

A Framework for Resilient Remote Monitoring

DTIC Science & Technology

2014-08-01

of low-level observables are availa- ble, audited , and recorded. This establishes the need for a re- mote monitoring framework that can integrate with...Security, WS-Policy, SAML, XML Signature, and XML Encryption. Pearson Higher Education, 2004. [3] OMG, “Common Secure Interoperability Protocol...www.darpa.mil/Our_Work/I2O/Programs/Integrated_Cyb er_Analysis_System_%28ICAS%29.aspx. [8] D. Miller and B. Pearson , Security information and event man

The Evolution of European Security: From Confrontation to Cooperation

DTIC Science & Technology

2013-03-01

leading U.S. companies such as Boeing and Lockheed Martin , just to name a few.77 But more robust cooperation is still limited by the member states...Common Security and Defense Policy: Intersecting Trajectories”, 4. 63 Gustav Lindstrom , Enter the EU Battlegroups, (Paris: Institute for Security...Battlegroups, Strategy Research Project (Carlisle Barracks, PA: U.S. Army War College, January 22, 2009), 4. 67 Lindstrom , Enter the EU Battlegroups

Low-Cost Manufacturing, Usability, and Security: An Analysis of Bluetooth Simple Pairing and Wi-Fi Protected Setup

NASA Astrophysics Data System (ADS)

Kuo, Cynthia; Walker, Jesse; Perrig, Adrian

Bluetooth Simple Pairing and Wi-Fi Protected Setup specify mechanisms for exchanging authentication credentials in wireless networks. Both Simple Pairing and Protected Setup support multiple setup mechanisms, which increases security risks and hurts the user experience. To improve the security and usability of these specifications, we suggest defining a common baseline for hardware features and a consistent, interoperable user experience across devices.

Motives for European Union Common Security and Defense Policy Mission Selection

DTIC Science & Technology

2011-03-01

2 Jolyon Howorth, Security and Defence Policy in the European Union (Basingstoke: Plagrave Macmillan, 2007), 34–35. 3 Giovanni ...Lieber and Alexander 2005). Such “conceptual stretching” ( Sartori 1970) renders “balancing” indistinguishable from “normal diplomatic friction...The Shape of Things to Come,” 511. 55 Giovanni Grevi, Damian Helly, and Daniel Keohane, eds. European Security and Defense Policy: The First Ten Years

Software To Secure Distributed Propulsion Simulations

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

17 CFR 40.7 - Delegations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Delegations. 40.7 Section 40.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES § 40.7 Delegations. (a) Procedural matters—(1) Review of products or rules. The Commission hereby...

Indirection and computer security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Berg, Michael J.

2011-09-01

The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyzemore » common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.« less

A Learning-Based Approach to Reactive Security

NASA Astrophysics Data System (ADS)

Barth, Adam; Rubinstein, Benjamin I. P.; Sundararajan, Mukund; Mitchell, John C.; Song, Dawn; Bartlett, Peter L.

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker's incentives and knowledge.

An Integrated Approach for Physical and Cyber Security Risk Assessment: The U.S. Army Corps of Engineers Common Risk Model for Dams

DTIC Science & Technology

2016-07-01

Common Risk Model for Dams ( CRM -D) Methodology,” for the Director, Cost Assessment and Program Evaluation, Office of Secretary of Defense and the...for Dams ( CRM -D), developed by the U.S. Army Corps of Engineers (USACE) in collaboration with the Institute for Defense Analyses (IDA) and the U.S...and cyber security risks across a portfolio of dams, and informing decisions on how to mitigate those risks. The CRM -D can effectively quantify the

Hash Functions and Information Theoretic Security

NASA Astrophysics Data System (ADS)

Bagheri, Nasour; Knudsen, Lars R.; Naderi, Majid; Thomsen, Søren S.

Information theoretic security is an important security notion in cryptography as it provides a true lower bound for attack complexities. However, in practice attacks often have a higher cost than the information theoretic bound. In this paper we study the relationship between information theoretic attack costs and real costs. We show that in the information theoretic model, many well-known and commonly used hash functions such as MD5 and SHA-256 fail to be preimage resistant.

[Analysis of the security risk in home medical equipment].

PubMed

Peng, Xiaolong; Xu, Honglei; Tian, Xiaojun

2014-01-01

The popularization of home medical equipment facilitates the treatment and management of many diseases, improving the patient compliance. However, due to the absence of medical background, most of their users have various security risk in the course of reorganization, choosing, using and maintenance of the products. This paper analyzed the property of security risk in home medical equipment, and described the matters needing attention in the using of several common products.

14 CFR 129.25 - Airplane security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 3 2011-01-01 2011-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

14 CFR 129.25 - Airplane security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 14 Aeronautics and Space 3 2012-01-01 2012-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

14 CFR 129.25 - Airplane security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 14 Aeronautics and Space 3 2013-01-01 2013-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

14 CFR 129.25 - Airplane security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 14 Aeronautics and Space 3 2014-01-01 2014-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

76 FR 24363 - HUD Multifamily Rental Projects: Regulatory Revisions

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-02

... tenants in common borrowers will have an adverse economic impact on the borrower and result in...) fails to pay before delinquency any Taxes secured by a lien having priority over this Security... consistent with the President's executive order. V. Findings and Certifications Environmental Impact A...

75 FR 1656 - Draft Safety Culture Policy Statement: Request for Public Comments; Extension of Comment Period

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-12

... unique aspects of nuclear safety and security, and to note the Commission's expectations that all NRC... health and safety and the common defense and security when carrying out licensed activities. The comment...) development of high-level [[Page 1657

14 CFR 129.25 - Airplane security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 3 2010-01-01 2010-01-01 false Airplane security. 129.25 Section 129.25 Aeronautics and Space FEDERAL AVIATION ADMINISTRATION, DEPARTMENT OF TRANSPORTATION (CONTINUED) AIR CARRIERS... AND FOREIGN OPERATORS OF U.S.-REGISTERED AIRCRAFT ENGAGED IN COMMON CARRIAGE General § 129.25 Airplane...

17 CFR 40.1 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Definitions. 40.1 Section 40.1 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES § 40.1 Definitions. As used in this part: (a) Business day means the intraday period of time...

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

PubMed Central

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-01

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

PubMed

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-06

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

17 CFR 240.3a55-1 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2014 CFR

2014-04-01

... be identified from the universe of all NMS securities as defined in § 242.600 of this chapter that... identified from the universe of all NMS securities as defined in § 242.600 of this chapter that are common...

17 CFR 240.3a55-1 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2011 CFR

2011-04-01

... be identified from the universe of all NMS securities as defined in § 242.600 of this chapter that... identified from the universe of all NMS securities as defined in § 242.600 of this chapter that are common...

17 CFR 240.3a55-1 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2013 CFR

2013-04-01

... be identified from the universe of all NMS securities as defined in § 242.600 of this chapter that... identified from the universe of all NMS securities as defined in § 242.600 of this chapter that are common...

17 CFR 240.3a55-1 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2012 CFR

2012-04-01

... be identified from the universe of all NMS securities as defined in § 242.600 of this chapter that... identified from the universe of all NMS securities as defined in § 242.600 of this chapter that are common...

17 CFR 240.3a55-1 - Method for determining market capitalization and dollar value of average daily trading volume...

Code of Federal Regulations, 2010 CFR

2010-04-01

... be identified from the universe of all NMS securities as defined in § 242.600 of this chapter that... identified from the universe of all NMS securities as defined in § 242.600 of this chapter that are common...

Defense.gov Special Report: Travels With Hagel

Science.gov Websites

Germany January 2014 News Stories Hagel: Future Requires Renewed Era of Partnership In a changing security 50th Munich Security Conference in Germany today, Defense Secretary Chuck Hagel met with leaders from Germany, the United Kingdom, Israel, Georgia and India to discuss military relationships and common

76 FR 10205 - Department of Homeland Security Implementation of OMB Guidance on Drug-Free Workplace Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-24

... Guidance on Drug-Free Workplace Requirements AGENCY: Department of Homeland Security (DHS). ACTION: Final... consolidate all Federal regulations on drug-free workplace requirements for financial assistance into one...-wide common rule on drug-free workplace requirements for financial assistance, currently located within...

76 FR 46603 - Security Ratings

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-03

... impact of the amendments. (b) $1 Billion of Non-Convertible Securities (Other Than Common Equity) Issued... contracts to continue to be able to use Form S-3 and Form F- 3, which would reduce the negative impact the... does not appear to significantly impact the eligibility of WKSI subsidiaries currently eligible to use...

Coalition Network Defence Common Operational Picture

DTIC Science & Technology

2010-11-01

27000 .org/ iso -27005.htm [26] ISO 8601:2004, Data elements and interchange formats - Information interchange - Representation of dates and times, http://ww.iso.org, http://en.wikipedia.org/wiki/ISO_8601 ...Regular_expression [25] ISO /IEC 27005:2008, Information technology -- Security techniques -- Information security risk management, http://ww.iso.org,; http://www

OAS - Organization of American States: Democracy for peace, security, and

Science.gov Websites

Elections Environment Equity G General Assembly Governance H Human Development Human Rights I Indigenous Security R Racism and Intolerance Refugees S Scholarships School of Governance Science and Technology cooperation among states and advance a common regional agenda on democratic governance, human rights

17 CFR 40.2 - Listing products for trading by certification.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Listing products for trading by certification. 40.2 Section 40.2 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES § 40.2 Listing products for trading by certification. (a...

17 CFR 40.2 - Listing products for trading by certification.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Listing products for trading by certification. 40.2 Section 40.2 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES § 40.2 Listing products for trading by certification. (a...

17 CFR 40.2 - Listing products for trading by certification.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Listing products for trading by certification. 40.2 Section 40.2 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES § 40.2 Listing products for trading by certification. (a...

10 CFR 11.5 - Policy.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Policy. 11.5 Section 11.5 Energy NUCLEAR REGULATORY COMMISSION CRITERIA AND PROCEDURES FOR DETERMINING ELIGIBILITY FOR ACCESS TO OR CONTROL OVER SPECIAL NUCLEAR... concepts of justice, a personnel security program in the interests of the common defense and security for...

10 CFR 11.5 - Policy.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Policy. 11.5 Section 11.5 Energy NUCLEAR REGULATORY COMMISSION CRITERIA AND PROCEDURES FOR DETERMINING ELIGIBILITY FOR ACCESS TO OR CONTROL OVER SPECIAL NUCLEAR... concepts of justice, a personnel security program in the interests of the common defense and security for...

Motivating Contributions for Home Computer Security

ERIC Educational Resources Information Center

Wash, Richard L.

2009-01-01

Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

46 CFR 113.10-5 - Common return.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Common return. 113.10-5 Section 113.10-5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING COMMUNICATION AND ALARM SYSTEMS AND EQUIPMENT Fire and Smoke Detecting and Alarm Systems § 113.10-5 Common return. A conductor...

46 CFR 113.10-5 - Common return.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Common return. 113.10-5 Section 113.10-5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING COMMUNICATION AND ALARM SYSTEMS AND EQUIPMENT Fire and Smoke Detecting and Alarm Systems § 113.10-5 Common return. A conductor...

46 CFR 113.10-5 - Common return.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Common return. 113.10-5 Section 113.10-5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING COMMUNICATION AND ALARM SYSTEMS AND EQUIPMENT Fire and Smoke Detecting and Alarm Systems § 113.10-5 Common return. A conductor...

46 CFR 113.10-5 - Common return.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Common return. 113.10-5 Section 113.10-5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING COMMUNICATION AND ALARM SYSTEMS AND EQUIPMENT Fire and Smoke Detecting and Alarm Systems § 113.10-5 Common return. A conductor...

46 CFR 113.10-5 - Common return.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Common return. 113.10-5 Section 113.10-5 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING COMMUNICATION AND ALARM SYSTEMS AND EQUIPMENT Fire and Smoke Detecting and Alarm Systems § 113.10-5 Common return. A conductor...

KSOS Computer Program Development Specifications (Type B-5). (Kernelized Secure Operating System). I. Security Kernel (CDRL 0002AF). II. UNIX Emulator (CDRL 0002AG). III. Security-Related Software (CDRL 0002AH).

DTIC Science & Technology

1980-12-01

Commun- ications Corporation, Palo Alto, CA (March 1978). g. [Walter at al. 74] Walter, K.G. et al., " Primitive Models for Computer .. Security", ESD-TR...discussion is followed by a presenta- tion of the Kernel primitive operations upon these objects. All Kernel objects shall be referenced by a common...set of sizes. All process segments, regardless of domain, shall be manipulated by the same set of Kernel segment primitives . User domain segments

Evaluating Common Privacy Vulnerabilities in Internet Service Providers

NASA Astrophysics Data System (ADS)

Kotzanikolaou, Panayiotis; Maniatis, Sotirios; Nikolouzou, Eugenia; Stathopoulos, Vassilios

Privacy in electronic communications receives increased attention in both research and industry forums, stemming from both the users' needs and from legal and regulatory requirements in national or international context. Privacy in internet-based communications heavily relies on the level of security of the Internet Service Providers (ISPs), as well as on the security awareness of the end users. This paper discusses the role of the ISP in the privacy of the communications. Based on real security audits performed in national-wide ISPs, we illustrate privacy-specific threats and vulnerabilities that many providers fail to address when implementing their security policies. We subsequently provide and discuss specific security measures that the ISPs can implement, in order to fine-tune their security policies in the context of privacy protection.

Arrangement on the Recognition of Common Criteria Certificates In the Field of Information Technology Security

DTIC Science & Technology

2000-05-01

Security Establishment from Canada and Ministry of Finance from Finland and Service Central de la Sécurité des Systèmes d’Information from France and...Nazionale per la Sicurezza CESIS III Reparto - UCSi from Italy and Ministry of the Interior and Kingdom Relations from The Netherlands and Page 3 of...39 HQ Defence Command Norway/Security Division from Norway and Ministerio de Administraciones Públicas from Spain and Communications-Electronics

The Effects of Evaluation and Production Blocking on the Performance of Brainstorming Groups

DTIC Science & Technology

1992-08-01

NUMBER OF PAGES 701 16. PRICE CODE 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 19. SECURITY CLASSIFICATION 20. LMIITATION OF ABSTRACT OF...special interest group. Once again, the people in the above examples share many things in common such as a sense of civil duty, an employer, a love for a...people respond differently in the presence of others, a phenomenon Zajonc refers to as compresence . In group settings, social facilitation can be

Common object request broker architecture (CORBA)-based security services for the virtual radiology environment.

PubMed

Martinez, R; Cole, C; Rozenblit, J; Cook, J F; Chacko, A K

2000-05-01

The US Army Great Plains Regional Medical Command (GPRMC) has a requirement to conform to Department of Defense (DoD) and Army security policies for the Virtual Radiology Environment (VRE) Project. Within the DoD, security policy is defined as the set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information. Security policy in the DoD is described by the Trusted Computer System Evaluation Criteria (TCSEC), Army Regulation (AR) 380-19, Defense Information Infrastructure Common Operating Environment (DII COE), Military Health Services System Automated Information Systems Security Policy Manual, and National Computer Security Center-TG-005, "Trusted Network Interpretation." These documents were used to develop a security policy that defines information protection requirements that are made with respect to those laws, rules, and practices that are required to protect the information stored and processed in the VRE Project. The goal of the security policy is to provide for a C2-level of information protection while also satisfying the functional needs of the GPRMC's user community. This report summarizes the security policy for the VRE and defines the CORBA security services that satisfy the policy. In the VRE, the information to be protected is embedded into three major information components: (1) Patient information consists of Digital Imaging and Communications in Medicine (DICOM)-formatted fields. The patient information resides in the digital imaging network picture archiving and communication system (DIN-PACS) networks in the database archive systems and includes (a) patient demographics; (b) patient images from x-ray, computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound (US); and (c) prior patient images and related patient history. (2) Meta-Manager information to be protected consists of several data objects. This information is distributed to the Meta-Manager nodes and includes (a) radiologist schedules; (b) modality worklists; (c) routed case information; (d) DIN-PACS and Composite Health Care system (CHCS) messages, and Meta-Manager administrative and security information; and (e) patient case information. (3) Access control and communications security is required in the VRE to control who uses the VRE and Meta-Manager facilities and to secure the messages between VRE components. The CORBA Security Service Specification version 1.5 is designed to allow up to TCSEC's B2-level security for distributed objects. The CORBA Security Service Specification defines the functionality of several security features: identification and authentication, authorization and access control, security auditing, communication security, nonrepudiation, and security administration. This report describes the enhanced security features for the VRE and their implementation using commercial CORBA Security Service software products.

Beyond grid security

NASA Astrophysics Data System (ADS)

Hoeft, B.; Epting, U.; Koenig, T.

2008-07-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

Problematic Sexual Behaviour in a Secure Psychiatric Setting: Challenges and Developing Solutions

ERIC Educational Resources Information Center

Hughes, Gareth V.; Hebb, Jo

2005-01-01

Sexually abusive behaviours are common in a forensic psychiatric population, both before admission and while hospitalized. A survey of our medium security facility found that 41% of patients had a history of sexually abusive behaviours, ranging from convictions for sexual assault through to current episodes of sexual harassment. Most forensic…

Early Attachment Organization Moderates the Parent-Child Mutually Coercive Pathway to Children's Antisocial Conduct

ERIC Educational Resources Information Center

Kochanska, Grazyna; Barry, Robin A.; Stellern, Sarah A.; O'Bleness, Jessica J.

2009-01-01

This multimethod study of 101 mothers, fathers, and children elucidates poorly understood role of children's attachment security as "moderating" a common maladaptive trajectory: from parental power assertion, to child resentful opposition, to child antisocial conduct. Children's security was assessed at 15 months, parents' power assertion observed…

An Analysis of China’s Information Technology Strategies and their Implication for US National Security

DTIC Science & Technology

2006-06-01

environment of Web-enabled database searches, online shopping , e-business, and daily credit-card use, which are very common in the United States. Cyberspace...establishing credibility for data exchange such as online shopping . Present regulations stipulate that security chips used by the Chinese government and

17 CFR Appendix D to Part 40 - Submission Cover Sheet and Instructions

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Submission Cover Sheet and Instructions D Appendix D to Part 40 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION PROVISIONS COMMON TO REGISTERED ENTITIES Pt. 40, App. D Appendix D to Part 40—Submission Cover Sheet and...

Critical Infrastructure Protection- Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bofman, Ryan K.

Los Alamos National Laboratory (LANL) has been a key facet of Critical National Infrastructure since the nuclear bombing of Hiroshima exposed the nature of the Laboratory’s work in 1945. Common knowledge of the nature of sensitive information contained here presents a necessity to protect this critical infrastructure as a matter of national security. This protection occurs in multiple forms beginning with physical security, followed by cybersecurity, safeguarding of classified information, and concluded by the missions of the National Nuclear Security Administration.

[Modern foreign car safety systems and their forensic-medical significance].

PubMed

Iakunin, S A

2007-01-01

The author gives a characteristic of active and passive security systems installed in cars of foreign production. These security systems significantly modify the classic car trauma character decreasing frequency of occurrence and dimensions of specific and typical injuries. A new approach based on the theory of probability to estimate these injuries is required. The most common active and passive security systems are described in the article; their principles of operation and influence on the trauma character are estimated.

ASEAN’S Strategic Approach Towards Security Relations with the U.S. and China: Hedging through a Common Foreign and Security Policy

DTIC Science & Technology

2014-06-13

rising China signals a major shift in the balance of power, and this has long-term and complex ramifications on Asia’s strategic calculus . However...in support of belligerent actions on its neighbors. Either way, it shifts the strategic calculus for ASEAN dramatically. The second assumption is...and Security Policy, and Conflict Resolution: The Future of European (and Global?) Security” (Paper presented at EUSA’s 8th Biennial International

Privacy and security issues in teleradiology.

PubMed

White, Peter

2004-10-01

Teleradiology is now well established within healthcare in the USA, but ethico-legal concepts surrounding this innovation remain unclear. New legislation, the Health Insurance Portability and Accountability Act, as well as ethical guidelines and common law demonstrate the importance being placed on security of electronic data and the protection of patients' personal data. Radiologists need to be aware of the security, privacy, and confidentiality issues which relate to teleradiology, so that they can safeguard not only their own interests but also the best interests of their patients.

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

Automating Risk Analysis of Software Design Models

PubMed Central

Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P.

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance. PMID:25136688

Automating risk analysis of software design models.

PubMed

Frydman, Maxime; Ruiz, Guifré; Heymann, Elisa; César, Eduardo; Miller, Barton P

2014-01-01

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance.

Interdisciplinary assessment of sea-level rise and climate change impacts on the lower Nile delta, Egypt.

PubMed

Sušnik, Janez; Vamvakeridou-Lyroudia, Lydia S; Baumert, Niklas; Kloos, Julia; Renaud, Fabrice G; La Jeunesse, Isabelle; Mabrouk, Badr; Savić, Dragan A; Kapelan, Zoran; Ludwig, Ralf; Fischer, Georg; Roson, Roberto; Zografos, Christos

2015-01-15

CLImate-induced changes on WAter and SECurity (CLIWASEC) was a cluster of three complementary EC-FP7 projects assessing climate-change impacts throughout the Mediterranean on: hydrological cycles (CLIMB - CLimate-Induced changes on the hydrology of Mediterranean Basins); water security (WASSERMed - Water Availability and Security in Southern EuRope and the Mediterranean) and human security connected with possible hydro-climatic conflicts (CLICO - CLImate change hydro-COnflicts and human security). The Nile delta case study was common between the projects. CLIWASEC created an integrated forum for modelling and monitoring to understand potential impacts across sectors. This paper summarises key results from an integrated assessment of potential challenges to water-related security issues, focusing on expected sea-level rise impacts by the middle of the century. We use this common focus to illustrate the added value of project clustering. CLIWASEC pursued multidisciplinary research by adopting a single research objective: sea-level rise related water security threats, resulting in a more holistic view of problems and potential solutions. In fragmenting research, policy-makers can fail to understand how multiple issues can materialize from one driver. By combining efforts, an integrated assessment of water security threats in the lower Nile is formulated, offering policy-makers a clearer picture of inter-related issues to society and environment. The main issues identified by each project (land subsidence, saline intrusion - CLIMB; water supply overexploitation, land loss - WASSERMed; employment and housing security - CLICO), are in fact related. Water overexploitation is exacerbating land subsidence and saline intrusion, impacting on employment and placing additional pressure on remaining agricultural land and the underdeveloped housing market. All these have wider implications for regional development. This richer understanding could be critical in making better policy decisions when attempting to mitigate climate and social change impacts. The CLIWASEC clustering offers an encouraging path for the new European Commission Horizon 2020 programme to follow. Copyright © 2014 Elsevier B.V. All rights reserved.

Device interoperability and authentication for telemedical appliance based on the ISO/IEEE 11073 Personal Health Device (PHD) Standards.

PubMed

Caranguian, Luther Paul R; Pancho-Festin, Susan; Sison, Luis G

2012-01-01

In this study, we focused on the interoperability and authentication of medical devices in the context of telemedical systems. A recent standard called the ISO/IEEE 11073 Personal Health Device (X73-PHD) Standards addresses the device interoperability problem by defining common protocols for agent (medical device) and manager (appliance) interface. The X73-PHD standard however has not addressed security and authentication of medical devices which is important in establishing integrity of a telemedical system. We have designed and implemented a security policy within the X73-PHD standards. The policy will enable device authentication using Asymmetric-Key Cryptography and the RSA algorithm as the digital signature scheme. We used two approaches for performing the digital signatures: direct software implementation and use of embedded security modules (ESM). The two approaches were evaluated and compared in terms of execution time and memory requirement. For the standard 2048-bit RSA, ESM calculates digital signatures only 12% of the total time for the direct implementation. Moreover, analysis shows that ESM offers more security advantage such as secure storage of keys compared to using direct implementation. Interoperability with other systems was verified by testing the system with LNI Healthlink, a manager software that implements the X73-PHD standard. Lastly, security analysis was done and the system's response to common attacks on authentication systems was analyzed and several measures were implemented to protect the system against them.

76 FR 802 - Florida Power and Light Company, Turkey Point, Units 3 and 4; Exemption

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-06

..., health physics, chemistry, and security, to maintain the safe and secure operation of the facility. The... exemption is authorized by law. No Undue Risk to Public Health and Safety The underlying purposes of 10 CFR... previously evaluated. Therefore, there is no undue risk to public health and safety. Consistent With Common...

U.S. - African Partnerships: Advancing Common Interests

DTIC Science & Technology

2017-12-01

discussions on: – Governance, institutions, and effective partnerships – Prospects for enhancing economic partnerships – Opportunities and challenges in...U.S. administrations, emphasizing peace and security, countering terrorism, increasing economic growth, and promoting democracy and good governance...often focused on short- term security or economic objectives, while neglecting infrastructure projects and longer term programs that would empower

Flexible and Secure Computer-Based Assessment Using a Single Zip Disk

ERIC Educational Resources Information Center

Ko, C. C.; Cheng, C. D.

2008-01-01

Electronic examination systems, which include Internet-based system, require extremely complicated installation, configuration and maintenance of software as well as hardware. In this paper, we present the design and development of a flexible, easy-to-use and secure examination system (e-Test), in which any commonly used computer can be used as a…

Preventing School Bullying: Should Schools Prioritize an Authoritative School Discipline Approach over Security Measures?

ERIC Educational Resources Information Center

Gerlinger, Julie; Wo, James C.

2016-01-01

A common response to school violence features the use of security measures to deter serious and violent incidents. However, a second approach, based on school climate theory, suggests that schools exhibiting authoritative school discipline (i.e., high structure and support) might more effectively reduce school disorder. We tested these approaches…

77 FR 57625 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing of Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-18

... its common stock listed on a foreign market and list some other type of security on the Exchange, such...-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing of Proposed Rule Change Amending... 30, 2012, New York Stock Exchange LLC (``NYSE'' or the ``Exchange'') filed with the Securities and...

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

ERIC Educational Resources Information Center

Patten, Karen P.; Harris, Mark A.

2013-01-01

Mobile devices, including smartphones and tablets, enable users to access corporate data from anywhere. In 2013, people will purchase 1.2 billion mobile devices, surpassing personal computers as the most common method for accessing the Internet. However, security of these mobile devices is a major concern for organizations. The two leading…

The common objectives of the European Nordic countries and the role of space

NASA Astrophysics Data System (ADS)

Lehnert, Christopher; Giannopapa, Christina; Vaudo, Ersilia

2016-11-01

The European Space Agency (ESA) has twenty two Member States with common goals of engaging in European space activities. However, the various Member States have a variety of governance structures, strategic priorities regarding space and other sectorial areas depending on their cultural and geopolitical aspirations. The Nordic countries, namely Denmark, Finland, Norway and Sweden, have similarities which result often in common geopolitical and cultural aspects. These in turn shape their respective priorities and interests in setting up their policies in a number of sectorial areas like shipping and fisheries, energy, immigration, agriculture, security and defence, infrastructures, climate change and the Arctic. Space technology, navigation, earth observation, telecommunication and integrated applications can assist the Nordic countries in developing, implementing and monitoring policies of common interest. This paper provides an in-depth overview and a comprehensive assessment of these common interests in policy areas where space can provide support in their realisation. The first part provides a synthesis of the Nordic countries respective priorities through analysing their government programmes and plans. The priorities are classified according to the six areas of sustainability: energy, environment and climate change, transport, knowledge and innovation, natural resources (fisheries, agriculture, forestry, mining, etc), and security and external relations. Although the national strategies present different national perspectives, at the same time, there are a number of similarities when it comes to overall policy objectives in a number of areas such as the Arctic and climate change. In other words, even though the Arctic plays a different role in each country's national context and there are clear differences as regards geography, access to resources and security policies, the strategies display common general interest in sustainable development and management of resources, protection of the environment, international cooperation and regional security. The second part of this paper focuses on the national space strategies and indicates the main priorities and trends. The priorities vary from one country to the other and can include science, navigation, earth observation, human space flight, launchers, technology development, and/or applications. The motivation for investing in space activities also change (e.g. international cooperation, industrial competitiveness, societal benefits, job creation).

Security Vulnerability Profiles of NASA Mission Software: Empirical Analysis of Security Related Bug Reports

NASA Technical Reports Server (NTRS)

Goseva-Popstojanova, Katerina; Tyo, Jacob P.; Sizemore, Brian

2017-01-01

NASA develops, runs, and maintains software systems for which security is of vital importance. Therefore, it is becoming an imperative to develop secure systems and extend the current software assurance capabilities to cover information assurance and cybersecurity concerns of NASA missions. The results presented in this report are based on the information provided in the issue tracking systems of one ground mission and one flight mission. The extracted data were used to create three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified the software bugs that are security related and classified them in specific security classes. This information was then used to create the security vulnerability profiles (i.e., to determine how, why, where, and when the security vulnerabilities were introduced) and explore the existence of common trends. The main findings of our work include:- Code related security issues dominated both the Ground and Flight mission IVV security issues, with 95 and 92, respectively. Therefore, enforcing secure coding practices and verification and validation focused on coding errors would be cost effective ways to improve mission's security. (Flight mission Developers issues dataset did not contain data in the Issue Category.)- In both the Ground and Flight mission IVV issues datasets, the majority of security issues (i.e., 91 and 85, respectively) were introduced in the Implementation phase. In most cases, the phase in which the issues were found was the same as the phase in which they were introduced. The most security related issues of the Flight mission Developers issues dataset were found during Code Implementation, Build Integration, and Build Verification; the data on the phase in which these issues were introduced were not available for this dataset.- The location of security related issues, as the location of software issues in general, followed the Pareto principle. Specifically, for all three datasets, from 86 to 88 the security related issues were located in two to four subsystems.- The severity levels of most security issues were moderate, in all three datasets.- Out of 21 primary security classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, these classes contributed from around 80 to 90 of all security issues in each dataset. This again proves the Pareto principle of uneven distribution of security issues, in this case across CWE classes, and supports the fact that addressing these dominant security classes provides the most cost efficient way to improve missions' security. The findings presented in this report uncovered the security vulnerability profiles and identified the common trends and dominant classes of security issues, which in turn can be used to select the most efficient secure design and coding best practices compiled by the part of the SARP project team associated with the NASA's Johnson Space Center. In addition, these findings provide valuable input to the NASA IVV initiative aimed at identification of the two 25 CWEs of ground and flight missions.

Research on early warning of food security using a system dynamics model: evidence from Jiangsu province in China.

PubMed

Xu, Jianling; Ding, Yi

2015-01-01

Analyzing the early warning of food security, this paper sets the self-sufficiency rate as the principal indicator in a standpoint of supplement. It is common to use the quantitative methods to forecast and warning the insecurity. However, this paper considers more about the probable outcome when the government intervenes. By constructing the causal feedbacks among grain supplement, demand, productive input, and the policy factors to simulate the future food security in Jiangsu province, conclusions can be drawn as the following: (1) The situation of food security is insecure if the self-sufficiency rate is under 68.3% according to the development of system inertia. (2) it is difficult to guarantee the food security in Jiangsu just depending on the increase of grain sown area. (3) The valid solution to ensure the food security in Jiangsu is to improve the productivity. © 2015 Institute of Food Technologists®

Is the secure base phenomenon evident here, there, and anywhere? A cross-cultural study of child behavior and experts' definitions.

PubMed

Posada, German; Lu, Ting; Trumbell, Jill; Kaloustian, Garene; Trudel, Marcel; Plata, Sandra J; Peña, Paola P; Perez, Jennifer; Tereno, Susana; Dugravier, Romain; Coppola, Gabrielle; Constantini, Alessandro; Cassibba, Rosalinda; Kondo-Ikemura, Kiyomi; Nóblega, Magaly; Haya, Ines M; Pedraglio, Claudia; Verissimo, Manuela; Santos, Antonio J; Monteiro, Ligia; Lay, Keng-Ling

2013-01-01

The evolutionary rationale offered by Bowlby implies that secure base relationships are common in child-caregiver dyads and thus, child secure behavior observable across diverse social contexts and cultures. This study offers a test of the universality hypothesis. Trained observers in nine countries used the Attachment Q-set to describe the organization of children's behavior in naturalistic settings. Children (N = 547) were 10-72 months old. Child development experts (N = 81) from all countries provided definitions of optimal child secure base use. Findings indicate that children from all countries use their mother as a secure base. Children's organization of secure base behavior was modestly related to each other both within and across countries. Experts' descriptions of the optimally attached child were highly similar across cultures. © 2013 The Authors. Child Development © 2013 Society for Research in Child Development, Inc.

20 CFR 404.1007 - Common-law employee.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Common-law employee. 404.1007 Section 404.1007 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Employment § 404.1007...

20 CFR 404.1007 - Common-law employee.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Common-law employee. 404.1007 Section 404.1007 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Employment § 404.1007...

20 CFR 404.1007 - Common-law employee.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Common-law employee. 404.1007 Section 404.1007 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Employment § 404.1007...

Genetic moderation of stability in attachment security from early childhood to age 18 years: A replication study.

PubMed

Raby, K Lee; Roisman, Glenn I; Booth-LaForce, Cathryn

2015-11-01

A longstanding question for attachment theory and research is whether genetically based characteristics of the child influence the development of attachment security and its stability over time. This study attempted to replicate and extend recent findings indicating that the developmental stability of attachment security is moderated by oxytocin receptor (OXTR) genetic variants. Using longitudinal data from over 550 individuals, there was no evidence that OXTR rs53576 moderated the association between attachment security during early childhood and overall coherence of mind ("security") during the Adult Attachment Interview at age 18 years. Additional analyses involving a second commonly investigated OXTR variant (rs2254298) and indices of individuals' dismissing and preoccupied attachment states of mind also failed to provide robust evidence for oxytonergic moderation of the stability in attachment security across development. The discussion focuses on research strategies for investigating genetic contributions to attachment security across the life span. (c) 2015 APA, all rights reserved).

Evaluation of the awareness and effectiveness of IT security programs in a large publicly funded health care system.

PubMed

Hepp, Shelanne L; Tarraf, Rima C; Birney, Arden; Arain, Mubashir Aslam

2017-01-01

Electronic health records are becoming increasingly common in the health care industry. Although information technology (IT) poses many benefits to improving health care and ease of access to information, there are also security and privacy risks. Educating health care providers is necessary to ensure proper use of health information systems and IT and reduce undesirable outcomes. This study evaluated employees' awareness and perceptions of the effectiveness of two IT educational training modules within a large publicly funded health care system in Canada. Semi-structured interviews and focus groups included a variety of professional roles within the organisation. Participants also completed a brief demographic data sheet. With the consent of participants, all interviews and focus groups were audio recorded. Thematic analysis and descriptive statistics were used to evaluate the effectiveness of the IT security training modules. Five main themes emerged: (i) awareness of the IT training modules, (ii) the content of modules, (iii) staff perceptions about differences between IT security and privacy issues, (iv) common breaches of IT security and privacy, and (v) challenges and barriers to completing the training program. Overall, nonclinical staff were more likely to be aware of the training modules than were clinical staff. We found e-learning was a feasible way to educate a large number of employees. However, health care providers required a module on IT security and privacy that was relatable and applicable to their specific roles. Strategies to improve staff education and mitigate against IT security and privacy risks are discussed. Future research should focus on integrating health IT competencies into the educational programs for health care professionals.

The appropriate and effective use of security technologies in U.S. schools : a guide for schools and law enforcement agencies.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Green, Mary Wilson

The purpose of this report is to provide school administrators with the ability to determine their security system requirements, so they can make informed decisions when working with vendors and others to improve their security posture. This is accomplished by (1) explaining a systems-based approach to defining the objectives and needs of the system, and (2), providing information on the ability of common components (sensors, cameras, metal detectors, etc) to achieve those objectives, in an effectively integrated system.

Common Capabilities for Trust and Security in Service Oriented Infrastructures

NASA Astrophysics Data System (ADS)

Brossard, David; Colombo, Maurizio

In order to achieve agility of the enterprise and shorter concept-to-market timescales for new services, IT and communication providers and their customers increasingly use technologies and concepts which come together under the banner of the Service Oriented Infrastructure (SOI) approach. In this paper we focus on the challenges relating to SOI security. The solutions presented cover the following areas: i) identity federation, ii) distributed usage & access management, and iii) context-aware secure messaging, routing & transformation. We use a scenario from the collaborative engineering space to illustrate the challenges and the solutions.

Understanding of the Cyber Security and the Development of CAPTCHA

NASA Astrophysics Data System (ADS)

Yang, Yu

2018-04-01

CAPTCHA is the abbreviation of "Completely Automated Public Turing Test to Tell Computers and Humans Apart", which is a program algorithm for distinguishing between computers and humans. It is able to generate and evaluate tests that are easy for human to pass yet are not possible for computers to. Common CAPTCHA generally contains symbols, text, pictures, and even videos, which is mainly used for human-computer verification. With the popularization of the Internet and its related applications, many malicious attacks against websites, systems and servers gradually appear. Therefore, the research on CAPTCHA is especially important. This article will briefly summarize and introduce the existing CAPTCHA technology, and summarizes the common problems of network attacks and information security. After listing the common type of CAPTCHA, it will finally propose feasible suggestions for the development of CAPTCHA.

76 FR 4833 - Security Zones; Cruise Ships, Port of San Diego, CA

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-27

...The Coast Guard proposes to amend 33 CFR 165.1108, Security Zones; Cruise Ships, Port of San Diego, California, by providing a common description of all security zones created by this section to encompass only navigable waters within a 100 yard radius around any cruise ship that is located within the San Diego port area landward of the sea buoys bounding the Port of San Diego. This notice of proposed rulemaking is necessary to provide for the safety of the cruise ship, vessels, and users of the waterway. Entry into these security zones will be prohibited unless specifically authorized by the Captain of the Port (COTP) San Diego, or his designated representative.

Secure and Authenticated Data Communication in Wireless Sensor Networks.

PubMed

Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

2015-08-10

Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

Secure and Authenticated Data Communication in Wireless Sensor Networks

PubMed Central

Alfandi, Omar; Bochem, Arne; Kellner, Ansgar; Göge, Christian; Hogrefe, Dieter

2015-01-01

Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes. PMID:26266413

Breakfast-Skipping and Selecting Low-Nutritional-Quality Foods for Breakfast Are Common among Low-Income Urban Children, Regardless of Food Security Status.

PubMed

Dykstra, Holly; Davey, Adam; Fisher, Jennifer O; Polonsky, Heather; Sherman, Sandra; Abel, Michelle L; Dale, Lauren C; Foster, Gary D; Bauer, Katherine W

2016-03-01

Universal access to the School Breakfast Program (SBP) is intended to help low-income and food-insecure students overcome barriers to eating breakfast. However, SBP participation is often still low despite universal access. Further information is needed with regard to these children's breakfast behaviors, and in particular breakfast behaviors among youth from food-insecure families, to inform effective breakfast interventions. The objective of this study was to examine breakfast behaviors among a large sample of urban students with universal access to the SBP and to identify differences in breakfast behaviors among children from food-secure compared with food-insecure households. A cross-sectional study of 821 fourth- through sixth-grade students and their parents from 16 schools was conducted. Students reported the foods/drinks selected and location of obtaining food/drink on the morning of data collection, parents reported household food security status using the 6-item Food Security Survey Module, and the school district provided SBP participation data during the fall semester of 2013. Multivariable linear regression models accounting for school-level clustering were used to examine differences in breakfast behaviors across 3 levels of household food security: food secure, low food secure, and very low food secure. Students participated in the SBP 31.2% of possible days, with 13% never participating in the SBP. One-fifth (19.4%) of students purchased something from a corner store for breakfast, and 16.9% skipped breakfast. Forty-six percent of students were food insecure; few differences in breakfast behaviors were observed across levels of food security. Despite universal access to the SBP, participation in the SBP is low. Breakfast skipping and selection of foods of low nutritional quality in the morning are common, regardless of household food security status. Additional novel implementation of the SBP and addressing students' breakfast preferences may be necessary to further reduce barriers to students obtaining a free, healthful breakfast. This trial was registered at clinicaltrials.gov as NCT01924130. © 2016 American Society for Nutrition.

Information Systems Security Management: A Review and a Classification of the ISO Standards

NASA Astrophysics Data System (ADS)

Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

Lessons from Central and Southeast Europe for the Expanding Alliances

DTIC Science & Technology

2008-06-01

more than a token material and personnel contribution to alliances? Examining three geographically close but historically distinct cases, Austria...security regimes such as the United Nations, North Atlantic Treaty Organization and the European Union . Second, the three nations’ historical and...Collective Security, Collective Defense, Civil-Military Relations, North Atlantic Treaty Organization (NATO), European Union (EU) Common Foreign and

Does Financial Literacy Contribute to Food Security?

PubMed

Carman, Katherine G; Zamarro, Gema

2016-01-01

Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members, is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity.

Maritime Security in the Gulf of Guinea Subregion: Threats, Challenges and Solutions

DTIC Science & Technology

2011-03-16

the GoG maritime domain. These threats adversely impact the socio-economic and political fabrics of most countries within the region. Poaching ...geographical location as well as environmental and demographic factors. Poaching , piracy, transnational crime, boundary disputes and environmental...and demographic factors. Poaching , piracy, transnational crime, boundary disputes and environmental degradation are common threats to security of the

The Effect of the Social Security Earnings Test on Male Labor Supply: New Evidence from Survey and Administrative Data

ERIC Educational Resources Information Center

Haider, Steven J.; Loughran, David S.

2008-01-01

Despite numerous empirical studies, there is surprisingly little agreement about whether the Social Security earnings test affects male labor supply. In this paper, we provide a comprehensive analysis of the labor supply effects of the earnings test using longitudinal administrative earnings data and more commonly used survey data. We find that…

Gender Differences in the Field of Information Security Technology Management: A Qualitative, Phenomenological Study

ERIC Educational Resources Information Center

Johnson, Marcia L.

2013-01-01

This qualitative study explored why there are so few senior women in the information security technology management field and whether gender played a part in the achievement of women in the field. Extensive interviews were performed to capture the lived experiences of successful women in the field regarding the obstacles and common denominators of…

Resolving the Problem of Aligning Communities of Interest, Data Format Differences, Orthogonal Sensor Views, Intermittency, and Security - DoD Homeland Security Command and Control Advanced Concept Technology Demonstration

DTIC Science & Technology

2005-06-01

provisioning, maintaining and guaranteeing service levels for the shared services ? Although these shared, distributed services lie well within the... shared services that interact with a common object definition for transporting alerts. The system is built on top of a rapid SOA application

78 FR 4879 - Nine Mile Point 3 Nuclear Project, LLC and UniStar Nuclear Operating Services, LLC Combined...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-23

... Analysis Report (FSAR). On December 1, 2009, UniStar Nuclear Energy (UNE), acting on behalf of the COL... Exclusion From Environmental Review With respect to the exemption's impact on the quality of the human... relation to security issues. Therefore, the common defense and security is not impacted by this exemption...

New Developments in Tax Exempt Institutions. Exempt Organizations Which Lend Securities Risk Imposition of Unrelated Business Tax

ERIC Educational Resources Information Center

Stern, Sue S.; Sullivan, Richard B.

1976-01-01

The practice by exempt organizations of lending securities to brokerage houses is becoming more common. The possibility is weighed that organizations may encounter unrelated business tax assessments if the practice is classified as a trade or business. The authors examine the concept of trade or business in other tax settings and explore the…

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Additional Security Considerations for Grid Management

NASA Technical Reports Server (NTRS)

Eidson, Thomas M.

2003-01-01

The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

A survey of visualization systems for network security.

PubMed

Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

2012-08-01

Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

An Experiment with CC Version 3.0 Migration

DTIC Science & Technology

2006-09-01

7th International Common Criteria Conference Lanzarote , Spain September 19-21, 2006 An Experiment with CC Version 3.0 Migration Thuy D. Nguyen...SUPPLEMENTARY NOTES 7th International Common Criteria Conference (ICCC 06), Lanzarote , Spaon, 19-21 Sep 2006 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-04-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-01-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

The Defense Science Board Task Force on Tactical Battlefield Communications

DTIC Science & Technology

1999-12-01

impact of the system is clearly under appreciated. It could be the foundation for a common- user , QoS, Internet and could integrate legacy systems...into a common- user framework as is occurring in the private sector. Unfortunately, the networking aspects of the system are being lost; the focus...system-centric framework to a common- user , internetwork framework . Recommendation V—Information Security

Protecting the Ozone Shield: A New Public Policy

DTIC Science & Technology

1991-04-01

Public Policy Issue; Alterna- 11 tives; Risk Management; Clean Air Act; Global Warming 16. PRICE CODE 17. SECURITY CLASSIFICATION 𔄂. SECURITY...pattern of global warming , commonly known as "the greenhouse effect. 1 OVERVIEW OF THE OZONE DEPLETION PUBLIC POLICY ISSUE In 1974, two atmospheric...inhabitants from the harmful effects of increased UVb radiation and global warming . Another dilemma surrounds this public policy issue since the first

To designate the facility of the United States Postal Service located at 1100 Town and Country Commons in Chesterfield, Missouri, as the "Lance Corporal Matthew P. Pathenos Post Office Building".

THOMAS, 111th Congress

Rep. Akin, W. Todd [R-MO-2

2009-02-26

Senate - 04/23/2009 Committee on Homeland Security and Governmental Affairs referred to Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security. (All Actions) Tracker: This bill has the status Passed HouseHere are the steps for Status of Legislation:

Does Financial Literacy Contribute to Food Security?

PubMed Central

Carman, Katherine G.; Zamarro, Gema

2016-01-01

Food insecurity, not having consistent access to adequate food for active, healthy lives for all household members, is most common among low income households. However, income alone is not sufficient to explain who experiences food insecurity. This study investigates the relationship between financial literacy and food security. We find that low income households who exhibit financial literacy are less likely to experience food insecurity. PMID:26949563

Multiuser Transmit Beamforming for Maximum Sum Capacity in Tactical Wireless Multicast Networks

DTIC Science & Technology

2006-08-01

commonly used extended Kalman filter . See [2, 5, 6] for recent tutorial overviews. In particle filtering , continuous distributions are approximated by...signals (using and developing associated particle filtering tools). Our work on these topics has been reported in seven (IEEE, SIAM) journal papers and...multidimensional scaling, tracking, intercept, particle filters . 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT 18. SECURITY CLASSIFICATION OF

Between Heroes and Guardians: General Lyman L. Lemnitzer and General Charles H. Bonesteel III

DTIC Science & Technology

2015-05-21

16 David S. Patterson , Paul Claussen, Evan M. Duncan, Jeffrey A. Soukup, eds., Foreign Relations...Korea, 1966-1969, Leavenworth Papers no 19 (Fort Leavenworth: Combat Studies Institute, 1991); Amos A. Jordan, Jr ., Issues of National Security in...Representative in Europe, Mutual Security Program, Paris, France, 1952-53. 20 Allan R. Millett, Peter Maslowski, and William B. Feis, For the Common

U.S., Soviets Face Common Science Problems.

ERIC Educational Resources Information Center

Lepkowski, Wil

1981-01-01

Summarizes recent findings reported in a two-volume publication, "Science Policy: USA/USSR," issued by the National Science Foundation. Volumes I and II review U.S. and Soviet science policy in research and development, respectively. Comparisons are made concerning common problems around energy, environment, and the meaning of security.…

10 CFR 25.11 - Specific exemptions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... and safety, and are consistent with the common defense and security; or (b) Coincidental with one or... others similarly situated; (4) When the exemption would result in benefit to the common defense and... licensee or applicant has made good faith efforts to comply with the regulation; (6) When there is any...

10 CFR 25.11 - Specific exemptions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... and safety, and are consistent with the common defense and security; or (b) Coincidental with one or... others similarly situated; (4) When the exemption would result in benefit to the common defense and... licensee or applicant has made good faith efforts to comply with the regulation; (6) When there is any...

32 CFR 223.4 - Policy.

Code of Federal Regulations, 2010 CFR

2010-07-01

... significant adverse effect on the health and safety of the public or the common defense and security by... publicly available to the fullest extent possible by applying the minimum restrictions consistent with the requirements of 10 U.S.C. 128 necessary to protect the health and safety of the public or the common defense...

A Decisive Point in the War on Terrorism

DTIC Science & Technology

2007-04-05

in their embryos .”4 The vision articulated in The National Security Strategy for Combating Terrorism requires winning not only the close battles...common set of ideas about the nature and destiny of the world, and a common goal of ushering in totalitarian rule. What unites the movement is the

76 FR 15216 - Security Zones; Cruise Ships, Port of San Diego, CA

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-21

...The Coast Guard is amending its regulations for Security Zones; Cruise Ships, Port of San Diego, California, by providing a common description of all security zones created by this section to encompass only navigable waters within a 100 yard radius around any cruise ship that is located within the San Diego port area landward of the sea buoys bounding the Port of San Diego. This final rule removes a reference to shore area that is no longer necessary to provide for the safety of the cruise ship, vessels, and users of the waterway. Entry into these security zones will be prohibited unless specifically authorized by the Captain of the Port (COTP) San Diego, or a COTP designated representative.

A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments.

PubMed

Farash, Mohammad Sabzinejad; Nawaz, Omer; Mahmood, Khalid; Chaudhry, Shehzad Ashraf; Khan, Muhammad Khurram

2016-07-01

To enhance the quality of healthcare in the management of chronic disease, telecare medical information systems have increasingly been used. Very recently, Zhang and Qi (J. Med. Syst. 38(5):47, 32), and Zhao (J. Med. Syst. 38(5):46, 33) separately proposed two authentication schemes for telecare medical information systems using radio frequency identification (RFID) technology. They claimed that their protocols achieve all security requirements including forward secrecy. However, this paper demonstrates that both Zhang and Qi's scheme, and Zhao's scheme could not provide forward secrecy. To augment the security, we propose an efficient RFID authentication scheme using elliptic curves for healthcare environments. The proposed RFID scheme is secure under common random oracle model.

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices.

PubMed

Marin, Leandro; Pawlowski, Marcin Piotr; Jara, Antonio

2015-08-28

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol.

Quantum solution to a class of two-party private summation problems

NASA Astrophysics Data System (ADS)

Shi, Run-Hua; Zhang, Shun

2017-09-01

In this paper, we define a class of special two-party private summation (S2PPS) problems and present a common quantum solution to S2PPS problems. Compared to related classical solutions, our solution has advantages of higher security and lower communication complexity, and especially it can ensure the fairness of two parties without the help of a third party. Furthermore, we investigate the practical applications of our proposed S2PPS protocol in many privacy-preserving settings with big data sets, including private similarity decision, anonymous authentication, social networks, secure trade negotiation, secure data mining.

Technologies for distributed defense

NASA Astrophysics Data System (ADS)

Seiders, Barbara; Rybka, Anthony

2002-07-01

For Americans, the nature of warfare changed on September 11, 2001. Our national security henceforth will require distributed defense. One extreme of distributed defense is represented by fully deployed military troops responding to a threat from a hostile nation state. At the other extreme is a country of 'citizen soldiers', with families and communities securing their common defense through heightened awareness, engagement as good neighbors, and local support of and cooperation with local law enforcement, emergency and health care providers. Technologies - for information exploitation, biological agent detection, health care surveillance, and security - will be critical to ensuring success in distributed defense.

Improved Optical Document Security Techniques Based on Volume Holography and Lippmann Photography

NASA Astrophysics Data System (ADS)

Bjelkhagen, Hans I.

Optical variable devices (OVDs), such as holograms, are now common in the field of document security. Up until now mass-produced embossed holograms or other types of mass-produced OVDs are used not only for banknotes but also for personalized documents, such as passports, ID cards, travel documents, driving licenses, credit cards, etc. This means that identical OVDs are used on documents issued to individuals. Today, there is need for a higher degree of security on such documents and this chapter covers new techniques to make improved mass-produced or personalized OVDs.

What's in a Name?

NASA Astrophysics Data System (ADS)

Bonneau, Joseph; Just, Mike; Matthews, Greg

We study the efficiency of statistical attacks on human authentication systems relying on personal knowledge questions. We adapt techniques from guessing theory to measure security against a trawling attacker attempting to compromise a large number of strangers' accounts. We then examine a diverse corpus of real-world statistical distributions for likely answer categories such as the names of people, pets, and places and find that personal knowledge questions are significantly less secure than graphical or textual passwords. We also demonstrate that statistics can be used to increase security by proactively shaping the answer distribution to lower the prevalence of common responses.

Evaluation of IT security – genesis and its state-of-art

NASA Astrophysics Data System (ADS)

Livshitz, I. I.; Neklyudov, A. V.; Lontsikh, P. A.

2018-05-01

It is topical to evolve processes of an evaluation of the IT security nowadays. Formation and application of common evaluation approaches to the IT component, which are processed by the governmental and civil organizations, are still not solving problem. Successful processing of the independent evaluation for conformity with a security standard is supposed to be the main criteria of a suitability of any IT component to be used in a trusted computer system. The solution of the mentioned-above problem is suggested through the localization of all research, development and producing processes in a national trusted area (digital sovereignty).

Integrating security in a group oriented distributed system

NASA Technical Reports Server (NTRS)

Reiter, Michael; Birman, Kenneth; Gong, LI

1992-01-01

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

Quantum key distribution with an efficient countermeasure against correlated intensity fluctuations in optical pulses

NASA Astrophysics Data System (ADS)

Yoshino, Ken-ichiro; Fujiwara, Mikio; Nakata, Kensuke; Sumiya, Tatsuya; Sasaki, Toshihiko; Takeoka, Masahiro; Sasaki, Masahide; Tajima, Akio; Koashi, Masato; Tomita, Akihisa

2018-03-01

Quantum key distribution (QKD) allows two distant parties to share secret keys with the proven security even in the presence of an eavesdropper with unbounded computational power. Recently, GHz-clock decoy QKD systems have been realized by employing ultrafast optical communication devices. However, security loopholes of high-speed systems have not been fully explored yet. Here we point out a security loophole at the transmitter of the GHz-clock QKD, which is a common problem in high-speed QKD systems using practical band-width limited devices. We experimentally observe the inter-pulse intensity correlation and modulation pattern-dependent intensity deviation in a practical high-speed QKD system. Such correlation violates the assumption of most security theories. We also provide its countermeasure which does not require significant changes of hardware and can generate keys secure over 100 km fiber transmission. Our countermeasure is simple, effective and applicable to wide range of high-speed QKD systems, and thus paves the way to realize ultrafast and security-certified commercial QKD systems.

A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

PubMed

Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

2011-01-01

User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

Certified Training for Nuclear and Radioactive Source Security Management.

PubMed

Johnson, Daniel

2017-04-01

Radioactive sources are used by hospitals, research facilities and industry for such purposes as diagnosing and treating illnesses, sterilising equipment and inspecting welds. Unfortunately, many States, regulatory authorities and licensees may not appreciate how people with malevolent intentions could use radioactive sources, and statistics confirm that a number of security incidents happen around the globe. The adversary could be common thieves, activists, insiders, terrorists and organised crime groups. Mitigating this risk requires well trained and competent staff who have developed the knowledge, attributes and skills necessary to successfully discharge their security responsibilities. The International Atomic Energy Agency and the World Institute for Nuclear Security are leading international training efforts. The target audience is a multi-disciplinary group of professionals with management responsibilities for security at facilities with radioactive sources. These efforts to promote training and competence amongst practitioners have been recognised at the 2014 and 2016 Nuclear Security and Nuclear Industry Summits. © The Author 2016. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone

NASA Astrophysics Data System (ADS)

Sihombing, P.; Siregar, Y. M.; Tarigan, J. T.; Jaya, I.; Turnip, A.

2018-03-01

Security system is one of the common problems to protect an environment such as personal house or a warehouse. There are numerous methods and technologies that can be used as part of a security system. In this paper, we present a security system that offers a better efficiency. The purpose of this study is to build a system that can monitor home security at any time in particular fire and theft. Through sensors, the system will be able to provide warning information of hazard conditions via LCD monitor, sound, and alarm. This information will be sent automatically to the home owner’s smartphone as well as to the corresponding to the security agency. Thus the prevention of theft and fire hazards can be immediately anticipated by the police and firefighters. The system will also notify the position of the coordinates of the location of the building (the house) by a link to the Google map in order to make it easier to get the location quickly.

Applying your corporate compliance skills to the HIPAA security standard.

PubMed

Carter, P I

2000-01-01

Compliance programs are an increasingly hot topic among healthcare providers. These programs establish policies and procedures covering billing, referrals, gifts, confidentiality of patient records, and many other areas. The purpose is to help providers prevent and detect violations of the law. These programs are voluntary, but are also simply good business practice. Any compliance program should now incorporate the Health Insurance Portability and Accountability Act (HIPAA) security standard. Several sets of guidelines for development of compliance programs have been issued by the federal government, and each is directed toward a different type of healthcare provider. These guidelines share certain key features with the HIPAA security standard. This article examines the common areas between compliance programs and the HIPAA security standard to help you to do two very important things: (1) Leverage your resources by combining compliance with the security standard with other legal and regulatory compliance efforts, and (2) apply the lessons learned in developing your corporate compliance program to developing strategies for compliance with the HIPAA security standard.

A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

PubMed Central

Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

2011-01-01

User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das’ protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs. PMID:22163874

School Security Measures and Longitudinal Trends in Adolescents' Experiences of Victimization.

PubMed

Fisher, Benjamin W; Mowen, Thomas J; Boman, John H

2018-06-01

Although school security measures have become a common fixture in public schools across the United States, research on the relationship between security and adolescent victimization is mixed, with very few studies examining trends in adolescent victimization across time. Using two waves of data from the Educational Longitudinal Study 2002 (N = 7659; 50.6% female; 56.7% White, 13.3% Black, 13.5% Hispanic, 11.3% Asian American, 5.4% other race), results from a series of multi-level models demonstrate that adolescents in schools with more security measures report higher odds of being threatened with harm, and no difference in odds of being in a physical altercation or having something stolen over time. Although prior research has established racial disparities in using school security measures, results demonstrate inconsistent patterns in the extent to which adolescents' race conditions the relationship between security and victimization. The findings are discussed in light of existing theoretical and empirical work, and implications for both research and practice are offered.

SPCC- Software Elements for Security Partition Communication Controller

NASA Astrophysics Data System (ADS)

Herpel, H. J.; Willig, G.; Montano, G.; Tverdyshev, S.; Eckstein, K.; Schoen, M.

2016-08-01

Future satellite missions like Earth Observation, Telecommunication or any other kind are likely to be exposed to various threats aiming at exploiting vulnerabilities of the involved systems and communications. Moreover, the growing complexity of systems coupled with more ambitious types of operational scenarios imply increased security vulnerabilities in the future. In the paper we will describe an architecture and software elements to ensure high level of security on-board a spacecraft. First the threats to the Security Partition Communication Controller (SPCC) will be addressed including the identification of specific vulnerabilities to the SPCC. Furthermore, appropriate security objectives and security requirements are identified to be counter the identified threats. The security evaluation of the SPCC will be done in accordance to the Common Criteria (CC). The Software Elements for SPCC has been implemented on flight representative hardware which consists of two major elements: the I/O board and the SPCC board. The SPCC board provides the interfaces with ground while the I/O board interfaces with typical spacecraft equipment busses. Both boards are physically interconnected by a high speed spacewire (SpW) link.

Secure detection in quantum key distribution by real-time calibration of receiver

NASA Astrophysics Data System (ADS)

Marøy, Øystein; Makarov, Vadim; Skaar, Johannes

2017-12-01

The single-photon detectionefficiency of the detector unit is crucial for the security of common quantum key distribution protocols like Bennett-Brassard 1984 (BB84). A low value for the efficiency indicates a possible eavesdropping attack that exploits the photon receiver’s imperfections. We present a method for estimating the detection efficiency, and calculate the corresponding secure key generation rate. The estimation is done by testing gated detectors using a randomly activated photon source inside the receiver unit. This estimate gives a secure rate for any detector with non-unity single-photon detection efficiency, both inherit or due to blinding. By adding extra optical components to the receiver, we make sure that the key is extracted from photon states for which our estimate is valid. The result is a quantum key distribution scheme that is secure against any attack that exploits detector imperfections.

A study of gunshot suicides in Northern Ireland from 1989 to 1993.

PubMed

Armour, A

1996-01-01

A study of 104 gunshot suicides, including six women, in Northern Ireland over a 5-year period. Forty-five suicides in the security forces are compared with 59 which took place in the civilian population. The former were commonly associated with marital problems and overwhelmingly occurred in young males under the age of 40, whereas the civilian deaths were predominantly associated with mental ill health, with a wider age range distribution. The security forces used rifled weapons in 44 cases, whereas civilians used shotguns in 46 cases. Twelve out of the 45 were witnessed, compared to one in the civilian population. The security forces favoured the head as site of entry in 40 cases compared to 35 in the civilian population. Alcohol consumption was involved in 23 of the security forces suicides and 18 civilian. Of the 6 women, one was in the security forces and 4 had a history of mental illness.

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

Implementing healthcare information security: standards can help.

PubMed

Orel, Andrej; Bernik, Igor

2013-01-01

Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

Medical tourism services available to residents of the United States.

PubMed

Alleman, Brandon W; Luger, Tana; Reisinger, Heather Schacht; Martin, Rene; Horowitz, Michael D; Cram, Peter

2011-05-01

There are growing reports of United States (US) residents traveling overseas for medical care, but empirical data about medical tourism are limited. To characterize the businesses and business practices of entities promoting medical tourism and the types and costs of procedures being offered. DESIGN, PARTICIPANTS, AND OUTCOMES: Between June and August 2008, we conducted a telephone survey of all businesses engaged in facilitating overseas medical travel for US residents. We collected information from each company including: the number of employees; number of patients referred overseas; medical records security processes; destinations to which patients were referred; treatments offered; treatment costs; and whether patient outcomes were collected. We identified 63 medical tourism companies and 45 completed our survey (71%). Companies had a mean of 9.8 employees and had referred an average of 285 patients overseas (a total of approximately 13,500 patients). 35 (79%) companies reported requiring accreditation of foreign providers, 22 (50%) collected patient outcome data, but only 17 (39%) described formal medical records security policies. The most common destinations were India (23 companies, 55%), Costa Rica (14, 33%), and Thailand (12, 29%). The most common types of care included orthopedics (32 companies, 73%), cardiac care (23, 52%), and cosmetic surgery (29, 66%). 20 companies (44%) offered treatments not approved for use in the US--most commonly stem cell therapy. Average costs for common procedures, CABG ($18,600) and knee arthroplasty ($10,800), were similar to previous reports. The number of Americans traveling overseas for medical care with assistance from medical tourism companies is relatively small. Attention to medical records security and patient outcomes is variable and cost-savings are dependent on US prices. That said, overseas medical care can be a reasonable alternative for price sensitive patients in need of relatively common, elective medical procedures.

Use of a "secure room" and a security guard in the management of the violent, aggressive or suicidal patient in a rural hospital: a 3-year audit.

PubMed

Brock, Gordon; Gurekas, Vydas; Gelinas, Anne-Fredrique; Rollin, Karina

2009-01-01

Little has been published on the management of psychiatric crises in rural areas, and little is known of the security needs or use of "secure rooms" in rural hospitals. We conducted a 3-year retrospective chart audit on the use of our secure room/security guard system at a rural hospital in a town of 3500, located 220 km from our psychiatric referral centre. Use of our secure room/security guard system occurred at the rate of 1.1 uses/1000 emergency department visits, with the most common indication being physician perception of risk of patient suicide or self-harm. Concern for staff safety was a factor in 10% of uses. Eighty percent of patients were treated locally, with most being released from the secure room after 2 days or less. Fourteen percent of patients required ultimate transfer to our psychiatric referral centre and 6% to a detoxification centre. The average annual cost of security was $16 259.61. A secure room can provide the opportunity for close observation of a potentially self-harming patient, additional security for staff and early warning if a patient flees the hospital. Most admissions were handled locally, obviating the need for transfer to distant psychiatric referral centres. Most patients who were admitted were already known as having a psychiatric illness and 80% of the patients required the use of the secure room/security guard system for less than a 2-night stay, suggesting that most rural mental health crises pass quickly. Most patients admitted to a rural hospital with a mental health crisis can be managed locally if an adequate secure room/security guard system is available.

Data Safe Havens and Trust: Toward a Common Understanding of Trusted Research Platforms for Governing Secure and Ethical Health Research

PubMed Central

Nicholls, Jacqueline; Dobbs, Christine; Sethi, Nayha; Cunningham, James; Ainsworth, John; Heaven, Martin; Peacock, Trevor; Peacock, Anthony; Jones, Kerina; Laurie, Graeme; Kalra, Dipak

2016-01-01

In parallel with the advances in big data-driven clinical research, the data safe haven concept has evolved over the last decade. It has led to the development of a framework to support the secure handling of health care information used for clinical research that balances compliance with legal and regulatory controls and ethical requirements while engaging with the public as a partner in its governance. We describe the evolution of 4 separately developed clinical research platforms into services throughout the United Kingdom-wide Farr Institute and their common deployment features in practice. The Farr Institute is a case study from which we propose a common definition of data safe havens as trusted platforms for clinical academic research. We use this common definition to discuss the challenges and dilemmas faced by the clinical academic research community, to help promote a consistent understanding of them and how they might best be handled in practice. We conclude by questioning whether the common definition represents a safe and trustworthy model for conducting clinical research that can stand the test of time and ongoing technical advances while paying heed to evolving public and professional concerns. PMID:27329087

Utilizing Android and the Cloud Computing Environment to Increase Situational Awareness for a Mobile Distributed Response

DTIC Science & Technology

2012-03-01

by using a common communication technology there is no need to develop a complicated communications plan and generate an ad - hoc communications...DISTRIBUTION CODE A 13. ABSTRACT (maximum 200 words) Maintaining an accurate Common Operational Picture (COP) is a strategic requirement for...TERMS Android Programming, Cloud Computing, Common Operating Picture, Web Programing 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT

Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications.

PubMed

Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

2016-12-24

The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

Does standard deviation matter? Using "standard deviation" to quantify security of multistage testing.

PubMed

Wang, Chun; Zheng, Yi; Chang, Hua-Hua

2014-01-01

With the advent of web-based technology, online testing is becoming a mainstream mode in large-scale educational assessments. Most online tests are administered continuously in a testing window, which may post test security problems because examinees who take the test earlier may share information with those who take the test later. Researchers have proposed various statistical indices to assess the test security, and one most often used index is the average test-overlap rate, which was further generalized to the item pooling index (Chang & Zhang, 2002, 2003). These indices, however, are all defined as the means (that is, the expected proportion of common items among examinees) and they were originally proposed for computerized adaptive testing (CAT). Recently, multistage testing (MST) has become a popular alternative to CAT. The unique features of MST make it important to report not only the mean, but also the standard deviation (SD) of test overlap rate, as we advocate in this paper. The standard deviation of test overlap rate adds important information to the test security profile, because for the same mean, a large SD reflects that certain groups of examinees share more common items than other groups. In this study, we analytically derived the lower bounds of the SD under MST, with the results under CAT as a benchmark. It is shown that when the mean overlap rate is the same between MST and CAT, the SD of test overlap tends to be larger in MST. A simulation study was conducted to provide empirical evidence. We also compared the security of MST under the single-pool versus the multiple-pool designs; both analytical and simulation studies show that the non-overlapping multiple-pool design will slightly increase the security risk.

Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

PubMed Central

Fernández-Caramés, Tiago M.; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

2016-01-01

The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol. PMID:28029119

A Common Criteria-Based Team Project for High Assurance Secure Systems

DTIC Science & Technology

2005-01-01

experience in the FHM, full system documentation, and plenty of time. The students had little experience and little time. The MINIX operating... MINIX is a very appropriate target for student enhancements. Since the principle objective of Secure Systems is to teach the concepts of...to construct a system when one of the developmental threats is subversion. Because students were studying MINIX in a prerequisite operating systems

Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ondrej Linda; Todd Vollmer; Milos Manic

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, thismore » paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.« less

Identification of handheld objects for electro-optic/FLIR applications

NASA Astrophysics Data System (ADS)

Moyer, Steve K.; Flug, Eric; Edwards, Timothy C.; Krapels, Keith A.; Scarbrough, John

2004-08-01

This paper describes research on the determination of the fifty-percent probability of identification cycle criterion (N50) for two sets of handheld objects. The first set consists of 12 objects which are commonly held in a single hand. The second set consists of 10 objects commonly held in both hands. These sets consist of not only typical civilian handheld objects but also objects that are potentially lethal. A pistol, a cell phone, a rocket propelled grenade (RPG) launcher, and a broom are examples of the objects in these sets. The discrimination of these objects is an inherent part of homeland security, force protection, and also general population security. Objects were imaged from each set in the visible and mid-wave infrared (MWIR) spectrum. Various levels of blur are then applied to these images. These blurred images were then used in a forced choice perception experiment. Results were analyzed as a function of blur level and target size to give identification probability as a function of resolvable cycles on target. These results are applicable to handheld object target acquisition estimates for visible imaging systems and MWIR systems. This research provides guidance in the design and analysis of electro-optical systems and forward-looking infrared (FLIR) systems for use in homeland security, force protection, and also general population security.

An in fiber experimental approach to photonic quantum digital signatures that does not require quantum memory

NASA Astrophysics Data System (ADS)

Collins, Robert J.; Donaldon, Ross J.; Dunjko, Vedran; Wallden, Petros; Clarke, Patrick J.; Andersson, Erika; Jeffers, John; Buller, Gerald S.

2014-10-01

Classical digital signatures are commonly used in e-mail, electronic financial transactions and other forms of electronic communications to ensure that messages have not been tampered with in transit, and that messages are transferrable. The security of commonly used classical digital signature schemes relies on the computational difficulty of inverting certain mathematical functions. However, at present, there are no such one-way functions which have been proven to be hard to invert. With enough computational resources certain implementations of classical public key cryptosystems can be, and have been, broken with current technology. It is nevertheless possible to construct information-theoretically secure signature schemes, including quantum digital signature schemes. Quantum signature schemes can be made information theoretically secure based on the laws of quantum mechanics, while classical comparable protocols require additional resources such as secret communication and a trusted authority. Early demonstrations of quantum digital signatures required quantum memory, rendering them impractical at present. Our present implementation is based on a protocol that does not require quantum memory. It also uses the new technique of unambiguous quantum state elimination, Here we report experimental results for a test-bed system, recorded with a variety of different operating parameters, along with a discussion of aspects of the system security.

21 CFR 1301.76 - Other security controls for practitioners.

Code of Federal Regulations, 2014 CFR

2014-04-01

... nonpractitioners in § 1301.74 (a), (b), and (e). (d) Central fill pharmacies must comply with § 1301.74(e) when selecting private, common or contract carriers to transport filled prescriptions to a retail pharmacy for delivery to the ultimate user. When central fill pharmacies contract with private, common or contract...

21 CFR 1301.76 - Other security controls for practitioners.

Code of Federal Regulations, 2013 CFR

2013-04-01

... nonpractitioners in § 1301.74 (a), (b), and (e). (d) Central fill pharmacies must comply with § 1301.74(e) when selecting private, common or contract carriers to transport filled prescriptions to a retail pharmacy for delivery to the ultimate user. When central fill pharmacies contract with private, common or contract...

21 CFR 1301.76 - Other security controls for practitioners.

Code of Federal Regulations, 2012 CFR

2012-04-01

... nonpractitioners in § 1301.74 (a), (b), and (e). (d) Central fill pharmacies must comply with § 1301.74(e) when selecting private, common or contract carriers to transport filled prescriptions to a retail pharmacy for delivery to the ultimate user. When central fill pharmacies contract with private, common or contract...

Department of Homeland Security: Assessments of Selected Complex Acquisitions

DTIC Science & Technology

2010-06-01

10 The two nonmajor programs selected—the Biosurveillance Common...Management Directive AD 102-01, and approves acquisitions to proceed to their next acquisition life- cycle phases upon satisfaction of applicable ...programs are Biosurveillance Common Operating Network and the Integrated Public Alert and Warning System. BioWatch Generation-3 had not started

Laptop Use in University Common Spaces

ERIC Educational Resources Information Center

Wolff, Bill

2006-01-01

Anecdotal evidence existed about the many students who use their laptops and the wireless network in university common spaces, but little was known about how, where, and why students use laptops on campus, and less was known about students' awareness of university wireless network policies and security. This article discusses the results of a…

77 FR 4854 - Agency Information Collection Activities: Proposed Request and Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-31

... spousal applicant if the applicant claims a common-law marriage to the insured in a state in which such marriages are recognized, and no formal marriage documentation exists. SSA uses information we collect on... common-law marriage under state law. The respondents are applicants for spouse's Social Security benefits...

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices

PubMed Central

Marin, Leandro; Piotr Pawlowski, Marcin; Jara, Antonio

2015-01-01

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol. PMID:26343677

Early Attachment Organization Moderates the Parent-Child Mutually Coercive Pathway to Children’s Antisocial Conduct

PubMed Central

Kochanska, Grazyna; Barry, Robin A.; Stellern, Sarah A.; O’Bleness, Jessica J.

2009-01-01

This multi-method study of 101 mothers, fathers, and children elucidates poorly understood role of children’s attachment security as moderating a common maladaptive trajectory: from parental power assertion, to child resentful opposition, to child antisocial conduct. Children’s security was assessed at 15 months, parents’ power assertion observed at 25 and 38 months, children’s resentful opposition to parents observed at 52 months, and antisocial conduct rated by parents at 67 months. Moderated mediation analyses indicated that in insecure dyads, parental power assertion predicted children’s resentful opposition, which then predicted antisocial conduct. This mechanism was absent in secure dyads. Early insecurity acts as a catalyst for a dyad embarking on mutually adversarial path toward antisocial outcomes, whereas early security defuses this maladaptive trajectory. PMID:19630909

Security bound of cheat sensitive quantum bit commitment.

PubMed

He, Guang Ping

2015-03-23

Cheat sensitive quantum bit commitment (CSQBC) loosens the security requirement of quantum bit commitment (QBC), so that the existing impossibility proofs of unconditionally secure QBC can be evaded. But here we analyze the common features in all existing CSQBC protocols, and show that in any CSQBC having these features, the receiver can always learn a non-trivial amount of information on the sender's committed bit before it is unveiled, while his cheating can pass the security check with a probability not less than 50%. The sender's cheating is also studied. The optimal CSQBC protocols that can minimize the sum of the cheating probabilities of both parties are found to be trivial, as they are practically useless. We also discuss the possibility of building a fair protocol in which both parties can cheat with equal probabilities.

Need for a gender-sensitive human security framework: results of a quantitative study of human security and sexual violence in Djohong District, Cameroon

PubMed Central

2014-01-01

Background Human security shifts traditional concepts of security from interstate conflict and the absence of war to the security of the individual. Broad definitions of human security include livelihoods and food security, health, psychosocial well-being, enjoyment of civil and political rights and freedom from oppression, and personal safety, in addition to absence of conflict. Methods In March 2010, we undertook a population-based health and livelihood study of female refugees from conflict-affected Central African Republic living in Djohong District, Cameroon and their female counterparts within the Cameroonian host community. Embedded within the survey instrument were indicators of human security derived from the Leaning-Arie model that defined three domains of psychosocial stability suggesting individuals and communities are most stable when their core attachments to home, community and the future are intact. Results While the female refugee human security outcomes describe a population successfully assimilated and thriving in their new environments based on these three domains, the ability of human security indicators to predict the presence or absence of lifetime and six-month sexual violence was inadequate. Using receiver operating characteristic (ROC) analysis, the study demonstrates that common human security indicators do not uncover either lifetime or recent prevalence of sexual violence. Conclusions These data suggest that current gender-blind approaches of describing human security are missing serious threats to the safety of one half of the population and that efforts to develop robust human security indicators should include those that specifically measure violence against women. PMID:24829613

Fundamental quantitative security in quantum key generation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yuen, Horace P.

2010-12-15

We analyze the fundamental security significance of the quantitative criteria on the final generated key K in quantum key generation including the quantum criterion d, the attacker's mutual information on K, and the statistical distance between her distribution on K and the uniform distribution. For operational significance a criterion has to produce a guarantee on the attacker's probability of correctly estimating some portions of K from her measurement, in particular her maximum probability of identifying the whole K. We distinguish between the raw security of K when the attacker just gets at K before it is used in a cryptographicmore » context and its composition security when the attacker may gain further information during its actual use to help get at K. We compare both of these securities of K to those obtainable from conventional key expansion with a symmetric key cipher. It is pointed out that a common belief in the superior security of a quantum generated K is based on an incorrect interpretation of d which cannot be true, and the security significance of d is uncertain. Generally, the quantum key distribution key K has no composition security guarantee and its raw security guarantee from concrete protocols is worse than that of conventional ciphers. Furthermore, for both raw and composition security there is an exponential catch-up problem that would make it difficult to quantitatively improve the security of K in a realistic protocol. Some possible ways to deal with the situation are suggested.« less

Targeted Upregulation of FMRP Expression as an Approach to the Treatment of Fragile X Syndrome

DTIC Science & Technology

2014-08-01

demonstration that such upregulation ameliorates the dysregulation caused by FMRP deficiency. Low FMRP is also found in some patients with autism and...induction, fragile X syndrome, autism , post-traumatic stress disorder (PTSD) 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER...is the most common heritable form of intellectual disability, the most common single-gene form of autism , and a relatively common cause of epilepsy

The Common Risk Model for Dams: A Portfolio Approach to Security Risk Assessments

DTIC Science & Technology

2013-06-01

and threat estimates in a way that accounts for the relationships among these variables. The CRM -D can effectively quantify the benefits of...consequence, vulnerability, and threat estimates in a way that properly accounts for the relationships among these variables. The CRM -D can effectively...Common RiskModel ( CRM ) for evaluating and comparing risks associated with the nation’s critical infrastructure. This model incorporates commonly used risk

DICOM image secure communications with Internet protocols IPv6 and IPv4.

PubMed

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

Relationship between attachment styles and happiness in medical students

PubMed Central

Moghadam, Marzyeh; Rezaei, Farzin; Ghaderi, Ebrahim; Rostamian, Negar

2016-01-01

Background: Attachment theory is one of the most important achievements of contemporary psychology. Role of medical students in the community health is important, so we need to know about the situation of happiness and attachment style in these students. Objectives: This study was aimed to assess the relationship between medical students’ attachment styles and demographic characteristics. Materials and Methods: This cross-sectional study was conducted on randomly selected students of Medical Sciences in Kurdistan University, in 2012. To collect data, Hazan and Shaver's attachment style measure and the Oxford Happiness Questionnaire were used. The results were analyzed using the SPSS software version 16 (IBM, Chicago IL, USA) and statistical analysis was performed via t-test, Chi-square test, and multiple regression tests. Results: Secure attachment style was the most common attachment style and the least common was ambivalent attachment style. Avoidant attachment style was more common among single persons than married people (P = 0.03). No significant relationship was observed between attachment style and gender and grade point average of the studied people. The mean happiness score of students was 62.71. In multivariate analysis, the variables of secure attachment style (P = 0.001), male gender (P = 0.005), and scholar achievement (P = 0.047) were associated with higher happiness score. Conclusion: The most common attachment style was secure attachment style, which can be a positive prognostic factor in medical students, helping them to manage stress. Higher frequency of avoidant attachment style among single persons, compared with married people, is mainly due to their negative attitude toward others and failure to establish and maintain relationships with others. PMID:28217589

Innovative Surveillance and Risk Reduction Systems for Family Maltreatment, Suicidality, and Substance Problems in USAF

DTIC Science & Technology

2005-03-01

prevention, spouse 13 abuse, child abuse , suicide, alcohol, drug abuse 16. PRICE CODE 17. SECURITY CLASSIFICA TION 18. SECURITY CLASSIFICA TION 19...cohesion 9 Triple P Command) • Spouse emotional 0 Depressive 9 Common Sense Parenting abuse symptomatology * Child abuse & neglect e Relationship...and secretive problems Partner Physical Prescr. Illicit Child Abuse Abuse Partner Emo. Abuse Alcohol Drug Drug Suicid- c3-to- Problems Misuse Use ality

Intelligence-Led Risk Management for Homeland Security: A Collaborative Approach for a Common Goal

DTIC Science & Technology

2011-12-01

phases of research into a summary analysis of the risk management policy within the homeland security enterprise. The result of the multi-goal policy ...management and policy decisions with emphasis on social aspects and efforts to support local and regional decision making, and to avoid cascading...independent variables. The second order social and economic effects of terrorism have been largely overlooked so far in accounting for the risk from

Offensive Cybersecurity in the NIST Cybersecurity Framework

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bulyk, Mykhaylo; Evans, Dr. Nathaniel

Government and corporate computer systems are attacked, networks are penetrated by hackers, and enterprises are protected by demilitarized zones. Language that until recently was used to describe security and warfare in military settings has now become common-place in cybersecurity discussions. The concepts of pre-emptive attack, counterattack and offensive defense fit the linguistic cultural thread of security in cyberspace, at least in part due to the taxonomy adopted by cybersecurity as a discipline.

Greek National Security Concerns and the European Union’s Common Foreign and Security Policy: Consensus or Divergence?

DTIC Science & Technology

2011-09-01

Petropoulos and Harry J . Psomiades, Foreign Interference in Greek Politics: An Historical Perspective, vol. II of Modern Greek Research Series, ed... Maxwell Airforce Base, 2002), 13. 48 Ibid. 49 According to this theory, Turkish diplomats claim that several islets, while not explicitly...and Opportunities, vol. VI in Modern Greek Research Series, ed. Van Coufoudakis, Harry J . Psomiades and Andre Gerolymatos (New York: Pella Publishing

Whistleblowing in a Wikileaks World: A Model for Responsible Disclosure in Homeland Security

DTIC Science & Technology

2012-03-01

were revolutionaries, risking their lives to build a free and independent America ; they wanted nothing more than to fight and defeat their British foes...as well as individuals, families, and communities who share a common national interest in the safety and security of America and the American...Historically, significant support for whistleblowers has occurred within Congress and the public. Popular culture has seen the success of films , such as

DOE Office of Scientific and Technical Information (OSTI.GOV)

AISL-CRYPTO is a library of cryptography functions supporting other AISL software. It provides various crypto functions for Common Lisp, including Digital Signature Algorithm, Data Encryption Standard, Secure Hash Algorithm, and public-key cryptography.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

Web vulnerability study of online pharmacy sites.

PubMed

Kuzma, Joanne

2011-01-01

Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers' personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

Addressing the Need for Independence in the CSE Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Ferragut, Erik M; Sheldon, Frederick T

2011-01-01

Abstract Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. Risk assessment is the widely accepted process used to understand, quantify, and document the effects of undesirable events on organizational objectives so that risk management, continuity of operations planning, and contingency planning can be performed. One technique, the Cyberspace Security Econometrics System (CSES), is a methodology for estimating security costs to stakeholders as a function of possible risk postures. In earlier works, we presented a computationalmore » infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain, as a result of security breakdowns. Additional work has applied CSES to specific business cases. The current state-of-the-art of CSES addresses independent events. In typical usage, analysts create matrices that capture their expert opinion, and then use those matrices to quantify costs to stakeholders. This expansion generalizes CSES to the common real-world case where events may be dependent.« less

Password-only authenticated three-party key exchange with provable security in the standard model.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

Reviews on Security Issues and Challenges in Cloud Computing

NASA Astrophysics Data System (ADS)

An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

2016-11-01

Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

PubMed

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

The marginal cost of public funds with an aging population.

PubMed

Wildasin, D E

1991-05-01

"As populations in the United States and other advanced economies grow older, the burden of social security and health care financing is expected to rise markedly. Payroll, income, and other taxes on working populations are projected to rise accordingly. The marginal welfare cost to workers of social security and other public expenditures is analyzed within the context of a two-period life cycle model. By relaxing separability assumptions that have become common in the literature, the theoretical structure properly incorporates the effect of these public expenditures on labor supply. Comparative statics results indicate that changing age structure is likely to raise the marginal welfare to workers of social security, education, and other public expenditures. Illustrative calculations for the United States confirm this result, suggesting that the cost to workers of incremental social security benefits may easily double by 2025-2050." excerpt

Ethics and European security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Paskins, B.

1986-01-01

The alliance between the United States and her NATO partners has been strained severely in the last few years. American perceptions of European disloyalty and European impressions of American assertiveness and lack of judgment have played a large part in generating tensions between the allies and emphasising the new peace movements. This book is an attempt to develop a broader understanding of the problem of European security based on Christian ethics. There are disagreements and differences of emphasis among the contributors but they have in common the view that an exclusive preoccupation with the military dimension is damagingly one-sided. Insteadmore » the contributors argue that moral and theological concerns are a vital part of the politics and mechanics of European security and must be incorporated in any effort to devise new policies for security in Europe and the West.« less

A European Perspective on Security Research

NASA Astrophysics Data System (ADS)

Liem, Khoen; Hiller, Daniel; Castex, Christoph

Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

Multiple Object Based RFID System Using Security Level

NASA Astrophysics Data System (ADS)

Kim, Jiyeon; Jung, Jongjin; Ryu, Ukjae; Ko, Hoon; Joe, Susan; Lee, Yongjun; Kim, Boyeon; Chang, Yunseok; Lee, Kyoonha

2007-12-01

RFID systems are increasingly applied for operational convenience in wide range of industries and individual life. However, it is uneasy for a person to control many tags because common RFID systems have the restriction that a tag used to identify just a single object. In addition, RFID systems can make some serious problems in violation of privacy and security because of their radio frequency communication. In this paper, we propose a multiple object RFID tag which can keep multiple object identifiers for different applications in a same tag. The proposed tag allows simultaneous access for their pair applications. We also propose an authentication protocol for multiple object tag to prevent serious problems of security and privacy in RFID applications. Especially, we focus on efficiency of the authentication protocol by considering security levels of applications. In the proposed protocol, the applications go through different authentication procedures according to security level of the object identifier stored in the tag. We implemented the proposed RFID scheme and made experimental results about efficiency and stability for the scheme.

Securing your Site in Development and Beyond

DOE Office of Scientific and Technical Information (OSTI.GOV)

Akopov, Mikhail S.

Why wait until production deployment, or even staging and testing deployment to identify security vulnerabilities? Using tools like Burp Suite, you can find security vulnerabilities before they creep up on you. Prevent cross-site scripting attacks, and establish a firmer trust between your website and your client. Verify that Apache/Nginx have the correct SSL Ciphers set. We explore using these tools and more to validate proper Apache/Nginx configurations, and to be compliant with modern configuration standards as part of the development cycle. Your clients can use tools like https://securityheaders.io and https://ssllabs.com to get a graded report on your level of compliancemore » with OWASP Secure Headers Project and SSLLabs recommendations. Likewise, you should always use the same sites to validate your configurations. Burp Suite will find common misconfigurations and will also perform more thorough security testing of your applications. In this session you will see examples of vulnerabilities that were detected early on, as well has how to integrate these practices into your daily workflow.« less

A novel approach to quantify cybersecurity for electric power systems

NASA Astrophysics Data System (ADS)

Kaster, Paul R., Jr.

Electric Power grid cybersecurity is a topic gaining increased attention in academia, industry, and government circles, yet a method of quantifying and evaluating a system's security is not yet commonly accepted. In order to be useful, a quantification scheme must be able to accurately reflect the degree to which a system is secure, simply determine the level of security in a system using real-world values, model a wide variety of attacker capabilities, be useful for planning and evaluation, allow a system owner to publish information without compromising the security of the system, and compare relative levels of security between systems. Published attempts at quantifying cybersecurity fail at one or more of these criteria. This document proposes a new method of quantifying cybersecurity that meets those objectives. This dissertation evaluates the current state of cybersecurity research, discusses the criteria mentioned previously, proposes a new quantification scheme, presents an innovative method of modeling cyber attacks, demonstrates that the proposed quantification methodology meets the evaluation criteria, and proposes a line of research for future efforts.

Minimum Requirements for the CUS (Common User Subsystem) Workstation

DTIC Science & Technology

1987-04-20

PAGE -2- / ’ " I& REPORT SECURITY CLASSIFICATION lb RESTRICTIVE MARKINGS Unclassified 2a SECURITY CLASSIFICATION AUTHORITY 3 DISTRMBUTION...CLASSIFICATION UNCLASSIID/UNLIMITED r" SAME AS RPT. [ 3 DTIC USERS Unclassified tNM F RESPONSIBLE INDIVIDUAL 22b TELEPHONE (Include area codi) 22c OFFICE...Summary 1 1. Introduction 3 1.1 Purpose 3 1.2 Scope 3 1.3 Reference 4 2. Background 5 3 . Minimal WIS Workstation Requirements 8 3.1 Overview 8 4. Overview

Strong Password-Based Authentication in TLS Using the Three-PartyGroup Diffie-Hellman Protocol

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abdalla, Michel; Bresson, Emmanuel; Chevassut, Olivier

2006-08-26

The Internet has evolved into a very hostile ecosystem where"phishing'' attacks are common practice. This paper shows that thethree-party group Diffie-Hellman key exchange can help protect againstthese attacks. We have developed a suite of password-based cipher suitesfor the Transport Layer Security (TLS) protocol that are not onlyprovably secure but also assumed to be free from patent and licensingrestrictions based on an analysis of relevant patents in thearea.

Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks

PubMed Central

Moya, José M.; Vallejo, Juan Carlos; Fraga, David; Araujo, Álvaro; Villanueva, Daniel; de Goyeneche, Juan-Mariano

2009-01-01

Security in wireless sensor networks is difficult to achieve because of the resource limitations of the sensor nodes. We propose a trust-based decision framework for wireless sensor networks coupled with a non-deterministic routing protocol. Both provide a mechanism to effectively detect and confine common attacks, and, unlike previous approaches, allow bad reputation feedback to the network. This approach has been extensively simulated, obtaining good results, even for unrealistically complex attack scenarios. PMID:22412345

Future Indonesia-East Timor Relations: An Analysis of the Regional Security Practices in the Cold War and After

DTIC Science & Technology

2001-06-01

reiteration of the most dominant feature of the post-Cold War global order the emergence of ethnic and religious issues as major themes of state and...security. Considerations such as historical roots and legacy, ethnic identities, civilization linkages, colonial experiences, geographic location, and...extremely complex in nature. A common phenomenon during the Cold War was the tendency of the armed forces to intervene when ethnic differences arose. Thus

Inflation Accounting Methods and their Effectiveness

DTIC Science & Technology

1992-06-01

security is measured by the standard deviation of its returns in the past periods and is reflected in the security’ s market price . The Capital Asset Pricing ...purchasing power should be limited to items which are used by an average consumer. Economists tend to perceive the general price level as the cost of living...accounting. Two common measures of business performance are income and rate of return on capital . Since depreciation charges for long-lived assets do

Security Economics and Critical National Infrastructure

NASA Astrophysics Data System (ADS)

Anderson, Ross; Fuloria, Shailendra

There has been considerable effort and expenditure since 9/11 on the protection of ‘Critical National Infrastructure' against online attack. This is commonly interpreted to mean preventing online sabotage against utilities such as electricity,oil and gas, water, and sewage - including pipelines, refineries, generators, storage depots and transport facilities such as tankers and terminals. A consensus is emerging that the protection of such assets is more a matter of business models and regulation - in short, of security economics - than of technology. We describe the problems, and the state of play, in this paper. Industrial control systems operate in a different world from systems previously studied by security economists; we find the same issues (lock-in, externalities, asymmetric information and so on) but in different forms. Lock-in is physical, rather than based on network effects, while the most serious externalities result from correlated failure, whether from cascade failures, common-mode failures or simultaneous attacks. There is also an interesting natural experiment happening, in that the USA is regulating cyber security in the electric power industry, but not in oil and gas, while the UK is not regulating at all but rather encouraging industry's own efforts. Some European governments are intervening, while others are leaving cybersecurity entirely to plant owners to worry about. We already note some perverse effects of the U.S. regulation regime as companies game the system, to the detriment of overall dependability.

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

A framework to enhance security of physically unclonable functions using chaotic circuits

NASA Astrophysics Data System (ADS)

Chen, Lanxiang

2018-05-01

As a new technique for authentication and key generation, physically unclonable function (PUF) has attracted considerable attentions, with extensive research results achieved already. To resist the popular machine learning modeling attacks, a framework to enhance the security of PUFs is proposed. The basic idea is to combine PUFs with a chaotic system of which the response is highly sensitive to initial conditions. For this framework, a specific construction which combines the common arbiter PUF circuit, a converter, and the Chua's circuit is given to implement a more secure PUF. Simulation experiments are presented to further validate the framework. Finally, some practical suggestions for the framework and specific construction are also discussed.

Biosecurity in the age of Big Data: a conversation with the FBI.

PubMed

You, Edward; Kozminski, Keith G

2015-11-05

New scientific frontiers and emerging technologies within the life sciences pose many global challenges to society. Big Data is a premier example, especially with respect to individual, national, and international security. Here a Special Agent of the Federal Bureau of Investigation discusses the security implications of Big Data and the need for security in the life sciences. © 2015 Kozminski. This article is distributed by The American Society for Cell Biology under license from the author(s). Two months after publication it is available to the public under an Attribution–Noncommercial–Share Alike 3.0 Unported Creative Commons License (http://creativecommons.org/licenses/by-nc-sa/3.0).

Environmental Assessment of Construction of Antenna Parts Storage Facility, Upgrade of Perimeter Security Fence, Demolition of Storage Shed, Hawkinsville Air Force Space Surveillance Station, Hawkinsville, Georgia

DTIC Science & Technology

2012-11-01

the most common. Japanese honeysuckle and Chinese tallow are limited to are- as along the fence line, and mimosa was only found in two locations at the...HAWKINSVILLE AFSSS Scientific Name Common Name Albizia julibrissin* mimosa Ampelopsis arborea peppervine Andropogon virginicus broomsedge bluestem

High-Performance Single-Photon Sources via Spatial Multiplexing

DTIC Science & Technology

2014-01-01

ingredient for tasks such as quantum cryptography , quantum repeater, quantum teleportation, quantum computing, and truly-random number generation. Recently...SECURITY CLASSIFICATION OF: Single photons sources are desired for many potential quantum information applications. One common method to produce...photons sources are desired for many potential quantum information applications. One common method to produce single photons is based on a “heralding

78 FR 60348 - Self-Regulatory Organizations; Miami International Securities Exchange LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-01

... applicant must: (i) Be a Member in good standing of MIAX; (ii) qualify as an ``accredited investor'' as such... each unit (i) 101,695 shares of MIH common stock and (ii) warrants to purchase 2,182,639 shares of common stock of MIH in exchange for such participant Member's initial cash capital contribution of $508...

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

PubMed Central

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

2015-01-01

Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff. PMID:26618034

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

PubMed

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

2015-10-01

Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

Environmental Impact Research Program. Common Chokecherry (Prunus virginiana). Section 7.5.4, US Army Corps of Engineers Wildlife Resources Management Manual.

DTIC Science & Technology

1986-07-01

0sl.oApos - 943- 3’% ENVIRONMENTAL IMPACT RESEARCH PROGRAM 2 w T[CHNICAL HFPOfz1 EL P36 36 COMMON CHOKECHERRY (Prunus virginiana ) Section 7.5.4...ACCESSION NO Washington, DC 20314-1000 EIRP 31631 11 TITLE (Include Security Classification) Common Chokecherry (Prunus virginiana ): Section 7.5.4, US...Continue on reverse if necessary and identify by block number) FIELD GROUP SUB-GROUP Chokecherry Prunus virginiana Rosaceae Plant materials Habitat

Sensing systems efficiency evaluation and comparison for homeland security and homeland defense

NASA Astrophysics Data System (ADS)

Pakhomov, Alexander A.

2010-04-01

Designers and consumers of various security, intelligence, surveillance and reconnaissance (ISR) systems as well as various unattended ground sensors pay most attention to their commonly used performance characteristics such as probability of a target detection and probability of a false alarm. These characteristics are used for systems comparison and evaluation. However, it is not enough for end-users of these systems as well as for their total/final effectiveness assessment. This article presents and discusses a system approach to an efficiency estimation of the security and ISR systems. Presented approach aims at final result of the system's function and use. It allows setting up reasonable technical and structural requirements for the security and ISR systems, to make trustworthy comparison and practical application planning of such systems. It also allows finding forward-looking, perspective ways of systems development. Presented results can be guidance to both designers and consumers.

System Requirement Analyses for Ubiquitous Environment Management System

NASA Astrophysics Data System (ADS)

Lim, Sang Boem; Gil, Kyung Jun; Choe, Ho Rim; Eo, Yang Dam

We are living in new stage of society. U-City introduces new paradigm that cannot be archived in traditional city to future city. Korea is one of the most active countries to construct U-City based on advances of IT technologies - especially based on high-speed network through out country [1]. Peoples are realizing ubiquitous service is key factor of success of U-City. Among the U-services, U-security service is one of the most important services. Nowadays we have to concern about traditional threat and also personal information. Since apartment complex is the most common residence type in Korea. We are developing security rules and system based on analyses of apartment complex and assert of apartment complex. Based on these analyses, we are developing apartment complex security using various technologies including home network system. We also will discuss basic home network security architecture.

The Talking Cure of Avoidant Personality Disorder: Remission through Earned-Secure Attachment.

PubMed

Guina, Jeffrey

The concept of earned security is important and has significant implications for psychotherapy. Understanding how individuals with insecure attachment styles can develop secure attachment styles through reparative relationships, such as the therapeutic relationship, can assist psychotherapists in helping patients to overcome the effects of early negative life experiences. Personality disorders are commonly associated with negative experiences, such as abuse, neglect, and other empathic failures. These disorders are particularly difficult to treat because of their pervasive nature and the resultant defense mechanisms that often thwart psychotherapy. However, an understanding of the role that attachment can play in the etiology, symptomatology, and treatment of psychopathology can greatly enhance the therapeutic process. This case report describes the long-term psychodynamic psychotherapy of a woman with a history of childhood trauma, avoidant attachment style, and avoidant personality disorder. Through the therapeutic relationship, she developed a secure attachment, and her symptoms remitted, and her life drastically improved.

El Salvador and Guatemala: Security Sector Reform and Political Party System Effects on Organized Crime

DTIC Science & Technology

2009-06-01

violence_injury_prevention/violence/national_activities/gtm/ en /index.html (accessed December 03, 2008). 2 Overseas Security Advisory Council, "San Salvador, El Salvador... deportation as key causes of crime in both countries. 11 It is commonly noted that, “Guatemala and El Salvador are internationally among the most...activity in both countries provide evidence that U.S. deportation policy may indeed be a major contributor to the increase in gang activity in both El

European Security and Defense Policy (ESDP) After Ten Years - Current Situation and Perspectives

DTIC Science & Technology

2010-01-01

SUPPLEMENTARY NOTES 12a. DISTRIBUTION / AVAILABILITY STATEMENT 12b. DISTRIBUTION CODE 13 . ABSTRACT After ten years the ESDP has reached an important...premier_ministre/2008/11- novembre /16­ juncker/index.html - accessed 14 September 2009. 2 Javier Solana, “Preface,” in: What Ambitions for European Defense in...security of the Union, including the eventual framing of a common defense policy ….” 13 First and foremost the Treaty required member nations to build

Military Activities in the EEZ: A U.S.-China Dialogue on Security and International Law in the Maritime Commons (China Maritime Study, Number 7)

DTIC Science & Technology

2010-12-01

people, and governance; that no one nation has the resources required to provide safety and security throughout the entire maritime domain, for...enhancing the safety of navigation); military activities, including military marine data collection; environmental monitoring and assessment of marine...hydrographic survey is generally defined as the “obtaining of information for the making of navigational charts and safety of navigation.”22 It has

Security Assistance: Evaluations Needed to Determine Effectiveness of U.S. Aid to Lebanon’s Security Forces

DTIC Science & Technology

2013-03-01

5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES...meet conditions on the ground, according to U.S. officials. For example , the Department of State (State) delayed committing Foreign Military...agencies measure program performance. For example , GAO found in 2011 that the IMET program evaluation efforts had few of the elements commonly

Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

DTIC Science & Technology

2002-03-22

may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

In Support of the Common Defense: A Homeland Defense and Security Journal. Volume 2

DTIC Science & Technology

2013-06-01

out in our minds, it is worth remembering historic actions taken by the Army in support of civil authorities in cases like the Mississippi River...controlled by the state governor, who in most cases , places them on State Active Duty (SAD) for response. The CSTs are the only unit in the Guard...disseminate this classified information. There are reported cases where the FBI did not accept DHS security clearances; and others where DHS required

Telerehabilitation store and forward applications: a review of applications and privacy considerations in physical and occupational therapy practice.

PubMed

Peterson, Christopher; Watzlaf, Valerie

2014-01-01

An overview of store and forward applications commonly used in physical and occupational therapy practice is reviewed with respect to regulation, privacy, security, and clinical applications. A privacy and security checklist provides a clear reference of pertinent regulatory issues regarding these software applications. A case study format is used to highlight clinical applications of store and forward software features. Important considerations of successful implementation of store and forward applications are also identified and discussed.

Muscle Cramp - A Common Pain

MedlinePlus

... this site from a secured browser on the server. Please enable scripts and reload this page. Physicians ... Media Center The DO JAOA AOA Health Watch Professional Development AOA Board Certification Continuing Medical Education Research ...

10 CFR 50.12 - Specific exemptions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... consistent with the common defense and security. (2) The Commission will not consider granting an exemption... made good faith efforts to comply with the regulation; or (vi) There is present any other material...

Urbanization, Extreme Climate Hazards and Food, Energy Water Security

NASA Astrophysics Data System (ADS)

Romero-Lankao, P.; Davidson, D.; McPhearson, T.

2016-12-01

Research is urgently needed that incorporates the interconnected nature of three critical resources supporting our cities: food, energy and water. Cities are increasing demands for food, water and energy resources that in turn stress resource supplies, creating risks of negative impacts to human and ecological wellbeing. Simultaneously, shifts in climatic conditions, including extremes such as floods, heat, and droughts, threaten the sustainable availability of adequate quantities and qualities of food, energy and water (FEW) resources needed for resilient cities and ecosystems. These resource flows cannot be treated in isolation simply because they are interconnected: shifts in food, energy or water dynamics in turn affect the others, affecting the security of the whole - i.e., FEW nexus security. We present a framework to examine the dynamic interactions of urbanization, FEW nexus security and extreme hazard risks, with two overarching research questions: Do existing and emerging actions intended to enhance a population's food, water and energy security have the capacity to ensure FEW nexus security in the face of changing climate and urban development conditions? Can we identify a common set of social, ecological and technological conditions across a diversity of urban-regions that support the emergence of innovations that can lead to structural transformations for FEW nexus security?

Coordinating UAV information for executing national security-oriented collaboration

NASA Astrophysics Data System (ADS)

Isenor, Anthony W.; Allard, Yannick; Lapinski, Anna-Liesa S.; Demers, Hugues; Radulescu, Dan

2014-10-01

Unmanned Aerial Vehicles (UAVs) are being used by numerous nations for defence-related missions. In some cases, the UAV is considered a cost-effective means to acquire data such as imagery over a location or object. Considering Canada's geographic expanse, UAVs are also being suggested as a potential platform for use in surveillance of remote areas, such as northern Canada. However, such activities are typically associated with security as opposed to defence. The use of a defence platform for security activities introduces the issue of information exchange between the defence and security communities and their software applications. This paper explores the flow of information from the system used by the UAVs employed by the Royal Canadian Navy. Multiple computers are setup, each with the information system used by the UAVs, including appropriate communication between the systems. Simulated data that may be expected from a typical maritime UAV mission is then fed into the information system. The information structures common to the Canadian security community are then used to store and transfer the simulated data. The resulting data flow from the defence-oriented UAV system to the security-oriented information structure is then displayed using an open source geospatial application. Use of the information structures and applications relevant to the security community avoids the distribution restrictions often associated with defence-specific applications.

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

PubMed Central

Lee, Tian-Fu; Wang, Zeng-Bo

2017-01-01

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions. PMID:29207509

Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Obaidat, Mohammad S

2015-11-01

In order to access remote medical server, generally the patients utilize smart card to login to the server. It has been observed that most of the user (patient) authentication protocols suffer from smart card stolen attack that means the attacker can mount several common attacks after extracting smart card information. Recently, Lu et al.'s proposes a session key agreement protocol between the patient and remote medical server and claims that the same protocol is secure against relevant security attacks. However, this paper presents several security attacks on Lu et al.'s protocol such as identity trace attack, new smart card issue attack, patient impersonation attack and medical server impersonation attack. In order to fix the mentioned security pitfalls including smart card stolen attack, this paper proposes an efficient remote mutual authentication protocol using smart card. We have then simulated the proposed protocol using widely-accepted AVISPA simulation tool whose results make certain that the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. Moreover, the rigorous security analysis proves that the proposed protocol provides strong security protection on the relevant security attacks including smart card stolen attack. We compare the proposed scheme with several related schemes in terms of computation cost and communication cost as well as security functionalities. It has been observed that the proposed scheme is comparatively better than related existing schemes.

SCODE: A Secure Coordination-Based Data Dissemination to Mobile Sinks in Sensor Networks

NASA Astrophysics Data System (ADS)

Hung, Lexuan; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

For many sensor network applications such as military, homeland security, it is necessary for users (sinks) to access sensor networks while they are moving. However, sink mobility brings new challenges to secure routing in large-scale sensor networks. Mobile sinks have to constantly propagate their current location to all nodes, and these nodes need to exchange messages with each other so that the sensor network can establish and maintain a secure multi-hop path between a source node and a mobile sink. This causes significant computation and communication overhead for sensor nodes. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. In this paper, we propose a secure and energy-efficient data dissemination protocol — Secure COodination-based Data dissEmination (SCODE) — for mobile sinks in sensor networks. We take advantages of coordination networks (grid structure) based on Geographical Adaptive Fidelity (GAF) protocol to construct a secure and efficient routing path between sources and sinks. Our security analysis demonstrates that the proposed protocol can defend against common attacks in sensor network routing such as replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Our performance evaluation both in mathematical analysis and simulation shows that the SCODE significantly reduces communication overhead and energy consumption while the latency is similar compared with the existing routing protocols, and it always delivers more than 90 percentage of packets successfully.

Information-Pooling Bias in Collaborative Security Incident Correlation Analysis.

PubMed

Rajivan, Prashanth; Cooke, Nancy J

2018-03-01

Incident correlation is a vital step in the cybersecurity threat detection process. This article presents research on the effect of group-level information-pooling bias on collaborative incident correlation analysis in a synthetic task environment. Past research has shown that uneven information distribution biases people to share information that is known to most team members and prevents them from sharing any unique information available with them. The effect of such biases on security team collaborations are largely unknown. Thirty 3-person teams performed two threat detection missions involving information sharing and correlating security incidents. Incidents were predistributed to each person in the team based on the hidden profile paradigm. Participant teams, randomly assigned to three experimental groups, used different collaboration aids during Mission 2. Communication analysis revealed that participant teams were 3 times more likely to discuss security incidents commonly known to the majority. Unaided team collaboration was inefficient in finding associations between security incidents uniquely available to each member of the team. Visualizations that augment perceptual processing and recognition memory were found to mitigate the bias. The data suggest that (a) security analyst teams, when conducting collaborative correlation analysis, could be inefficient in pooling unique information from their peers; (b) employing off-the-shelf collaboration tools in cybersecurity defense environments is inadequate; and (c) collaborative security visualization tools developed considering the human cognitive limitations of security analysts is necessary. Potential applications of this research include development of team training procedures and collaboration tool development for security analysts.

Advancing the science of forensic data management

NASA Astrophysics Data System (ADS)

Naughton, Timothy S.

2002-07-01

Many individual elements comprise a typical forensics process. Collecting evidence, analyzing it, and using results to draw conclusions are all mutually distinct endeavors. Different physical locations and personnel are involved, juxtaposed against an acute need for security and data integrity. Using digital technologies and the Internet's ubiquity, these diverse elements can be conjoined using digital data as the common element. This result is a new data management process that can be applied to serve all elements of the community. The first step is recognition of a forensics lifecycle. Evidence gathering, analysis, storage, and use in legal proceedings are actually just distinct parts of a single end-to-end process, and thus, it is hypothesized that a single data system that can also accommodate each constituent phase using common network and security protocols. This paper introduces the idea of web-based Central Data Repository. Its cornerstone is anywhere, anytime Internet upload, viewing, and report distribution. Archives exist indefinitely after being created, and high-strength security and encryption protect data and ensure subsequent case file additions do not violate chain-of-custody or other handling provisions. Several legal precedents have been established for using digital information in courts of law, and in fact, effective prosecution of cyber crimes absolutely relies on its use. An example is a US Department of Agriculture division's use of digital images to back up its inspection process, with pictures and information retained on secure servers to enforce the Perishable Agricultural Commodities Act. Forensics is a cumulative process. Secure, web-based data management solutions, such as the Central Data Repository postulated here, can support each process step. Logically marrying digital technologies with Internet accessibility should help nurture a thought process to explore alternatives that make forensics data accessible to authorized individuals, whenever and wherever they need it.

Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

PubMed Central

Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

26 CFR 1.7476-1 - Interested parties.

Code of Federal Regulations, 2010 CFR

2010-04-01

... the employer is a member of a parent-subsidiary group of trades or businesses under common control... those benefits provided under the Social Security Act or a similar program, and if such integration...

Endoscopic Dacrocystorhinostomy in Lacrimal Canalicular Trauma

PubMed Central

Khan, Humayun A; Bayat, Aredeshir; De Carpentier, JP

2007-01-01

A case is presented where the common insertion of the upper and lower canaliculus of the lacrimal sac was repaired using endoscopic dacrocystorhinostomy (DCR) techniques, with silicone stenting and securing of stents intranasally. PMID:17316509

Common-signal-induced synchronization in photonic integrated circuits and its application to secure key distribution.

PubMed

Sasaki, Takuma; Kakesu, Izumi; Mitsui, Yusuke; Rontani, Damien; Uchida, Atsushi; Sunada, Satoshi; Yoshimura, Kazuyuki; Inubushi, Masanobu

2017-10-16

We experimentally achieve common-signal-induced synchronization in two photonic integrated circuits with short external cavities driven by a constant-amplitude random-phase light. The degree of synchronization can be controlled by changing the optical feedback phase of the two photonic integrated circuits. The change in the optical feedback phase leads to a significant redistribution of the spectral energy of optical and RF spectra, which is a unique characteristic of PICs with the short external cavity. The matching of the RF and optical spectra is necessary to achieve synchronization between the two PICs, and stable synchronization can be obtained over an hour in the presence of optical feedback. We succeed in generating information-theoretic secure keys and achieving the final key generation rate of 184 kb/s using the PICs.

Access Control of Web- and Java-Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

Principles of Strategic Communication for a New Global Commons

DTIC Science & Technology

2008-06-06

to help realize these ends and objectives, however, requires the USG to inculcate these principles into their strategies and plans (ends), resource...principles into their strategies and plans (ends), adequately resource the needed capabilities (ways), and use their methods (means) that can best achieve...Communication Commons and National Security Planning Process 75 Chart 5 Attention-Action Cycle 76 Chart 6 Continuum of Expectation

The Secure Distributed Operating System Design Project

DTIC Science & Technology

1988-06-01

a di- verse group of people . Its organization isolates different aspects of the project, such as expected results, preliminary results, and technical...modeled after these procedures. " Automation: computers are commonly used to automate tasks previously performed by people ; many of these tasks are... people commonly con- sidered the threats anticipated to the system and mechanisms that are used to prevent those threats. Both hardware and software

Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chevassut, Olivier; Milner, Joseph; Pointcheval, David

2008-04-21

The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on anmore » analysis of relevant patents in the area.« less

Securing food from field to table: what can we do?

PubMed

Li, Duo; Wahlqvist, Mark L

2011-01-01

Food security has emerged as one of the most pressing socio-economic and health issues of our time. While the formal processes of international and national governance are short-changing the need for action, an increasing number of professional science-based organisations are rallying to reduce the presence and risks of food insecurity. Examples are the Food in Health Security Network (FIHS) for the Asia Pacific region and the 'Healthy Agriculture, Healthy Nutrition, Healthy People’ initiative of the World Council on Genetics, Nutrition and Fitness for Health. The common denominator is the threat to ecosytems which are intrinsic to food and health systems. To increase their prospects for sustainability and health promotion, coordinated partnerships between agriculture and health as well as other sectors are imperative.

Building organisational cyber resilience: A strategic knowledge-based view of cyber security management.

PubMed

Ferdinand, Jason

The concept of cyber resilience has emerged in recent years in response to the recognition that cyber security is more than just risk management. Cyber resilience is the goal of organisations, institutions and governments across the world and yet the emerging literature is somewhat fragmented due to the lack of a common approach to the subject. This limits the possibility of effective collaboration across public, private and governmental actors in their efforts to build and maintain cyber resilience. In response to this limitation, and to calls for a more strategically focused approach, this paper offers a knowledge-based view of cyber security management that explains how an organisation can build, assess, and maintain cyber resilience.

Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research

NASA Astrophysics Data System (ADS)

Johnsen, Stig; Skramstad, Torbjorn; Hagen, Janne

This paper discusses the results of a questionnaire-based survey used to assess the safety, security and resilience of information and communications technology (ICT) and supervisory control and data acquisition (SCADA) systems used in the Norwegian oil and gas industry. The survey identifies several challenges, including the involvement of professionals with different backgrounds and expertise, lack of common risk perceptions, inadequate testing and integration of ICT and SCADA systems, poor information sharing related to undesirable incidents and lack of resilience in the design of technical systems. Action research is proposed as a process for addressing these challenges in a systematic manner and helping enhance the safety, security and resilience of ICT and SCADA systems used in oil and gas operations.

Sandia SCADA Program -- High Surety SCADA LDRD Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

CARLSON, ROLF E.

2002-04-01

Supervisory Control and Data Acquisition (SCADA) systems are a part of the nation's critical infrastructure that is especially vulnerable to attack or disruption. Sandia National Laboratories is developing a high-security SCADA specification to increase the national security posture of the U.S. Because SCADA security is an international problem and is shaped by foreign and multinational interests, Sandia is working to develop a standards-based solution through committees such as the IEC TC 57 WG 15, the IEEE Substation Committee, and the IEEE P1547-related activity on communications and controls. The accepted standards are anticipated to take the form of a Common Criteriamore » Protection Profile. This report provides the status of work completed and discusses several challenges ahead.« less

Developing a Science Commons for Geosciences

NASA Astrophysics Data System (ADS)

Lenhardt, W. C.; Lander, H.

2016-12-01

Many scientific communities, recognizing the research possibilities inherent in data sets, have created domain specific archives such as the Incorporated Research Institutions for Seismology (iris.edu) and ClinicalTrials.gov. Though this is an important step forward, most scientists, including geoscientists, also use a variety of software tools and at least some amount of computation to conduct their research. While the archives make it simpler for scientists to locate the required data, provisioning disk space, compute resources, and network bandwidth can still require significant efforts. This challenge exists despite the wealth of resources available to researchers, namely lab IT resources, institutional IT resources, national compute resources (XSEDE, OSG), private clouds, public clouds, and the development of cyberinfrastructure technologies meant to facilitate use of those resources. Further tasks include obtaining and installing required tools for analysis and visualization. If the research effort is a collaboration or involves certain types of data, then the partners may well have additional non-scientific tasks such as securing the data and developing secure sharing methods for the data. These requirements motivate our investigations into the "Science Commons". This paper will present a working definition of a science commons, compare and contrast examples of existing science commons, and describe a project based at RENCI to implement a science commons for risk analytics. We will then explore what a similar tool might look like for the geosciences.

Trends in Research on the Security of Medical Information in Korea: Focused on Information Privacy Security in Hospitals.

PubMed

Kim, Yong-Woon; Cho, Namin; Jang, Hye-Jung

2018-01-01

Information technology involves a risk of privacy violation in providing easy access to confidential information,such as personal information and medical information through the Internet. In this study, we investigated medical information security to gain a better understanding of trends in research related to medical information security. We researched papers published on '의료정보' and 'medical information' in various Korean journals during a 10-year period from 2005 to 2015. We also analyzed these journal papers for each fiscal year; these papers were categorized into the areas of literature research and empirical research, and were further subdivided according to themes and subjects. It was confirmed that 48 papers were submitted to 35 academic journals. There were 33 (68.8%) literature review articles, and analysis of secondary data was not carried out at all. In terms of empirical research, 8 (16.7%) surveys and 7 (14.6%) program developments were studied. As a result of analyzing these papers according to the research theme by research method, 17 (35.4%) papers on laws, systems, and policies were the most numerous. It was found that among the literature research papers on medical personnel were the most common, and among the empirical research papers, research on experts in information protection and medical personnel were the most common. We suggest that further research should be done in terms of social perception, human resource development, and technology development to improve risk management in medical information systems.

Digital Photograph Security: What Plastic Surgeons Need to Know.

PubMed

Thomas, Virginia A; Rugeley, Patricia B; Lau, Frank H

2015-11-01

Sharing and storing digital patient photographs occur daily in plastic surgery. Two major risks associated with the practice, data theft and Health Insurance Portability and Accountability Act (HIPAA) violations, have been dramatically amplified by high-speed data connections and digital camera ubiquity. The authors review what plastic surgeons need to know to mitigate those risks and provide recommendations for implementing an ideal, HIPAA-compliant solution for plastic surgeons' digital photography needs: smartphones and cloud storage. Through informal discussions with plastic surgeons, the authors identified the most common photograph sharing and storage methods. For each method, a literature search was performed to identify the risks of data theft and HIPAA violations. HIPAA violation risks were confirmed by the second author (P.B.R.), a compliance liaison and privacy officer. A comprehensive review of HIPAA-compliant cloud storage services was performed. When possible, informal interviews with cloud storage services representatives were conducted. The most common sharing and storage methods are not HIPAA compliant, and several are prone to data theft. The authors' review of cloud storage services identified six HIPAA-compliant vendors that have strong to excellent security protocols and policies. These options are reasonably priced. Digital photography and technological advances offer major benefits to plastic surgeons but are not without risks. A proper understanding of data security and HIPAA regulations needs to be applied to these technologies to safely capture their benefits. Cloud storage services offer efficient photograph sharing and storage with layers of security to ensure HIPAA compliance and mitigate data theft risk.

Secure steganography designed for mobile platforms

NASA Astrophysics Data System (ADS)

Agaian, Sos S.; Cherukuri, Ravindranath; Sifuentes, Ronnie R.

2006-05-01

Adaptive steganography, an intelligent approach to message hiding, integrated with matrix encoding and pn-sequences serves as a promising resolution to recent security assurance concerns. Incorporating the above data hiding concepts with established cryptographic protocols in wireless communication would greatly increase the security and privacy of transmitting sensitive information. We present an algorithm which will address the following problems: 1) low embedding capacity in mobile devices due to fixed image dimensions and memory constraints, 2) compatibility between mobile and land based desktop computers, and 3) detection of stego images by widely available steganalysis software [1-3]. Consistent with the smaller available memory, processor capabilities, and limited resolution associated with mobile devices, we propose a more magnified approach to steganography by focusing adaptive efforts at the pixel level. This deeper method, in comparison to the block processing techniques commonly found in existing adaptive methods, allows an increase in capacity while still offering a desired level of security. Based on computer simulations using high resolution, natural imagery and mobile device captured images, comparisons show that the proposed method securely allows an increased amount of embedding capacity but still avoids detection by varying steganalysis techniques.

'You fix my community, you have fixed my life': the disruption and rebuilding of ontological security in New Orleans.

PubMed

Hawkins, Robert L; Maurer, Katherine

2011-01-01

Using the concept of ontological security, this paper examines the physical and psychological loss of home and community following Hurricane Katrina. This qualitative longitudinal study includes 40 heads of households with school-age children who lived in New Orleans during Hurricane Katrina. Participants describe a breakdown in their social fabric at the individual and structural/community levels that contributes to a sense of community loss and social displacement, disrupting their ontological security--their notion of safety, routine and trust in a stable environment. Three interrelated reactions were common: 1) experiencing nostalgia for their old neighbourhoods specifically and New Orleans in general; 2) experiencing a sense of loss of people and things that represented a level of security or constancy; 3) initiation of a process for re-establishing ontological security whether or not they returned to New Orleans. The paper concludes that intangible losses have an important psychological effect on community redevelopment and recovery from trauma. © 2011 The Author(s). Disasters © Overseas Development Institute, 2011.

FEMA Common Sense and Cost Effectiveness Act of 2011

THOMAS, 112th Congress

Sen. Hoeven, John [R-ND

2011-05-26

Senate - 05/26/2011 Read twice and referred to the Committee on Homeland Security and Governmental Affairs. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

Hope: A Panacea Unrecognized

PubMed Central

Obayuwana, Alphonsus O.

1980-01-01

This paper identifies stress as a common and constant irritation to human homeostasis, evaluates the role of hope in the maintenance of health, and recommends a method of anticipatory care for securing optimum health for mankind. PMID:7373668

75 FR 81249 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-27

...: By name, Social Security Number (SSN), and/or date of birth. Safeguards: System login is accomplished by DoD Common Access Card (CAC). Public Key Infrastructure (PKI) network login is required and allows...

The Seven Deadly Sins of Online Microcomputing.

ERIC Educational Resources Information Center

King, Alan

1989-01-01

Offers suggestions for avoiding common errors in online microcomputer use. Areas discussed include learning the basics; hardware protection; backup options; hard disk organization; software selection; file security; and the use of dedicated communications lines. (CLB)

How to secure the connection between thoracostomy tube and drainage system?

PubMed

Li, Ka Ki Pat; Wong, Kit Shing John; Wong, Yau Hang Henry; Cheng, Ka Lok; So, Fung Ling; Lau, Chu Leung; Kam, Chak Wah

2014-01-01

Thoracostomy tube insertion is one of the common bedside procedures in emergency medicine and many acute specialties. Dislodgement of thoracostomy tube from the connection tube of chest drainage system is an important problem with potential complications such as contamination, infection and pneumothorax. Besides, mere loosening can also lead to malfunction. It is a common practice to tape the connection of the system. This study aimed to evaluate the materials and methods of connection of chest drain system to minimize drainage dislodgement. We conducted an experimental study to assess the tightness of the connection with various taping materials and methods. We selected three commonly used adhesive materials (3M™ Transpore™ Medical tape, 3M™ Micropore™ Medical tape, 3M™ Soft Cloth Tape on Liner) and three different methods (cross method, straight method, nylon band) to secure the junction between the thoracostomy tube and the bi-conical adaptor in the drainage system. The measured outcome was the weight causing visible loosening of the junction between thoracotomy tube and the adaptor. For each taping material and taping method, 10 trials were performed. The median weight required to disconnect the junction is 26.22 lb for Transpore™, 31.29 lb for Micropore™ and 32.44 lb for Soft Cloth Tape on Liner. A smaller force was required to disconnect if Transpore™ is used (P<0.001). There was no statistical significant difference between Micropore™ and Soft Cloth Tape on Liner (P=0.98). The median disconnecting force is 32.44 lb for straight taping method, 40.55 lb for cross taping method and 21.15 lb for plastic band. The cross-taping method was the more secure method (P<0.0001 when compared with plastic band) (P=0.033 when compared with straight method). Cross-taping is the most secure method among the tested varieties in connecting the thoracostomy tube to the chest drainage system. Transpore™ is not a recommended material for thoracostomy tube taping.

Security and privacy qualities of medical devices: an analysis of FDA postmarket surveillance.

PubMed

Kramer, Daniel B; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R

2012-01-01

Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients' stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware.

Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance

PubMed Central

Kramer, Daniel B.; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R.

2012-01-01

Background Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware. PMID:22829874

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

NASA Astrophysics Data System (ADS)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

CrossTalk: The Journal of Defense Software Engineering. Volume 23, Number 2, March/April 2010

DTIC Science & Technology

2010-04-01

SDLC phase. 4. Developing secure software depends on understanding the operational con- text in which it will be used. This con- text includes... its development . BSI leverages the Common Weakness Enumeration (CWE) and the Common Attack Pattern Enumeration and Classification (CAPEC) efforts. To...system integrators providing sys- tems (both IT and warfighting) to the Concept Refinement Technology Development System Development and

MNE7 Access to the Global Commons Outcome 3 Cyber Domain. Objective 3.5 Cyber Situational Awareness. Concept of Employment for Cyber Situational Awareness Within the Global Commons Version 1.0

DTIC Science & Technology

2013-02-25

such as authentication , protocols, and ‘signature’ management exist but the imposition of such techniques must be balan 15p the legal requirements...gulation, mation face onflicting pressures to keep this data secure and yet allow access by authorised users. in the sharing network should be

Energy Drink vs. Coffee: The Effects on Levels of Alertness in Fatigued Individuals

DTIC Science & Technology

2013-06-01

during a flight. A prevalent fatigue countermeasure is the use of caffeine as a stimulant. Caffeine is commonly found in coffee , soft drinks, tea, gum...TERMS Fatigue, alertness, stimulant, caffeine , energy drinks, coffee , aviation 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT...flight. A prevalent fatigue countermeasure is the use of caffeine as a stimulant. Caffeine is commonly found in coffee , soft drinks, tea, gum

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

PubMed Central

Hu, Hequn; Liao, Xuewen

2017-01-01

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission (PSST), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. PSST is analyzed for the proposed secure schemes, and the closed form expressions of PSST for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better PSST than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar PSST, the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations. PMID:28869540

Human Purposive Movement Theory

DTIC Science & Technology

2012-03-01

theory and provides examples of developmental and operational technologies that could use this theory in common settings. 15. SUBJECT TERMS human ... activity , prediction of behavior, human algorithms purposive movement theory 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18

Best Way to Get Rid of Used Needles and Other Sharps

MedlinePlus

... other options are not available. If traveling by plane, check the Transportation Security Administration (TSA) website for ... be thrown away in the common trash. Additional Consumer Information How to Get Rid of a Sharps ...

47 CFR 54.519 - State telecommunications networks.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 47 Telecommunication 3 2014-10-01 2014-10-01 false State telecommunications networks. 54.519 Section 54.519 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES... telecommunications networks. (a) Telecommunications services. State telecommunications networks may secure discounts...

47 CFR 54.519 - State telecommunications networks.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 47 Telecommunication 3 2012-10-01 2012-10-01 false State telecommunications networks. 54.519 Section 54.519 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES... telecommunications networks. (a) Telecommunications services. State telecommunications networks may secure discounts...

47 CFR 54.519 - State telecommunications networks.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 47 Telecommunication 3 2013-10-01 2013-10-01 false State telecommunications networks. 54.519 Section 54.519 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES... telecommunications networks. (a) Telecommunications services. State telecommunications networks may secure discounts...

The perfect heist :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lafleur, Jarret Marshall; Purvis, Liston Keith; Roesler, Alexander William

2014-04-01

Of the many facets of the criminal world, few have captured societys fascination as has that of high stakes robbery. The combination of meticulousness, cunning, and audacity required to execute a real-life Oceans Eleven may be uncommon among criminals, but fortunately it is common enough to extract a wealth of lessons for the protection of high-value assets. To assist in informing the analyses and decisions of security professionals, this paper surveys 23 sophisticated and high-value heists that have occurred or been attempted around the world, particularly over the past three decades. The results, compiled in a Heist Methods and Characteristicsmore » Database, have been analyzed qualitatively and quantitatively, with the goals of both identifying common characteristics and characterizing the range and diversity of criminal methods used. The analysis is focused in six areas: (1) Defeated Security Measures and Devices, (2) Deception Methods, (3) Timing, (4) Weapons, (5) Resources, and (6) Insiders.« less

Cryptographic salting for security enhancement of double random phase encryption schemes

NASA Astrophysics Data System (ADS)

Velez Zea, Alejandro; Fredy Barrera, John; Torroba, Roberto

2017-10-01

Security in optical encryption techniques is a subject of great importance, especially in light of recent reports of successful attacks. We propose a new procedure to reinforce the ciphertexts generated in double random phase encrypting experimental setups. This ciphertext is protected by multiplexing with a ‘salt’ ciphertext coded with the same setup. We present an experimental implementation of the ‘salting’ technique. Thereafter, we analyze the resistance of the ‘salted’ ciphertext under some of the commonly known attacks reported in the literature, demonstrating the validity of our proposal.

Maternal secure-base scripts and children's attachment security in an adopted sample.

PubMed

Veríssimo, Manuela; Salvaterra, Fernanda

2006-09-01

Studies of families with adopted children are of special interest to attachment theorists because they afford opportunities to probe assumptions of attachment theory with regard to the developmental timing of interactions necessary to form primary attachments and also with regard to effects of shared genes on child attachment quality. In Bowlby's model, attachment-relevant behaviors and interactions are observable from the moment of birth, but for adoptive families, these interactions cannot begin until the child enters the family, sometimes several months or even years post-partum. Furthermore, because adoptive parents and adopted children do not usually share genes by common descent, any correspondence between attachment representations of the parent and secure base behavior of the child must arise as a consequence of dyadic interaction histories. The objectives of this study were to evaluate whether the child's age at the time of adoption or at the time of attachment assessment predicted child attachment security in adoptive families and also whether the adoptive mother's internal attachment representation predicted the child's attachment security. The participants were 106 mother - child dyads selected from the 406 adoptions carried out through the Lisbon Department of Adoption Services over a period of 3 years. The Attachment Behavior Q-Set (AQS; Waters, 1995) was used to assess secure base behavior and an attachment script representation task was used to assess the maternal attachment representations. Neither child's age at the time of adoption, nor age of the child at assessment significantly predicted the AQS security score; however, scores reflecting the presence and quality of maternal secure base scripts did predict AQS security. These findings support the notion that the transmission of attachment security across generations involves mutual exchanges and learning by the child and that the exchanges leading to secure attachment need not begin at birth. These results complement the findings and conceptual arguments offered by Bowlby and Ainsworth concerning the critical influence of maternal representations of attachment to the quality of attachment security in children.

A security vulnerabilities assessment tool for interim storage facilities of low-level radioactive wastes.

PubMed

Bible, J; Emery, R J; Williams, T; Wang, S

2006-11-01

Limited permanent low-level radioactive waste (LLRW) disposal capacity and correspondingly high disposal costs have resulted in the creation of numerous interim storage facilities for either decay-in-storage operations or longer term accumulation efforts. These facilities, which may be near the site of waste generation or in distal locations, often were not originally designed for the purpose of LLRW storage, particularly with regard to security. Facility security has become particularly important in light of the domestic terrorist acts of 2001, wherein LLRW, along with many other sources of radioactivity, became recognized commodities to those wishing to create disruption through the purposeful dissemination of radioactive materials. Since some LLRW materials may be in facilities that may exhibit varying degrees of security control sophistication, a security vulnerabilities assessment tool grounded in accepted criminal justice theory and security practice has been developed. The tool, which includes dedicated sections on general security, target hardening, criminalization benefits, and the presence of guardians, can be used by those not formally schooled in the security profession to assess the level of protection afforded to their respective facilities. The tool equips radiation safety practitioners with the ability to methodically and systematically assess the presence or relative status of various facility security aspects, many of which may not be considered by individuals from outside the security profession. For example, radiation safety professionals might not ordinarily consider facility lighting aspects, which is a staple for the security profession since it is widely known that crime disproportionately occurs more frequently at night or in poorly lit circumstances. Likewise, the means and associated time dimensions for detecting inventory discrepancies may not be commonly considered. The tool provides a simple means for radiation safety professionals to assess, and perhaps enhance in a reasonable fashion, the security of their interim storage operations. Aspects of the assessment tool can also be applied to other activities involving the protection of sources of radiation as well.

The effects of income on mental health: evidence from the social security notch.

PubMed

Golberstein, Ezra

2015-03-01

Mental health is a key component of overall wellbeing and mental disorders are relatively common, including among older adults. Yet the causal effect of income on mental health status among older adults is poorly understood. This paper considers the effects of a major source of transfer income, Social Security retirement benefits, on the mental health of older adults. The Social Security benefit "Notch" is as a large, permanent, and exogenous shock to Social Security income in retirement. The "Notch" is used to identify the causal effect of Social Security income on mental health among older ages using data from the AHEAD cohort of the Health and Retirement Study. We find that increases in Social Security income significantly improve mental health status and the likelihood of a psychiatric diagnosis for women, but not for men. The effects of income on mental health for older women are statistically significant and meaningful in magnitude. While this is one of the only studies to use plausibly exogenous variation in household income to identify the effect of income on mental health, a limitation of this work is that the results only directly pertain to lower-education households. Public policy proposals that alter retirement benefits for the elderly may have important effects on the mental health of older adults.

In the Face of Cybersecurity: How the Common Information Model Can Be Used

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skare, Paul; Falk, Herbert; Rice, Mark

2016-01-01

Efforts are underway to combine smart grid information, devices, networking, and emergency response information to create messages that are not dependent on specific standards development organizations (SDOs). This supports a future-proof approach of allowing changes in the canonical data models (CDMs) going forward without having to perform forklift replacements of solutions that use the messages. This also allows end users (electric utilities) to upgrade individual components of a larger system while keeping the message payload definitions intact. The goal is to enable public and private information sharing securely in a standards-based approach that can be integrated into existing operations. Wemore » provide an example architecture that could benefit from this multi-SDO, secure message approach. This article also describes how to improve message security« less

[Disability due to mental illness: social security benefits in Brazil 2008-2011].

PubMed

Silva Junior, João Silvestre da; Fischer, Frida Marina

2014-02-01

This communication aimed to analyze the profile variation of disability benefits due to mental disorders. Secondary data published by Brazilian Social Security between 2008 and 2011 were evaluated. Mean annual variation rates over the period were calculated for the economically active population, as were the number insured, paid out overall sickness benefits and for mental and behavioral disorders. Mental disorders are the third most common reason for disability benefits. There was an average annual increase of 0.3% in new benefit claims, with a 2.5% fall in mean annual incidence. Work-related disease was identified in 6.2% of cases, most of it due to mood disorders. The government should use the data from the Social Security Institute to support a debate of public policies regarding mental health.

Doorstep: A doorbell security system for the prevention of doorstep crime.

PubMed

Ennis, Andrew; Cleland, Ian; Patterson, Timothy; Nugent, Chris D; Cruciani, Federico; Paggetti, Cristiano; Morrison, Gareth; Taylor, Richard

2016-08-01

Safety and security rank highly in the priorities of older people on both an individual and policy level. Older people are commonly targeted as victims of doorstep crime, as they can be perceived as being vulnerable. As a result, this can have a major effect on the victim's health and wellbeing. There have been numerous prevention strategies implemented in an attempt to combat and reduce the number of doorstep crimes. There is, however, little information available detailing the effectiveness of these strategies and how they impact on the fear of crime, particularly with repeat victims. There is therefore clear merit in the creation and piloting of a technology based solution to combat doorstep crime. This paper presents a developed solution to provide increased security for older people within their home.

[Data security and the handling of patient data in home monitoring systems].

PubMed

Heydenreich, F; Jürgens, C; Tost, F

2009-09-01

Data security must be considered seriously in the context of telemedical home monitoring because of the transmission and communication of patients' personal data. The contract governing medical treatment allows the ophthalmologist to process all data relevant to treatment. In Germany the legal framework for this purpose is provided by the Data Protection Act, various German hospital acts, and codes of medical professional conduct. In principle, these rules apply to telemedical home monitoring as well as to common physician-patient relationships. The patient must be informed extensively in an understandable manner and must give his or her written consent. However, the advanced options of new IT technologies demand the development of technical and organizational concepts that guarantee compliance with legal and regulatory affairs, assure data security, and prevent data abuse.

Best-Practice Criteria for Practical Security of Self-Differencing Avalanche Photodiode Detectors in Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Koehler-Sidki, A.; Dynes, J. F.; Lucamarini, M.; Roberts, G. L.; Sharpe, A. W.; Yuan, Z. L.; Shields, A. J.

2018-04-01

Fast-gated avalanche photodiodes (APDs) are the most commonly used single photon detectors for high-bit-rate quantum key distribution (QKD). Their robustness against external attacks is crucial to the overall security of a QKD system, or even an entire QKD network. We investigate the behavior of a gigahertz-gated, self-differencing (In,Ga)As APD under strong illumination, a tactic Eve often uses to bring detectors under her control. Our experiment and modeling reveal that the negative feedback by the photocurrent safeguards the detector from being blinded through reducing its avalanche probability and/or strengthening the capacitive response. Based on this finding, we propose a set of best-practice criteria for designing and operating fast-gated APD detectors to ensure their practical security in QKD.

European security framework for healthcare.

PubMed

Ruotsalainen, Pekka; Pohjonen, Hanna

2003-01-01

eHealth and telemedicine services are promising business areas in Europe. It is clear that eHealth products and services will be sold and ordered from a distance and over national borderlines in the future. However, there are many barriers to overcome. For both national and pan-European eHealth and telemedicine applications a common security framework is needed. These frameworks set security requirements needed for cross-border eHealth services. The next step is to build a security infrastructure which is independent of technical platforms. Most of the European eHealth platforms are regional or territorial. Some countries are looking for a Public Key Infrastructure, but no large scale solutions do exist in healthcare. There is no clear candidate solution for European-wide interoperable eHealth platform. Gross-platform integration seems to be the most practical integration method at a European level in the short run. The use of Internet as a European integration platform is a promising solution in the long run.

AVQS: attack route-based vulnerability quantification scheme for smart grid.

PubMed

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

Smart Secure Homes: A Survey of Smart Home Technologies that Sense, Assess, and Respond to Security Threats.

PubMed

Dahmen, Jessamyn; Cook, Diane J; Wang, Xiaobo; Honglei, Wang

2017-08-01

Smart home design has undergone a metamorphosis in recent years. The field has evolved from designing theoretical smart home frameworks and performing scripted tasks in laboratories. Instead, we now find robust smart home technologies that are commonly used by large segments of the population in a variety of settings. Recent smart home applications are focused on activity recognition, health monitoring, and automation. In this paper, we take a look at another important role for smart homes: security. We first explore the numerous ways smart homes can and do provide protection for their residents. Next, we provide a comparative analysis of the alternative tools and research that has been developed for this purpose. We investigate not only existing commercial products that have been introduced but also discuss the numerous research that has been focused on detecting and identifying potential threats. Finally, we close with open challenges and ideas for future research that will keep individuals secure and healthy while in their own homes.

Security of fragile authentication watermarks with localization

NASA Astrophysics Data System (ADS)

Fridrich, Jessica

2002-04-01

In this paper, we study the security of fragile image authentication watermarks that can localize tampered areas. We start by comparing the goals, capabilities, and advantages of image authentication based on watermarking and cryptography. Then we point out some common security problems of current fragile authentication watermarks with localization and classify attacks on authentication watermarks into five categories. By investigating the attacks and vulnerabilities of current schemes, we propose a variation of the Wong scheme18 that is fast, simple, cryptographically secure, and resistant to all known attacks, including the Holliman-Memon attack9. In the new scheme, a special symmetry structure in the logo is used to authenticate the block content, while the logo itself carries information about the block origin (block index, the image index or time stamp, author ID, etc.). Because the authentication of the content and its origin are separated, it is possible to easily identify swapped blocks between images and accurately detect cropped areas, while being able to accurately localize tampered pixels.

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2012 CFR

2012-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2013 CFR

2013-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2010 CFR

2010-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2014 CFR

2014-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2011 CFR

2011-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

77 FR 50628 - Review of Foreign Ownership Policies for Common Carrier and Aeronautical Radio Licensees

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-22

... the licensee in a manner that best accommodates their financial considerations and business needs. 9... national security and law enforcement interests. 11. The First Report and Order defers consideration, to a...

76 FR 50331 - Hazardous Materials Regulations; Compatibility With the Regulations of the International Atomic...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-12

... health and safety and to assure the common defense and security, and: A. Certifies Type B and fissile... domestic practices, and maintaining public health and safety. Accordingly, PHMSA is not proposing to adopt...

Defense.gov Special Report: Travels with Carter - March 2013

Science.gov Websites

Form. In this form, please indicate the nature of your accessibility issue/problem and your contact Common Security Challenges Deputy Defense Secretary Ash Carter is traveling to Asia to meet with U.S

Best Practices for the Security of Radioactive Materials

DOE Office of Scientific and Technical Information (OSTI.GOV)

Coulter, D.T.; Musolino, S.

2009-05-01

This work is funded under a grant provided by the US Department of Health and Human Services, Centers for Disease Control. The Department of Health and Mental Hygiene (DOHMH) awarded a contract to Brookhaven National Laboratory (BNL) to develop best practices guidance for Office of Radiological Health (ORH) licensees to increase on-site security to deter and prevent theft of radioactive materials (RAM). The purpose of this document is to describe best practices available to manage the security of radioactive materials in medical centers, hospitals, and research facilities. There are thousands of such facilities in the United States, and recent studiesmore » suggest that these materials may be vulnerable to theft or sabotage. Their malevolent use in a radiological-dispersion device (RDD), viz., a dirty bomb, can have severe environmental- and economic- impacts, the associated area denial, and potentially large cleanup costs, as well as other effects on the licensees and the public. These issues are important to all Nuclear Regulatory Commission and Agreement State licensees, and to the general public. This document outlines approaches for the licensees possessing these materials to undertake security audits to identify vulnerabilities in how these materials are stored or used, and to describe best practices to upgrade or enhance their security. Best practices can be described as the most efficient (least amount of effort/cost) and effective (best results) way of accomplishing a task and meeting an objective, based on repeatable procedures that have proven themselves over time for many people and circumstances. Best practices within the security industry include information security, personnel security, administrative security, and physical security. Each discipline within the security industry has its own 'best practices' that have evolved over time into common ones. With respect to radiological devices and radioactive-materials security, industry best practices encompass both physical security (hardware and engineering) and administrative procedures. Security regimes for these devices and materials typically use a defense-in-depth- or layered-security approach to eliminate single points of failure. The Department of Energy, the Department of Homeland Security, the Department of Defense, the American Society of Industrial Security (ASIS), the Security Industry Association (SIA) and Underwriters Laboratory (UL) all rovide design guidance and hardware specifications. With a graded approach, a physical-security specialist can tailor an integrated security-management system in the most appropriate cost-effective manner to meet the regulatory and non-regulatory requirements of the licensee or client.« less

Achieving Better Buying Power for Mobile Open Architecture Software Systems Through Diverse Acquisition Scenarios

DTIC Science & Technology

2016-04-30

software (OSS) and proprietary (CSS) software elements or remote services (Scacchi, 2002, 2010), eventually including recent efforts to support Web ...specific platforms, including those operating on secured Web /mobile devices.  Common Development Technology provides AC development tools and common...transition to OA systems and OSS software elements, specifically for Web and Mobile devices within the realm of C3CB. OA, Open APIs, OSS, and CSS OA

The Centurions vs. the Hydra: French Counterinsurgency in the Peninsular War (1808-1812)

DTIC Science & Technology

2011-06-10

their operational dilemma in different manners. But the analysis also outlined a common denominator to their practices. Leverage of religion , build up...But the analysis also outlined a common denominator to their practices. Leverage of religion , build up of native security forces, and development...armada en los origenese de la Espana liberal, 1808-1823 [Cortes and Military Forces at the Origin of Liberal Spain] (Madrid, Spain: Siglo veintiuno

Trends in Research on the Security of Medical Information in Korea: Focused on Information Privacy Security in Hospitals

PubMed Central

Kim, Yong-Woon; Cho, Namin

2018-01-01

Objectives Information technology involves a risk of privacy violation in providing easy access to confidential information,such as personal information and medical information through the Internet. In this study, we investigated medical information security to gain a better understanding of trends in research related to medical information security. Methods We researched papers published on ‘의료정보’ and ‘medical information’ in various Korean journals during a 10-year period from 2005 to 2015. We also analyzed these journal papers for each fiscal year; these papers were categorized into the areas of literature research and empirical research, and were further subdivided according to themes and subjects. Results It was confirmed that 48 papers were submitted to 35 academic journals. There were 33 (68.8%) literature review articles, and analysis of secondary data was not carried out at all. In terms of empirical research, 8 (16.7%) surveys and 7 (14.6%) program developments were studied. As a result of analyzing these papers according to the research theme by research method, 17 (35.4%) papers on laws, systems, and policies were the most numerous. It was found that among the literature research papers on medical personnel were the most common, and among the empirical research papers, research on experts in information protection and medical personnel were the most common. Conclusions We suggest that further research should be done in terms of social perception, human resource development, and technology development to improve risk management in medical information systems. PMID:29503754

Ground water security and drought in Africa: linking availability, access, and demand.

PubMed

Calow, Roger C; Macdonald, Alan M; Nicol, Alan L; Robins, Nick S

2010-01-01

Drought in Africa has been extensively researched, particularly from meteorological, agricultural, and food security perspectives. However, the impact of drought on water security, particularly ground water dependent rural water supplies, has received much less attention. Policy responses have concentrated on food needs, and it has often been difficult to mobilize resources for water interventions, despite evidence that access to safe water is a serious and interrelated concern. Studies carried out in Ghana, Malawi, South Africa, and Ethiopia highlight how rural livelihoods are affected by seasonal stress and longer-term drought. Declining access to food and water is a common and interrelated problem. Although ground water plays a vital role in buffering the effects of rainfall variability, water shortages and difficulties in accessing water that is available can affect domestic and productive water uses, with knock-on effects on food consumption and production. Total depletion of available ground water resources is rarely the main concern. A more common scenario is a spiral of water insecurity as shallow water sources fail, additional demands are put on remaining sources, and mechanical failures increase. These problems can be planned for within normal development programs. Water security mapping can help identify vulnerable areas, and changes to monitoring systems can ensure early detection of problems. Above all, increasing the coverage of ground water-based rural water supplies, and ensuring that the design and siting of water points is informed by an understanding of hydrogeological conditions and user demand, can significantly increase the resilience of rural communities to climate variability.

Integrated situational awareness for cyber attack detection, analysis, and mitigation

NASA Astrophysics Data System (ADS)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

Molecular commonality detection using an artificial enzyme membrane for in situ one-stop biosurveillance.

PubMed

Ikeno, Shinya; Asakawa, Hitoshi; Haruyama, Tetsuya

2007-08-01

Biodetection and biosensing have been developed based on the concept of sensitivity toward specific molecules. However, current demand may require more levelheaded or far-sighted methods, especially in the field of biological safety and security. In the fields of hygiene, public safety, and security including fighting bioterrorism, the detection of biological contaminants, e.g., microorganisms, spores, and viruses, is a constant challenge. However, there is as yet no sophisticated method of detecting such contaminants in situ without oversight. The authors focused their attention on diphosphoric acid anhydride, which is a structure common to all biological phosphoric substances. Interestingly, biological phosphoric substances are peculiar substances present in all living things and include many different substances, e.g., ATP, ADP, dNTP, pyrophosphate, and so forth, all of which have a diphosphoric acid anhydride structure. The authors took this common structure as the basis of their development of an artificial enzyme membrane with selectivity for the structure common to all biological phosphoric substances and studied the possibility of its application to in situ biosurveillance sensors. The artificial enzyme membrane-based amperometric biosensor developed by the authors can detect various biological phosphoric substances, because it has a comprehensive molecular selectivity for the structure of these biological phosphoric substances. This in situ detection method of the common diphosphoric acid anhydride structure brings a unique advantage to the fabrication of in situ biosurveillance sensors for monitoring biological contaminants, e.g., microorganism, spores, and viruses, without an oversight, even if they were transformed.

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

PubMed Central

Hung, Le Xuan; Canh, Ngo Trong; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

2008-01-01

For many sensor network applications such as military or homeland security, it is essential for users (sinks) to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1) Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2) The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3) The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4) Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5) No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully. PMID:27873956

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge.

PubMed

Hung, Le Xuan; Canh, Ngo Trong; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

2008-12-03

For many sensor network applications such as military or homeland security, it is essential for users (sinks) to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODE plus . It is a significant extension of our previous study in five aspects: (1) Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2) The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3) The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4) Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5) No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODE plus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

Comparison of three mid-urethral tension-free tapes (TVT, TVT-O, and TVT-Secur) in the treatment of female stress urinary incontinence: 1-year follow-up.

PubMed

Wang, Yi-jun; Li, Fei-ping; Wang, Qian; Yang, Sen; Cai, Xian-guo; Chen, Ying-he

2011-11-01

The purpose of the study was to evaluate and compare the clinical values of tension-free vaginal tape (TVT), tension-free vaginal tape-transobturator (TVT-O), or tension-free vaginal tape-Secur (TVT-Secur) as treatment for female stress urinary incontinence. The pre-operative and 1-year post-operative follow-up protocols for patients who were treated with serial mid-urethral tension-free tape procedures in two hospitals from October 2008 to December 2009 were prospectively studied. These patients were randomly allocated to TVT, TVT-O, or TVT-Secur. A total of 102 women participated. At the 1-year follow-up, complications were not statistically different across the three groups except for pain in the thigh, which was more common in the TVT-O group. The overall efficacy and cure rate were similar between the TVT and TVT-O groups, but were significantly lower in the TVT-Secur group. A comparison of the three procedures shows that TVT-O is easy to operate and is as safe as TVT-Secur, and it has similar long-term efficacy to TVT, though, as one of the third-generation mid-urethral tension-free tapes, TVT-Secur is still being evaluated. Basing on the outcome of our study, it had rare complications but unsatisfactory efficacy, and we suggest that TVT-Secur is not fit for severe cases. However, observation and comparison of these groups in a larger sample size on a longer term are needed.

Injury patterns in clashes between citizens and security forces during forced evacuation.

PubMed

Schwartz, D; Bar-Dayan, Y

2008-10-01

Clashes between state security forces and civilian populations can lead to mass casualty incidents (MCI), challenging emergency medical service (EMS) systems, hospitals and medical management systems. In January 2006, clashes erupted between Israeli security forces and settlers, around the forced evacuation of the Amona outpost. Data collected during the events and in subsequent formal debriefings were processed to identify the specifics of an MCI caused by forced evacuation. Pre-event preparedness, time and types of injuries encountered were evaluated among evacuated civilians and security forces members, their transport to hospitals, care received and follow-up. The event is described according to DISAST-CIR methodology. Data were entered on MS Excel (2003) and analysis was carried out using SPSS version 12. 4000 police personnel (backed by army forces) clashed for 12 h with approximately 5000 settlers. 229 injured (174 settlers and 55 security personnel) were cared for at six receiving hospitals. A total of 16 were evacuated by aeromedical evacuation, including one severely head-injured policeman. Settlers used sticks, stones and cement blocks, whereas police used mounted riders, batons and shields. Head injuries were the most common injuries among settlers (50%), whereas extremity injuries dominated among security forces members (72.7%). Large-scale clashes between state security forces and citizens may cause numerous injuries, even if firearms and explosives are not used. Despite the fact that almost all injuries were mild, the incident burdened local medical teams, EMS and Jerusalem hospitals. A predominance of head injuries was found among injured settlers and extremity injuries among injured security forces.

A provably-secure ECC-based authentication scheme for wireless sensor networks.

PubMed

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-11-06

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

An Improved EKG-Based Key Agreement Scheme for Body Area Networks

NASA Astrophysics Data System (ADS)

Ali, Aftab; Khan, Farrukh Aslam

Body area networks (BANs) play an important role in mobile health monitoring such as, monitoring the health of patients in a hospital or physical status of soldiers in a battlefield. By securing the BAN, we actually secure the lives of soldiers or patients. This work presents an electrocardiogram (EKG) based key agreement scheme using discrete wavelet transform (DWT) for the sake of generating a common key in a body area network. The use of EKG brings plug-and-play capability in BANs; i.e., the sensors are just placed on the human body and a secure communication is started among these sensors. The process is made secure by using the iris or fingerprints to lock and then unlock the blocks during exchange between the communicating sensors. The locking and unlocking is done through watermarking. When a watermark is added at the sender side, the block is locked and when it is removed at the receiver side, the block is unlocked. By using iris or fingerprints, the security of the technique improves and its plug-and-play capability is not affected. The analysis is done by using real 2-lead EKG data sampled at a rate of 125 Hz taken from MIT PhysioBank database.

Spatio-temporal dynamics of security investments in an interdependent risk environment

NASA Astrophysics Data System (ADS)

Shafi, Kamran; Bender, Axel; Zhong, Weicai; Abbass, Hussein A.

2012-10-01

In a globalised world where risks spread through contagion, the decision of an entity to invest in securing its premises from stochastic risks no longer depends solely on its own actions but also on the actions of other interacting entities in the system. This phenomenon is commonly seen in many domains including airline, logistics and computer security and is referred to as Interdependent Security (IDS). An IDS game models this decision problem from a game-theoretic perspective and deals with the behavioural dynamics of risk-reduction investments in such settings. This paper enhances this model and investigates the spatio-temporal aspects of the IDS games. The spatio-temporal dynamics are studied using simple replicator dynamics on a variety of network structures and for various security cost tradeoffs that lead to different Nash equilibria in an IDS game. The simulation results show that the neighbourhood configuration has a greater effect on the IDS game dynamics than network structure. An in-depth empirical analysis of game dynamics is carried out on regular graphs, which leads to the articulation of necessary and sufficient conditions for dominance in IDS games under spatial constraints.

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

PubMed Central

Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

2014-01-01

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

10 CFR 73.37 - Requirements for physical protection of irradiated reactor fuel in transit.

Code of Federal Regulations, 2014 CFR

2014-01-01

... self-defense or in the defense of others, or any other circumstances, as authorized by applicable... significant adverse effect on the health and safety of the public or the common defense and security by...

Risky Business.

ERIC Educational Resources Information Center

Izumi, Ronald

1992-01-01

Widespread efforts by colleges and universities to reduce expenses and raise revenues can increase the institution's exposure to risk. Common risks arise from neglect of physical plant, government regulation, financial burdens, campus security and crime, sexual harassment, third-party contracts, staff reduction, failure to educate, and…

The Potential of CGI: Using Pre-Built CGI Scripts to Make Interactive Web Pages.

ERIC Educational Resources Information Center

Nackerud, Shane A.

1998-01-01

Describes CGI (Common Gateway Interface) scripts that are available on the Web and explains how librarians can use them to make Web pages more interactive. Topics include CGI security; Perl scripts; UNIX; and HTML. (LRW)

Playback interference of glassy-winged sharp shooter communication

USDA-ARS?s Scientific Manuscript database

Animal communication is vital to reproduction, particularly for securing a mate. Insects commonly communicate by exchanging vibrational signals that are transmitted through host plants. The glassy-winged sharpshooter (GWSS), Homalodisca vitripennis, is an important vector of Xylella fastidiosa, a pl...

Homeland Security Intelligence: To What End

DTIC Science & Technology

2010-09-01

decision making is generous (Treverton & Gabbard , 2008; Reveron 2007). This literature commonly falls into roughly one of two categories, 1) the...Treverton, G.F. & Gabbard , C.B. (2008). Assessing the tradecraft of intelligence analysis. Arlington VA: RAND. Turner, M. (2005). Why secret intelligence

Alternative Fuels Data Center: Federal Laws and Incentives for Hydrogen

Science.gov Websites

environmental security of the United States by supporting local initiatives to adopt practices that reduce the federal fuel taxes. Common nontaxable uses in a motor vehicle are: on a farm for farming purposes; in

5 CFR 9901.321 - Structure.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF DEFENSE HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM... career group, the Secretary will establish a common rate range that applies in all locations. (c) The...

Modelling Status Food Security Households Disease Sufferers Pulmonary Tuberculosis Uses the Method Regression Logistics Binary

NASA Astrophysics Data System (ADS)

Wulandari, S. P.; Salamah, M.; Rositawati, A. F. D.

2018-04-01

Food security is the condition where the food fulfilment is managed well for the country till the individual. Indonesia is one of the country which has the commitment to create the food security becomes main priority. However, the food necessity becomes common thing means that it doesn’t care about nutrient standard and the health condition of family member, so in the fulfilment of food necessity also has to consider the disease suffered by the family member, one of them is pulmonary tuberculosa. From that reasons, this research is conducted to know the factors which influence on household food security status which suffered from pulmonary tuberculosis in the coastal area of Surabaya by using binary logistic regression method. The analysis result by using binary logistic regression shows that the variables wife latest education, house density and spacious house ventilation significantly affect on household food security status which suffered from pulmonary tuberculosis in the coastal area of Surabaya, where the wife education level is University/equivalent, the house density is eligible or 8 m2/person and spacious house ventilation 10% of the floor area has the opportunity to become food secure households amounted to 0.911089. While the chance of becoming food insecure households amounted to 0.088911. The model household food security status which suffered from pulmonary tuberculosis in the coastal area of Surabaya has been conformable, and the overall percentages of those classifications are at 71.8%.

Enhancing infrastructure resilience through business continuity planning.

PubMed

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

Failing States as Epidemiologic Risk Zones: Implications for Global Health Security.

PubMed

Hirschfeld, Katherine

Failed states commonly experience health and mortality crises that include outbreaks of infectious disease, violent conflict, reductions in life expectancy, and increased infant and maternal mortality. This article draws from recent research in political science, security studies, and international relations to explore how the process of state failure generates health declines and outbreaks of infectious disease. The key innovation of this model is a revised definition of "the state" as a geographically dynamic rather than static political space. This makes it easier to understand how phases of territorial contraction, collapse, and regeneration interrupt public health programs, destabilize the natural environment, reduce human security, and increase risks of epidemic infectious disease and other humanitarian crises. Better understanding of these dynamics will help international health agencies predict and prepare for future health and mortality crises created by failing states.

Vulnerability survival analysis: a novel approach to vulnerability management

NASA Astrophysics Data System (ADS)

Farris, Katheryn A.; Sullivan, John; Cybenko, George

2017-05-01

Computer security vulnerabilities span across large, enterprise networks and have to be mitigated by security engineers on a routine basis. Presently, security engineers will assess their "risk posture" through quantifying the number of vulnerabilities with a high Common Vulnerability Severity Score (CVSS). Yet, little to no attention is given to the length of time by which vulnerabilities persist and survive on the network. In this paper, we review a novel approach to quantifying the length of time a vulnerability persists on the network, its time-to-death, and predictors of lower vulnerability survival rates. Our contribution is unique in that we apply the cox proportional hazards regression model to real data from an operational IT environment. This paper provides a mathematical overview of the theory behind survival analysis methods, a description of our vulnerability data, and an interpretation of the results.

Insecurity of position-based quantum-cryptography protocols against entanglement attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lau, Hoi-Kwan; Lo, Hoi-Kwong

2011-01-15

Recently, position-based quantum cryptography has been claimed to be unconditionally secure. On the contrary, here we show that the existing proposals for position-based quantum cryptography are, in fact, insecure if entanglement is shared among two adversaries. Specifically, we demonstrate how the adversaries can incorporate ideas of quantum teleportation and quantum secret sharing to compromise the security with certainty. The common flaw to all current protocols is that the Pauli operators always map a codeword to a codeword (up to an irrelevant overall phase). We propose a modified scheme lacking this property in which the same cheating strategy used to underminemore » the previous protocols can succeed with a rate of at most 85%. We prove the modified protocol is secure when the shared quantum resource between the adversaries is a two- or three-level system.« less

Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay.

PubMed

Hu, Hequn; Gao, Zhenzhen; Liao, Xuewen; Leung, Victor C M

2017-09-04

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device's messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission ( P S S T ), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. P S S T is analyzed for the proposed secure schemes, and the closed form expressions of P S S T for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better P S S T than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar P S S T , the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations.

Fuelling Insecurity? Sino-Myanmar Energy Cooperation and Human Security in Myanmar

NASA Astrophysics Data System (ADS)

Botel, Gabriel

This thesis examines the relationship between energy, development and human security in Sino-Myanmar relations. Rapid economic growth and increased urbanisation have intensified China's industrial and domestic energy consumption, drastically increasing demand and overwhelming national supply capacities. Chinese foreign policy has responded by becoming more active in securing and protecting foreign energy resources and allowing Chinese companies more freedom and opportunities for investment abroad. Consequently, Chinese foreign investment and policies have become increasing sources of scrutiny and debate, typically focusing on their (presumed) intentions and the social, economic, environmental and political impacts they have on the rest of the world. Within this debate, a key issue has been China's engagement with so-called pariah states. China has frequently received substantial international criticism for its unconditional engagement with such countries, often seen as a geopolitical pursuit of strategic national (energy) interests, unconcerned with international opprobrium. In the case of Myanmar, traditional security analyses interpret this as, at best, undermining (Western) international norms and, at worst, posing a direct challenge to international security. However, traditional security analyses rely on state-centric concepts of security, and tend to over-simply Sino-Myanmar relations and the dynamics which inform it. Conversely, implications for human security are overlooked; this is in part because human security remains poorly defined and also because there are questions regarding its utility. However, human security is a critical tool in delineating between state, corporate and 'civilian' interests, and how these cleavages shape the security environment and potential for instability in the region. This thesis takes a closer look at some of the entrenched and changing security dynamics shaping this Sino-Myanmar energy cooperation, drawing on an extensive literature in human security rarely applied in this context. This includes a brief review of human security and Sino-Myanmar relations, and is grounded in an empirical analysis of Chinese investment in Myanmar's hydropower and oil and gas sectors. Ultimately, this thesis argues that, while insightful, many traditional interpretations of Sino-Myanmar energy cooperation overlook the security interests of those worst affected. Furthermore, that the worst excesses of Chinese companies in Myanmar are not unique to China, but common across all investors in the regime, Western or otherwise.

Post-quantum cryptography.

PubMed

Bernstein, Daniel J; Lange, Tanja

2017-09-13

Cryptography is essential for the security of online communication, cars and implanted medical devices. However, many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer; post-quantum cryptosystems strive to remain secure even in this scenario. This relatively young research area has seen some successes in identifying mathematical operations for which quantum algorithms offer little advantage in speed, and then building cryptographic systems around those. The central challenge in post-quantum cryptography is to meet demands for cryptographic usability and flexibility without sacrificing confidence.

Post-quantum cryptography

NASA Astrophysics Data System (ADS)

Bernstein, Daniel J.; Lange, Tanja

2017-09-01

Cryptography is essential for the security of online communication, cars and implanted medical devices. However, many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer; post-quantum cryptosystems strive to remain secure even in this scenario. This relatively young research area has seen some successes in identifying mathematical operations for which quantum algorithms offer little advantage in speed, and then building cryptographic systems around those. The central challenge in post-quantum cryptography is to meet demands for cryptographic usability and flexibility without sacrificing confidence.

Center for Infrastructure Assurance and Security - Attack and Defense Exercises

DTIC Science & Technology

2010-06-01

conclusion of the research funding under this program. 4.1. Steganography Detection Tools Steganography is the art of hiding information in a cover image ...Some of the more common methods are altering the LSB (least significant bit) of the pixels of the image , altering the palette of an RGB image , or...altering parts of the image in the transform domain. Algorithms that embed information in the transform domain are usually more robust to common

For the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations

DTIC Science & Technology

2015-06-12

the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations 5a. CONTRACT NUMBER 5b. GRANT ...20130423/ NEWS/304230016/Navy-wants-1-000-more-cyber-warriors. 33 Edward Cardon , “Army Cyber Capabilities” (Lecture, Advanced Operations Course...Finally, once a cyber security professional is trained, many argue, to include the head of Army’s Cyber Command, Lieutenant General Edward Cardon

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

Since its creation in 1946, Argonne National Laboratory has addressed the nation’s most pressing challenges in science, energy, the environment, and national security. United by a common goal – to improve the world – Argonne continues to drive the scientific and technological breakthroughs needed to ensure a sustainable future.

Operations Security (OPSEC) Guide

DTIC Science & Technology

2011-04-01

information list. Review periodically for currency and update as necessary. b. Incorporate OPSEC into organizational plans, exercises, and...is the phone located? (i.e., on your desk, in a common room, in another office) Where is the crypto -ignition key (CIK) kept? For CIKs kept in a

Environmental Assessment: Security and Traffic Upgrades at Peterson AFB, Colorado

DTIC Science & Technology

2004-11-01

boulevards, and around living quarters. Ponderosa and Austrian pine, green ash, Russian olive, Siberian elm and other common horticultural species...Still recording studio ; Rustling leaves 30 Quiet bedroom 35 Soft whisper at 5 feet; Typical library 40 Quiet urban setting (nighttime

Parents and Campus Safety.

ERIC Educational Resources Information Center

Sells, Debra

2002-01-01

Parents are demanding greater inclusion in issues relating to campus safety and security. This article examines the historical evolution of relations between parents, students, and universities, discussing two pieces of key legislation and describing strategies to optimize common interrelationships between parents and institutions. (Contains 14…

76 FR 19476 - Exelon Generation Company, LLC, Peach Bottom Atomic Power Station, Unit Nos. 2 and 3; Exemption

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-07

... licensee stated that the floor-based combustibles include health physics cleaning supplies, such as mops... undue risk to public health or safety, and are consistent with the common defense and security; and (2...

17 CFR 49.2 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... data repository. (10) Position. The term “position” means the gross and net notional amounts of open... Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) SWAP DATA REPOSITORIES... directly, or indirectly, controls, is controlled by, or is under common control with, the swap data...

Tri-wheeled scooters transported on buses and vans : assessment of securement restraint issues

DOT National Transportation Integrated Search

2005-10-01

Under the Americans with Disabilities Act (ADA) of 1990, all "common wheelchairs and mobility aids", including tri-wheeled scooters, must be accommodated on buses and vans used in public transit service. Several transit systems have recently expresse...

Cyber War: The Next Frontier for NATO

DTIC Science & Technology

2015-03-01

cyber-attacks as a way to advance their agenda. Common examples of cyber- attacks include computer viruses, worms , malware, and distributed denial of...take advantage of security holes and cause damage to computer systems, steal financial data, or acquire sensitive secrets. As technology becomes

7 CFR 1737.41 - Procedure for obtaining approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... RUS financing. (3) The proposed interim financing presents unacceptable loan security risks to RUS, or..., DEPARTMENT OF AGRICULTURE PRE-LOAN POLICIES AND PROCEDURES COMMON TO INSURED AND GUARANTEED TELECOMMUNICATIONS LOANS Interim Financing of Construction of Telephone Facilities § 1737.41 Procedure for obtaining...

Common Randomness Principles of Secrecy

ERIC Educational Resources Information Center

Tyagi, Himanshu

2013-01-01

This dissertation concerns the secure processing of distributed data by multiple terminals, using interactive public communication among themselves, in order to accomplish a given computational task. In the setting of a probabilistic multiterminal source model in which several terminals observe correlated random signals, we analyze secure…

Household dietary diversity, vitamin A consumption and food security in rural Tigray, Ethiopia.

PubMed

Schwei, Rebecca J; Tesfay, Haile; Asfaw, Frezer; Jogo, Wellington; Busse, Heidi

2017-06-01

To describe: household dietary diversity across four zones in Ethiopia; the relationship between household dietary diversity and consumption of vitamin A-rich foods; and the relationship between household dietary diversity and food security status. This was a cross-sectional survey. Data were collected using structured questionnaires in the local language. Household dietary diversity scores measured types of foods households consumed, and households were classified by food security status using a modified version of the Household Food Insecurity Access Scale. An ordinal logistics regression model was created to assess the relationship between three tiers of dietary diversity (low, medium and high) and food security while controlling for agricultural zone, educational variables and household characteristics. Rural households in Tigray, Ethiopia. Three hundred households in Tigray, Ethiopia, were interviewed. Of the households, 23, 47 and 30 % had low, medium and high dietary diversity, respectively. Among households with high dietary diversity, eggs and fruit were the most common foods added to the diet. In the fully adjusted model, participants who reported being food secure had 1·8 increased odds of greater dietary diversity (95 % CI 1·0, 3·2) compared with participants who were food insecure. Food security was positively associated with dietary diversity. In order to enhance health, interventions that improve dietary diversity and vitamin A consumption should remain important areas of focus for health leaders in the region.

An Extended Chaotic Maps-Based Three-Party Password-Authenticated Key Agreement with User Anonymity

PubMed Central

Lu, Yanrong; Li, Lixiang; Zhang, Hao; Yang, Yixian

2016-01-01

User anonymity is one of the key security features of an authenticated key agreement especially for communicating messages via an insecure network. Owing to the better properties and higher performance of chaotic theory, the chaotic maps have been introduced into the security schemes, and hence numerous key agreement schemes have been put forward under chaotic-maps. Recently, Xie et al. released an enhanced scheme under Farash et al.’s scheme and claimed their improvements could withstand the security loopholes pointed out in the scheme of Farash et al., i.e., resistance to the off-line password guessing and user impersonation attacks. Nevertheless, through our careful analysis, the improvements were released by Xie et al. still could not solve the problems troubled in Farash et al‥ Besides, Xie et al.’s improvements failed to achieve the user anonymity and the session key security. With the purpose of eliminating the security risks of the scheme of Xie et al., we design an anonymous password-based three-party authenticated key agreement under chaotic maps. Both the formal analysis and the formal security verification using AVISPA are presented. Also, BAN logic is used to show the correctness of the enhancements. Furthermore, we also demonstrate that the design thwarts most of the common attacks. We also make a comparison between the recent chaotic-maps based schemes and our enhancements in terms of performance. PMID:27101305

The Effects of Income on Mental Health: Evidence from the Social Security Notch

PubMed Central

Golberstein, Ezra

2015-01-01

Background Mental health is a key component of overall wellbeing and mental disorders are relatively common, including among older adults. Yet the causal effect of income on mental health status among older adults is poorly understood. Aims This paper considers the effects of a major source of transfer income, Social Security retirement benefits, on the mental health of older adults. Methods The Social Security benefit “Notch” is as a large, permanent, and exogenous shock to Social Security income in retirement. The “Notch” is used to identify the causal effect of Social Security income on mental health among older ages using data from the AHEAD cohort of the Health and Retirement Study. Results We find that increases in Social Security income significantly improve mental health status and the likelihood of a psychiatric diagnosis for women, but not for men. Discussion The effects of income on mental health for older women are statistically significant and meaningful in magnitude. While this is one of the only studies to use plausibly exogenous variation in household income to identify the effect of income on mental health, a limitation of this work is that the results only directly pertain to lower-education households. Implications Public policy proposals that alter retirement benefits for the elderly may have important effects on the mental health of older adults. PMID:25862202

Secure access to patient's health records using SpeechXRays a mutli-channel biometrics platform for user authentication.

PubMed

Spanakis, Emmanouil G; Spanakis, Marios; Karantanas, Apostolos; Marias, Kostas

2016-08-01

The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

Food insecurity and mental health: an analysis of routine primary care data of pregnant women in the Born in Bradford cohort.

PubMed

Power, Madeleine; Uphoff, Eleonora; Kelly, Brian; Pickett, Kate E

2017-04-01

Since 2008, use of food banks has risen sharply in the UK; however, evidence on the epidemiology of UK food insecurity is sparse. The aim of this study was to describe the trajectory of common mental disorder across the pre-pregnancy, pregnancy and postnatal period for food secure compared with food insecure women. Data from the Born in Bradford (BiB) cohort, the nested BiB1000 study and primary care records were linked based on National Health Service (NHS) numbers. Data linkage was completed for 1297, and primary care records were available from 18 months prior to 40 months after birth of the cohort child. Incidence rates of common mental disorders per 1000 patient years at risk were compared between food secure and insecure women, and for Pakistani compared with white British women, in 10 6-month periods around pregnancy. Poisson regression was used to calculate incidence rate ratios, adjusted for ethnicity and exposure. Food insecurity was significantly associated with an increased risk of common mental disorder before and during pregnancy (incidence rate ratio 1.9, 95% confidence interval 1.3 to 2.8, p=0.001) and after giving birth (incidence rate ratio 1.3, 95% confidence interval 1.0 to 1.7, p=0.029). Our study shows that food insecure women have worse mental health than food secure women, and that this difference is most pronounced for white British pregnant women. These findings provide evidence for concerns expressed by public health experts that food insecurity may become the next public health emergency. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://www.bmj.com/company/products-services/rights-and-licensing/.

Across the Atlantic cooperation to address international challenges in eHealth and health IT: managing toward a common goal.

PubMed

Friedman, Charles P; Iakovidis, Ilias; Debenedetti, Laurent; Lorenzi, Nancy M

2009-11-01

Countries on both sides of the Atlantic Ocean have invested in health information and communication technologies. Since eHealth challenges cross borders a European Union-United States of America conference on public policies relating to health IT and eHealth was held October 20-21, 2008 in Paris, France. The conference was organized around the four themes: (1) privacy and security, (2) health IT interoperability, (3) deployment and adoption of health IT, and (4) Public Private Collaborative Governance. The four key themes framed the discussion over the two days of plenary sessions and workshops. Key findings of the conference were organized along the four themes. (1) Privacy and security: Patients' access to their own data and key elements of a patient identification management framework were discussed. (2) Health IT interoperability: Three significant and common interoperability challenges emerged: (a) the need to establish common or compatible standards and clear guidelines for their implementation, (b) the desirability for shared certification criteria and (c) the need for greater awareness of the importance of interoperability. (3) Deployment and adoption of health IT: Three major areas of need emerged: (a) a shared knowledge base and assessment framework, (b) public-private collaboration and (c) and effective organizational change strategies. (4) Public Private Collaborative Governance: Sharing and communication are central to success in this area. Nations can learn from one another about ways to develop harmonious, effective partnerships. Three areas that were identified as highest priority for collaboration included: (1) health data security, (2) developing effective strategies to ensure healthcare professionals' acceptance of health IT tools, and (3) interoperability.

Consolidation and development roadmap of the EMI middleware

NASA Astrophysics Data System (ADS)

Kónya, B.; Aiftimiei, C.; Cecchi, M.; Field, L.; Fuhrmann, P.; Nilsen, J. K.; White, J.

2012-12-01

Scientific research communities have benefited recently from the increasing availability of computing and data infrastructures with unprecedented capabilities for large scale distributed initiatives. These infrastructures are largely defined and enabled by the middleware they deploy. One of the major issues in the current usage of research infrastructures is the need to use similar but often incompatible middleware solutions. The European Middleware Initiative (EMI) is a collaboration of the major European middleware providers ARC, dCache, gLite and UNICORE. EMI aims to: deliver a consolidated set of middleware components for deployment in EGI, PRACE and other Distributed Computing Infrastructures; extend the interoperability between grids and other computing infrastructures; strengthen the reliability of the services; establish a sustainable model to maintain and evolve the middleware; fulfil the requirements of the user communities. This paper presents the consolidation and development objectives of the EMI software stack covering the last two years. The EMI development roadmap is introduced along the four technical areas of compute, data, security and infrastructure. The compute area plan focuses on consolidation of standards and agreements through a unified interface for job submission and management, a common format for accounting, the wide adoption of GLUE schema version 2.0 and the provision of a common framework for the execution of parallel jobs. The security area is working towards a unified security model and lowering the barriers to Grid usage by allowing users to gain access with their own credentials. The data area is focusing on implementing standards to ensure interoperability with other grids and industry components and to reuse already existing clients in operating systems and open source distributions. One of the highlights of the infrastructure area is the consolidation of the information system services via the creation of a common information backbone.

CORBASec Used to Secure Distributed Aerospace Propulsion Simulations

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

The NASA Glenn Research Center and its industry partners are developing a Common Object Request Broker (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines. It was developed by Glenn and is being managed by the NASA Ames Research Center as the lead center reporting directly to NASA Headquarters' Aerospace Technology Enterprise. Glenn is an active domain member of the Object Management Group: an open membership, not-for-profit consortium that produces and manages computer industry specifications (i.e., CORBA) for interoperable enterprise applications. When NPSS is deployed, it will assemble a distributed aerospace propulsion simulation scenario from proprietary analytical CORBA servers and execute them with security afforded by the CORBASec implementation. The NPSS CORBASec test bed was initially developed with the TPBroker Security Service product (Hitachi Computer Products (America), Inc., Waltham, MA) using the Object Request Broker (ORB), which is based on the TPBroker Basic Object Adaptor, and using NPSS software across different firewall products. The test bed has been migrated to the Portable Object Adaptor architecture using the Hitachi Security Service product based on the VisiBroker 4.x ORB (Borland, Scotts Valley, CA) and on the Orbix 2000 ORB (Dublin, Ireland, with U.S. headquarters in Waltham, MA). Glenn, GE Aircraft Engines, and Pratt & Whitney Aircraft are the initial industry partners contributing to the NPSS CORBASec test bed. The test bed uses Security SecurID (RSA Security Inc., Bedford, MA) two-factor token-based authentication together with Hitachi Security Service digital-certificate-based authentication to validate the various NPSS users. The test bed is expected to demonstrate NPSS CORBASec-specific policy functionality, confirm adequate performance, and validate the required Internet configuration in a distributed collaborative aerospace propulsion environment.

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott F

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is amore » fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the UNFSF. The framework for integration of safeguards and security into the UNFSF will include 1) identification of applicable regulatory requirements, 2) selection of a common system that share dual safeguard and security functions, 3) development of functional design criteria and design requirements for the selected system, 4) identification and integration of the dual safeguards and security design requirements, and 5) assessment of the integration and potential benefit.« less

Stable operation of a Secure QKD system in the real-world setting

NASA Astrophysics Data System (ADS)

Tomita, Akihisa

2007-06-01

Quantum Key Distribution (QKD) now steps forward from the proof of principle to the validation of the practical feasibility. Nevertheless, the QKD technology should respond to the challenges from the real-world such as stable operation against the fluctuating environment, and security proof under the practical setting. We report our recent progress on stable operation of a QKD system, and key generation with security assurance. A QKD system should robust to temperature fluctuation in a common office environment. We developed a loop-mirror, a substitution of a Faraday mirror, to allow easy compensation for the temperature dependence of the device. Phase locking technique was also employed to synchronize the system clock to the quantum signals. This technique is indispensable for the transmission system based on the installed fiber cables, which stretch and shrink due to the temperature change. The security proof of QKD, however, has assumed the ideal conditions, such as the use of a genuine single photon source and/or unlimited computational resources. It has been highly desirable to give an assurance of security for practical systems, where the ideal conditions are no longer satisfied. We have constructed a theory to estimate the leakage information on the transmitted key under the practically attainable conditions, and have developed a QKD system equipped with software for secure key distillation. The QKD system generates the final key at the rate of 2000 bps after 20 km fiber transmission. Eavesdropper's information on the final key is guaranteed to be less than 2-7 per bit. This is the first successful generation of the secure key with quantitative assurance of the upper bound of the leakage information. It will put forth the realization of highly secure metropolitan optical communication network against any types of eavesdropping.

The Importance of International Technical Nuclear Forensics to Deter Illicit Trafficking

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, D K

2007-01-30

Illicit trafficking of nuclear materials is a transboundary problem that requires a cooperative approach involving international nuclear forensics to ensure all states understand the threat posed by nuclear smuggling as well as a means to best deter the movement of nuclear contraband. To achieve the objectives, all cases involving illicit trafficking of nuclear and radiological materials must be vigorously pursued and prosecuted when appropriate. The importance of outreach and formal government-to-government relationships with partner nations affected by nuclear trafficking cannot be under-estimated. States that are situated on smuggling routes may be well motivated to counter nuclear crimes to bolster theirmore » own border and transportation security as well as strengthen their economic and political viability. National law enforcement and atomic energy agencies in these states are aggressively pursuing a comprehensive strategy to counter nuclear smuggling through increasing reliance on technical nuclear forensics. As part of these activities, it is essential that these organizations be given adequate orientation to the best practices in this emerging discipline including the categorization of interdicted nuclear material, collection of traditional and nuclear forensic evidence, data analysis using optimized analytical protocols, and how to best fuse forensics information with reliable case input to best develop a law enforcement or national security response. The purpose of formalized USG relationship is to establish an institutional framework for collaboration in international forensics, improve standards of forensics practice, conduct joint exercises, and pursue case-work that benefits international security objectives. Just as outreach and formalized relationships are important to cultivate international nuclear forensics, linking nuclear forensics to ongoing national assistance in border and transpiration security, including port of entry of entry monitoring, nuclear safeguards, and emerging civilian nuclear power initiatives including the Global Nuclear Energy Partnership are crucial components of a successful nuclear detection and security architecture. Once illicit shipments of nuclear material are discovered at a border, the immediate next question will be the nature and the source of the material, as well as the identity of the individual(s) involved in the transfer as well as their motivations. The Nuclear Smuggling International Technical Working Group (ITWG) is a forum for the first responder, law enforcement, policy, and diplomatic community to partner with nuclear forensics experts worldwide to identify requirements and develop technical solutions in common. The ITWG was charted in 1996 and since that time approximately 30 member states and organizations have participated in 11 annual international meetings. The ITWG also works closely with the IAEA to provide countries with support for forensic analyses. Priorities include the development of common protocols for the collection of nuclear forensic evidence and laboratory investigations, organization of forensic round-robin analytical exercises and technical forensic assistance to requesting nations. To promote the science of nuclear forensics within the ITWG the Nuclear Forensics Laboratory Group was organized in 2004. A Model Action Plan for nuclear forensics was developed by the ITWG and published as an IAEA Nuclear security Series document to guide member states in their own forensics investigations. Through outreach, formalized partnerships, common approaches and security architectures, and international working groups, nuclear forensics provides an important contribution to promoting nuclear security and accountability.« less

Species of the Mississippi River Headwaters Reservoirs Region.

DTIC Science & Technology

1976-07-01

inventory and analysis system (ERIAS). _ 00, ’<*" 14175 JAM TO WJ COITION OF > MOV «S IS OBSOLETE UNCLASSIFIED SECURITY CLASSIFICATION1 OF THIS...COMMON) SUNFISH, GREEN (SUNFISH), PUMPKIN SEED SWALLOW, BANK SWALLOW, BARN SWALLOW, ROUGH-WINGED SWALLOW, TREE SWAN, WHISTLING SWIFT

Uncertainty in simulating wheat yields under climate change

USDA-ARS?s Scientific Manuscript database

Anticipating the impacts of climate change on crop yields is critical for assessing future food security. Process-based crop simulation models are the most commonly used tools in such assessments. Analysis of uncertainties in future greenhouse gas emissions and their impacts on future climate change...

78 FR 52553 - Privacy Act of 1974; Department of Homeland Security/ALL-035 Common Entity Index Prototype System...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-23

... data elements: Full Name; Alias(es); Gender; Date of Birth; Country of Birth; Country of Citizenship... locked drawer behind a locked door. The records may be stored on magnetic disc, tape, or digital media...

Coping within the Alcoholic Family.

ERIC Educational Resources Information Center

Perez, Joseph F.

This book considers the dynamics and characteristics of the alcoholic family. The first part examines the alcoholic family. Needs such as security, love, and self-esteem, and defenses such as denial, rationalization, projection, regression, fantasy, displacement, and avoidance are discussed. Common denominators in the personalities of enablers…

47 CFR 32.7500 - Interest and related items.

Code of Federal Regulations, 2010 CFR

2010-10-01

....7500 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES UNIFORM... separately in the annual reports to this Commission. (b) These accounts shall not include charges for... provided for and included in the face amount of securities issued shall be charged at the time of issuance...

20 CFR 404.1058 - Special situations.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Wages § 404.1058 Special situations. (a... as a home worker in a common-law employment relationship (see § 404.1007) count as wages regardless...

20 CFR 404.1058 - Special situations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Wages § 404.1058 Special situations. (a... as a home worker in a common-law employment relationship (see § 404.1007) count as wages regardless...

20 CFR 404.1058 - Special situations.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Wages § 404.1058 Special situations. (a... as a home worker in a common-law employment relationship (see § 404.1007) count as wages regardless...

20 CFR 404.1058 - Special situations.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND DISABILITY INSURANCE (1950- ) Employment, Wages, Self-Employment, and Self-Employment Income Wages § 404.1058 Special situations. (a... as a home worker in a common-law employment relationship (see § 404.1007) count as wages regardless...

7 CFR 1717.600 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... any other agreement with RUS, or if RUS determines that loan security and/or repayment is threatened... POST-LOAN POLICIES AND PROCEDURES COMMON TO INSURED AND GUARANTEED ELECTRIC LOANS Operational Controls § 1717.600 General. (a) General. The loan contract and mortgage between the Rural Utilities Service (RUS...

7 CFR 1436.3 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... security interest in personal property when properly filed or recorded. Hay means a grass or legume that has been cut and stored. Commonly used grass mixtures include rye grass, timothy, brome, fescue, coastal Bermuda, orchard grass, and other native species, depending on the region. Forage legumes include...

7 CFR 1436.3 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... security interest in personal property when properly filed or recorded. Hay means a grass or legume that has been cut and stored. Commonly used grass mixtures include rye grass, timothy, brome, fescue, coastal Bermuda, orchard grass, and other native species, depending on the region. Forage legumes include...

77 FR 6123 - Agency Information Collection Activities: Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-07

... Collection: Fee-for-Service Recovery Audit Prepayment Review Demonstration and Prior Authorization... authorization program for Power Mobility Device claims in certain States. For the Recovery Audit Prepayment... on beneficiary address as reported to the Social Security Administration and recorded in the Common...

75 FR 45179 - Virtus Opportunities Trust, et al.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-02

... Opportunities Trust, et al.; Notice of Application Date: July 27, 2010. AGENCY: Securities and Exchange... of other registered open-end management investment companies and unit investment trusts (``UITs... under common control with PVA. Applicants: (a) Virtus Opportunities Trust (the ``Trust''), including the...

Monitoring Contract Enforcement within Virtual Organizations

NASA Astrophysics Data System (ADS)

Squicciarini, Anna; Paci, Federica

Virtual Organizations (VOs) represent a new collaboration paradigm in which the participating entities pool resources, services, and information to achieve a common goal. VOs are often created on demand and dynamically evolve over time. An organization identifies a business opportunity and creates a VO to meet it. In this paper we develop a system for monitoring the sharing of resources in VO. Sharing rules are defined by a particular, common type of contract in which virtual organization members agree to make available some amount of specified resource over a given time period. The main component of the system is a monitoring tool for policy enforcement, called Security Controller (SC). VO members’ interactions are monitored in a decentralized manner in that each member has one associated SC which intercepts all the exchanged messages. We show that having SCs in VOs prevents from serious security breaches and guarantees VOs correct functioning without degrading the execution time of members’ interactions. We base our discussion on application scenarios and illustrate the SC prototype, along with some performance evaluation.

Sickness absence due to mental disorders and psychosocial stressors at work.

PubMed

Silva-Junior, João Silvestre; Fischer, Frida Marina

2015-01-01

Mental disorders are the third leading cause of social security benefit due to sickness in Brazil. Occupational exposure to psychosocial stressors can affect the workers' mental health. The social security medical experts are responsible for characterizing if those sicknesses are work-related. To evaluate the factors associated with sick leave due to mental disorders, in particular, the perception of workers on psychosocial factors at work. This is an analytical study carried out in São Paulo, Brazil, with 131 applicants for sickness benefit due to mental disorders. Questionnaires were applied to assess the sociodemographic data, habits/lifestyle information, and perceived psychosocial factors at work. The most common diagnosis was depressive disorders (40.4%). The medical experts considered 23.7% of all applications as work-related. Most of the participants were female (68.7%), up to 40 years of age (73.3%), married/common-law marriage (51.1%), with educational level greater than or equal to 11 years (80.2%), nonsmokers (80.9%), not alcohol consumers (84%), and practice of physical activities (77.9%). Regarding psychosocial factors, most of the participants informed a high job strain (56.5%), low social support (52.7%), effort-reward imbalance (55.7%), and high overcommitment (87.0%). There was no statistical association between the work-related mental disorders sickness benefits and independent variables. The concession of social security sickness benefits is not associated with sociodemographic data, habits/lifestyle, or psychosocial factors at work. Occupational exposure to unfavorable psychosocial factors was reported by most workers on sick leave due to mental disorders. However, several cases were not recognized by the social security medical experts as work-related, which may have influenced the results of the associations.

Approach to design neural cryptography: a generalized architecture and a heuristic rule.

PubMed

Mu, Nankun; Liao, Xiaofeng; Huang, Tingwen

2013-06-01

Neural cryptography, a type of public key exchange protocol, is widely considered as an effective method for sharing a common secret key between two neural networks on public channels. How to design neural cryptography remains a great challenge. In this paper, in order to provide an approach to solve this challenge, a generalized network architecture and a significant heuristic rule are designed. The proposed generic framework is named as tree state classification machine (TSCM), which extends and unifies the existing structures, i.e., tree parity machine (TPM) and tree committee machine (TCM). Furthermore, we carefully study and find that the heuristic rule can improve the security of TSCM-based neural cryptography. Therefore, TSCM and the heuristic rule can guide us to designing a great deal of effective neural cryptography candidates, in which it is possible to achieve the more secure instances. Significantly, in the light of TSCM and the heuristic rule, we further expound that our designed neural cryptography outperforms TPM (the most secure model at present) on security. Finally, a series of numerical simulation experiments are provided to verify validity and applicability of our results.

Disability pension from back pain among social security beneficiaries, Brazil.

PubMed

Meziat Filho, Ney; Silva, Gulnar Azevedo E

2011-06-01

To describe disability pension from back pain. Descriptive study based on data from the Brazilian Social Security Beneficiary Database and the Social Security Statistics Annual Report in 2007. The incidence rate of disability pension from back pain was estimated according to gender and age by Brazilian states. There were also estimated working days lost due to back pain disability by occupation. Idiopathic back pain was the most common cause of disability among social security pension and accidental retirement. Most pensioners were living in urban areas and were commercial workers. The rate of disability pension from back pain in Brazil was 29.96 per 100,000 beneficiaries. A higher rate was seen among males and older individuals. Rondônia showed the highest rate, four times as high as expected (RR= 4.05) followed by Bahia with a rate about twice as high as expected (RR=2.07). Commercial workers accounted for 96.9% of working days lost due to disability. Back pain was a major cause of disability in 2007 mostly among commercial workers showing great differences between the Brazilian states.

Assuring the privacy and security of transmitting sensitive electronic health information.

PubMed

Peng, Charlie; Kesarinath, Gautam; Brinks, Tom; Young, James; Groves, David

2009-11-14

The interchange of electronic health records between healthcare providers and public health organizations has become an increasingly desirable tool in reducing healthcare costs, improving healthcare quality, and protecting population health. Assuring privacy and security in nationwide sharing of Electronic Health Records (EHR) in an environment such as GRID has become a top challenge and concern. The Centers for Disease Control and Prevention's (CDC) and The Science Application International Corporation (SAIC) have jointly conducted a proof of concept study to find and build a common secure and reliable messaging platform (the SRM Platform) to handle this challenge. The SRM Platform is built on the open standards of OASIS, World Wide Web Consortium (W3C) web-services standards, and Web Services Interoperability (WS-I) specifications to provide the secure transport of sensitive EHR or electronic medical records (EMR). Transmitted data may be in any digital form including text, data, and binary files, such as images. This paper identifies the business use cases, architecture, test results, and new connectivity options for disparate health networks among PHIN, NHIN, Grid, and others.

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

PubMed Central

Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification. PMID:25152923

Anti-jamming communication for body area network using chaotic frequency hopping.

PubMed

Gopalakrishnan, Balamurugan; Bhagyaveni, Marcharla Anjaneyulu

2017-12-01

The healthcare industries research trends focus on patient reliable communication and security is a paramount requirement of healthcare applications. Jamming in wireless communication medium has become a major research issue due to the ease of blocking communication in wireless networks and throughput degradation. The most commonly used technique to overcome jamming is frequency hopping (FH). However, in traditional FH pre-sharing of key for channel selection and a high-throughput overhead is required. So to overcome this pre-sharing of key and to increase the security chaotic frequency hopping (CFH) has been proposed. The design of chaos-based hop selection is a new development that offers improved performance in transmission of information without pre-shared key and also increases the security. The authors analysed the performance of proposed CFH system under different reactive jamming durations. The percentage of error reduction by the reactive jamming for jamming duration 0.01 and 0.05 s for FH and CFH is 55.03 and 84.24%, respectively. The obtained result shows that CFH is more secure and difficult to jam by the reactive jammer.

A Dynamically Configurable Log-based Distributed Security Event Detection Methodology using Simple Event Correlator

DTIC Science & Technology

2010-06-01

shadow |\\/ etc\\/ passwd |cmd... \\.exe .*?)\\s.*\\s\\".*\\" desc=$0 action=shellcmd /home/user/sec -2.5.3/ common/syslogclient "... Synthetic : " "$2|$1...etc\\/ shadow |\\/ etc\\/ passwd |cmd... \\.exe .*?)\\s.*\\s\\".*\\" desc=$0 context =[ HYBRID_LOGGING] action=shellcmd /home/user/sec -2.5.3/ common...suspicious filenames type=Single continue=TakeNext ptype=RegExp pattern =(.*)\\s(.*)\\s.*(\\/ etc\\/ shadow |\\/ etc\\/ passwd |cmd\\.exe .*?)\\s... .*\\s(.*)\\s.*\\s

Medical records. Enhancing privacy, preserving the common good.

PubMed

Etzioni, A

1999-01-01

Personal medical information is now bought and sold on the open market. Companies use it to make hiring and firing decisions and to identify customers for new products. The justification for providing such access to medical information is that doing so benefits the public by securing public safety, controlling costs, and supporting medical research. And individuals have supposedly consented to it. But we can achieve the common goods while better protecting privacy by making institutional changes in the way information is maintained and protected.

Anabolic Steroids as a Novel Therapeutic Strategy for the Prevention of Bone Loss after Spinal Cord Injury: Animal Model and Molecular Mechanism

DTIC Science & Technology

2012-10-01

bone loss. At present, there is no practical treatment to delay or prevent bone loss in individuals with motor-complete SCI. Hypogonadism is common...TERMS- Spinal cord injuries, Nandrolone, Androgens, Hypogonadism , Bone loss, Wnt signaling 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF...At present, there is no practical treatment to delay or prevent bone loss in individuals with motor-complete SCI. Hypogonadism is common in men

Agent of opportunity risk mitigation: people, engineering, and security efficacy.

PubMed

Graham, Margaret E; Tunik, Michael G; Farmer, Brenna M; Bendzans, Carly; McCrillis, Aileen M; Nelson, Lewis S; Portelli, Ian; Smith, Silas; Goldberg, Judith D; Zhang, Meng; Rosenberg, Sheldon D; Goldfrank, Lewis R

2010-12-01

Agents of opportunity (AO) are potentially harmful biological, chemical, radiological, and pharmaceutical substances commonly used for health care delivery and research. AOs are present in all academic medical centers (AMC), creating vulnerability in the health care sector; AO attributes and dissemination methods likely predict risk; and AMCs are inadequately secured against a purposeful AO dissemination, with limited budgets and competing priorities. We explored health care workers' perceptions of AMC security and the impact of those perceptions on AO risk. Qualitative methods (survey, interviews, and workshops) were used to collect opinions from staff working in a medical school and 4 AMC-affiliated hospitals concerning AOs and the risk to hospital infrastructure associated with their uncontrolled presence. Secondary to this goal, staff perception concerning security, or opinions about security behaviors of others, were extracted, analyzed, and grouped into themes. We provide a framework for depicting the interaction of staff behavior and access control engineering, including the tendency of staff to "defeat" inconvenient access controls. In addition, 8 security themes emerged: staff security behavior is a significant source of AO risk; the wide range of opinions about "open" front-door policies among AMC staff illustrates a disparity of perceptions about the need for security; interviewees expressed profound skepticism concerning the effectiveness of front-door access controls; an AO risk assessment requires reconsideration of the security levels historically assigned to areas such as the loading dock and central distribution sites, where many AOs are delivered and may remain unattended for substantial periods of time; researchers' view of AMC security is influenced by the ongoing debate within the scientific community about the wisdom of engaging in bioterrorism research; there was no agreement about which areas of the AMC should be subject to stronger access controls; security personnel play dual roles of security and customer service, creating the negative perception that neither role is done well; and budget was described as an important factor in explaining the state of security controls. We determined that AMCs seeking to reduce AO risk should assess their institutionally unique AO risks, understand staff security perceptions, and install access controls that are responsive to the staff's tendency to defeat them. The development of AO attribute fact sheets is desirable for AO risk assessment; new funding and administrative or legislative tools to improve AMC security are required; and security practices and methods that are convenient and effective should be engineered.

A Method for Evaluating Information Security Governance (ISG) Components in Banking Environment

NASA Astrophysics Data System (ADS)

Ula, M.; Ula, M.; Fuadi, W.

2017-02-01

As modern banking increasingly relies on the internet and computer technologies to operate their businesses and market interactions, the threats and security breaches have highly increased in recent years. Insider and outsider attacks have caused global businesses lost trillions of Dollars a year. Therefore, that is a need for a proper framework to govern the information security in the banking system. The aim of this research is to propose and design an enhanced method to evaluate information security governance (ISG) implementation in banking environment. This research examines and compares the elements from the commonly used information security governance frameworks, standards and best practices. Their strength and weakness are considered in its approaches. The initial framework for governing the information security in banking system was constructed from document review. The framework was categorized into three levels which are Governance level, Managerial level, and technical level. The study further conducts an online survey for banking security professionals to get their professional judgment about the ISG most critical components and the importance for each ISG component that should be implemented in banking environment. Data from the survey was used to construct a mathematical model for ISG evaluation, component importance data used as weighting coefficient for the related component in the mathematical model. The research further develops a method for evaluating ISG implementation in banking based on the mathematical model. The proposed method was tested through real bank case study in an Indonesian local bank. The study evidently proves that the proposed method has sufficient coverage of ISG in banking environment and effectively evaluates the ISG implementation in banking environment.

Security architecture for HL/7 message interchange.

PubMed

Chen, T S; Liao, B S; Lin, M G; Gough, T G

2001-01-01

The promotion of quality medical treatment is very important to the healthcare providers as well as to patients. It requires that the medical resources of different hospitals be combined to ensure that medical information is shared and that resources are not wasted. A computer-based patient record is one of the best methods to accomplish the interchange of the patient's clinical data. In our system, the Health Level/Seven (HL/7) format is used for the interchange of the clinical data, as it has been supported by many healthcare providers and become a â standard'. The security of the interchange of clinical data is a serious issue for people using the Internet for data communication. Several international well-developed security algorithms, models and secure policies are adopted in the design of a security handler for an HL/7 architecture. The goal of our system is to combine our security system with the end-to-end communication systems constructed from the HL/7 format to establish a safe delivery channel. A suitable security interchange environment is implemented to address some shortcomings in clinical data interchange. located at the application layer of the ISO/OSI reference model. The medical message components, sub-components, and related types of message event are the primary goals of the HL/7 protocols. The patient management system, the doctor's system for recording his advice, examination and diagnosis as well as any financial management system are all covered by the HL/7 protocols. Healthcare providers and hospitals in Taiwan are very interested in developing the HL/7 protocols as a common standard for clinical data interchange.

New Developments in Scintillators for Security Applications

NASA Astrophysics Data System (ADS)

Glodo, Jarek; Wang, Yimin; Shawgo, Ryan; Brecher, Charles; Hawrami, Rastgo H.; Tower, Joshua; Shah, Kanai S.

Radiation is an important part of security space: It is detected either passively in search of special nuclear materials or actively to monitor or interrogate objects of interest. Systems relying on radiation require adequate detectors. The most common radiation detectors are based on scintillating materials that convert hard (gamma, x-ray or neutron) radiation into visible light registered by a photodetector. The last decade has seen development of new materials driven by various security applications. This included the search for He-3 replacement technologies, which resulted in development of neutron sensing scintillators such as Ce-doped Cs2LiYCl6 (CLYC) or more recently Cs2LiLa(Br,Cl)6 (CLLBC). Since they are also good gamma-ray scintillators, they have also penetrated the detection market for passive dual-mode (gamma and neutron) detection systems, replacing scintillators such as NaI(Tl) or CsI(Tl) and competing with LaBr3(Ce). High-energy Non-Intrusive Inspection is another area where active research is being pursued in order to replace existing scintillator choices such as CdWO4, which is commonly used in simple radiography, and PbWO4, which is being studied for spectroscopic alternatives to radiography. For radiography, in particular, new ceramic scintillators such as Ce-doped GLuGAG (garnet) are considered, and for spectroscopy, Yb doped Lu2O3. In this paper we provide a short overview of these technologies.

Autonomic Intelligent Cyber Sensor to Support Industrial Control Network Awareness

DOE PAGES

Vollmer, Todd; Manic, Milos; Linda, Ondrej

2013-06-01

The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of Autonomic computing and a SOAP based IF-MAP external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, self-managed framework. The contribution of this paper is two-fold: 1) A flexible two level communication layer based on Autonomic computing and Service Oriented Architecture is detailed and 2) Three complementary modules that dynamically reconfiguremore » in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific Operating System and port configurations. Additionally the anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.« less

Secure Transaction Protocol for CEPS Compliant EPS in Limited Connectivity Environment

NASA Astrophysics Data System (ADS)

Devane, Satish; Phatak, Deepak

Common Electronic Purse Specification (CEPS) used by European countries, elaborately defines the transaction between customer’s CEP card and merchant’s point of sales (POS) terminal. However it merely defines the specification to transfer the transactions between the Merchant and Merchant Acquirer (MA). This paper proposes a novel approach by introducing an entity, mobile merchant acquirer (MMA) which is a trusted agent of MA and principally works on man in middle concept, but facilitates remote two fold mutual authentication and secure transaction transfer between Merchant and MA through MMA. This approach removes the bottle-neck of connectivity issues between Merchant and MA in limited connectivity environment. The proposed protocol ensures the confidentiality, integrity and money atomicity of transaction batch. The proposed protocol has been verified for correctness by Spin, a model checker and security properties of the protocol have been verified by avispa.

An improved mounting device for attaching intracranial probes in large animal models.

PubMed

Dunster, Kimble R

2015-12-01

The rigid support of intracranial probes can be difficult when using animal models, as mounting devices suitable for the probes are either not available, or designed for human use and not suitable in animal skulls. A cheap and reliable mounting device for securing intracranial probes in large animal models is described. Using commonly available clinical consumables, a universal mounting device for securing intracranial probes to the skull of large animals was developed and tested. A simply made mounting device to hold a variety of probes from 500 μm to 1.3 mm in diameter to the skull was developed. The device was used to hold probes to the skulls of sheep for up to 18 h. No adhesives or cements were used. The described device provides a reliable method of securing probes to the skull of animals.

Breach Risk Magnitude: A Quantitative Measure of Database Security.

PubMed

Yasnoff, William A

2016-01-01

A quantitative methodology is described that provides objective evaluation of the potential for health record system breaches. It assumes that breach risk increases with the number of potential records that could be exposed, while it decreases when more authentication steps are required for access. The breach risk magnitude (BRM) is the maximum value for any system user of the common logarithm of the number of accessible database records divided by the number of authentication steps needed to achieve such access. For a one million record relational database, the BRM varies from 5.52 to 6 depending on authentication protocols. For an alternative data architecture designed specifically to increase security by separately storing and encrypting each patient record, the BRM ranges from 1.3 to 2.6. While the BRM only provides a limited quantitative assessment of breach risk, it may be useful to objectively evaluate the security implications of alternative database organization approaches.

Water security-National and global issues

USGS Publications Warehouse

Tindall, James A.; Campbell, Andrew A.

2010-01-01

Potable or clean freshwater availability is crucial to life and economic, environmental, and social systems. The amount of freshwater is finite and makes up approximately 2.5 percent of all water on the Earth. Freshwater supplies are small and randomly distributed, so water resources can become points of conflict. Freshwater availability depends upon precipitation patterns, changing climate, and whether the source of consumed water comes directly from desalination, precipitation, or surface and (or) groundwater. At local to national levels, difficulties in securing potable water sources increase with growing populations and economies. Available water improves living standards and drives urbanization, which increases average water consumption per capita. Commonly, disruptions in sustainable supplies and distribution of potable water and conflicts over water resources become major security issues for Government officials. Disruptions are often influenced by land use, human population, use patterns, technological advances, environmental impacts, management processes and decisions, transnational boundaries, and so forth.

A study on user authentication methodology using numeric password and fingerprint biometric information.

PubMed

Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol; Kwak, Jin

2013-01-01

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

Securitization, alterity, and the state Human (in)security on an Amazonian frontier

PubMed Central

Brightman, Marc; Grotti, Vanessa

2016-01-01

Focusing on the region surrounding the Maroni River, which forms the border between Suriname and French Guiana, we examine how relations between different state and non-state social groups are articulated in terms of security. The region is characterised by multiple “borders” and frontiers of various kinds, the state boundary having the features of an interface or contact zone. Several key collectivities meet in this border zone: native Amazonians, tribal Maroon peoples, migrant Brazilian gold prospectors, and metropolitan French state functionaries. We explore the relationships between these different sets of actors and describe how their mutual encounters center on discourses of human and state security, thus challenging the commonly held view of the region as a stateless zone and showing that the “human security” of citizens from the perspective of the state may compete with locally salient ideas or experiences of well-being. PMID:27996063

Integrating Safety with Science,Technology and Innovation at Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rich, Bethany M

2012-04-02

The mission of Los Alamos National Laboratory (LANL) is to develop and apply science, technology and engineering solutions to ensure the safety, security, and reliability of the U.S. nuclear deterrent; reduce global threats; and solve emerging national security challenges. The most important responsibility is to direct and conduct efforts to meet the mission with an emphasis on safety, security, and quality. In this article, LANL Environmental, Safety, and Health (ESH) trainers discuss how their application and use of a kinetic learning module (learn by doing) with a unique fall arrest system is helping to address one the most common industrialmore » safety challenges: slips and falls. A unique integration of Human Performance Improvement (HPI), Behavior Based Safety (BBS) and elements of the Voluntary Protection Program (VPP) combined with an interactive simulator experience is being used to address slip and fall events at Los Alamos.« less

A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

PubMed Central

Ju, Seung-hwan; Seo, Hee-suk; Han, Sung-hyu; Ryou, Jae-cheol

2013-01-01

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the user's fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility. PMID:24151601

Information Assurance and Forensic Readiness

NASA Astrophysics Data System (ADS)

Pangalos, Georgios; Katos, Vasilios

Egalitarianism and justice are amongst the core attributes of a democratic regime and should be also secured in an e-democratic setting. As such, the rise of computer related offenses pose a threat to the fundamental aspects of e-democracy and e-governance. Digital forensics are a key component for protecting and enabling the underlying (e-)democratic values and therefore forensic readiness should be considered in an e-democratic setting. This position paper commences from the observation that the density of compliance and potential litigation activities is monotonically increasing in modern organizations, as rules, legislative regulations and policies are being constantly added to the corporate environment. Forensic practices seem to be departing from the niche of law enforcement and are becoming a business function and infrastructural component, posing new challenges to the security professionals. Having no a priori knowledge on whether a security related event or corporate policy violation will lead to litigation, we advocate that computer forensics need to be applied to all investigatory, monitoring and auditing activities. This would result into an inflation of the responsibilities of the Information Security Officer. After exploring some commonalities and differences between IS audit and computer forensics, we present a list of strategic challenges the organization and, in effect, the IS security and audit practitioner will face.

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

Electronic transfer of sensitive patient data.

PubMed

Detterbeck, A M W; Kaiser, J; Hirschfelder, U

2015-01-01

The purpose of this study was to develop decision-making aids and recommendations for dental practitioners regarding the utilization and sharing of sensitive digital patient data. In the current environment of growing digitization, healthcare professionals need detailed knowledge of secure data management to maximize confidentiality and minimize the risks involved in both archiving patient data and sharing it through electronic channels. Despite well-defined legal requirements, an all-inclusive technological solution does not currently exist. The need for a preliminary review and critical appraisal of common practices of data transfer prompted a search of the literature and the Web to identify viable methods of secure data exchange and to develop a flowchart. A strong focus was placed on the transmission of datasets both smaller than and larger than 10 MB, and on secure communication by smartphone. Although encryption of patient-related data should be routine, it is often difficult to implement. Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extensions (S/MIME) are viable standards for secure e-mail encryption. Sharing of high-volume data should be accomplished with the help of file encryption. Careful handling of sensitive patient data is mandatory, and it is the end-user's responsibility to meet any requirements for encryption, preferably by using free, open-source (and hence transparent) software.

Major Values Conflicts of Young, Re-Entry Graduate Students.

ERIC Educational Resources Information Center

Kinnier, Richard; Townley, Julie

1986-01-01

Investigates value conflicts among young college students. Results indicate that women are more torn between their career and family roles than are men. Further, security versus the risky pursuit of success and making money versus seeking nonmaterialistic fulfillment were common conflicts among graduate students. (Author/BL)

Functional Internet Literacy: Required Cognitive Skills with Implications for Instruction

ERIC Educational Resources Information Center

Johnson, Genevieve Marie

2007-01-01

Patterns of typical Internet use provide the basis for defining "functional Internet literacy." Internet use commonly includes communication, information, recreation, and commercial activities. Technical competence with connectivity, security, and downloads is a prerequisite for using the Internet for such activities. Bloom's taxonomy of cognitive…

12 CFR 563.172 - Financial derivatives.

Code of Federal Regulations, 2010 CFR

2010-01-01

... underlying assets, indices, or reference rates. The most common types of financial derivatives are futures, forward commitments, options, and swaps. A mortgage derivative security, such as a collateralized mortgage... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Financial derivatives. 563.172 Section 563.172...

77 FR 9708 - Pacific Life Insurance Company, et al.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-17

...] Pacific Life Insurance Company, et al.; Notice of Application February 13, 2012. AGENCY: Securities and...: Pacific Life Insurance Company (``Pacific Life''), Pacific Life & Annuity Company (``PL&A,'' and collectively with Pacific Life and any insurance company controlling, controlled by, or under common control...

- Foreign Vessels « Coast Guard Maritime Commons

Science.gov Websites

demonstrated the highest commitment to maintaining strict compliance with U.S. and international safety international safety, security and environmental regulations. 11/22/2017: Notice of public meeting factors, it uncovered evidence of an ineffective safety management system within the operating company

User Authentication and Authorization Challenges in a Networked Library Environment.

ERIC Educational Resources Information Center

Machovec, George S.

1997-01-01

Discusses computer user authentication and authorization issues when libraries need to let valid users access databases and information services without making the process too difficult for either party. Common solutions are explained, including filtering, passwords, and kerberos (cryptographic authentication scheme for secure use over public…

47 CFR 32.4080 - Other taxes-accrued.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 2 2010-10-01 2010-10-01 false Other taxes-accrued. 32.4080 Section 32.4080 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES UNIFORM SYSTEM OF ACCOUNTS..., franchise, capital stock, social security and unemployment taxes. (b) Taxes paid in advance of the period in...

7 CFR 1737.80 - Description of characteristics letter.

Code of Federal Regulations, 2010 CFR

2010-01-01

... the amount of the proposed loan, its purposes, rate of interest, loan security requirements, and other... SERVICE, DEPARTMENT OF AGRICULTURE PRE-LOAN POLICIES AND PROCEDURES COMMON TO INSURED AND GUARANTEED TELECOMMUNICATIONS LOANS Characteristics Letter § 1737.80 Description of characteristics letter. (a) After all of the...

7 CFR 1717.653 - Borrowers in default.

Code of Federal Regulations, 2010 CFR

2010-01-01

..., to be in the financial interest of the government with respect to loan security and/or repayment. If... AGRICULTURE POST-LOAN POLICIES AND PROCEDURES COMMON TO INSURED AND GUARANTEED ELECTRIC LOANS Investments, Loans, and Guarantees by Electric Borrowers § 1717.653 Borrowers in default. Any borrower not in...

10 CFR 110.42 - Export licensing criteria.

Code of Federal Regulations, 2013 CFR

2013-01-01

... the common defense and security. (2) The receiving country, after being advised of the information... such material, will be retransferred to the jurisdiction of any other country or group of countries... the case of facility exports, does not constitute an unreasonable risk to the public health and safety...

10 CFR 110.42 - Export licensing criteria.

Code of Federal Regulations, 2014 CFR

2014-01-01

... the common defense and security. (2) The receiving country, after being advised of the information... such material, will be retransferred to the jurisdiction of any other country or group of countries... the case of facility exports, does not constitute an unreasonable risk to the public health and safety...

45 CFR 96.87 - Leveraging incentive program.

Code of Federal Regulations, 2013 CFR

2013-10-01

... energy, or the purchase of items that help these households meet the cost of home energy, at commonly... fees, application fees, late payment charges, bulk fuel tank rental or purchase costs, and security...; space cooling devices, equipment, and systems; and other tangible items that help low-income households...

45 CFR 96.87 - Leveraging incentive program.

Code of Federal Regulations, 2014 CFR

2014-10-01

... energy, or the purchase of items that help these households meet the cost of home energy, at commonly... fees, application fees, late payment charges, bulk fuel tank rental or purchase costs, and security...; space cooling devices, equipment, and systems; and other tangible items that help low-income households...

45 CFR 96.87 - Leveraging incentive program.

Code of Federal Regulations, 2012 CFR

2012-10-01

... energy, or the purchase of items that help these households meet the cost of home energy, at commonly... fees, application fees, late payment charges, bulk fuel tank rental or purchase costs, and security...; space cooling devices, equipment, and systems; and other tangible items that help low-income households...

7 CFR 59.200 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

..., controls, or holds with power to vote, 5 percent or more of the outstanding voting securities of the packer... indirectly controls, or is controlled by or under common control with, the packer. Applicable reporting... from the fact that the swine did not fall within the individual packer's established carcass weight...

29 CFR 2584.8477(e)-2 - Allocation of fiduciary duties.

Code of Federal Regulations, 2010 CFR

2010-07-01

... authority and responsibility for the investment and management of the Fixed Income Investment Fund to a... responsibility for the investment and management of the Government Securities Investment Fund, the Common Stock Index Investment Fund, the International Stock Index Investment Fund and the Small Capitalization Stock...

29 CFR 2584.8477(e)-2 - Allocation of fiduciary duties.

Code of Federal Regulations, 2011 CFR

2011-07-01

... authority and responsibility for the investment and management of the Fixed Income Investment Fund to a... responsibility for the investment and management of the Government Securities Investment Fund, the Common Stock Index Investment Fund, the International Stock Index Investment Fund and the Small Capitalization Stock...

The Middle East Revisited.

ERIC Educational Resources Information Center

Caradon, Hugh

1982-01-01

Some factors are common to the confrontation of Cypriot Greeks and Turks and the confrontation of Palestinians and Israelis. An independent international initiative is necessary to solve these disputes. If the Europeans revive their Venice initiative at the United Nations, the Palestinians and Israelis will obtain peace and security. (AM)