76 FR 19174 - In the Matter of Circuit Systems, Inc., Global Energy Group, Inc., Integrated Medical Resources...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-06

... SECURITIES AND EXCHANGE COMMISSION File No. 500-1 In the Matter of Circuit Systems, Inc., Global Energy Group, Inc., Integrated Medical Resources, Inc., iNTELEFILM Corp., and Lot$off Corp.; Order of Suspension of Trading April 4, 2011. It appears to the Securities and Exchange Commission that there is a lack of current and accurate information...

Social Security.

ERIC Educational Resources Information Center

Social and Labour Bulletin, 1983

1983-01-01

This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

77 FR 19300 - National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-30

... Homeland Security with advice on the security of the critical infrastructure sectors and their information systems. The NIAC will meet to address issues relevant to the protection of critical infrastructure as... Group regarding the scope of the next phase of the Working Group's critical infrastructure resilience...

A novel wireless local positioning system for airport (indoor) security

NASA Astrophysics Data System (ADS)

Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

2004-09-01

A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

20 CFR 404.1206 - Retirement system coverage groups.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Section 404.1206 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND... of any one of the following groupings of employees as a separate retirement system: (1) The entire... coverage group is a grouping of employees in positions under a retirement system. Employees in positions...

Analyzing Cases of Resilience Success and Failure - A Research Study

DTIC Science & Technology

2012-12-01

controls [NIST 2012, NIST 2008] ISO 27002 and ISO 27004 Guidelines for initiating, implementing, maintaining, and improving information security...Commission ( ISO /IEC). Information technology—Security techniques—Code of practice for information security management ( ISO /IEC 27002 :2005). ISO /IEC, 2005...security management system and controls or groups of controls [ ISO /IEC 2005, ISO /IEC 2009] CIS Security Metrics Outcome and practice metrics measuring

Report of the Public Cryptography Study Group.

ERIC Educational Resources Information Center

American Council on Education, Washington, DC.

Concerns of the National Security Agency (NSA) that information contained in some articles about cryptography in learned and professional journals and in monographs might be inimical to the national security are addressed. The Public Cryptography Study Group, with one dissenting opinion, recommends that a voluntary system of prior review of…

Safety and Security Interface Technology Initiative

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dr. Michael A. Lehto; Kevin J. Carroll; Dr. Robert Lowrie

Safety and Security Interface Technology Initiative Mr. Kevin J. Carroll Dr. Robert Lowrie, Dr. Micheal Lehto BWXT Y12 NSC Oak Ridge, TN 37831 865-576-2289/865-241-2772 carrollkj@y12.doe.gov Work Objective. Earlier this year, the Energy Facility Contractors Group (EFCOG) was asked to assist in developing options related to acceleration deployment of new security-related technologies to assist meeting design base threat (DBT) needs while also addressing the requirements of 10 CFR 830. NNSA NA-70, one of the working group participants, designated this effort the Safety and Security Interface Technology Initiative (SSIT). Relationship to Workshop Theme. “Supporting Excellence in Operations Through Safety Analysis,” (workshop theme)more » includes security and safety personnel working together to ensure effective and efficient operations. One of the specific workshop elements listed in the call for papers is “Safeguards/Security Integration with Safety.” This paper speaks directly to this theme. Description of Work. The EFCOG Safety Analysis Working Group (SAWG) and the EFCOG Security Working Group formed a core team to develop an integrated process involving both safety basis and security needs allowing achievement of the DBT objectives while ensuring safety is appropriately considered. This effort garnered significant interest, starting with a two day breakout session of 30 experts at the 2006 Safety Basis Workshop. A core team was formed, and a series of meetings were held to develop that process, including safety and security professionals, both contractor and federal personnel. A pilot exercise held at Idaho National Laboratory (INL) in mid-July 2006 was conducted as a feasibility of concept review. Work Results. The SSIT efforts resulted in a topical report transmitted from EFCOG to DOE/NNSA in August 2006. Elements of the report included: Drivers and Endstate, Control Selections Alternative Analysis Process, Terminology Crosswalk, Safety Basis/Security Documentation Integration, Configuration Control, and development of a shared ‘tool box’ of information/successes. Specific Benefits. The expectation or end state resulting from the topical report and associated implementation plan includes: (1) A recommended process for handling the documentation of the security and safety disciplines, including an appropriate change control process and participation by all stakeholders. (2) A means to package security systems with sufficient information to help expedite the flow of that system through the process. In addition, a means to share successes among sites, to include information and safety basis to the extent such information is transportable. (3) Identification of key security systems and associated essential security elements being installed and an arrangement for the sites installing these systems to host an appropriate team to review a specific system and determine what information is exportable. (4) Identification of the security systems’ essential elements and appropriate controls required for testing of these essential elements in the facility. (5) The ability to help refine and improve an agreed to control set at the manufacture stage.« less

Development of quantitative security optimization approach for the picture archives and carrying system between a clinic and a rehabilitation center

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Kajima, Toshio; Koyama, Tadashi; Muranaka, Hiroyuki; Dojo, Hirofumi; Aratani, Yasuhiko

2002-05-01

The target of our study is to analyze the level of necessary security requirements, to search for suitable security measures and to optimize security distribution to every portion of the medical practice. Quantitative expression must be introduced to our study, if possible, to enable simplified follow-up security procedures and easy evaluation of security outcomes or results. Using fault tree analysis (FTA), system analysis showed that system elements subdivided into groups by details result in a much more accurate analysis. Such subdivided composition factors greatly depend on behavior of staff, interactive terminal devices, kinds of services provided, and network routes. Security measures were then implemented based on the analysis results. In conclusion, we identified the methods needed to determine the required level of security and proposed security measures for each medical information system, and the basic events and combinations of events that comprise the threat composition factors. Methods for identifying suitable security measures were found and implemented. Risk factors for each basic event, a number of elements for each composition factor, and potential security measures were found. Methods to optimize the security measures for each medical information system were proposed, developing the most efficient distribution of risk factors for basic events.

Protecting ICS Systems Within the Energy Sector from Cyber Attacks

NASA Astrophysics Data System (ADS)

Barnes, Shaquille

Advance persistent threat (APT) groups are continuing to attack the energy sector through cyberspace, which poses a risk to our society, national security, and economy. Industrial control systems (ICSs) are not designed to handle cyber-attacks, which is why asset owners need to implement the correct proactive and reactive measures to mitigate the risk to their ICS environments. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 290 incidents for fiscal year 2016, where 59 of those incidents came from the Energy Sector. APT groups know how vulnerable energy sector ICS systems are and the destruction they can cause when they go offline such as loss of production, loss of life, and economic impact. Defending against APT groups requires more than just passive controls such as firewalls and antivirus solutions. Asset owners should implement a combination of best practices and active defense in their environment to defend against APT groups. Cyber-attacks against critical infrastructure will become more complex and harder to detect and respond to with traditional security controls. The purpose of this paper was to provide asset owners with the correct security controls and methodologies to help defend against APT groups.

International Earth Science Constellation Mission Operations Working Group: Constellation Coordination System (CCS) Status. [Constellation Coordination System (CCS) Status

NASA Technical Reports Server (NTRS)

Skeberdis, Daniel

2016-01-01

This is a presentation at the MOWG fall meeting that will discuss CCS purpose, future status, security enhancements, arbitrary ephemeris mission features, overview of CCS 7.3, approach for the use of NORAD TLEs, account and data security, CCS System virtualization, control box visualization modification and other enhancements.

Safety assessment of a home-based telecare system for adults with developmental disabilities in Indiana: a multi-stakeholder perspective.

PubMed

Brewer, Jeffrey L; Taber-Doughty, Teresa; Kubik, Sara

2010-01-01

We investigated the perceptions of people about the safety, security and privacy of a telecare monitoring system for adults with developmental disabilities living in residential settings. The telecare system was used by remote caregivers overnight, when staff were not present in the homes. We surveyed 127 people from different stakeholder groups in the state of Indiana. The people surveyed included those with knowledge or experience of telecare, and those without. The stakeholders were clients, their advocates, service provider administrators and independent case coordinators. The responses in each category for every group were positive except one: only 4 of the 11 telecare case coordinators agreed that the telecare system provided a secure environment. Overall, the telecare system was perceived to be as safe, secure and private as the conventional alternative of having staff in the home.

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

48 CFR 3028.307-1 - Group insurance plans.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Group insurance plans. 3028.307-1 Section 3028.307-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY... advice of legal counsel. ...

[The comparative evaluation of level of security culture in medical organizations].

PubMed

Roitberg, G E; Kondratova, N V; Galanina, E V

2016-01-01

The study was carried out on the basis of clinic “Medicine” in 2014-2015 concerning security culture. The sampling included 465 filled HSPSC questionnaires. The comparative analysis of received was implemented. The “Zubovskaia district hospital” Having no accreditation according security standards and group of clinics from USA functioning for many years in the system of patient security support were selected as objects for comparison. The evaluation was implemented concerning dynamics of security culture in organization at implementation of strategies of security of patients during 5 years and comparison of obtained results with USA clinics was made. The study results demonstrated that in conditions of absence of implemented standards of security in medical organization total evaluation of security remains extremely low. The study of security culture using HSPSC questionnaire is an effective tool for evaluating implementation of various strategies of security ofpatient. The functioning in the system of international standards of quality, primarily JCI standards, permits during several years to achieve high indices of security culture.

Design and develop a video conferencing framework for real-time telemedicine applications using secure group-based communication architecture.

PubMed

Mat Kiah, M L; Al-Bakri, S H; Zaidan, A A; Zaidan, B B; Hussain, Muzammil

2014-10-01

One of the applications of modern technology in telemedicine is video conferencing. An alternative to traveling to attend a conference or meeting, video conferencing is becoming increasingly popular among hospitals. By using this technology, doctors can help patients who are unable to physically visit hospitals. Video conferencing particularly benefits patients from rural areas, where good doctors are not always available. Telemedicine has proven to be a blessing to patients who have no access to the best treatment. A telemedicine system consists of customized hardware and software at two locations, namely, at the patient's and the doctor's end. In such cases, the video streams of the conferencing parties may contain highly sensitive information. Thus, real-time data security is one of the most important requirements when designing video conferencing systems. This study proposes a secure framework for video conferencing systems and a complete management solution for secure video conferencing groups. Java Media Framework Application Programming Interface classes are used to design and test the proposed secure framework. Real-time Transport Protocol over User Datagram Protocol is used to transmit the encrypted audio and video streams, and RSA and AES algorithms are used to provide the required security services. Results show that the encryption algorithm insignificantly increases the video conferencing computation time.

NASA Electronic Library System (NELS): The system impact of security

NASA Technical Reports Server (NTRS)

Mcgregor, Terry L.

1993-01-01

This paper discusses security issues as they relate to the NASA Electronic Library System which is currently in use as the repository system for AdaNET System Version 3 (ASV3) being operated by MountainNET, Inc. NELS was originally designed to provide for public, development, and secure collections and objects. The secure feature for collections and objects was deferred in the initial system for implementation at a later date. The NELS system is now 9 months old and many lessons have been learned about the use and maintenance of library systems. MountainNET has 9 months of experience in operating the system and gathering feedback from the ASV3 user community. The user community has expressed an interest in seeing security features implemented in the current system. The time has come to take another look at the whole issue of security for the NELS system. Two requirements involving security have been put forth by MountainNET for the ASV3 system. The first is to incorporate at the collection level a security scheme to allow restricted access to collections. This should be invisible to end users and be controlled by librarians. The second is to allow inclusion of applications which can be executed only by a controlled group of users; for example, an application which can be executed by librarians only. The requirements provide a broad framework in which to work. These requirements raise more questions than answers. To explore the impact of these requirements a top down approach will be used.

NREL Workshop Convenes Industry Experts on Cybersecurity and an Evolving

Science.gov Websites

silos in a field that demands greater collaboration, and the benefits of systemic security architecture groups to identify possible solutions to the challenges in securing DERs-from a technology, business, and

48 CFR 3028.307-1 - Group insurance plans.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Group insurance plans. 3028.307-1 Section 3028.307-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY....307-1 Group insurance plans. Plans shall be submitted to the contracting officer, who must obtain the...

48 CFR 3028.307-1 - Group insurance plans.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 7 2013-10-01 2012-10-01 true Group insurance plans. 3028.307-1 Section 3028.307-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY....307-1 Group insurance plans. Plans shall be submitted to the contracting officer, who must obtain the...

48 CFR 3028.307-1 - Group insurance plans.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 7 2012-10-01 2012-10-01 false Group insurance plans. 3028.307-1 Section 3028.307-1 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY....307-1 Group insurance plans. Plans shall be submitted to the contracting officer, who must obtain the...

78 FR 56264 - Big Bear Mining Corp., Four Rivers BioEnergy, Inc., Mainland Resources, Inc., QI Systems Inc...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Big Bear Mining Corp., Four Rivers BioEnergy, Inc., Mainland Resources, Inc., QI Systems Inc., South Texas Oil Co., and Synova Healthcare Group, Inc... concerning the securities of Four Rivers BioEnergy, Inc. because it has not filed any periodic reports since...

Radioactive source security: the cultural challenges.

PubMed

Englefield, Chris

2015-04-01

Radioactive source security is an essential part of radiation protection. Sources can be abandoned, lost or stolen. If they are stolen, they could be used to cause deliberate harm and the risks are varied and significant. There is a need for a global security protection system and enhanced capability to achieve this. The establishment of radioactive source security requires 'cultural exchanges'. These exchanges include collaboration between: radiation protection specialists and security specialists; the nuclear industry and users of radioactive sources; training providers and regulators/users. This collaboration will facilitate knowledge and experience exchange for the various stakeholder groups, beyond those already provided. This will promote best practice in both physical and information security and heighten security awareness generally. Only if all groups involved are prepared to open their minds to listen to and learn from, each other will a suitable global level of control be achieved. © The Author 2014. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

A review of video security training and assessment-systems and their applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cellucci, J.; Hall, R.J.

1991-01-01

This paper reports that during the last 10 years computer-aided video data collection and playback systems have been used as nuclear facility security training and assessment tools with varying degrees of success. These mobile systems have been used by trained security personnel for response force training, vulnerability assessment, force-on-force exercises and crisis management. Typically, synchronous recordings from multiple video cameras, communications audio, and digital sensor inputs; are played back to the exercise participants and then edited for training and briefing. Factors that have influence user acceptance include: frequency of use, the demands placed on security personnel, fear of punishment, usermore » training requirements and equipment cost. The introduction of S-VHS video and new software for scenario planning, video editing and data reduction; should bring about a wider range of security applications and supply the opportunity for significant cost sharing with other user groups.« less

A Secure Multicast Framework in Large and High-Mobility Network Groups

NASA Astrophysics Data System (ADS)

Lee, Jung-San; Chang, Chin-Chen

With the widespread use of Internet applications such as Teleconference, Pay-TV, Collaborate tasks, and Message services, how to construct and distribute the group session key to all group members securely is becoming and more important. Instead of adopting the point-to-point packet delivery, these emerging applications are based upon the mechanism of multicast communication, which allows the group member to communicate with multi-party efficiently. There are two main issues in the mechanism of multicast communication: Key Distribution and Scalability. The first issue is how to distribute the group session key to all group members securely. The second one is how to maintain the high performance in large network groups. Group members in conventional multicast systems have to keep numerous secret keys in databases, which makes it very inconvenient for them. Furthermore, in case that a member joins or leaves the communication group, many involved participants have to change their own secret keys to preserve the forward secrecy and the backward secrecy. We consequently propose a novel version for providing secure multicast communication in large network groups. Our proposed framework not only preserves the forward secrecy and the backward secrecy but also possesses better performance than existing alternatives. Specifically, simulation results demonstrate that our scheme is suitable for high-mobility environments.

5 CFR 9901.211 - Career groups.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Career groups. 9901.211 Section 9901.211 Administrative Personnel DEPARTMENT OF DEFENSE HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM...

Research on fully distributed optical fiber sensing security system localization algorithm

NASA Astrophysics Data System (ADS)

Wu, Xu; Hou, Jiacheng; Liu, Kun; Liu, Tiegen

2013-12-01

A new fully distributed optical fiber sensing and location technology based on the Mach-Zehnder interferometers is studied. In this security system, a new climbing point locating algorithm based on short-time average zero-crossing rate is presented. By calculating the zero-crossing rates of the multiple grouped data separately, it not only utilizes the advantages of the frequency analysis method to determine the most effective data group more accurately, but also meets the requirement of the real-time monitoring system. Supplemented with short-term energy calculation group signal, the most effective data group can be quickly picked out. Finally, the accurate location of the climbing point can be effectively achieved through the cross-correlation localization algorithm. The experimental results show that the proposed algorithm can realize the accurate location of the climbing point and meanwhile the outside interference noise of the non-climbing behavior can be effectively filtered out.

A Security Architecture for Grid-enabling OGC Web Services

NASA Astrophysics Data System (ADS)

Angelini, Valerio; Petronzio, Luca

2010-05-01

In the proposed presentation we describe an architectural solution for enabling a secure access to Grids and possibly other large scale on-demand processing infrastructures through OGC (Open Geospatial Consortium) Web Services (OWS). This work has been carried out in the context of the security thread of the G-OWS Working Group. G-OWS (gLite enablement of OGC Web Services) is an international open initiative started in 2008 by the European CYCLOPS , GENESI-DR, and DORII Project Consortia in order to collect/coordinate experiences in the enablement of OWS's on top of the gLite Grid middleware. G-OWS investigates the problem of the development of Spatial Data and Information Infrastructures (SDI and SII) based on the Grid/Cloud capacity in order to enable Earth Science applications and tools. Concerning security issues, the integration of OWS compliant infrastructures and gLite Grids needs to address relevant challenges, due to their respective design principles. In fact OWS's are part of a Web based architecture that demands security aspects to other specifications, whereas the gLite middleware implements the Grid paradigm with a strong security model (the gLite Grid Security Infrastructure: GSI). In our work we propose a Security Architectural Framework allowing the seamless use of Grid-enabled OGC Web Services through the federation of existing security systems (mostly web based) with the gLite GSI. This is made possible mediating between different security realms, whose mutual trust is established in advance during the deployment of the system itself. Our architecture is composed of three different security tiers: the user's security system, a specific G-OWS security system, and the gLite Grid Security Infrastructure. Applying the separation-of-concerns principle, each of these tiers is responsible for controlling the access to a well-defined resource set, respectively: the user's organization resources, the geospatial resources and services, and the Grid resources. While the gLite middleware is tied to a consolidated security approach based on X.509 certificates, our system is able to support different kinds of user's security infrastructures. Our central component, the G-OWS Security Framework, is based on the OASIS WS-Trust specifications and on the OGC GeoRM architectural framework. This allows to satisfy advanced requirements such as the enforcement of specific geospatial policies and complex secure web service chained requests. The typical use case is represented by a scientist belonging to a given organization who issues a request to a G-OWS Grid-enabled Web Service. The system initially asks the user to authenticate to his/her organization's security system and, after verification of the user's security credentials, it translates the user's digital identity into a G-OWS identity. This identity is linked to a set of attributes describing the user's access rights to the G-OWS services and resources. Inside the G-OWS Security system, access restrictions are applied making use of the enhanced Geospatial capabilities specified by the OGC GeoXACML. If the required action needs to make use of the Grid environment the system checks if the user is entitled to access a Grid infrastructure. In that case his/her identity is translated to a temporary Grid security token using the Short Lived Credential Services (IGTF Standard). In our case, for the specific gLite Grid infrastructure, some information (VOMS Attributes) is plugged into the Grid Security Token to grant the access to the user's Virtual Organization Grid resources. The resulting token is used to submit the request to the Grid and also by the various gLite middleware elements to verify the user's grants. Basing on the presented framework, the G-OWS Security Working Group developed a prototype, enabling the execution of OGC Web Services on the EGEE Production Grid through the federation with a Shibboleth based security infrastructure. Future plans aim to integrate other Web authentication services such as OpenID, Kerberos and WS-Federation.

20 CFR 404.1212 - Police officers and firefighters.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Section 404.1212 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND... May Be Covered § 404.1212 Police officers and firefighters. (a) General. For Social Security coverage... officers' and firefighters' positions not under a retirement system as part of an absolute coverage group...

Arm yourself for the coming battle over Social Security.

PubMed

Pozen, Robert C

2002-11-01

The U.S. Social Security system is in deep trouble--and that's not just bad news for your friends and family. It's also bad news for your company. Unless the Social Security system is changed, by 2017 the cash flowing out of it will exceed the cash coming in, and by 2041 the system will be utterly insolvent. But the trouble will start sooner than that: In the next decade, the very prospect of the rising deficit will mean serious pressure on recent tax cuts, higher long-term interest rates, increased pension-funding costs, and other punishing conditions for U.S. businesses. Clearly, there's a lot at stake for companies, which is why executives need to participate in the growing debate about Social Security reform, says Robert Pozen, a visiting professor at Harvard Law School who served on the President's Commission to Strengthen Social Security. In this article, he urges business leaders to take a stance on how the system should be reformed, suggesting they work with interest groups to make their voices heard. After taking a comprehensive look at the debates surrounding Social Security reform, Pozen outlines the three main alternatives executives might choose to support: increasing contributions to Social Security, decreasing the growth of benefits for more-affluent workers, and increasing investment returns on Social Security assets. What's needed to fix the current system, he contends, is a careful balance of all three.

A security and privacy preserving e-prescription system based on smart cards.

PubMed

Hsu, Chien-Lung; Lu, Chung-Fu

2012-12-01

In 2002, Ateniese and Medeiros proposed an e-prescription system, in which the patient can store e-prescription and related information using smart card. Latter, Yang et al. proposed a novel smart-card based e-prescription system based on Ateniese and Medeiros's system in 2004. Yang et al. considered the privacy issues of prescription data and adopted the concept of a group signature to provide patient's privacy protection. To make the e-prescription system more realistic, they further applied a proxy signature to allow a patient to delegate his signing capability to other people. This paper proposed a novel security and privacy preserving e-prescription system model based on smart cards. A new role, chemist, is included in the system model for settling the medicine dispute. We further presented a concrete identity-based (ID-based) group signature scheme and an ID-based proxy signature scheme to realize the proposed model. Main property of an ID-based system is that public key is simple user's identity and can be verified without extra public key certificates. Our ID-based group signature scheme can allow doctors to sign e-prescription anonymously. In a case of a medical dispute, identities of the doctors can be identified. The proposed ID-based proxy signature scheme can improve signing delegation and allows a delegation chain. The proposed e-prescription system based on our proposed two cryptographic schemes is more practical and efficient than Yang et al.'s system in terms of security, communication overheads, computational costs, practical considerations.

Security Analysis and Improvement of 'a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'.

PubMed

Islam, S K Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.'s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen's scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

2015-01-01

NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

IPv6 Security

NASA Astrophysics Data System (ADS)

Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

2017-10-01

IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

Quantum Secure Group Communication.

PubMed

Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

2018-03-01

We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

Sharing Data and Analytical Resources Securely in a Biomedical Research Grid Environment

PubMed Central

Langella, Stephen; Hastings, Shannon; Oster, Scott; Pan, Tony; Sharma, Ashish; Permar, Justin; Ervin, David; Cambazoglu, B. Barla; Kurc, Tahsin; Saltz, Joel

2008-01-01

Objectives To develop a security infrastructure to support controlled and secure access to data and analytical resources in a biomedical research Grid environment, while facilitating resource sharing among collaborators. Design A Grid security infrastructure, called Grid Authentication and Authorization with Reliably Distributed Services (GAARDS), is developed as a key architecture component of the NCI-funded cancer Biomedical Informatics Grid (caBIG™). The GAARDS is designed to support in a distributed environment 1) efficient provisioning and federation of user identities and credentials; 2) group-based access control support with which resource providers can enforce policies based on community accepted groups and local groups; and 3) management of a trust fabric so that policies can be enforced based on required levels of assurance. Measurements GAARDS is implemented as a suite of Grid services and administrative tools. It provides three core services: Dorian for management and federation of user identities, Grid Trust Service for maintaining and provisioning a federated trust fabric within the Grid environment, and Grid Grouper for enforcing authorization policies based on both local and Grid-level groups. Results The GAARDS infrastructure is available as a stand-alone system and as a component of the caGrid infrastructure. More information about GAARDS can be accessed at http://www.cagrid.org. Conclusions GAARDS provides a comprehensive system to address the security challenges associated with environments in which resources may be located at different sites, requests to access the resources may cross institutional boundaries, and user credentials are created, managed, revoked dynamically in a de-centralized manner. PMID:18308979

Meeting EHR security requirements: SeAAS approach.

PubMed

Katt, Basel; Trojer, Thomas; Breu, Ruth; Schabetsberger, Thomas; Wozak, Florian

2010-01-01

In the last few years, Electronic Health Record (EHR) systems have received a great attention in the literature, as well as in the industry. They are expected to lead to health care savings, increase health care quality and reduce medical errors. This interest has been accompanied by the development of different standards and frameworks to meet EHR challenges. One of the most important initiatives that was developed to solve problems of EHR is IHE (Integrating the Healthcare Enterprise), which adapts the distributed approach to store and manage healthcare data. IHE aims at standardizing the way healthcare systems exchange information in distributed environments. For this purpose it defines several so called Integration Profiles that specify the interactions and the interfaces (Transactions) between various healthcare systems (Actors) or entities. Security was considered also in few profiles that tackled the main security requirements, mainly authentication and audit trails. The security profiles of IHE currently suffer two drawbacks. First, they apply end point security methodology, which has been proven recently to be insufficient and cumbersome in distributed and heterogeneous environment. Second, the current security profiles for more complex security requirements are oversimplified, vague and do not consider architectural design. This recently changed to some extend e.g., with the introduction of newly published white papers regarding privacy [5] and access control [9]. In order to solve the first problem we utilize results of previous studies conducted in the area of security-aware IHE-based systems and the state-of-the-art Security-as-a-Service approach as a convenient methodology to group domain-wide security needs and overcome the end point security shortcomings.

Secure scalable disaster electronic medical record and tracking system.

PubMed

Demers, Gerard; Kahn, Christopher; Johansson, Per; Buono, Colleen; Chipara, Octav; Griswold, William; Chan, Theodore

2013-10-01

Electronic medical records (EMRs) are considered superior in documentation of care for medical practice. Current disaster medical response involves paper tracking systems and radio communication for mass-casualty incidents (MCIs). These systems are prone to errors, may be compromised by local conditions, and are labor intensive. Communication infrastructure may be impacted, overwhelmed by call volume, or destroyed by the disaster, making self-contained and secure EMR response a critical capability. Report As the prehospital disaster EMR allows for more robust content including protected health information (PHI), security measures must be instituted to safeguard these data. The Wireless Internet Information System for medicAl Response in Disasters (WIISARD) Research Group developed a handheld, linked, wireless EMR system utilizing current technology platforms. Smart phones connected to radio frequency identification (RFID) readers may be utilized to efficiently track casualties resulting from the incident. Medical information may be transmitted on an encrypted network to fellow prehospital team members, medical dispatch, and receiving medical centers. This system has been field tested in a number of exercises with excellent results, and future iterations will incorporate robust security measures. A secure prehospital triage EMR improves documentation quality during disaster drills.

A DICOM based radiotherapy plan database for research collaboration and reporting

NASA Astrophysics Data System (ADS)

Westberg, J.; Krogh, S.; Brink, C.; Vogelius, I. R.

2014-03-01

Purpose: To create a central radiotherapy (RT) plan database for dose analysis and reporting, capable of calculating and presenting statistics on user defined patient groups. The goal is to facilitate multi-center research studies with easy and secure access to RT plans and statistics on protocol compliance. Methods: RT institutions are able to send data to the central database using DICOM communications on a secure computer network. The central system is composed of a number of DICOM servers, an SQL database and in-house developed software services to process the incoming data. A web site within the secure network allows the user to manage their submitted data. Results: The RT plan database has been developed in Microsoft .NET and users are able to send DICOM data between RT centers in Denmark. Dose-volume histogram (DVH) calculations performed by the system are comparable to those of conventional RT software. A permission system was implemented to ensure access control and easy, yet secure, data sharing across centers. The reports contain DVH statistics for structures in user defined patient groups. The system currently contains over 2200 patients in 14 collaborations. Conclusions: A central RT plan repository for use in multi-center trials and quality assurance was created. The system provides an attractive alternative to dummy runs by enabling continuous monitoring of protocol conformity and plan metrics in a trial.

Patient and public views about the security and privacy of Electronic Health Records (EHRs) in the UK: results from a mixed methods study.

PubMed

Papoutsi, Chrysanthi; Reed, Julie E; Marston, Cicely; Lewis, Ruth; Majeed, Azeem; Bell, Derek

2015-10-14

Although policy discourses frame integrated Electronic Health Records (EHRs) as essential for contemporary healthcare systems, increased information sharing often raises concerns among patients and the public. This paper examines patient and public views about the security and privacy of EHRs used for health provision, research and policy in the UK. Sequential mixed methods study with a cross-sectional survey (in 2011) followed by focus group discussions (in 2012-2013). Survey participants (N = 5331) were recruited from primary and secondary care settings in West London (UK). Complete data for 2761 (51.8 %) participants were included in the final analysis for this paper. The survey results were discussed in 13 focus groups with people living with a range of different health conditions, and in 4 mixed focus groups with patients, health professionals and researchers (total N = 120). Qualitative data were analysed thematically. In the survey, 79 % of participants reported that they would worry about the security of their record if this was part of a national EHR system and 71 % thought the National Health Service (NHS) was unable to guarantee EHR safety at the time this work was carried out. Almost half (47 %) responded that EHRs would be less secure compared with the way their health record was held at the time of the survey. Of those who reported being worried about EHR security, many would nevertheless support their development (55 %), while 12 % would not support national EHRs and a sizeable proportion (33 %) were undecided. There were also variations by age, ethnicity and education. In focus group discussions participants weighed up perceived benefits against potential security and privacy threats from wider sharing of information, as well as discussing other perceived risks: commercial exploitation, lack of accountability, data inaccuracies, prejudice and inequalities in health provision. Patient and public worries about the security risks associated with integrated EHRs highlight the need for intensive public awareness and engagement initiatives, together with the establishment of trustworthy security and privacy mechanisms for health information sharing.

Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’

PubMed Central

Islam, SK Hafizul; Khan, Muhammad Khurram; Li, Xiong

2015-01-01

Over the past few years, secure and privacy-preserving user authentication scheme has become an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication system over the Lee et al.’s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this study. We have found that Wen’s scheme still has the following inefficiencies: (1) the correctness of identity and password are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (3) it is designed without the revocation of lost/stolen smart card; (4) the explicit key confirmation and the no key control properties are absent, and (5) user cannot update his/her password without the help of server and secure channel. Then we aimed to propose an enhanced two-factor user authentication system based on the intractable assumption of the quadratic residue problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes found in the literature. PMID:26263401

Evaluation of the awareness and effectiveness of IT security programs in a large publicly funded health care system.

PubMed

Hepp, Shelanne L; Tarraf, Rima C; Birney, Arden; Arain, Mubashir Aslam

2017-01-01

Electronic health records are becoming increasingly common in the health care industry. Although information technology (IT) poses many benefits to improving health care and ease of access to information, there are also security and privacy risks. Educating health care providers is necessary to ensure proper use of health information systems and IT and reduce undesirable outcomes. This study evaluated employees' awareness and perceptions of the effectiveness of two IT educational training modules within a large publicly funded health care system in Canada. Semi-structured interviews and focus groups included a variety of professional roles within the organisation. Participants also completed a brief demographic data sheet. With the consent of participants, all interviews and focus groups were audio recorded. Thematic analysis and descriptive statistics were used to evaluate the effectiveness of the IT security training modules. Five main themes emerged: (i) awareness of the IT training modules, (ii) the content of modules, (iii) staff perceptions about differences between IT security and privacy issues, (iv) common breaches of IT security and privacy, and (v) challenges and barriers to completing the training program. Overall, nonclinical staff were more likely to be aware of the training modules than were clinical staff. We found e-learning was a feasible way to educate a large number of employees. However, health care providers required a module on IT security and privacy that was relatable and applicable to their specific roles. Strategies to improve staff education and mitigate against IT security and privacy risks are discussed. Future research should focus on integrating health IT competencies into the educational programs for health care professionals.

78 FR 42983 - Submission for Renewal: Information Collection; Questionnaire for National Security Positions...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-18

... and certified investigative data remains secured in the e-QIP system until the next time the... respondent will be allowed to update information and certify that data. In this instance, time to complete... Administration (FAA), and commenters from the public and OPM. Five advocacy groups, the Bazelon Center for Mental...

WMD Proliferation, Globalization, and International Security: Whither the Nexus and National Security?

DTIC Science & Technology

2006-07-01

group Aum Shinrikyo on the Tokyo subway system, which resulted in 10 deaths, is regarded by many as the dawn of the era of modern WMD terrorism...organizations have become truly global in character. Al Qaeda, for example, is franchising operations around the world either directly or indirectly

Cryptanalysis of the Quantum Group Signature Protocols

NASA Astrophysics Data System (ADS)

Zhang, Ke-Jia; Sun, Ying; Song, Ting-Ting; Zuo, Hui-Juan

2013-11-01

Recently, the researches of quantum group signature (QGS) have attracted a lot of attentions and some typical protocols have been designed for e-payment system, e-government, e-business, etc. In this paper, we analyze the security of the quantum group signature with the example of two novel protocols. It can be seen that both of them cannot be implemented securely since the arbitrator cannot solve the disputes fairly. In order to show that, some possible attack strategies, which can be used by the malicious participants, are proposed. Moreover, the further discussions of QGS are presented finally, including some insecurity factors and improved ideas.

Privacy enhanced group communication in clinical environment

NASA Astrophysics Data System (ADS)

Li, Mingyan; Narayanan, Sreeram; Poovendran, Radha

2005-04-01

Privacy protection of medical records has always been an important issue and is mandated by the recent Health Insurance Portability and Accountability Act (HIPAA) standards. In this paper, we propose security architectures for a tele-referring system that allows electronic group communication among professionals for better quality treatments, while protecting patient privacy against unauthorized access. Although DICOM defines the much-needed guidelines for confidentiality of medical data during transmission, there is no provision in the existing medical security systems to guarantee patient privacy once the data has been received. In our design, we address this issue by enabling tracing back to the recipient whose received data is disclosed to outsiders, using watermarking technique. We present security architecture design of a tele-referring system using a distributed approach and a centralized web-based approach. The resulting tele-referring system (i) provides confidentiality during the transmission and ensures integrity and authenticity of the received data, (ii) allows tracing of the recipient who has either distributed the data to outsiders or whose system has been compromised, (iii) provides proof of receipt or origin, and (iv) can be easy to use and low-cost to employ in clinical environment.

Programmable Logic Controllers for Research on the Cyber Security of Industrial Power Plants

DTIC Science & Technology

2017-02-12

group . 15. SUBJECT TERMS Industrial control systems, cyber security 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF a. REPORT b. ABSTRACT c. THIS...currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (00-MM-YYYY) ,2. REPORT TYPE 3. DATES COVERED...From- To) 12/02/2017 Final 15 August 2015 - 12 February 2017 4. TITLE AND SUBTITLE Sa. CONTRACT NUMBER Programmable Logic Controllers for Research

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

2015-01-01

NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

PLASMA-field barrier sentry (PFBS)

NASA Astrophysics Data System (ADS)

Gonzaga, Ernesto A.; Cossette, Harold James

2013-06-01

This paper describes the concept and method in designing and developing a unique security system apparatus that will counter unauthorized personnel: to deny access to or occupy an area or facility, to control or direct crowd or large groups, and to incapacitate individuals or small groups until they can be secured by military or law enforcement personnel. The system exploits Tesla coil technology. Application of basic engineering circuit analysis and principle is demonstrated. Transformation from classical spark gap method to modern solid state design was presented. The analysis shows how the optimum design can be implemented to maximize performance of the apparatus. Discussion of the hazardous effects of electrical elements to human physiological conditions was covered. This serves to define guidelines in implementing safety limits and precautions on the performance of the system. The project is strictly adhering towards non-lethal technologies and systems.

China's approach to control of HIV. Modern use of tradition in a public security system.

PubMed

Anderson, A F

1995-01-01

HIV/AIDS control policy in China focuses on high risk populations. The public security system is intricately intertwined with the Chinese government's HIV control activities. The government can justify its control of high risk activities because prostitution, related trafficking in females, drug abuse, and drug trafficking are elements of the Six Evils: social problems considered to be pre-revolutionary, influenced by decadent western morality, and incompatible with modernization. Public security campaigns involve arresting tens of thousands of people annually in the combined efforts against HIV and the social evils. Instigators of crime are given punitive prison sentences. For their victims, however, incarceration leans toward treatment. The moral-rehabilitative philosophy is the normative foundation of the Chinese criminal justice process. Confucian thought holds that teaching the disobedient person proper social conduct, not punishment, will effect endless change. So correction officials use patient persuasion and re-education with most criminals. The public security system coercively collects drug abusers for as much as three months of counseling and detoxification (methadone or clonidine). The police detain prostitutes for 6 months to 2 years for re-education, including legal indoctrination, labor, and prevention of sexually transmitted diseases. Family members and community groups participate in treatment and aftercare. All drug abusers and prostitutes undergo HIV testing. HIV-positive offenders are separated from HIV-negative offenders. Pimps, panderers, or traffickers in females or drugs are either executed or put in prison for at least 10 years. A weakness of China's approach is its exclusive focus on high-risk groups rather than on high-risk practices. This approach assumes HIV will be restricted to these groups. Police will likely increase its punitive and regressive responses to group members as its approach fails to prevent HIV transmission.

Priming the Secure Attachment Schema Affects the Emotional Face Processing Bias in Attachment Anxiety: An fMRI Research

PubMed Central

Tang, Qingting; Chen, Xu; Hu, Jia; Liu, Ying

2017-01-01

Our study explored how priming with a secure base schema affects the processing of emotional facial stimuli in individuals with attachment anxiety. We enrolled 42 undergraduate students between 18 and 27 years of age, and divided them into two groups: attachment anxiety and attachment secure. All participants were primed under two conditions, the secure priming using references to the partner, and neutral priming using neutral references. We performed repeated attachment security priming combined with a dual-task paradigm and functional magnetic resonance imaging. Participants’ reaction times in terms of responding to the facial stimuli were also measured. Attachment security priming can facilitate an individual’s processing of positive emotional faces; for instance, the presentation of the partner’s name was associated with stronger activities in a wide range of brain regions and faster reaction times for positive facial expressions in the subjects. The current finding of higher activity in the left-hemisphere regions for secure priming rather than neutral priming is consistent with the prediction that attachment security priming triggers the spread of the activation of a positive emotional state. However, the difference in brain activity during processing of both, positive and negative emotional facial stimuli between the two priming conditions appeared in the attachment anxiety group alone. This study indicates that the effect of attachment secure priming on the processing of emotional facial stimuli could be mediated by chronic attachment anxiety. In addition, it highlights the association between higher-order processes of the attachment system (secure attachment schema priming) and early-stage information processing system (attention), given the increased attention toward the effects of secure base schema on the processing of emotion- and attachment-related information among the insecure population. Thus, the following study has applications in providing directions for clinical treatment of mood disorders in attachment anxiety. PMID:28473796

Priming the Secure Attachment Schema Affects the Emotional Face Processing Bias in Attachment Anxiety: An fMRI Research.

PubMed

Tang, Qingting; Chen, Xu; Hu, Jia; Liu, Ying

2017-01-01

Our study explored how priming with a secure base schema affects the processing of emotional facial stimuli in individuals with attachment anxiety. We enrolled 42 undergraduate students between 18 and 27 years of age, and divided them into two groups: attachment anxiety and attachment secure. All participants were primed under two conditions, the secure priming using references to the partner, and neutral priming using neutral references. We performed repeated attachment security priming combined with a dual-task paradigm and functional magnetic resonance imaging. Participants' reaction times in terms of responding to the facial stimuli were also measured. Attachment security priming can facilitate an individual's processing of positive emotional faces; for instance, the presentation of the partner's name was associated with stronger activities in a wide range of brain regions and faster reaction times for positive facial expressions in the subjects. The current finding of higher activity in the left-hemisphere regions for secure priming rather than neutral priming is consistent with the prediction that attachment security priming triggers the spread of the activation of a positive emotional state. However, the difference in brain activity during processing of both, positive and negative emotional facial stimuli between the two priming conditions appeared in the attachment anxiety group alone. This study indicates that the effect of attachment secure priming on the processing of emotional facial stimuli could be mediated by chronic attachment anxiety. In addition, it highlights the association between higher-order processes of the attachment system (secure attachment schema priming) and early-stage information processing system (attention), given the increased attention toward the effects of secure base schema on the processing of emotion- and attachment-related information among the insecure population. Thus, the following study has applications in providing directions for clinical treatment of mood disorders in attachment anxiety.

A Selective Group Authentication Scheme for IoT-Based Medical Information System.

PubMed

Park, YoHan; Park, YoungHo

2017-04-01

The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

3D Digital Legos for Teaching Security Protocols

ERIC Educational Resources Information Center

Yu, Li; Harrison, L.; Lu, Aidong; Li, Zhiwei; Wang, Weichao

2011-01-01

We have designed and developed a 3D digital Lego system as an education tool for teaching security protocols effectively in Information Assurance courses (Lego is a trademark of the LEGO Group. Here, we use it only to represent the pieces of a construction set.). Our approach applies the pedagogical methods learned from toy construction sets by…

The Need for a Regional Security System Multinational Coast Guard Unit in the Eastern Caribbean

DTIC Science & Technology

2012-06-08

the teaching staff of Staff Group 11 A (Mr Matt Bonnott, Dr Thomas Huber, LTC Andrew McIntyre) and Mr William Knight for officiating, my oral...assist me on this journey. Finally, to my wife Vonette, son Isaiah , daughter Makayla, my mother Muriel (this one is for you), and my friends (too...for the implementation of a new security risk management mechanism to enhance the security of the RSS sub-region. According to Thomas Norman in the

Processing multilevel secure test and evaluation information

NASA Astrophysics Data System (ADS)

Hurlburt, George; Hildreth, Bradley; Acevedo, Teresa

1994-07-01

The Test and Evaluation Community Network (TECNET) is building a Multilevel Secure (MLS) system. This system features simultaneous access to classified and unclassified information and easy access through widely available communications channels. It provides the necessary separation of classification levels, assured through the use of trusted system design techniques, security assessments and evaluations. This system enables cleared T&E users to view and manipulate classified and unclassified information resources either using a single terminal interface or multiple windows in a graphical user interface. TECNET is in direct partnership with the National Security Agency (NSA) to develop and field the MLS TECNET capability in the near term. The centerpiece of this partnership is a state-of-the-art Concurrent Systems Security Engineering (CSSE) process. In developing the MLS TECNET capability, TECNET and NSA are providing members, with various expertise and diverse backgrounds, to participate in the CSSE process. The CSSE process is founded on the concepts of both Systems Engineering and Concurrent Engineering. Systems Engineering is an interdisciplinary approach to evolve and verify an integrated and life cycle balanced set of system product and process solutions that satisfy customer needs (ASD/ENS-MIL STD 499B 1992). Concurrent Engineering is design and development using the simultaneous, applied talents of a diverse group of people with the appropriate skills. Harnessing diverse talents to support CSSE requires active participation by team members in an environment that both respects and encourages diversity.

An RFID-based luggage and passenger tracking system for airport security control applications

NASA Astrophysics Data System (ADS)

Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

2014-06-01

Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

77 FR 21587 - Bayer Cropscience, LP, Including On-Site Leased Workers From Jacobs PSG, Middough Associates, Inc...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-10

...., Digital Management Group, Mercury Air Group, Inc., Greenwood, and Professional Maintenance of Charleston... Solutions, Becht Engineering, Engineering Support Systems, Manufacturing Management Services, US Securities, WB Wells, Belcan, American Engineers, CH2M Hill Engineers, Inc., Digital Management Group, Mercury...

Delivering Summer Electronic Benefit Transfers for Children through the Supplemental Nutrition Assistance Program or the Special Supplemental Nutrition Program for Women, Infants, and Children: Benefit Use and Impacts on Food Security and Foods Consumed.

PubMed

Gordon, Anne R; Briefel, Ronette R; Collins, Ann M; Rowe, Gretchen M; Klerman, Jacob A

2017-03-01

The Summer Electronic Benefit Transfers for Children (SEBTC) demonstration piloted summer food assistance through electronic benefit transfers (EBTs), providing benefits either through the Special Supplemental Nutrition Program for Women, Infants, and Children (WIC) or the Supplemental Nutrition Assistance Program (SNAP) EBT. To inform food assistance policy and describe how demonstrations using WIC and SNAP models differed in benefit take-up and impacts on food security and children's food consumption. Sites chose to deliver SEBTC using the SNAP or WIC EBT system. Within each site, in 2012, households were randomly assigned to a benefit group or a no-benefit control group. Grantees (eight states and two Indian Tribal Organizations) selected school districts serving many low-income children. Schoolchildren were eligible in cases where they had been certified for free or reduced-price meals during the school year. Before the demonstration, households in the demonstration sample had lower incomes and lower food security, on average, than households with eligible children nationally. Grantees provided selected households with benefits worth $60 per child per summer month using SNAP or WIC EBT systems. SNAP-model benefits covered most foods. WIC-model benefits could only be used for a specific package of foods. Key outcomes were children's food security (assessed using the US Department of Agriculture food security scale) and food consumption (assessed using food frequency questions). Differences in mean outcomes between the benefit and control groups measured impact, after adjusting for household characteristics. In WIC sites, benefit-group households redeemed a lower percentage of SEBTC benefits than in SNAP sites. Nonetheless, the benefit groups in both sets of sites had similar large reductions in very low food security among children, relative to no-benefit controls. Children receiving benefits consumed more healthful foods, and these impacts were larger in WIC sites. Results suggest the WIC SEBTC model deserves strong consideration. Copyright © 2017 Academy of Nutrition and Dietetics. Published by Elsevier Inc. All rights reserved.

The Landscape of International Biosurveillance

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hartley, David M.; Nelson, Noele P.; Walters, Ronald A.

2010-02-01

Event-based biosurveillance is a scientific discipline in which diverse streams of data, available from the Internet, are characterized prospectively to provide information on infectious disease events. Biosurveillance complements traditional public health surveillance to provide both early warning of infectious disease events as well as situational awareness. The Global Health Security Action Group (GHSAG) of the Global Health Security Initiative is developing a biosurveillance capability that integrates and leverages component systems from member nations. This work discusses these biosurveillance systems and identifies needed future studies.

The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment)

DTIC Science & Technology

2001-10-16

default/ passwd file in UNIX. Administrators should obtain and run password-guessing programs (i.e., “John the Ripper,’’ “L0phtCrack,” and “Crack...system on which it is running, it is a good idea to transfer the encrypted passwords (the dumped SAM database for Windows and the /etc/ passwd and /etc...ownership by root and group sys. The /etc/ passwd file should have permissions 644 with owner root and group root. n Be cracked every month to find

EU-US standards harmonization task group report : testing for ITS security.

DOT National Transportation Integrated Search

1996-03-01

THE INVEHICLE SAFETY ADVISORY AND WARNING SYSTEM (IVSAWS) IS A FEDERAL HIGHWAY ADMINISTRATION EFFORT TO DEVELOP' A NATIONWIDE VEHICULAR INFORMATION SYSTEM THAT PROVIDES DRIVERS WITH ADVANCE, SUPPLEMENTAL NOTIFICATION OF DANGEROUS ROAD CONDITIONS USIN...

Cyber Security and Resilient Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments tomore » date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.« less

Transportation Secure Data Center Newsletter | Transportation Secure Data

Science.gov Websites

Travel Study: A pilot study conducted February-March 2015, the In the Moment Travel Study used an Transportation Study: In February and March 2014, Resource Systems Group, Inc., conducted the Heartland in Motion Transportation Study for the Madison County Council of Governments. The study included a household travel survey

5 CFR 9901.231 - Conversion of positions and employees to NSPS classification system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM (NSPS) Classification Transitional... employee's career group, pay schedule, and band upon conversion. (d) Grade retention prior to conversion...

Usability Assessment of Secure Messaging for Clinical Document Sharing between Health Care Providers and Patients.

PubMed

Jahn, Michelle A; Porter, Brian W; Patel, Himalaya; Zillich, Alan J; Simon, Steven R; Russ, Alissa L

2018-04-01

 Web-based patient portals feature secure messaging systems that enable health care providers and patients to communicate information. However, little is known about the usability of these systems for clinical document sharing.  This article evaluates the usability of a secure messaging system for providers and patients in terms of its ability to support sharing of electronic clinical documents.  We conducted usability testing with providers and patients in a human-computer interaction laboratory at a Midwestern U.S. hospital. Providers sent a medication list document to a fictitious patient via secure messaging. Separately, patients retrieved the clinical document from a secure message and returned it to a fictitious provider. We collected use errors, task completion, task time, and satisfaction.  Twenty-nine individuals participated: 19 providers (6 physicians, 6 registered nurses, and 7 pharmacists) and 10 patients. Among providers, 11 (58%) attached and sent the clinical document via secure messaging without requiring assistance, in a median (range) of 4.5 (1.8-12.7) minutes. No patients completed tasks without moderator assistance. Patients accessed the secure messaging system within 3.6 (1.2-15.0) minutes; retrieved the clinical document within 0.8 (0.5-5.7) minutes; and sent the attached clinical document in 6.3 (1.5-18.1) minutes. Although median satisfaction ratings were high, with 5.8 for providers and 6.0 for patients (scale, 0-7), we identified 36 different use errors. Physicians and pharmacists requested additional features to support care coordination via health information technology, while nurses requested features to support efficiency for their tasks.  This study examined the usability of clinical document sharing, a key feature of many secure messaging systems. Our results highlight similarities and differences between provider and patient end-user groups, which can inform secure messaging design to improve learnability and efficiency. The observations suggest recommendations for improving the technical aspects of secure messaging for clinical document sharing. Schattauer GmbH Stuttgart.

[Our experience with mini tapes (TVT Secur and MiniArc) in the surgery for stress urinary incontinence].

PubMed

Jiménez Calvo, J; Hualde Alfaro, A; Raigoso Ortega, O; Cebrian Lostal, J L; Alvarez Bandres, S; Jiménez Parra, J; Montesino Semper, M; Santiago Gonzalez de Garibay, A

2008-01-01

The purpose of this publication is to describe the surgical technique, assess complications and short-term results of TVT secur and MiniArc tapes. From October 2006 to August 2007 it was carried out the surgical correction with TVT Secur,Women's Health & Urology, Ethicon, Johnson & Johnson, placing the tape as a hammock, to 51 patients, 38 of them with pure stress incontinence and 13 with mixed incontinence and with an average age of 57 years. From September 2007 to February 2008 41 patients, 33 of them with pure stress incontinence and 8 with mixed incontinence, with an average of age of 58 years were operated with AMS Miniarc swing system tape, posted on hammock. All procedures were performed with sedoanalgesia and Ambulatory Surgery regime. Patients were monitored in outpatient visits one month, 3 months and one year after surgical procedure. Medical history and questionnaire and ICIQ-SF, to which we added a question to quantify the degree of satisfaction, as well as physical examination, were done. We compared the results of both technical procedures and statistical survey was conducted by Student test. [Analysis with SPSS software (V14.0)]. The median follow-up in TVT secur group was 328 days (range 163-522 days) and 101 days (range 41-209 days) inthe MiniArc group. We only had one (TVT secur group) surgical complication in all the series (92 patients) being a bladder perforation. Taking into account that we read a negative test effort as an objective cure in the TVT secur group, 80.4% patients are cured and 90.2% inthe MiniArc group without significant difference between both groups (p 0095). To assess the subjective healing we utilized the ICIQ-SF test and the satisfaction extra-question and we noted that there is no significant difference between the first and third month controls. (90% of patients satisfied). 80% of patients were completely satisfied in the first year control that was only performed to TVT secur group. These new tapes show fewer complications that the TVT-O and TOT tapes and allow the possibility of placement with local anesthesia but further studies are needed.

Secure alignment of coordinate systems using quantum correlation

NASA Astrophysics Data System (ADS)

Rezazadeh, F.; Mani, A.; Karimipour, V.

2017-08-01

We show that two parties far apart can use shared entangled states and classical communication to align their coordinate systems with a very high fidelity. Moreover, compared with previous methods proposed for such a task, i.e., sending parallel or antiparallel pairs or groups of spin states, our method has the extra advantages of using single-qubit measurements and also being secure, so that third parties do not extract any information about the aligned coordinate system established between the two parties. The latter property is important in many other quantum information protocols in which measurements inevitably play a significant role.

Making grandma's data secure: a security architecture for home telemedicine.

PubMed Central

Starren, J.; Sengupta, S.; Hripcsak, G.; Ring, G.; Klerer, R.; Shea, S.

2001-01-01

Home telemedicine presents special challenges for data security and privacy. Experience in the Informatics for Diabetes Education And Telemedicine (IDEATel) project has demonstrated that data security is not a one-size-fits-all problem. The IDEATel users include elderly patients in their homes, nurse case managers, physicians, and researchers. The project supports multiple computer systems that require a variety of user interactions, including: data entry, data review, patient education, videoconferencing, and electronic monitoring. To meet these various needs, a number of different of security solutions were utilized, including: UserID/Password, PKI certificates, time-based tokens, IP filtering, VPNs, symmetric and asymmetric encryption schemes, firewalls and dedicated connections. These were combined in different ways to meet the needs of each user groups. PMID:11825267

A Reaction Time Experiment on Adult Attachment: The Development of a Measure for Neurophysiological Settings

PubMed Central

Wichmann, Theresia; Buchheim, Anna; Menning, Hans; Schenk, Ingmar; George, Carol; Pokorny, Dan

2016-01-01

In the last few decades, there has been an increase of experimental research on automatic unconscious processes concerning the evaluation of the self and others. Previous research investigated implicit aspects of romantic attachment using self-report measures as explicit instruments for assessing attachment style. There is a lack of experimental procedures feasible for neurobiological settings. We developed a reaction time (RT) experiment using a narrative attachment measure with an implicit nature and were interested to capture automatic processes, when the individuals’ attachment system is activated. We aimed to combine attachment methodology with knowledge from implicit measures by using a decision RT paradigm. This should serve as a means to capture implicit aspects of attachment. This experiment evaluated participants’ response to prototypic attachment sentences in association with their own attachment classification, measured with the Adult Attachment Projective Picture System (AAP). First the AAP was administered as the standardized interview procedure to 30 healthy participants, which were classified into a secure or insecure group. In the following experimental session, both experimenter and participants were blind with respect to classifications. One hundred twenty eight prototypically secure or insecure sentences related to the eight pictures of the AAP were presented to the participants. Their response and RTs were recorded. Based on the response (accept, reject) a continuous security scale was defined. Both the AAP classification and security scale were related to the RTs. Differentiated study hypotheses were confirmed for insecure sentences, which were accepted faster by participants from the insecure attachment group (or with lower security scale), and rejected faster by participants from secure attachment group (or with higher security scale). The elaborating unconscious processes were more activated by insecure sentences with potential attachment conflicts. The introduced paradigm is able to contribute to an experimental approach in attachment research. The RT analysis with the narrative procedure might be of interest for a broader variety of questions in experimental and neurophysiological settings to capture unconscious processes in association with internal working models of attachment. An electrophysiological model based on preliminary research is proposed for assessing the preconscious neuronal network related to secure or insecure attachment representations. PMID:27853426

An evaluation of the construct of earned security in adolescents: evidence from an inpatient sample.

PubMed

Venta, Amanda; Sharp, Carla; Shmueli-Goetz, Yael; Newlin, Elizabeth

2015-01-01

In adult attachment research, a group of individuals who convey secure attachments despite recalling difficult early caregiver relationships has been identified. The term earned security refers to individuals in this group, whereas continuous security refers to individuals who convey secure attachments and describe caring early relationships. Evidence on the validity of earned security in adults is mixed--with one longitudinal study showing that earned secure adults, despite contrary recollections, are actually more likely to have experienced positive caregiving than continuous secure adults. There is currently no evidence of earned security in adolescence, and exploring it in this age group may help shed light on the overall problem of the validity of this construct. Therefore, the broad aim of this study was to examine the construct of earned security in a group of inpatient adolescents. First, the authors aimed to identify a group of adolescents with secure attachments and memories of difficult caregiver relationships (i.e., proposed earned secure group) in a sample of 240 inpatient adolescents. Next, to explore external validity, the authors examined whether this group differed from others with regard to internalizing distress and emotion regulation. Findings indicated that a subset of secure adolescents recall difficult caregiving, as has been noted in adults, and that they differ from others with regard to emotion regulation. Despite this preliminary evidence that earned security can be identified in adolescents, the authors conclude with a discussion of the caveats of applying this construct in adolescents as well as adults.

Analysis of Vehicle-Based Security Operations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M; Paul, Nate R

Vehicle-to-vehicle (V2V) communications promises to increase roadway safety by providing each vehicle with 360 degree situational awareness of other vehicles in proximity, and by complementing onboard sensors such as radar or camera in detecting imminent crash scenarios. In the United States, approximately three hundred million automobiles could participate in a fully deployed V2V system if Dedicated Short-Range Communication (DSRC) device use becomes mandatory. The system s reliance on continuous communication, however, provides a potential means for unscrupulous persons to transmit false data in an attempt to cause crashes, create traffic congestion, or simply render the system useless. V2V communications mustmore » be highly scalable while retaining robust security and privacy preserving features to meet the intra-vehicle and vehicle-to-infrastructure communication requirements for a growing vehicle population. Oakridge National Research Laboratory is investigating a Vehicle-Based Security System (VBSS) to provide security and privacy for a fully deployed V2V and V2I system. In the VBSS an On-board Unit (OBU) generates short-term certificates and signs Basic Safety Messages (BSM) to preserve privacy and enhance security. This work outlines a potential VBSS structure and its operational concepts; it examines how a vehicle-based system might feasibly provide security and privacy, highlights remaining challenges, and explores potential mitigations to address those challenges. Certificate management alternatives that attempt to meet V2V security and privacy requirements have been examined previously by the research community including privacy-preserving group certificates, shared certificates, and functional encryption. Due to real-world operational constraints, adopting one of these approaches for VBSS V2V communication is difficult. Timely misbehavior detection and revocation are still open problems for any V2V system. We explore the alternative approaches that may be applicable to a VBSS, and suggest some additional research directions in order to find a practical solution that appropriately addresses security and privacy.« less

No information flow using statistical fluctuations and quantum cryptography

NASA Astrophysics Data System (ADS)

Larsson, Jan-Åke

2004-04-01

The communication protocol of Home and Whitaker [

5 CFR 9901.321 - Structure.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF DEFENSE HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM... career group, the Secretary will establish a common rate range that applies in all locations. (c) The...

5 CFR 9901.311 - Major features.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF DEFENSE HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM... structure of rate ranges linked to various pay bands for each career group, in alignment with the...

The changing face of Hanford security 1990--1994

DOE Office of Scientific and Technical Information (OSTI.GOV)

Thielman, J.

The meltdown of the Cold War was a shock to the systems built to cope with it. At the DOE`s Hanford Site in Washington State, a world-class safeguards and security system was suddenly out of step with the times. The level of protection for nuclear and classified materials was exceptional. But the cost was high and the defense facilities that funded security were closing down. The defense mission had created an umbrella of security over the sprawling Hanford Site. Helicopters designed to ferry special response teams to any trouble spot on the 1,456 square-kilometer site made the umbrella analogy almostmore » literally true. Facilities were grouped into areas, fenced off like a military base, and entrance required a badge check for everyone. Within the fence, additional rings of protection were set up around security interests or targets. The security was effective, but costly to operate and inconvenient for employees and visitors alike. Moreover, the umbrella meant that virtually all employees needed a security clearance just to get to work, whether they worked on classified or unclassified projects. Clearly, some fundamental rethinking of safeguards and security was needed. The effort to meet that challenge is the story of transition at Hanford and documented here.« less

Attachment Security Balances Perspectives: Effects of Security Priming on Highly Optimistic and Pessimistic Explanatory Styles.

PubMed

Deng, Yanhe; Yan, Mengge; Chen, Henry; Sun, Xin; Zhang, Peng; Zeng, Xianglong; Liu, Xiangping; Lye, Yue

2016-01-01

Highly optimistic explanatory style (HOES) and highly pessimistic explanatory style (HPES) are two maladaptive ways to explain the world and may have roots in attachment insecurity. The current study aims to explore the effects of security priming - activating supportive representations of attachment security - on ameliorating these maladaptive explanatory styles. 57 participants with HOES and 57 participants with HPES were randomized into security priming and control conditions. Their scores of overall optimistic attribution were measured before and after priming. Security priming had a moderating effect: the security primed HOES group exhibited lower optimistic attribution, while the security primed HPES group evinced higher scores of optimistic attribution. Furthermore, the security primed HOES group attributed positive outcomes more externally, while the security primed HPES group attributed successful results more internally. The results support the application of security priming interventions on maladaptive explanatory styles. Its potential mechanism and directions for future study are also discussed.

DHS S&T First Responders Group and NATO Counter UAS Proposal Interest Response.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Salton, Jonathan R.

The capability, speed, size, and widespread availability of small unmanned aerial systems (sUAS) makes them a serious security concern. The enabling technologies for sUAS are rapidly evolving and so too are the threats they pose to national security. Potential threat vehicles have a small cross-section, and are difficult to reliably detect using purely ground-based systems (e.g. radar or electro-optical) and challenging to target using conventional anti-aircraft defenses. Ground-based sensors are static and suffer from interference with the earth, vegetation and other man-made structures which obscure objects at low altitudes. Because of these challenges, sUAS pose a unique and rapidly evolvingmore » threat to national security.« less

5 CFR 9901.371 - Conversion into NSPS pay system.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Conversion into NSPS pay system. 9901.371... SECURITY PERSONNEL SYSTEM (NSPS) Pay and Pay Administration Conversion Provisions § 9901.371 Conversion....231 for conversion rules related to determining an employee's career group, pay schedule, and band...

Online referrals one way capitated groups gain efficiencies, reduce errors.

PubMed

2002-08-01

An online referral system is just the latest money and time-saving tool in the e-commerce arsenal at Hill Physicians Medical Group. Using a modified version of Healinx Corp.'s secure e-mail messaging platform, Hill is testing a custom-made online referral system at two primary care practices that appear to be helping the practice boost its bottom line under capitation.

Persistent maritime traffic monitoring for the Canadian Arctic

NASA Astrophysics Data System (ADS)

Ulmke, M.; Battistello, G.; Biermann, J.; Mohrdieck, C.; Pelot, R.; Koch, W.

2017-05-01

This paper presents results of the Canadian-German research project PASSAGES (Protection and Advanced Surveillance System for the Arctic: Green, Efficient, Secure)1 on an advanced surveillance system for safety and security of maritime operations in Arctic areas. The motivation for a surveillance system of the Northwest Passage is the projected growth of maritime traffic along Arctic sea routes and the need for securing Canada's sovereignty by controlling its arctic waters as well as for protecting the safety of international shipping and the intactness of the arctic marine environment. To ensure border security and to detect and prevent illegal activities it is necessary to develop a system for surveillance and reconnaissance that brings together all related means, assets, organizations, processes and structures to build one homogeneous and integrated system. The harsh arctic conditions require a new surveillance concept that fuses heterogeneous sensor data, contextual information, and available pre-processed surveillance data and combines all components to efficiently extract and provide the maximum available amount of information. The fusion of all these heterogeneous data and information will provide improved and comprehensive situation awareness for risk assessment and decision support of different stakeholder groups as governmental authorities, commercial users and Northern communities.

[Infants' attachment security in a vulnerable French sample].

PubMed

Tereno, S; Guedeney, N; Dugravier, R; Greacen, T; Saïas, T; Tubach, F; Ulgen, S; Matos, I; Guédeney, A

2017-04-01

Attachment is a long lasting emotional link established between infants and their caregivers. The quality of early relationships allows infants to safely explore their environment and contribute to the establishment of a broad range of social skills. Several intervention programs targeting infant attachment have been implemented in different contexts, showing diverse degrees of efficacy. The present paper describes, for the first time, children's attachment quality distributions in a French multi-risk population, with a preventive intervention, usual or reinforced. In the CAPEDP study (Parenting and Attachment in Early Childhood: reducing mental health disorder risks and promoting resilience), a sub-sample of 117 women was recruited to assess the effects of this home-visiting program on children's attachment security. With that intent, the Strange Situation Paradigm was used when infants were between 12 and 16 months of age. In the intervention group, 63% (n=41) of the infants were coded as secure, while 15% (n=10) of them were coded as insecure-avoidant and 22% (n=14) as insecure-ambivalent/resistant. 56% (n=29) of control group infants (usual care) were coded as secure, while 27% (n=14) were coded as insecure-avoidant and 17% (n=9) as insecure-ambivalent/resistant. Even if the percentage of children with a secure attachment in the reinforced intervention group was higher than that of the control group, this difference did not reach the threshold of significance [Chi 2 (2)=2.40, P=0.30]. Intervention group distributions were closer to normative samples, and these distributions show the clinical impact of our program. In general, preventive interventions focused on attachment quality have moderate effects but, in our case, several factors might have contributed to lower the statistical impact of the program. Firstly, the control group cannot be considered has having received zero intervention for two reasons: (a) the French usual perinatal health system (Maternal and Infant Protection System) is particularly generous and (b) the effect of this usual system might have been increased by the project intensive assessment protocol (6 visits during 28 months). Secondly, it is possible that the full effect of the intervention had not yet been detected because, when a child's attachment was assessed, only two thirds of the intervention visits had been performed (29 of 44 visits). A "sleeper effect" is still possible: we hope that a more clear result will be seen when children are assessed again, at 48 months, in our follow-up study (CAPEDP-A II). By clarifying the mechanisms involved in the development of a secure attachment, our study aims to contribute and refine the development of early preventive intervention strategies in high perinatal and psychosocial vulnerability contexts. Copyright © 2016 L’Encéphale, Paris. Published by Elsevier Masson SAS. All rights reserved.

United States Air Force Security Forces in an Era of Terrorist Threats

DTIC Science & Technology

1999-06-01

their primary duties. The third alternative is to eliminate the Palace Tenure deployments of security personnel and replace them with dedicated units...The Phoenix Raven program, the 820th Security Forces Group, and Palace Tenure commitments. The specified mission varies by organization, but the...820th Security Forces Group. January 1999, slide 4. 166 Statement of LT. Col. Larry A. Buckingham , 820th Security Forces Group Commander, “820th Security

26 CFR 1.1081-1 - Terms used.

Code of Federal Regulations, 2010 CFR

2010-04-01

... section 1083: Order of the Securities and Exchange Commission; registered holding company; holding company system; associate company; majority-owned subsidiary company; system group; nonexempt property; and stock... defined in the Internal Revenue Code of 1954, shall be given the respective definition contained in such...

77 FR 24178 - Information Systems Technical Advisory Committee; Notice of Partially Closed Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-23

... and Introductions 2. Working Group Reports 3. Industry Presentation: E-beam Lithography 4. Industry Presentation: ENC Threshold for Satellite Modem 5. Industry Presentation: Semiconductor Manufacturing Equipment... DEPARTMENT OF COMMERCE Bureau of Industry and Security Information Systems Technical Advisory...

Framework for behavioral analytics in anomaly identification

NASA Astrophysics Data System (ADS)

Touma, Maroun; Bertino, Elisa; Rivera, Brian; Verma, Dinesh; Calo, Seraphin

2017-05-01

Behavioral Analytics (BA) relies on digital breadcrumbs to build user profiles and create clusters of entities that exhibit a large degree of similarity. The prevailing assumption is that an entity will assimilate the group behavior of the cluster it belongs to. Our understanding of BA and its application in different domains continues to evolve and is a direct result of the growing interest in Machine Learning research. When trying to detect security threats, we use BA techniques to identify anomalies, defined in this paper as deviation from the group behavior. Early research papers in this field reveal a high number of false positives where a security alert is triggered based on deviation from the cluster learned behavior but still within the norm of what the system defines as an acceptable behavior. Further, domain specific security policies tend to be narrow and inadequately represent what an entity can do. Hence, they: a) limit the amount of useful data during the learning phase; and, b) lead to violation of policy during the execution phase. In this paper, we propose a framework for future research on the role of policies and behavior security in a coalition setting with emphasis on anomaly detection and individual's deviation from group activities.

A Third-Party E-Payment Protocol Based on Quantum Group Blind Signature

NASA Astrophysics Data System (ADS)

Zhang, Jian-Zhong; Yang, Yuan-Yuan; Xie, Shu-Cui

2017-09-01

A third-party E-payment protocol based on quantum group blind signature is proposed in this paper. Our E-payment protocol could protect user's anonymity as the traditional E-payment systems do, and also have unconditional security which the classical E-payment systems can not provide. To achieve that, quantum key distribution, one-time pad and quantum group blind signature are adopted in our scheme. Furthermore, if there were a dispute, the manager Trent can identify who tells a lie.

The Mexican Social Security counterreform: pensions for profit.

PubMed

Laurell, A C

1999-01-01

The social security counterreform, initiated in 1997, forms part of the neoliberal reorganization of Mexican society. The reform implies a profound change in the guiding principles of social security, as the public model based on integrality, solidarity, and redistribution is replaced by a model based on private administration of funds and services, individualization of entitlement, and reduction of rights. Its economic purpose is to move social services and benefits into the direct sphere of private capital accumulation. Although these changes will involve the whole social security system--old-age and disability pensions, health care, child care, and workers' compensation--they are most immediately evident in the pension scheme. The pay-as-you-go scheme is being replaced by privately managed individual retirement accounts which especially favor the big financial groups. These groups are gaining control over huge amounts of capital, are authorized to charge a high commission, and run no financial risks. The privatization of the system requires decisive state intervention with a legal change and a sizable state subsidy (1 to 1.5 percent of GNP) over five decades. The supposed positive impact on economic growth and employment is uncertain. A review of the new law and of the estimates of future annuities reveals shrinking pension coverage and inadequate incomes from pensions.

32 CFR 770.57 - Entry procedures.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., Portsmouth, NH 03801, Attention: Security Manager (Code 1700). For groups, foreign citizens, and news media, the request must be forwarded to the Commander, Naval Sea Systems Command, for approval. (b) Each...

ECC-based grouping-proof RFID for inpatient medication safety.

PubMed

Lin, Qiping; Zhang, Fangguo

2012-12-01

Several papers were proposed in which symmetric cryptography was used to design RFID grouping-proof for medication safety in the Journal of Medical Systems. However, if we want to ensure privacy, authentication and protection against the tracking of RFID-tags without losing system scalability, we must design an asymmetric cryptography-based RFID. This paper will propose a new ECC-based grouping-proof for RFID. Our ECC-based grouping-proof reduces the computation of tags and prevents timeout problems from occurring in n-party grouping-proof protocol. Based on asymmetric cryptography, the proposed scheme is practical, secure and efficient for medication applications.

No information flow using statistical fluctuations and quantum cryptography

DOE Office of Scientific and Technical Information (OSTI.GOV)

Larsson, Jan-Aake

2004-04-01

The communication protocol of Home and Whitaker [Phys. Rev. A 67, 022306 (2003)] is examined in some detail, and found to work equally well using a separable state. The protocol is in fact completely classical, based on postselection of suitable experimental runs. The quantum-cryptography protocol proposed in the same publication is also examined, and this protocol uses entanglement, a strictly quantum property of the system. An individual eavesdropping attack on each qubit pair would be detected by the security test proposed in the mentioned paper. However, the key is provided by groups of qubits, and there exists a coherent attack,more » internal to these groups, that will go unnoticed in that security test. A modified test is proposed here that will ensure security, even against such a coherent attack.« less

Maximizing the security of chaotic optical communications.

PubMed

Hou, T T; Yi, L L; Yang, X L; Ke, J X; Hu, Y; Yang, Q; Zhou, P; Hu, W S

2016-10-03

The practical application of chaotic optical communications has been limited by two aspects: the difficulty in concealing the time delay - a critical security parameter in feedback chaotic systems, and the difficulty of significantly enlarging the key space without complicating the implementation. Here we propose an architecture to break the above limits. By introducing a frequency-dependent group delay module with frequency tuning resolution of 1 MHz into the chaotic feedback loop, we demonstrate excellent time delay concealment effect, and an additional huge key space of 10⁴⁸ can be achieved at the same time. The effectiveness is proved by both numerical simulation and experiment. Besides, the proposed scheme is compatible with the existing commercial optical communication systems, thus pave the way for high-speed secure optical communications.

IEC 61850: Technology Standards and Cyber-Security Threats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Youssef, Tarek A; El Hariri, mohamed; Bugay, Nicole

Substations constitute a fundamental part in providing reliable electricity to consumers. For a substation to maintain electricity reliability and its own real-time operability, communication between its components is inevitable. Before the emergence of IEC 61850, inter-substation communication was established via expensive copper wires with limited capabilities. IEC 61850 is the standard set by the International Electrotechnical Commission (IEC) Technical Committee Number 57 Working Group 10 and IEEE for Ethernet (IEEE 802.3)-based communication in electrical substations. Like many power grid systems standards, IEC 61850 was set without extensive consideration for critical security measures. This paper discusses IEC 61850 technology standards andmore » applications thoroughly and points out major security vulnerabilities it introduces in the context of current cyber-physical smart grid systems.« less

One-year results of a prospective randomized, evaluator-blinded, multicenter study comparing TVT and TVT Secur.

PubMed

Andrada Hamer, Maria; Larsson, Per-Göran; Teleman, Pia; Bergqvist, Christina Eten; Persson, Jan

2013-02-01

The aim of this prospective randomized multicenter study was to compare retropubic tension-free vaginal tape (TVT) with TVT Secur in terms of efficacy and safety. We set out to enrol 280 stress urinary incontinent (SUI) women with a half-time interim analysis of short-term cure and adverse events. The short-term results have previously been published. Of the 133 randomized women, 125 underwent surgery, and 121 (TVT n = 61, TVT Secur n = 60) were available for follow-up 1 year postsurgery. No significant differences were found between groups regarding demographics or incontinence grade. One year after surgery, both subjective and objective cure rates were significantly lower for TVT Secur than for TVT (subjective cure: TVT 98 %, TVT Secur 80 %, p = 0.03; objective cure: TVT 94 %, TVT Secur 71 % for cough test, p = 0.01; TVT 76 %, TVT Secur 58 % for pad test, p = 0.05 ). Three major complications occurred in the TVT Secur group: one tape erosion into the urethra, one tape inadvertently placed into the bladder, and one immediate postoperative bleeding due to injury to the corona mortis. No major complications occurred in the TVT group. No significant differences were found between groups regarding peroperative bleeding, hospital stay, urge symptoms, residual urinary volume, subjective bladder emptying problems, postoperative urinary tract infections, and minor complications. The TVT Secur group used more antimuscarine medication after surgery than the TVT group (p = 0.03). Median time for surgery was 13 and 22 min for TVT Secur and TVT, respectively (p < 0.0001). The TVT Secur procedure had significantly inferior subjective and objective cure rates compared with the retropubic TVT procedure. Three serious adverse events occurred in the TVT Secur group. We therefore discourage further use of TVT Secur.

76 FR 64895 - Information Systems Technical Advisory Committee; Notice of Partially Closed Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-19

... Session 1. Welcome and Introductions. 2. Working Group Reports. 3. Industry Presentation: Autonomous Vehicle. 4. Industry Presentation: Technology Export Controls. 5. Industry Presentation: Security as a...

Combating Terrorism, Rebel Groups, and Armed Militias in the Face of Economic Prosperity Opportunities

DTIC Science & Technology

2012-05-04

FINAL 3. DATES COVERED (From - To) 4. TITLE AND SUBTITLE 5a. CONTRACT NUMBER Combatting Terrorism, Rebel Groups , and Armed...facing many security threats. Al-Shabaab in Somalia, armed rebel groups , and armed militia in South Sudan pose the greatest security challenges to the...these groups . 15. SUBJECT TERMS United States Africa Command, Al-Shabaab, Lamu Oil Pipeline, Security. 16. SECURITY CLASSIFICATION OF: 17

An Artificial Neural Network-Based Decision-Support System for Integrated Network Security

DTIC Science & Technology

2014-09-01

group that they need to know in order to make team-based decisions in real-time environments, (c) Employ secure cloud computing services to host mobile...THESIS Presented to the Faculty Department of Electrical and Computer Engineering Graduate School of Engineering and Management Air Force...out-of-the-loop syndrome and create complexity creep. As a result, full automation efforts can lead to inappropriate decision-making despite a

Network Centric Warfare Case Study: U.S. V Corps and 3rd Infantry Division (Mechanized) During Operation Iraqi Freedom Combat Operations (Mar-Apr 2003). Volume 3. Network Centric Warfare Insights

DTIC Science & Technology

2003-01-01

OPSEC), military deception, psychological operations (PSYOPS), special information operations (IO), information assurance, physical security...nonlethal effects, such as operational 8 Network Centric Warfare Case Study security (OPSEC), military deception, psychological operations (PSYOP...Support Operations Group ASR Alternate Supply Route; or, Ammunition Supply Rate ATACMS Army Tactical Missile System ATARS Advanced

An RFID-Based Smart Structure for the Supply Chain: Resilient Scanning Proofs and Ownership Transfer with Positive Secrecy Capacity Channels.

PubMed

Burmester, Mike; Munilla, Jorge; Ortiz, Andrés; Caballero-Gil, Pino

2017-07-04

The National Strategy for Global Supply Chain Security published in 2012 by the White House identifies two primary goals for strengthening global supply chains: first, to promote the efficient and secure movement of goods, and second to foster a resilient supply chain. The Internet of Things (IoT), and in particular Radio Frequency Identification (RFID) technology, can be used to realize these goals. For product identification, tracking and real-time awareness, RFID tags are attached to goods. As tagged goods move along the supply chain from the suppliers to the manufacturers, and then on to the retailers until eventually they reach the customers, two major security challenges can be identified: (I) to protect the shipment of goods that are controlled by potentially untrusted carriers; and (II) to secure the transfer of ownership at each stage of the chain. For the former, grouping proofs in which the tags of the scanned goods generate a proof of "simulatenous" presence can be employed, while for the latter, ownership transfer protocols (OTP) are used. This paper describes enhanced security solutions for both challenges. We first extend earlier work on grouping proofs and group codes to capture resilient group scanning with untrusted readers; then, we describe a modified version of a recently published OTP based on channels with positive secrecy capacity adapted to be implemented on common RFID systems in the supply chain. The proposed solutions take into account the limitations of low cost tags employed in the supply chain, which are only required to generate pseudorandom numbers and compute one-way hash functions.

Comparing replacement rates under private and federal retirement systems.

PubMed

Martin, Patricia P

One measure of the adequacy of retirement income is replacement rate - the percentage of pre-retirement salary that is available to a worker in retirement. This article compares salary replacement rates for private-sector employees of medium and large private establishments with those for federal employees under the Civil Service Retirement System and the Federal Employees Retirement System. Because there is no standard benefit formula to represent the variety of formulas available in the private sector, a composite defined benefit formula was developed using the characteristics of plans summarized in the Bureau of Labor Statistics Medium and Large Employer Plan Survey. The resulting "typical" private-sector defined benefit plan, with an accompanying defined contribution plan, was then compared with the two federal systems. The Civil Service Retirement System (CSRS) is a stand-alone defined benefit plan whose participants are not covered by Social Security. Until passage of the 1983 Amendments to Social Security Act, it was the only retirement plan for most federal civilian employees. Provisions of the 1983 Amendments were designed to restore long-term financial stability to the Social Security trust funds. One provision created the Federal Employees Retirement System (FERS), which covers federal employees hired after 1983. It was one of the provisions designed to restore long-term financial stability to the Social Security trust funds. FERS employees contribute to and are covered by Social Security. FERS, which is a defined benefit plan, also includes a basic benefit and a 401(k)-type plan known as the Thrift Savings Plan (TSP). To compare how retirees would fare under the three different retirement systems, benefits of employees retiring at age 65 with 35 years of service were calculated using hypothetical workers with steady earnings. Workers were classified according to a percentage of the average wage in the economy: low earners (45 percent), average earners (100 percent) high earners (160 percent), and maximum earners (earnings at the taxable maximum amount). Overall, this analysis found that: Excluding Social Security benefits and TSP and defined contribution annuities, CSRS retirees have a higher pre-retirement salary replacement rate than either FERS or private-sector retirees. Private-sector retirees, however, have higher replacement rate than their FERS counterparts. Including Social Security benefits but not TSP and defined contribution plan annuities, CSRS retirees who are maximum earners have a higher pre-retirement salary replacement rate (despite receiving no Social Security benefits) than FERS retirees with the same earnings. Private-sector retirees in all earnings categories have a higher replacement rate than federal retirees with the same earnings. Including Social Security and TSP and defined contribution plan annuities, private-sector retirees in all earnings categories have a higher replacement rate than federal retirees, but their rate is close to that of FERS retirees. The rate is higher for FERS retirees than for CSRS retirees in all earnings categories. This analysis shows that replacement creates could exceed 100 percent for FERS employees who contribute who contribute 6 percent of earnings to the TSP over full working career. Private-sector replacement rates were quite similar for those with both a defined benefit and a defined contribution pension plan. Social Security replacement rates make up the highest proportion of benefits for th private sector's lowest income quartile group. The replacement rate for 401(k) plans and the TSP account for a higher proportion of benefits than does Social Security for all other income groups, assuming the absence of a defined benefit plan.

76 FR 13667 - Chrysler Group LLC; Formerly Known as Chrysler LLC; Kenosha Engine Plant; Including On-Site...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-14

...; Formerly Known as Chrysler LLC; Kenosha Engine Plant; Including On-Site Leased Workers From Caravan Knight..., K+S Services, Inc., G4S Secure Solutions, Crassociates, Inc., CES, INC., Evans Distribution Systems... of Chrysler Group, LLC, formerly known as Chrysler, LLC, Kenosha Engine Plant, Kenosha, Wisconsin...

Usage of insecure E-mail services among researchers with different scientific background.

PubMed

Solić, Kresimir; Grgić, Krešimir; Ilakovac, Vesna; Zagar, Drago

2011-08-01

Free web‑based e-mail services are considered to have more security flaws than institutional ones, but they are frequently used among scientific researchers for professional communication. The aim of this study was to analyze frequency of usage of the insecure free e-mail services for professional communication among biomedical, economical and technical researchers, who published papers in one of three different journals: Croatian Medical Journal, Automatika and Economic Research. Contact details of the authors who provided their e‑mail address from the papers published in those three journals during one year period were collected. These e‑mail addresses were collected from the electronic archive of the journals in question. The domains of all e‑mail addresses were assessed and contacts were categorized into three groups according to the following types: world-wide known free web‑based e‑mail services, national Internet Service Provider (ISP) e-mail services, and institutional or corporate e-mail addresses. The proportion of authors using free web-based e-mail services, the least secure group type, was highest among biomedical researchers (17.8%) while every e‑mail address collected from the technical journal belonged to the secured institutional e‑mail group type. It seems that all researchers from the technical scientific field and most of the researchers from the economical field value good security practice and use more secure systems for professional communication. High percentage of the biomedical researchers who use insecure e‑mail services may mean that they need to be warned of the possible security disadvantages of those kinds of e‑mail addresses.

Perceptions of health care professionals on the safety and security at Odi District Hospital, Gauteng, South Africa

PubMed Central

Okeke, Sunday O.

2017-01-01

Background For optimum delivery of service, an establishment needs to ensure a safe and secure environment. In 2011, the South African government promulgated the National Core Standards for Health Establishments for safety and security for all employees in all establishments. Little is known about whether these standards are being complied to. Aim and setting: To assess the perceptions of health care professionals (HCPs) on safety and security at Odi District Hospital. Methodology A sample of 181 out of a total of 341 HCPs was drawn through a systematic sampling method from each HCP category. Data were collected through a self-administered questionnaire. The SPSS® statistical software version 22 was used for data analysis. The level of statistical significance was set at < 0.05. Results There were more female respondents than male respondents (136; 75.10%). The dominant age group was 28–47 years (114; 57.46%). Perceptions on security personnel, their efficiency and the security system were significantly affirmed (p = 0.0001). The hospital infrastructure, surroundings and plan in emergencies were perceived to be safe (p < 0.0001). The hospital lighting system was perceived as inadequate (p = 0.0041). Only 36 (20.2%) HCPs perceived that hospital authorities were concerned about employees’ safety (p < 0.0001). Conclusion HCPs had positive perceptions regarding the hospital’s security system. Except for the negative perceptions of the lighting system and the perceived lack of hospital authorities’ concern for staff safety, perceptions of the HCPs on the hospital working environment were positive. The hospital authorities need to establish the basis of negative perceptions and enforce remedial measures to redress them. PMID:29113444

Earth Observations for Global Water Security

NASA Technical Reports Server (NTRS)

Lawford, Richard; Strauch, Adrian; Toll, David; Fekete, Balazs; Cripe, Douglas

2013-01-01

The combined effects of population growth, increasing demands for water to support agriculture, energy security, and industrial expansion, and the challenges of climate change give rise to an urgent need to carefully monitor and assess trends and variations in water resources. Doing so will ensure that sustainable access to adequate quantities of safe and useable water will serve as a foundation for water security. Both satellite and in situ observations combined with data assimilation and models are needed for effective, integrated monitoring of the water cycle's trends and variability in terms of both quantity and quality. On the basis of a review of existing observational systems, we argue that a new integrated monitoring capability for water security purposes is urgently needed. Furthermore, the components for this capability exist and could be integrated through the cooperation of national observational programmes. The Group on Earth Observations should play a central role in the design, implementation, management and analysis of this system and its products.

Using Instant Messaging Systems as a Platform for Electronic Voting

NASA Astrophysics Data System (ADS)

Meletiadou, Anastasia; Grimm, Rüdiger

Many Instant Messaging (IM) systems like Skype or Spark offer ex tended services such as file sharing, VoIP, or a shared whiteboard. As the name suggests, IM applications are predominantly used for spontaneous text-based communication for private or business purposes. In this paper we explore their potential to serve as platforms for secure collaborative applications like electronic contract negotiation, e-payment or electronic voting. Such applications have to deal with challenges like time constraints (“instant” com munication is desired), integration of media channels and the absence of one uni fying “sphere of control” covering all participants. In this paper, we address these challenges by discussing one particular secure collaborative application: secure decision processes for small groups. We provide the following contribu tions: (1) we define three varying scenarios and corresponding security require ments (2) we present an IM-based architecture implementing these scenarios, in cluding a Video-based authentication mechanism, and (3) we discuss poten tial attack patterns.

76 FR 30986 - Bureau of International Security and Nonproliferation; Imposition of Nonproliferation Measures...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-27

... control lists (Missile Technology Control Regime, Australia Group, Chemical Weapons Convention, Nuclear... the development of weapons of mass destruction (WMD) or cruise or ballistic missile systems. The... contribution to WMD or cruise or ballistic missile systems, (b) other items with the potential of making such a...

49 CFR 383.73 - State procedures.

Code of Federal Regulations, 2013 CFR

2013-10-01

... endorsement knowledge tests; (iv) Allow only a group-specific passenger (P) and school bus (S) endorsement and... must verify the name, date of birth, and Social Security Number provided by the applicant with the...-domiciled CDL. (n) Computer system controls. The State must establish computer system controls that will: (1...

Association between secure patient-clinician email and clinical services utilisation in a US integrated health system: a retrospective cohort study.

PubMed

Meng, Di; Palen, Ted E; Tsai, Joanne; McLeod, Melanie; Garrido, Terhilda; Qian, Heather

2015-11-09

To assess associations between secure patient-clinician email use and clinical services utilisation over time. Retrospective cohort study between July 2010 and December 2013. Controlling for a utilisation surge around first secure email use, we analysed difference of differences between propensity score-matched groups of secure patient-clinician email users and non-users for utilisation 1-12 months before and 7-18 months after first email (users) or a randomly assigned index date (non-users). US integrated healthcare delivery system. 9345 adults with first secure email use between July 2011 and July 2012 and continuous enrolment for ≥30 months and 9345 adults without secure email use between July 2010 and July 2012 matched to users on demographics, health status, and baseline utilisation. Rates of office visits, patient-initiated phone calls, scheduled telephone visits, after-hours clinic visits, emergency department visits, and hospitalisations. After controlling for multiple factors, no statistically significant differences in utilisation between secure email users and non-users occurred. Utilisation transiently increased by 88-237% around first email use. Annual rates of patient-initiated phone calls decreased among secure email users, 0.2 fewer calls per person (95% CI -0.3 to -0.1), from a mean of 4.1 calls per person 1-12 months before first use to a mean of 3.8 calls per person 7-18 months after first use. Rates of patient-initiated phone calls also decreased among non-users, 0.1 fewer calls per person (95% CI -0.2 to 0.0), from a mean of 4.2 calls per person 1-12 months before the index date to mean of 4.1 calls per person 7-18 months after the index date. Compared with non-users, patient use of secure email with clinicians was not associated with statistically significant differences in clinical services utilisation 7-18 months after first use. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://www.bmj.com/company/products-services/rights-and-licensing/

OPSAID Initial Design and Testing Report.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hurd, Steven A.; Stamp, Jason Edwin; Chavez, Adrian R.

2007-11-01

Process Control System (PCS) security is critical to our national security. Yet, there are a number of technological, economic, and educational impediments to PCS owners implementing effective security on their systems. OPSAID (Open PCS Security Architecture for Interoperable Design), a project sponsored by the US Department of Energy's Office of Electricity Delivery and Reliability, aims to address this issue through developing and testing an open source architecture for PCS security. Sandia National Laboratories, along with a team of PCS vendors and owners, have developed and tested this PCS security architecture. This report describes their progress to date.2 AcknowledgementsThe authors acknowledgemore » and thank their colleagues for their assistance with the OPSAID project.Sandia National Laboratories: Alex Berry, Charles Perine, Regis Cassidy, Bryan Richardson, Laurence PhillipsTeumim Technical, LLC: Dave TeumimIn addition, the authors are greatly indebted to the invaluable help of the members of the OPSAID Core Team. Their assistance has been critical to the success and industry acceptance of the OPSAID project.Schweitzer Engineering Laboratory: Rhett Smith, Ryan Bradetich, Dennis GammelTelTone: Ori Artman Entergy: Dave Norton, Leonard Chamberlin, Mark AllenThe authors would like to acknowledge that the work that produced the results presented in this paper was funded by the U.S. Department of Energy/Office of Electricity Delivery and Energy Reliability (DOE/OE) as part of the National SCADA Test Bed (NSTB) Program. Executive SummaryProcess control systems (PCS) are very important for critical infrastructure and manufacturing operations, yet cyber security technology in PCS is generally poor. The OPSAID (Open PCS (Process Control System) Security Architecture for Interoperable Design) program is intended to address these security shortcomings by accelerating the availability and deployment of comprehensive security technology for PCS, both for existing PCS and inherently secure PCS in the future. All activities are closely linked to industry outreach and advisory efforts.Generally speaking, the OPSAID project is focused on providing comprehensive security functionality to PCS that communicate using IP. This is done through creating an interoperable PCS security architecture and developing a reference implementation, which is tested extensively for performance and reliability.This report first provides background on the PCS security problem and OPSAID, followed by goals and objectives of the project. The report also includes an overview of the results, including the OPSAID architecture and testing activities, along with results from industry outreach activities. Conclusion and recommendation sections follow. Finally, a series of appendices provide more detailed information regarding architecture and testing activities.Summarizing the project results, the OPSAID architecture was defined, which includes modular security functionality and corresponding component modules. The reference implementation, which includes the collection of component modules, was tested extensively and proved to provide more than acceptable performance in a variety of test scenarios. The primary challenge in implementation and testing was correcting initial configuration errors.OPSAID industry outreach efforts were very successful. A small group of industry partners were extensively involved in both the design and testing of OPSAID. Conference presentations resulted in creating a larger group of potential industry partners.Based upon experience implementing and testing OPSAID, as well as through collecting industry feedback, the OPSAID project has done well and is well received. Recommendations for future work include further development of advanced functionality, refinement of interoperability guidance, additional laboratory and field testing, and industry outreach that includes PCS owner education. 4 5 --This page intentionally left blank --« less

Smarter hospital communication: secure smartphone text messaging improves provider satisfaction and perception of efficacy, workflow.

PubMed

Przybylo, Jennifer A; Wang, Ange; Loftus, Pooja; Evans, Kambria H; Chu, Isabella; Shieh, Lisa

2014-09-01

Though current hospital paging systems are neither efficient (callbacks disrupt workflow), nor secure (pagers are not Health Insurance Portability and Accountability Act [HIPAA]-compliant), they are routinely used to communicate patient information. Smartphone-based text messaging is a potentially more convenient and efficient mobile alternative; however, commercial cellular networks are also not secure. To determine if augmenting one-way pagers with Medigram, a secure, HIPAA-compliant group messaging (HCGM) application for smartphones, could improve hospital team communication. Eight-week prospective, cluster-randomized, controlled trial Stanford Hospital Three inpatient medicine teams used the HCGM application in addition to paging, while two inpatient medicine teams used paging only for intra-team communication. Baseline and post-study surveys were collected from 22 control and 41 HCGM team members. When compared with paging, HCGM was rated significantly (P < 0.05) more effective in: (1) allowing users to communicate thoughts clearly (P = 0.010) and efficiently (P = 0.009) and (2) integrating into workflow during rounds (P = 0.018) and patient discharge (P = 0.012). Overall satisfaction with HCGM was significantly higher (P = 0.003). 85% of HCGM team respondents said they would recommend using an HCGM system on the wards. Smartphone-based, HIPAA-compliant group messaging applications improve provider perception of in-hospital communication, while providing the information security that paging and commercial cellular networks do not. © 2014 The Authors Journal of Hospital Medicine published by Wiley Periodicals, Inc. on behalf of Society of Hospital Medicine.

The Role of Neuropeptides in Persistent Virus Infections of the Central Nervous System

DTIC Science & Technology

1990-05-10

5000 61153N RR04108 441f722 11. TITLE (include Security Classification) (U) The role of neuropeptides in persistent virus infections of the central...identify by block number) FIELD GROUP SUB-GROUP opioids, lymphocytes, infections , nervous system, virus, immunity, neuropeptides 19 ABSTRACT (Continue on...endorphin, 24 h after reconstitution of nude mice with splenocytes and 24 h prior to infection with virus, re- sulted in 74% survival; and 39% of the

78 FR 30967 - Cross-Border Security-Based Swap Activities; Re-Proposal of Regulation SBSR and Certain Rules and...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-23

... context of the security-based swap dealer definition, for affiliated groups with a registered security... for Affiliated Groups with Registered Security-Based Swap Dealers); Rule 3a71-5 (Substituted... 13n-12 (Exemption from Requirements Governing Security-Based Swap Data Repositories for Certain Non-U...

Role of farmer group institutions in increasing farm production and household food security

NASA Astrophysics Data System (ADS)

Rahmadanih; Bulkis, S.; Arsyad, M.; Amrullah, A.; Viantika, N. M.

2018-05-01

Food productions and food security are still becomes serious issue in agriculture development. The research objectives are (1) Examining the role of Farmer Group in increasing farm production and (2) Analyzing the role of Farmer Group in relationship with the household food security. The research was conducted in Soppeng District, South Sulawesi, Indonesia by taking unit of analysis at household level of Farmer Group members. Sample were 6 farmer groups, consisting of 365 households. The Results showed that the Farmer Group has a good role as a production, collaboration and market unit to increase farming production (score 2.3-2.6), but haven’t much impact to increase household food security. Rice production are 4.2 – 6.2 tons per hectare and household food security level are “low and marginal food secure” (mean score 4 and 6). Nevertheless, the role of Farmer Group showed a positive relationship with the level of household food security. So, it is necessarry to increase the role of Farmer Group in order to increase income and household food security based on Farmer Group’s needs and potencies through facilitation of (a) seed and water/irrigation availability, (b) preparing organization rules (AD/ART) and (c) appropriate training and education of food and nutrition.

Statistics of City School Systems, 1917-18. Bulletin, 1920, No. 24

ERIC Educational Resources Information Center

Bonner, H. R.

1920-01-01

This report presents the statistics of city public schools for the school year 1917-18. An attempt has been made for the first time to secure statistics from all cities which had a population of 2,500 or over in 1910. The cities have been divided into five groups: Group I, including all cities with a population of 100,000 and over; Group II, all…

Dialogue Systems and Dialogue Management

DTIC Science & Technology

2016-12-01

dialogue management capability within DST Group’s Consensus project . UNCLASSIFIED UNCLASSIFIED Author Deeno Burgan National Security...3.1 Survey Process This research into dialogue management is part of a joint collaboration between DST Group and CSIRO. The project team comprised...

EU-US standards harmonization task group report : status of ITS security standards.

DOT National Transportation Integrated Search

1998-07-01

This document assembles best practices and presents practical advice on how to acquire the software components of Intelligent Transportation Systems (ITS). The intended audience is the customers--project leaders, technical contract managers, de...

Maritime security report. May 2000 [Organization of American States Tactical Advisory Group on Port Security

DOT National Transportation Integrated Search

2000-05-01

The member countries of the Organization of American States (OAS) have recognized that a coordinated multilateral approach to improving port security in the Western Hemisphere is needed and has established a Technical Advisory Group on Port Security ...

[Social Security Needs Social Medicine: Self-image of Physicians Practicing Social Medicine in Statutory Health Insurances and Social Security Systems].

PubMed

Nüchtern, E; Bahemann, A; Egdmann, W; van Essen, J; Gostomzyk, J; Hemmrich, K; Manegold, B; Müller, B; Robra, B P; Röder, M; Schmidt, L; Zobel, A; von Mittelstaedt, G

2015-09-01

In January, 2014, the division "Social Medicine in Practice and Rehabilitation" of the German Society for Social Medicine and Prevention established a working group on the self-image of the physicians active in the field of social medicine (medical expertise and counseling). The result of this work is the contribution presented here after consensus was achieved by specialists of social medicine from different fields and institutions (social security etc.) and in good cooperation with Prof. Dr. Gostomzyk and Prof. Dr. Robra. Based on the importance of an up to date social medicine for claimants and recipients of benefits on the one hand and the social security system on the other, and also on a description of the subjects, objectives and methods the following aspects are presented: · The perspective of social medicine. · Qualification in social medicine, concerning specialist training and continuing medical education. · The fields of duty of experts in social medicine. · The proceedings in social medicine. The working group identified challenges for the specialists in social medicine by a narrowed perception of social medicine by physicians in hospitals and practice, accompanied by an enlarged importance of expertise in social medicine, by the demand for more "patient orientation" and gain of transparency, and concerning the scientific foundation of social medicine. The working group postulates: · The perspective of social medicine should be spread more widely.. · Confidence in experts of social medicine and their independency should be strengthened.. · The not case-related consulting of the staff and executives should be expanded.. · Social medicine in practice needs support by politics and society, and especially by research and teaching.. · Good cooperation and transfer of experiences of the different branches of social security are essential for the impact of social medicine.. © Georg Thieme Verlag KG Stuttgart · New York.

78 FR 48029 - Improving Chemical Facility Safety and Security

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-07

... responding to risks in chemical facilities (including during pre-inspection, inspection execution, post.... Sec. 2. Establishment of the Chemical Facility Safety and Security Working Group. (a) There is established a Chemical Facility Safety and Security Working Group (Working Group) co-chaired by the Secretary...

3 CFR 13650 - Executive Order 13650 of August 1, 2013. Improving Chemical Facility Safety and Security

Code of Federal Regulations, 2014 CFR

2014-01-01

... Working Group. (a) There is established a Chemical Facility Safety and Security Working Group (Working Group) co-chaired by the Secretary of Homeland Security, the Administrator of the Environmental... Secretary level or higher. In addition, the Working Group shall consist of the head of each of the following...

Implementing an Intrusion Detection System in the Mysea Architecture

DTIC Science & Technology

2008-06-01

password for each user passwd <username> then follow the prompts 2. PostgreSQL 7.4.18 Installation Perform the following steps as root: 1. Copy...password changed Repeat for user snort. exit After making the groups and users the group and passwd file needs to be updated. Set security and...untrusted/bin/xtsmkgroup > /etc/group chmod 644 /etc/group /xts/untrusted/bin/xtsmkpasswd > /etc/ passwd chmod 644 /etc/ passwd 3. PostgreSQL 7.4.18

An RFID-Based Smart Structure for the Supply Chain: Resilient Scanning Proofs and Ownership Transfer with Positive Secrecy Capacity Channels †

PubMed Central

Ortiz, Andrés

2017-01-01

The National Strategy for Global Supply Chain Security published in 2012 by the White House identifies two primary goals for strengthening global supply chains: first, to promote the efficient and secure movement of goods, and second to foster a resilient supply chain. The Internet of Things (IoT), and in particular Radio Frequency Identification (RFID) technology, can be used to realize these goals. For product identification, tracking and real-time awareness, RFID tags are attached to goods. As tagged goods move along the supply chain from the suppliers to the manufacturers, and then on to the retailers until eventually they reach the customers, two major security challenges can be identified: (I) to protect the shipment of goods that are controlled by potentially untrusted carriers; and (II) to secure the transfer of ownership at each stage of the chain. For the former, grouping proofs in which the tags of the scanned goods generate a proof of “simulatenous” presence can be employed, while for the latter, ownership transfer protocols (OTP) are used. This paper describes enhanced security solutions for both challenges. We first extend earlier work on grouping proofs and group codes to capture resilient group scanning with untrusted readers; then, we describe a modified version of a recently published OTP based on channels with positive secrecy capacity adapted to be implemented on common RFID systems in the supply chain. The proposed solutions take into account the limitations of low cost tags employed in the supply chain, which are only required to generate pseudorandom numbers and compute one-way hash functions. PMID:28677637

Smashing the Stovepipe: Leveraging the GMSEC Open Architecture and Advanced IT Automation to Rapidly Prototype, Develop and Deploy Next-Generation Multi-Mission Ground Systems

NASA Technical Reports Server (NTRS)

Swenson, Paul

2017-01-01

Satellite/Payload Ground Systems - Typically highly-customized to a specific mission's use cases - Utilize hundreds (or thousands!) of specialized point-to-point interfaces for data flows / file transfers Documentation and tracking of these complex interfaces requires extensive time to develop and extremely high staffing costs Implementation and testing of these interfaces are even more cost-prohibitive, and documentation often lags behind implementation resulting in inconsistencies down the road With expanding threat vectors, IT Security, Information Assurance and Operational Security have become key Ground System architecture drivers New Federal security-related directives are generated on a daily basis, imposing new requirements on current / existing ground systems - These mandated activities and data calls typically carry little or no additional funding for implementation As a result, Ground System Sustaining Engineering groups and Information Technology staff continually struggle to keep up with the rolling tide of security Advancing security concerns and shrinking budgets are pushing these large stove-piped ground systems to begin sharing resources - I.e. Operational / SysAdmin staff, IT security baselines, architecture decisions or even networks / hosting infrastructure Refactoring these existing ground systems into multi-mission assets proves extremely challenging due to what is typically very tight coupling between legacy components As a result, many "Multi-Mission" ops. environments end up simply sharing compute resources and networks due to the difficulty of refactoring into true multi-mission systems Utilizing continuous integration / rapid system deployment technologies in conjunction with an open architecture messaging approach allows System Engineers and Architects to worry less about the low-level details of interfaces between components and configuration of systems GMSEC messaging is inherently designed to support multi-mission requirements, and allows components to aggregate data across multiple homogeneous or heterogeneous satellites or payloads - The highly-successful Goddard Science and Planetary Operations Control Center (SPOCC) utilizes GMSEC as the hub for it's automation and situational awareness capability Shifts focus towards getting GS to a final configuration-managed baseline, as well as multi-mission / big-picture capabilities that help increase situational awareness, promote cross-mission sharing and establish enhanced fleet management capabilities across all levels of the enterprise.

Patient empowerment by the means of citizen-managed Electronic Health Records: web 2.0 health digital identity scenarios.

PubMed

Falcão-Reis, Filipa; Correia, Manuel E

2010-01-01

With the advent of more sophisticated and comprehensive healthcare information systems, system builders are becoming more interested in patient interaction and what he can do to help to improve his own health care. Information systems play nowadays a crucial and fundamental role in hospital work-flows, thus providing great opportunities to introduce and improve upon "patient empowerment" processes for the personalization and management of Electronic Health Records (EHRs). In this paper, we present a patient's privacy generic control mechanisms scenarios based on the Extended OpenID (eOID), a user centric digital identity provider previously developed by our group, which leverages a secured OpenID 2.0 infrastructure with the recently released Portuguese Citizen Card (CC) for secure authentication in a distributed health information environment. eOID also takes advantage of Oauth assertion based mechanisms to implement patient controlled secure qualified role based access to his EHR, by third parties.

Laser speckle decorrelation for fingerprint acquisition

NASA Astrophysics Data System (ADS)

Schirripa Spagnolo, Giuseppe; Cozzella, Lorenzo

2012-09-01

Biometry is gaining popularity as a physical security approach in situations where a high level of security is necessary. Currently, biometric solutions are embedded in a very large and heterogeneous group of applications. One of the most sensible is for airport security access to boarding gates. More airports are introducing biometric solutions based on face, fingerprint or iris recognition for passenger identification. In particular, fingerprints are the most widely used biometric, and they are mandatorily included in electronic identification documents. One important issue, which is difficult to address in traditional fingerprint acquisition systems, is preventing contact between subsequent users; sebum, which can be a potential vector for contagious diseases. Currently, non-contact devices are used to overcome this problem. In this paper, a new contact device based on laser speckle decorrelation is presented. Our system has the advantage of being compact and low-cost compared with an actual contactless system, allowing enhancement of the sebum pattern imaging contrast in a simple and low-cost way. Furthermore, it avoids the spreading of contagious diseases.

Understanding High Incidence of Severe Obesity and Very Low Food Security in Food Pantry Clients: Implications For Social Work.

PubMed

Kaiser, Michelle L; Cafer, Anne

2018-01-01

The United States is facing two interconnected social and public health crises of severe obesity and food insecurity within the social-ecological environment. Marginalized groups experience the highest rates and the greatest impacts in terms of morbidity, mortality, and financial burdens. Consequences include experiencing multimorbidities, mental health issues, and decreased quality of life. Food pantries have served as spaces to obtain food to meet household needs, but for some, food pantries have become long-term solutions. We surveyed 2,634 people who accessed pantries in 2005, 2010, and 2013 across 32 counties in a Midwest state. The authors sought to understand to what extent does length of time using a food pantry, food security status, income sources, use of federal food benefits, visiting a doctor, and demographic variables increase odds of severe obesity. More than 14% were severely obese; those who were long-term food pantry users and very low food secure were 1.732 times more likely to be severely obese. Receiving Disability/Supplemental Security Income, seeing a doctor in the last year, being female, and older age reduced the odds of severe obesity. Discussion includes implications for social workers who interact with groups likely to experience very low food security and severe obesity at different systems levels.

Sense of security - searching for its meaning by using stories: a Participatory Action Research study in health and social care in Sweden.

PubMed

Petersson, Pia; Blomqvist, Kerstin

2011-03-01

The aim of this study was to make sense of the Swedish concept 'trygghet' by using stories from daily life in a Participatory Action Research project. In Sweden, attempts to implement core values to ensure high quality health and social care for older people are given high priority and concepts such as security and dignity are often used. As concepts are abstract they are difficult to transform into practical work. One group of six assistant nurses and one group of five Registered Nurses working in a municipality participated in Story Dialogue Method and four older women were interviewed. 'Trygghet' was found to be an internal sense - an intrinsic state based on faith and trust in oneself and others called Sense of security. External factors that strengthened Sense of security were to be part of a community, to recognize and be familiar with things and situations and to use various kinds of aids. A prerequisite for the professionals being able to support the care receivers adequately is that they have a sense of security themselves, and that they are allowed to operate in a system that facilitates for the care receivers to maintain trustworthy and reliable relations over time. © 2010 Blackwell Publishing Ltd.

Transforming the Security Classification System

DTIC Science & Technology

2012-11-01

report, the Board heard from the following individuals and groups: • Steve Aftergood, Senior Research Analyst, Project on Government Secrecy...National Intelligence, ODNI H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H 36 | PUBLIC INTEREST DECLASSIFICATION B OARD • Steve Henry...Deputy Associate Director for Community Integration, Policy and Records, NSA • Vincent Jarvie , Vice President for Corporate Security, L3

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

Failure Impact Analysis of Key Management in AMI Using Cybernomic Situational Assessment (CSA)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Hauser, Katie R

2013-01-01

In earlier work, we presented a computational framework for quantifying the security of a system in terms of the average loss a stakeholder stands to sustain as a result of threats to the system. We named this system, the Cyberspace Security Econometrics System (CSES). In this paper, we refine the framework and apply it to cryptographic key management within the Advanced Metering Infrastructure (AMI) as an example. The stakeholders, requirements, components, and threats are determined. We then populate the matrices with justified values by addressing the AMI at a higher level, rather than trying to consider every piece of hardwaremore » and software involved. We accomplish this task by leveraging the recently established NISTR 7628 guideline for smart grid security. This allowed us to choose the stakeholders, requirements, components, and threats realistically. We reviewed the literature and selected an industry technical working group to select three representative threats from a collection of 29 threats. From this subset, we populate the stakes, dependency, and impact matrices, and the threat vector with realistic numbers. Each Stakeholder s Mean Failure Cost is then computed.« less

Centralized Cryptographic Key Management and Critical Risk Assessment - CRADA Final Report For CRADA Number NFE-11-03562

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, R. K.; Peters, Scott

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) Cyber Security for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing Cyber Security for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modifiedmore » and used as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

Cryptographic Key Management and Critical Risk Assessment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K

The Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE) CyberSecurity for Energy Delivery Systems (CSEDS) industry led program (DE-FOA-0000359) entitled "Innovation for Increasing CyberSecurity for Energy Delivery Systems (12CSEDS)," awarded a contract to Sypris Electronics LLC to develop a Cryptographic Key Management System for the smart grid (Scalable Key Management Solutions for Critical Infrastructure Protection). Oak Ridge National Laboratory (ORNL) and Sypris Electronics, LLC as a result of that award entered into a CRADA (NFE-11-03562) between ORNL and Sypris Electronics, LLC. ORNL provided its Cyber Security Econometrics System (CSES) as a tool to be modified and usedmore » as a metric to address risks and vulnerabilities in the management of cryptographic keys within the Advanced Metering Infrastructure (AMI) domain of the electric sector. ORNL concentrated our analysis on the AMI domain of which the National Electric Sector Cyber security Organization Resource (NESCOR) Working Group 1 (WG1) has documented 29 failure scenarios. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimated the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We applied this model to estimate the security of the AMI, by leveraging the recently established National Institute of Standards and Technology Interagency Report (NISTIR) 7628 guidelines for smart grid security and the International Electrotechnical Commission (IEC) 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigned to each stakeholder an estimate of their average loss in terms of dollars per day of system operation. To further address probabilities of threats, information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. The strategy for the game was developed by analyzing five electric sector representative failure scenarios contained in the AMI functional domain from NESCOR WG1. From these five selected scenarios, we characterized them into three specific threat categories affecting confidentiality, integrity and availability (CIA). The analysis using our ABGT simulation demonstrated how to model the AMI functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the AMI network with respect to CIA.« less

49 CFR 659.23 - System security plan: contents.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: contents. 659.23 Section 659... State Oversight Agency § 659.23 System security plan: contents. The system security plan must, at a... system security plan; and (e) Document the rail transit agency's process for making its system security...

EU-US standards harmonization task group report : feedback to standards development organizations - security

DOT National Transportation Integrated Search

1998-07-01

This document assembles best practices and presents practical advice on how to acquire the software components of Intelligent Transportation Systems (ITS). The intended audience is the customers--project leaders, technical contract managers, de...

Optimizing and Validating a Brief Assessment for Identifying Children of Service Members at Risk for Psychological Health Problems Following Parent Deployment

DTIC Science & Technology

2017-09-01

these groups . In the 2014/2015 year, efforts focused on securing a commitment from the United States Marine Corps to host the study. In Winter 2014...we can reach an adjusted sample size target in the 2017/2018 project year by expanding our recruitment to incorporate deploying infantry groups ...Vocabulary Test Revised. Circle Pines, MN: American Guidance Service. George, C. & Solomon , J. (2008). The caregving system: A behavioral systems approach

Patients' willingness to pay for electronic communication with their general practitioner.

PubMed

Bergmo, Trine Strand; Wangberg, Silje Camilla

2007-06-01

Despite the common use of electronic communication in other aspects of everyday life, its use between patients and health care providers has been slow to diffuse. Possible explanations are security issues and lack of payment mechanisms. This study investigated how patients value secure electronic access to their general practitioner (GP). One hundred and ninety-nine patients were asked an open-ended willingness-to-pay (WTP) question as part of a randomised controlled trial. We compared the WTP values between two groups of respondents; one group had had the opportunity to communicate electronically with their GP for a year and the other group had not. Fifty-two percent of the total sample was willing to pay for electronic GP contact. The group of patients with access revealed a significantly lower WTP than the group without such access. Possible explanations are that the system had fewer benefits than expected, a presence of hypothetical bias or simply a preference for face-to-face encounters.

Breaching the security of the Kaiser Permanente Internet patient portal: the organizational foundations of information security.

PubMed

Collmann, Jeff; Cooper, Ted

2007-01-01

This case study describes and analyzes a breach of the confidentiality and integrity of personally identified health information (e.g. appointment details, answers to patients' questions, medical advice) for over 800 Kaiser Permanente (KP) members through KP Online, a web-enabled health care portal. The authors obtained and analyzed multiple types of qualitative data about this incident including interviews with KP staff, incident reports, root cause analyses, and media reports. Reasons at multiple levels account for the breach, including the architecture of the information system, the motivations of individual staff members, and differences among the subcultures of individual groups within as well as technical and social relations across the Kaiser IT program. None of these reasons could be classified, strictly speaking, as "security violations." This case study, thus, suggests that, to protect sensitive patient information, health care organizations should build safe organizational contexts for complex health information systems in addition to complying with good information security practice and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) of 1996.

Assessment of risks of EMI for personal medical electronic devices (PMEDs) from emissions of millimeter-wave security screening systems

NASA Astrophysics Data System (ADS)

Witters, Donald; Bassen, Howard; Guag, Joshua; Addissie, Bisrat; LaSorte, Nickolas; Rafai, Hazem

2013-06-01

This paper describes research and testing of a representative group of high priority body worn and implantable personal medical electronic devices (PMEDs) for exposure to millimeter wave (MMW) advanced imaging technology (AIT) security systems used at airports. The sample PMEDs included in this study were implantable cardiac pacemakers, ICDs, neurostimulators and insulin pumps. These PMEDs are designed and tested for susceptibility to electromagnetic interference (EMI) under the present standards for medical device electromagnetic compatibility (EMC). However, the present standards for medical equipment do not address exposure to the much higher frequency fields that are emitted by MMW security systems. Initial AIT emissions measurements were performed to assess the PMED and passenger exposures. Testing protocols were developed and testing methods were tailored to the type of PMED. In addition, a novel exposure simulation system was developed to allow controlled EMC testing without the need of the MMW AIT system. Methodology, test results, and analysis are presented, along with an assessment of the human exposure and risks for PMED users. The results on this study reveal no effects on the medical devices from the exposure to the MMW security system. Furthermore, the human exposure measurements and analysis showed levels well below applicable standard, and the risks for PMED users and others we assessed to be very low. These findings apply to the types of PMEDs used in the study though these findings might suggest that the risks for other, similar PMEDs would likely be similar.

76 FR 6499 - China 9D Construction Group; Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-04

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] China 9D Construction Group; Order of Suspension of Trading February 2, 2011. It appears to the Securities and Exchange Commission that there is a lack of current and accurate information concerning the securities of China 9D Construction Group...

75 FR 14335 - Revisions to the Export Administration Regulations To Enhance U.S. Homeland Security: Addition of...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-25

... identified by an interagency working group that is reviewing export control issues related to homeland security. The interagency working group is made up of representatives from the Departments of Commerce, Defense, Homeland Security and State. The purpose of the interagency working group is to ensure that...

Secure key storage and distribution

DOEpatents

Agrawal, Punit

2015-06-02

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

75 FR 80885 - Fifteenth Meeting: EUROCAE WG-72: RTCA Special Committee 216: Aeronautical Systems Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

..., Boeing Commercial Airplane Group. FOR FURTHER INFORMATION CONTACT: RTCA Secretariat, 1828 L Street, NW..., 2010 (RTCA Paper No. 250-10/SC216-031). Report on the PMC/ICC action on SC 216 TOR. Publication...

Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks

PubMed Central

Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

2017-01-01

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users’ medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs’ applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs’ deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models. PMID:28475110

Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks.

PubMed

Li, Song; Cui, Jie; Zhong, Hong; Liu, Lu

2017-05-05

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.

A novel image encryption algorithm based on the chaotic system and DNA computing

NASA Astrophysics Data System (ADS)

Chai, Xiuli; Gan, Zhihua; Lu, Yang; Chen, Yiran; Han, Daojun

A novel image encryption algorithm using the chaotic system and deoxyribonucleic acid (DNA) computing is presented. Different from the traditional encryption methods, the permutation and diffusion of our method are manipulated on the 3D DNA matrix. Firstly, a 3D DNA matrix is obtained through bit plane splitting, bit plane recombination, DNA encoding of the plain image. Secondly, 3D DNA level permutation based on position sequence group (3DDNALPBPSG) is introduced, and chaotic sequences generated from the chaotic system are employed to permutate the positions of the elements of the 3D DNA matrix. Thirdly, 3D DNA level diffusion (3DDNALD) is given, the confused 3D DNA matrix is split into sub-blocks, and XOR operation by block is manipulated to the sub-DNA matrix and the key DNA matrix from the chaotic system. At last, by decoding the diffused DNA matrix, we get the cipher image. SHA 256 hash of the plain image is employed to calculate the initial values of the chaotic system to avoid chosen plaintext attack. Experimental results and security analyses show that our scheme is secure against several known attacks, and it can effectively protect the security of the images.

Providing security assurance in line with national DBT assumptions

NASA Astrophysics Data System (ADS)

Bajramovic, Edita; Gupta, Deeksha

2017-01-01

As worldwide energy requirements are increasing simultaneously with climate change and energy security considerations, States are thinking about building nuclear power to fulfill their electricity requirements and decrease their dependence on carbon fuels. New nuclear power plants (NPPs) must have comprehensive cybersecurity measures integrated into their design, structure, and processes. In the absence of effective cybersecurity measures, the impact of nuclear security incidents can be severe. Some of the current nuclear facilities were not specifically designed and constructed to deal with the new threats, including targeted cyberattacks. Thus, newcomer countries must consider the Design Basis Threat (DBT) as one of the security fundamentals during design of physical and cyber protection systems of nuclear facilities. IAEA NSS 10 describes the DBT as "comprehensive description of the motivation, intentions and capabilities of potential adversaries against which protection systems are designed and evaluated". Nowadays, many threat actors, including hacktivists, insider threat, cyber criminals, state and non-state groups (terrorists) pose security risks to nuclear facilities. Threat assumptions are made on a national level. Consequently, threat assessment closely affects the design structures of nuclear facilities. Some of the recent security incidents e.g. Stuxnet worm (Advanced Persistent Threat) and theft of sensitive information in South Korea Nuclear Power Plant (Insider Threat) have shown that these attacks should be considered as the top threat to nuclear facilities. Therefore, the cybersecurity context is essential for secure and safe use of nuclear power. In addition, States should include multiple DBT scenarios in order to protect various target materials, types of facilities, and adversary objectives. Development of a comprehensive DBT is a precondition for the establishment and further improvement of domestic state nuclear-related regulations in the field of physical and cyber protection. These national regulations have to be met later on by I&C platform suppliers, electrical systems suppliers, system integrators and turn-key providers.

Cohort profile: the Spanish WORKing life Social Security (WORKss) cohort study.

PubMed

López Gómez, María Andrée; Durán, Xavier; Zaballa, Elena; Sanchez-Niubo, Albert; Delclos, George L; Benavides, Fernando G

2016-03-07

The global economy is changing the labour market and social protection systems in Europe. The effect of both changes on health needs to be monitored in view of an ageing population and the resulting increase in prevalence of chronic health conditions. The Spanish WORKing life Social Security (WORKss) cohort study provides unique longitudinal data to study the impact of labour trajectories and employment conditions on health, in terms of sickness absence, permanent disability and death. The WORKss cohort originated from the Continuous Working Life Sample (CWLS) generated by the General Directorate for the Organization of the Social Security in Spain. The CWLS contains a 4% representative sample of all individuals in contact with the Social Security system. The WORKss cohort exclusively includes individuals with a labour trajectory from 1981 or later. In 2004, the cohort was initiated with 1,022 ,79 Social Security members: 840,770 (82.2%) contributors and 182,009 (17.8%) beneficiaries aged 16 and older. The WORKss cohort includes demographic characteristics, chronological data about employment history, retirement, permanent disability and death. These data make possible the measurement of incidence of permanent disability, the number of potential years of working life lost, and the number of contracts and inactive periods with the Social Security system. The WORKss cohort was linked to temporary sickness absence registries to study medical diagnoses that lead to permanent disability and consequently to an earlier exit from the labour market in unhealthy conditions. Thanks to its administrative source, the WORKss cohort study will continue follow-up in the coming years, keeping the representativeness of the Spanish population affiliated to the Social Security system. The linkage between the WORKss cohort and temporary sickness absence registries is envisioned to continue. Future plans include the linkage of the cohort with mortality registries. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://www.bmj.com/company/products-services/rights-and-licensing/

31 CFR 356.4 - What are the book-entry systems in which auctioned Treasury securities may be issued?

Code of Federal Regulations, 2010 CFR

2010-07-01

... in which auctioned Treasury securities may be issued? There are three book-entry securities systems... marketable Treasury securities. We maintain and transfer securities in these three book-entry systems at... inflation. Securities may be transferred from one system to the other, unless the securities are not...

Computer access security code system

NASA Technical Reports Server (NTRS)

Collins, Earl R., Jr. (Inventor)

1990-01-01

A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

Conservation science in a terrorist age: the impact of airport security screening on the viability and DNA integrity of frozen felid spermatozoa.

PubMed

Gloor, Kayleen T; Winget, Doug; Swanson, William F

2006-09-01

In response to growing terrorism concerns, the Transportation Security Administration now requires that all checked baggage at U.S. airports be scanned through a cabinet x-ray system, which may increase risk of radiation damage to transported biologic samples and other sensitive genetic material. The objective of this study was to investigate the effect of these new airport security regulations on the viability and DNA integrity of frozen felid spermatozoa. Semen was collected from two domestic cats (Felis silvestris catus) and one fishing cat (Prionailurus viverrinus), cryopreserved in plastic freezing straws, and transferred into liquid nitrogen dry shippers for security screening. Treatment groups included frozen samples from each male scanned once or three times using a Transportation Security Administration-operated cabinet x-ray system, in addition to non-scanned samples (i.e., negative control) and samples previously scanned three times and exposed to five additional high-intensity x-ray bursts (i.e., positive control). Dosimeters placed in empty dry shippers were used to quantify radiation exposure. Following treatment, straws were thawed and spermatozoa analyzed for post-thaw motility (percentage motile and rate of progressive movement), acrosome status, and DNA integrity using single-cell gel electrophoresis (i.e., the comet assay). Dosimeter measurements determined that each airport screening procedure produced approximately 16 mrem of radiation exposure. Our results indicated that all levels of radiation exposure adversely affected (P < 0.05) post-thaw sperm motility, but the percentage of acrosome-intact spermatozoa did not differ (P > 0.05) among treatment groups. Results also showed that the amount of double-stranded DNA damage was greater (P < 0.05) in sperm samples from both cat species scanned three times compared to samples scanned once or negative controls. Findings suggest that new airport security measures may cause radiation-induced damage to frozen spermatozoa and other valuable biologic samples transported on passenger aircraft and that alternative modes of sample transportation should be used whenever possible.

Beyond grid security

NASA Astrophysics Data System (ADS)

Hoeft, B.; Epting, U.; Koenig, T.

2008-07-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

Development of a security system for assisted reproductive technology (ART).

PubMed

Hur, Yong Soo; Ryu, Eun Kyung; Park, Sung Jin; Yoon, Jeong; Yoon, San Hyun; Yang, Gi Deok; Hur, Chang Young; Lee, Won Don; Lim, Jin Ho

2015-01-01

In the field of assisted reproductive technology (ART), medical accidents can result in serious legal and social consequences. This study was conducted to develop a security system (called IVF-guardian; IG) that could prevent mismatching or mix-ups in ART. A software program was developed in collaboration with outside computer programmers. A quick response (QR) code was used to identify the patients, gametes and embryos in a format that was printed on a label. There was a possibility that embryo development could be affected by volatile organic components (VOC) in the printing material and adhesive material in the label paper. Further, LED light was used as the light source to recognize the QR code. Using mouse embryos, the effects of the label paper and LED light were examined. The stability of IG was assessed when applied in clinical practice after developing the system. A total of 104 cycles formed the study group, and 82 cycles (from patients who did not want to use IG because of safety concerns and lack of confidence in the security system) to which IG was not applied comprised the control group. Many of the label paper samples were toxic to mouse embryo development. We selected a particular label paper (P touch label) that did not affect mouse embryo development. The LED lights were non-toxic to the development of the mouse embryos under any experimental conditions. There were no differences in the clinical pregnancy rates between the IG-applied group and the control group (40/104 = 38.5 % and 30/82 = 36.6 %, respectively). The application of IG in clinical practice did not affect human embryo development or clinical outcomes. The use of IG reduces the misspelling of patient names. Using IG, there was a disadvantage in that each treatment step became more complicated, but the medical staff improved and became sufficiently confident in ART to offset this disadvantage. Patients who received treatment using the IG system also went through a somewhat tedious process, but there were no complaints. These patients gained further confidence in the practitioners over the course of treatment.

Correlation Research of Medical Security Management System Network Platform in Medical Practice

NASA Astrophysics Data System (ADS)

Jie, Wang; Fan, Zhang; Jian, Hao; Li-nong, Yu; Jun, Fei; Ping, Hao; Ya-wei, Shen; Yue-jin, Chang

Objective-The related research of medical security management system network in medical practice. Methods-Establishing network platform of medical safety management system, medical security network host station, medical security management system(C/S), medical security management system of departments and sections, comprehensive query, medical security disposal and examination system. Results-In medical safety management, medical security management system can reflect the hospital medical security problem, and can achieve real-time detection and improve the medical security incident detection rate. Conclusion-The application of the research in the hospital management implementation, can find hospital medical security hidden danger and the problems of medical disputes, and can help in resolving medical disputes in time and achieve good work efficiency, which is worth applying in the hospital practice.

Homeland security and public health: role of the Department of Veterans Affairs, the US Department of Homeland Security, and implications for the public health community.

PubMed

Koenig, Kristi L

2003-01-01

The terrorist attacks of 11 September 2001 led to the largest US Government transformation since the formation of the Department of Defense following World War II. More than 22 different agencies, in whole or in part, and >170,000 employees were reorganized to form a new Cabinet-level Department of Homeland Security (DHS), with the primary mission to protect the American homeland. Legislation enacted in November 2002 transferred the entire Federal Emergency Management Agency and several Department of Health and Human Services (HHS) assets to DHS, including the Office of Emergency Response, and oversight for the National Disaster Medical System, Strategic National Stockpile, and Metropolitan Medical Response System. This created a potential separation of "health" and "medical" assets between the DHS and HHS. A subsequent presidential directive mandated the development of a National Incident Management System and an all-hazard National Response Plan. While no Department of Veterans Affairs (VA) assets were targeted for transfer, the VA remains the largest integrated healthcare system in the nation with important support roles in homeland security that complement its primary mission to provide care to veterans. The Emergency Management Strategic Healthcare Group (EMSHG) within the VA's medical component, the Veteran Health Administration (VHA), is the executive agent for the VA's Fourth Mission, emergency management. In addition to providing comprehensive emergency management services to the VA, the EMSHG coordinates medical back-up to the Department of Defense, and assists the public via the National Disaster Medical System and the National Response Plan. This article describes the VA's role in homeland security and disasters, and provides an overview of the ongoing organizational and operational changes introduced by the formation of the new DHS. Challenges and opportunities for public health are highlighted.

Preventive Interventions and Sustained Attachment Security in Maltreated Children

PubMed Central

Stronach, Erin Pickreign; Toth, Sheree L.; Rogosch, Fred; Cicchetti, Dante

2013-01-01

Thirteen-month-old maltreated infants (n = 137) and their mothers were randomly assigned to one of three conditions: child-parent psychotherapy (CPP), psychoeducational parenting intervention (PPI), and community standard (CS). A fourth group of nonmaltreated infants (n =52) and their mothers served as a normative comparison (NC) group. A prior investigation found that the CPP and PPI groups demonstrated substantial increases in secure attachment at post-intervention, whereas this change was not found in the CS and NC groups. The current investigation involved the analysis of data obtained at a follow-up assessment that occurred 12-months after the completion of treatment. At follow-up, children in the CPP group had higher rates of secure and lower rates of disorganized attachment than did children in the PPI or CS groups. Rates of disorganized attachment did not differ between the CPP and NC groups. Intention-to-treat analyses (ITT) also showed higher rates of secure attachment at follow-up in the CPP group relative to the PPI and CS groups. However, groups did not differ on disorganized attachment. Both primary and ITT analyses demonstrated that maternal reported child behavior problems did not differ among the four groups at the follow-up assessment. This is the first investigation to demonstrate sustained attachment security in maltreated children 12 months after the completion of an attachment theory-informed intervention. Findings also suggest that, while effective in the short term, parenting interventions alone may not be effective in maintaining secure attachment in children over time. PMID:24229539

Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2009-01-01

A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

SNAP-Ed (Supplemental Nutrition Assistance Program-Education) Increases Long-Term Food Security among Indiana Households with Children in a Randomized Controlled Study.

PubMed

Rivera, Rebecca L; Maulding, Melissa K; Abbott, Angela R; Craig, Bruce A; Eicher-Miller, Heather A

2016-11-01

Food insecurity is negatively associated with US children's dietary intake and health. The Supplemental Nutrition Assistance Program-Education (SNAP-Ed) aims to alleviate food insecurity by offering nutrition, budgeting, and healthy lifestyle education to low-income individuals and families. The objective of this study was to evaluate the long-term impact of the Indiana SNAP-Ed on food security among households with children. A randomized, controlled, parallel study design with SNAP-Ed as an intervention was carried out during a 4- to 10-wk intervention period. Intervention group participants received the first 4 Indiana SNAP-Ed curriculum lessons. Study participants (n = 575) were adults aged ≥18 y from low-income Indiana households with ≥1 child living in the household. Both treatment groups completed an assessment before and after the intervention period and 1 y after recruitment. The 18-item US Household Food Security Survey Module was used to classify the primary outcomes of food security for the household and adults and children in the household. A linear mixed model was used to compare intervention with control group effects over time on food security. Mean ± SEM changes in household food security score and food security score among household adults from baseline to 1-y follow-up were 1.2 ± 0.4 and 0.9 ± 0.3 units lower, respectively, in the intervention group than in the control group (P < 0.01). The mean change in food security score from baseline to 1-y follow-up among household children was not significantly different in the intervention group compared with the control group. SNAP-Ed improved food security over a longitudinal time frame among low-income Indiana households with children in this study. SNAP-Ed may be a successful intervention to improve food security. © 2016 American Society for Nutrition.

76 FR 58786 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-22

... National Security Agency/Central Security System systems of records notices subject to the Privacy Act of... inquiries to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; Systems of Records AGENCY: National Security Agency/Central Security Service, Department of Defense (DoD...

31 CFR 306.23 - Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Legacy Treasury Direct® Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury... Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System. (a) Eligible... book-entry securities system. (b) Conversion of Registered Security to book-entry form to be held in...

Development and Demonstration of a Security Core Component

DOE Office of Scientific and Technical Information (OSTI.GOV)

Turke, Andy

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more datamore » about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.« less

7 CFR 56.52 - Charges for continuous grading performed on a resident basis.

Code of Federal Regulations, 2010 CFR

2010-01-01

...) AGRICULTURAL MARKETING SERVICE (Standards, Inspections, Marketing Practices), DEPARTMENT OF AGRICULTURE (CONTINUED) REGULATIONS AND STANDARDS UNDER THE AGRICULTURAL MARKETING ACT OF 1946 AND THE EGG PRODUCTS... Social Security System, retirement benefits, group life insurance, severance pay, sick leave, annual...

75 FR 26310 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-11

... 273 EP El Paso Corp. Group Ltd. 215 XLP Consumer Staples 274 SEED Origin Agritech Select Sector SPDR.... 223 WMB Williams Cos Inc/The. 280 ADBE Adobe Systems Inc. 225 MEE Massey Energy Co. 281 PCX Patriot...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

31 CFR 357.0 - Book-entry systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... General Information § 357.0 Book-entry systems. (a) Treasury securities. Treasury securities are...-entry system is the book-entry system in which Treasury securities are held in a tiered system through securities intermediaries such as financial institutions or brokerage firms. A Treasury security is...

An evaluation index system of water security in China based on macroeconomic data from 2000 to 2012

NASA Astrophysics Data System (ADS)

Li, X. S.; Peng, Z. Y.; Li, T. T.

2016-08-01

This paper establishes an evaluation index system of water security. The index system employs 5 subsystems (water circulation security, water environment security, water ecology security, water society security and water economy security) and has 39 indicators. Using the AHP method, each indicator is given a relative weight to integrate within the whole system. With macroeconomic data from 2000 to 2012, a model of water security evaluation is applied to assess the state of water security in China. The results show an improving trend in the overall state of China's water security. In particular, the cycle of water security is at a high and low fluctuation. Water environment security presents an upward trend on the whole; however, this trend is unsteady and has shown a descending tendency in some years. Yet, water ecology security, water society security, and water economy security are basically on the rise. However, the degree of coordination of China's water security system remains in need of consolidation.

Screening for mental health needs of New Zealand youth in secure care facilities using the MAYSI-2.

PubMed

McArdle, Sean; Lambie, Ian

2018-06-01

Young people admitted to secure facilities generally have particularly high rates of mental, emotional and behavioural problems, but little is known about the mental health needs of this group in New Zealand. To describe prevalence of probable mental health disorder and related needs among young people in secure facilities in New Zealand. Massachusetts youth screening instrument - second version (MAYSI-2) data were obtained from the records of young people admitted to one secure care facility (n = 204) within a 12 month period. We used descriptive statistics to determine prevalence of problems overall and multivariate analysis of variance to compare MAYSI-2 scores between gender and ethnic groups. Nearly 80% of these young people scored above the 'caution' or 'warning' cut-off on the MAYSI-2, a substantially higher proportion than reported in studies in other countries. There was a tendency for girls and for Maori and Pacific Islander subgroups to have a higher rate of probable psychopathology. Young people in secure facilities in New Zealand have substantial service needs. Early intervention that engages them in services upon first contact with the youth justice system might help reduce this burden. Further validation of the MAYSI-2 in New Zealand may be warranted because of the unique ethnic make-up of these young offenders. Copyright © 2017 John Wiley & Sons, Ltd. Copyright © 2017 John Wiley & Sons, Ltd.

The hobbyist phenomenon in physical security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Michaud, E. C.

Pro-Ams (professional amateurs) are groups of people who work on a problem as amateurs or unpaid persons in a given field at professional levels of competence. Astronomy is a good example of Pro-Am activity. At Galaxy Zoo, Pro-Ams evaluate data generated by professional observatories and are able to evaluate the millions of galaxies that have been observed but not classified, and report their findings at professional levels for fun. To allow the archiving of millions of galaxies that have been observed but not classified, the website has been engineered so that the public can view and classify galaxies even ifmore » they are not professional astronomers. In this endeavor, it has been found that amateurs can easily outperform automated vision systems. Today in the world of physical security, Pro-Ams are playing an ever-increasing role. Traditionally, locksmiths, corporations, and government organizations have been largely responsible for developing standards, uncovering vulnerabilities, and devising best security practices. Increasingly, however, nonprofit sporting organizations and clubs are doing this. They can be found all over the world, from Europe to the US and now South East Asia. Examples include TOOOL (The Open Organization of Lockpickers), the Longhorn Lockpicking Club, Sportsfreunde der Sperrtechnik - Deustcheland e.V., though there are many others. Members of these groups have been getting together weekly to discuss many elements of security, with some groups specializing in specific areas of security. When members are asked why they participate in these hobbyist groups, they usually reply (with gusto) that they do it for fun, and that they view defeating locks and other security devices as an interesting and entertaining puzzle. A lot of what happens at these clubs would not be possible if it weren't for 'Super Abundance', the ability to easily acquire (at little or no cost) the products, security tools, technologies, and intellectual resources traditionally limited to corporations, government organizations, or wealthy individuals. With this new access comes new discoveries. For example, hobbyist sport lockpicking groups discovered - and publicized - a number of new vulnerabilities between 2004 and 2009 that resulted in the majority of high-security lock manufacturers having to make changes and improvements to their products. A decade ago, amateur physical security discoveries were rare, at least those discussed publicly. In the interim, Internet sites such as lockpicking.org, lockpicking101.com and others have provided an online meeting place for people to trade tips, find friends with similar interests, and develop tools. The open, public discussion of software vulnerabilities, in contrast, has been going on for a long time. These two industries, physical security and software, have very different upgrade mechanisms. With software, a patch can typically be deployed quickly to fix a serious vulnerability, whereas a hardware fix for a physical security device or system can take upwards of months to implement in the field, especially if (as is often the case) hardware integrators are involved. Even when responding to publicly announced security vulnerabilities, manufacturers of physical security devices such as locks, intrusion detectors, or access control devices rarely view hobbyists as a positive resource. This is most unfortunate. In the field of software, it is common to speak of Open Source versus Closed Source. An Open Source software company may choose to distribute their software with a particular license, and give it away openly, with full details and all the lines of source code made available. Linux is a very popular example of this. A Close Source company, in contrast, chooses not to reveal its source code and will license its software products in a restrictive manor. Slowly, the idea of Open Source is now coming to the world of physical security. In the case of locks, it provides an alternative to the traditional Closed Source world of locksmiths. Now locks are physical objects, and can therefore be disassembled. As such, they have always been Open Source in a limited sense. Secrecy, in fact, is very difficult to maintain for a lock that is widely distributed. Having direct access to the lock design provides the hobbyist with a very open environment for finding security flaws, even if the lock manufacturer attempts to follow a Close Source model. It is clear that the field of physical security is going the digital route with companies such as Medeco, Mul-T-Lock, and Abloy manufacturing electromechanical locks. Various companies have already begun to add microcontrollers, cryptographic chip sets, solid-state sensors, and a number of other high-tech improvements to their product lineup in an effort to thwart people from defeating their security products.« less

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS). 80.277... Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety..., “RTCM Standard 11020.0—Ship Security Alert Systems (SSAS) using the Cospas-Sarsat System,” Version 1.0...

Short-term results of a prospective randomized evaluator blinded multicenter study comparing TVT and TVT-Secur.

PubMed

Andrada Hamer, Maria; Larsson, Per-Göran; Teleman, Pia; Etén-Bergqvist, Christina; Persson, Jan

2011-07-01

The aim of this prospective randomized multicenter study was to compare TVT (tension-free vaginal tape) with TVT-Secur in terms of efficacy and safety. We set out to enrol 280 stress incontinent women with a half time interim analysis of short-term cure and a continuous registration of adverse events. Of 133 randomized women, 126 were operated and 123 (TVT n = 62, TVT-Secur n = 61) available for 2 months follow-up. No significant differences were found between groups regarding demographics or grade of incontinence. At 2 months follow-up, subjective cure rate following TVT-Secur was significantly lower than for TVT (72% and 92%, respectively, p = 0.01). Three major complications occurred in the TVT-Secur group: tape erosion into the urethra, a tape inadvertently placed inside the bladder, and an immediate postoperative bleeding from the corona mortis. No major complications occurred in the TVT group. No significant differences were found between groups regarding perioperative bleeding, hospital stay, urge symptoms, or postoperative urinary tract infections. Median time for surgery was 13 and 22 min for TVT-Secur and TVT, respectively (p < 0.0001). In a prospective randomized controlled study, the TVT-Secur procedure had a significantly lower subjective cure rate than the retropubic TVT procedure. Due to this, in addition to three serious complications in the TVT-Secur group, we decided to stop further enrolment after the interim analysis. We discourage from further use of the TVT-Secur.

Data Management Plan and Functional System Design for the Information Management System of the Clinch River Remedial Investigation and Waste Area Grouping 6

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ball, T.; Brandt, C.; Calfee, J.

1994-03-01

The Data Management Plan and Functional System Design supports the Clinch River Remedial Investigation (CRRI) and Waste Area Grouping (WAG) 6 Environmental Monitoring Program. The objective of the Data Management Plan and Functional System Design is to provide organization, integrity, security, traceability, and consistency of the data generated during the CRRI and WAG 6 projects. Proper organization will ensure that the data are consistent with the procedures and requirements of the projects. The Information Management Groups (IMGs) for these two programs face similar challenges and share many common objectives. By teaming together, the IMGs have expedited the development and implementationmore » of a common information management strategy that benefits each program.« less

A comparison of offenders with intellectual disability across three levels of security.

PubMed

Hogue, Todd; Steptoe, Lesley; Taylor, John L; Lindsay, William R; Mooney, Paul; Pinkney, Lisa; Johnston, Susan; Smith, Anne H W; O'Brien, Gregory

2006-01-01

A number of authors have described, with disparate results, the prevalence of people with intellectual disability and their characteristics, in a range of offender cohorts defined by service use. These have included high security, a range of criminal justice services and community services. There is a need for research comparing cohorts of offenders with intellectual disabilities across different settings. AIM AND HYPOTHESIS: To conduct such a comparison and test the hypothesis that severity of characteristics measured will be highest in highest levels of residential security. A clinical-record-based comparison a offenders with intellectual disability in high security (n = 73), medium/low security (n = 70), and a community service (n = 69). Groups were similar in age and tested IQ levels. Early psychiatric service contact had been more likely in the lower security groups. In line with the hypothesis, more complex presentations, in particular comorbid personality disorder, was more likely in the highest security group. Both fatal and non-fatal interpersonal violence convictions were significantly related to group, with more in the high security group sustaining a conviction both at the index offence and prior to that. Over 50% of all groups had at least one conviction for a sexual offence. A regression model accounting for 78% of the variance was made up largely of disposal variables (Mental Health Act status and probation) and indications of antisocial traits (criminal damage, lifetime conviction for murder and ICD-10 personality disorder classification). The authors show that context of sampling affects most relationships between intellectual disability (ID) and offending when the methods for measuring ID are held constant. The results also present several questions on the relationship between risk, services available in an area and referral to higher security.

76 FR 43993 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-22

...; System of Records AGENCY: National Security Agency/Central Security Service, Department of Defense. ACTION: Notice to Delete a System of Records. SUMMARY: The National Security Agency/Central Security.... FOR FURTHER INFORMATION CONTACT: Ms. Anne Hill, National Security Agency/Central Security Service...

Career Aspirations of Non-Managerial Women: Adjustment and Adaptation.

ERIC Educational Resources Information Center

Hite, Linda M.; McDonald, Kimberly S.

2003-01-01

Focus group data from 26 nonmanagerial women indicated that they often adapted their career goals due to life circumstances. Family responsibilities, job security, and organizational support systems (e.g., job flexibility, tuition reimbursement, mentoring) influenced career success and satisfaction. (Contains 29 references.) (SK)

7 CFR 70.76 - Charges for continuous poultry grading performed on a nonresident basis.

Code of Federal Regulations, 2010 CFR

2010-01-01

...) AGRICULTURAL MARKETING SERVICE (Standards, Inspections, Marketing Practices), DEPARTMENT OF AGRICULTURE (CONTINUED) REGULATIONS AND STANDARDS UNDER THE AGRICULTURAL MARKETING ACT OF 1946 AND THE EGG PRODUCTS... under the Social Security System, retirement benefits, group life insurance, severance pay, sick leave...

31 CFR 306.23 - Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System.

Code of Federal Regulations, 2010 CFR

2010-07-01

... TREASURY DIRECT Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury Regulations... Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System. (a) Eligible issues. The... conversion to the TREASURY DIRECT Book-entry Securities System. The notice shall specify the period during...

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

[Application of classified protection of information security in the information system of air pollution and health impact monitoring].

PubMed

Hao, Shuxin; Lü, Yiran; Liu, Jie; Liu, Yue; Xu, Dongqun

2018-01-01

To study the application of classified protection of information security in the information system of air pollution and health impact monitoring, so as to solve the possible safety risk of the information system. According to the relevant national standards and requirements for the information system security classified protection, and the professional characteristics of the information system, to design and implement the security architecture of information system, also to determine the protection level of information system. Basic security measures for the information system were developed in the technical safety and management safety aspects according to the protection levels, which effectively prevented the security risk of the information system. The information system established relatively complete information security protection measures, to enhanced the security of professional information and system service, and to ensure the safety of air pollution and health impact monitoring project carried out smoothly.

Security Evolution.

ERIC Educational Resources Information Center

De Patta, Joe

2003-01-01

Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

Connecting the Spots: Combating Transnational Terrorist Groups Through Leveraging Indigenous Security Forces

DTIC Science & Technology

2009-04-01

terrorist social networks are quite vulnerable to penetration and exploitation by indigenous personnel working in the communities where the groups operate...LEVERAGING INDIGENOUS SECURITY FORCES by Mack-Jan H. Spencer, Maj, USAF A Research Report Submitted to the Faculty In Partial Fulfillment of the...4. TITLE AND SUBTITLE Connecting the Spots: Combating Transnational Terrorist Groups Through Leveraging Indigenous Security Forces 5a. CONTRACT

33 CFR 106.255 - Security systems and equipment maintenance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... maintained according to manufacturers' recommendations. (b) Security systems must be regularly tested in... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... Shelf (OCS) Facility Security Requirements § 106.255 Security systems and equipment maintenance. (a...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

High-Performance Secure Database Access Technologies for HEP Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysismore » capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure authorization is pushed into the database engine will eliminate inefficient data transfer bottlenecks. Furthermore, traditionally separated database and security layers provide an extra vulnerability, leaving a weak clear-text password authorization as the only protection on the database core systems. Due to the legacy limitations of the systems’ security models, the allowed passwords often can not even comply with the DOE password guideline requirements. We see an opportunity for the tight integration of the secure authorization layer with the database server engine resulting in both improved performance and improved security. Phase I has focused on the development of a proof-of-concept prototype using Argonne National Laboratory’s (ANL) Argonne Tandem-Linac Accelerator System (ATLAS) project as a test scenario. By developing a grid-security enabled version of the ATLAS project’s current relation database solution, MySQL, PIOCON Technologies aims to offer a more efficient solution to secure database access.« less

75 FR 56079 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-15

... to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to amend a system of records. SUMMARY: The National Security Agency/Central Security Service is proposing to...

Computer Security Systems Enable Access.

ERIC Educational Resources Information Center

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

A Critical Review of Options for Tool and Workpiece Sensing

DTIC Science & Technology

1989-06-02

Tool Temperature Control ." International Machine Tool Design Res., Vol. 7, pp. 465-75, 1967. 5. Cook, N. H., Subramanian, K., and Basile, S. A...if necessury and identify by block riumber) FIELD GROUP SUB-GROUP 1. Detectors 3. Control Equipment 1 08 2. Sensor Characteristics 4. Process Control ...will provide conceptual designs and recommend a system (Continued) 20. DISTRIBUTION/AVAILABILITY OF ABSTRACT 21 ABSTRACT SECURITY CLASSIFICATION 0

Aldehyde Recognition and Discrimination by Mammalian Odorant Receptors via Functional Group-Specific Hydration Chemistry

DTIC Science & Technology

2015-09-02

Agriculture, Food and Environment, The Hebrew University, Rehovot 76100, Israel ∥Department of Molecular Genetics and Microbiology , and Neurobiology, Duke...SECURITY CLASSIFICATION OF: The mammalian odorant receptors (ORs) form a chemical- detecting interface between the atmosphere and the nervous system...specificity for the aldehyde functional group, a significant percentage detect the aldehyde 1. REPORT DATE (DD-MM-YYYY) 4. TITLE AND SUBTITLE 13

75 FR 49005 - In the Matter of Geotec, Inc., InnoPet Brands Corp., Marbledge Group, Inc. (n/k/a AR Growth...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] In the Matter of Geotec, Inc., InnoPet Brands Corp., Marbledge Group, Inc. (n/k/a AR Growth Finance Corp.), Phlo Corp., Pliant Systems, Inc., Southeast Banking Corp., TNX Television Holdings, Inc., and WestPoint Stevens, Inc.; Order of Suspension of Trading August 10, 2010. It appears to the...

Energy System Integration Facility Secure Data Center | Energy Systems

Science.gov Websites

Integration Facility | NREL Energy System Integration Facility Secure Data Center Energy System Integration Facility Secure Data Center The Energy Systems Integration Facility's Secure Data Center provides

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

PubMed

Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

2017-12-03

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

77 FR 56628 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... to the National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to add a system of records. SUMMARY: The National Security Agency/Central Security Service proposes to add a new...

78 FR 45913 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-30

... National Security Agency/Central Security Service systems of records subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act/Privacy Act Office, 9800...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to alter...

Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD

NASA Astrophysics Data System (ADS)

Länger, Thomas; Lenhart, Gaby

2009-05-01

In recent years, quantum key distribution (QKD) has been the object of intensive research activities and of rapid progress, and it is now developing into a competitive industry with commercial products. Once QKD systems are transferred from the controlled environment of physical laboratories into a real-world environment for practical use, a number of practical security, compatibility and connectivity issues need to be resolved. In particular, comprehensive security evaluation and watertight security proofs need to be addressed to increase trust in QKD. System interoperability with existing infrastructures and applications as well as conformance with specific user requirements have to be assured. Finding common solutions to these problems involving all actors can provide an advantage for the commercialization of QKD as well as for further technological development. The ETSI industry specification group for QKD (ISG-QKD) offers a forum for creating such universally accepted standards and will promote significant leverage effects on coordination, cooperation and convergence in research, technical development and business application of QKD.

Analyzing handwriting biometrics in metadata context

NASA Astrophysics Data System (ADS)

Scheidat, Tobias; Wolf, Franziska; Vielhauer, Claus

2006-02-01

In this article, methods for user recognition by online handwriting are experimentally analyzed using a combination of demographic data of users in relation to their handwriting habits. Online handwriting as a biometric method is characterized by having high variations of characteristics that influences the reliance and security of this method. These variations have not been researched in detail so far. Especially in cross-cultural application it is urgent to reveal the impact of personal background to security aspects in biometrics. Metadata represent the background of writers, by introducing cultural, biological and conditional (changing) aspects like fist language, country of origin, gender, handedness, experiences the influence handwriting and language skills. The goal is the revelation of intercultural impacts on handwriting in order to achieve higher security in biometrical systems. In our experiments, in order to achieve a relatively high coverage, 48 different handwriting tasks have been accomplished by 47 users from three countries (Germany, India and Italy) have been investigated with respect to the relations of metadata and biometric recognition performance. For this purpose, hypotheses have been formulated and have been evaluated using the measurement of well-known recognition error rates from biometrics. The evaluation addressed both: system reliance and security threads by skilled forgeries. For the later purpose, a novel forgery type is introduced, which applies the personal metadata to security aspects and includes new methods of security tests. Finally in our paper, we formulate recommendations for specific user groups and handwriting samples.

77 FR 26259 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-03

.... SUPPLEMENTARY INFORMATION: The National Security Agency systems of records notice subject to the Privacy Act of... of Records AGENCY: National Security Agency/Central Security Service. ACTION: Notice to Delete a System of Records. SUMMARY: The National Security Agency/Central Security Service is deleting a system of...

75 FR 67697 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-03

... National Security Agency's record system notices for records systems subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act (FOIA)/Privacy Act Office...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to add a...

75 FR 43494 - Privacy Act of 1974; System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-26

... National Security Agency's record system notices for records systems subject to the Privacy Act of 1974 (5... National Security Agency/Central Security Service, Freedom of Information Act and Privacy Act Office, 9800...; System of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to...

8 CFR 103.34 - Security of records systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Security of records systems. 103.34 Section 103.34 Aliens and Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS POWERS AND DUTIES; AVAILABILITY OF RECORDS § 103.34 Security of records systems. The security of records systems...

Transition of advanced technology to military, homeland security, and law enforcement users

NASA Astrophysics Data System (ADS)

Jarrett, Stephen M.

2004-09-01

With the attack on the United States and the subsequent war on terror and the wars in Afghanistan and Iraq a need has been exposed for the transition of technology to all of our defenders both combat forces on the foreign battlefield and domestic forces here at home. The establishment of the Department of Homeland Security has also provided a focus on inserting technology to dramatically improve the capability of airport security forces, law enforcement, and all first responder networks. The drastic increase in the use of Special Forces in combat has also required new advanced technology capabilities at a much faster rate of development than the standard military procurement system. Technology developers must address the questions of interoperability, cost, commercialization, of how these groups will use the technology delivered and the adoption criteria of users in the deployment environment. The successful transition to the field must address the formation of complex concepts of operations in the user's adoption criteria. Prototype transition for two systems, a pocket infrared camera and an acoustic/seismic detector, will be highlighted in their effect on the wars in Iraq and Afghanistan and in the heightening of homeland security.

Government Certification and Accreditation: Make a Choice

ERIC Educational Resources Information Center

Miles, Tracy L.

2009-01-01

One of the most significant challenges faced by government officials today is securing information systems to make them more resilient to attack from increasingly complex challenges from cyber-criminals, state-sponsored groups, and other threats. Over the years, the federal government has developed and implemented Certification and Accreditation…

7 CFR 70.77 - Charges for continuous poultry or rabbit grading performed on a resident basis.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (Continued) AGRICULTURAL MARKETING SERVICE (Standards, Inspections, Marketing Practices), DEPARTMENT OF AGRICULTURE (CONTINUED) REGULATIONS AND STANDARDS UNDER THE AGRICULTURAL MARKETING ACT OF 1946 AND THE EGG... Social Security System, retirement benefits, group life insurance, severance pay, sick leave, annual...

A modular approach to disease registry design: successful adoption of an internet-based rare disease registry.

PubMed

Bellgard, Matthew I; Macgregor, Andrew; Janon, Fred; Harvey, Adam; O'Leary, Peter; Hunter, Adam; Dawkins, Hugh

2012-10-01

There is a need to develop Internet-based rare disease registries to support health care stakeholders to deliver improved quality patient outcomes. Such systems should be architected to enable multiple-level access by a range of user groups within a region or across regional/country borders in a secure and private way. However, this functionality is currently not available in many existing systems. A new approach to the design of an Internet-based architecture for disease registries has been developed for patients with clinical and genetic data in geographical disparate locations. The system addresses issues of multiple-level access by key stakeholders, security and privacy. The system has been successfully adopted for specific rare diseases in Australia and is open source. The results of this work demonstrate that it is feasible to design an open source Internet-based disease registry system in a scalable and customizable fashion and designed to facilitate interoperability with other systems. © 2012 Wiley Periodicals, Inc.

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-04-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

An alternative to sneakernet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orrell, S.; Ralstin, S.

1992-01-01

Many computer security plans specify that only a small percentage of the data processed will be classified. Thus, the bulk of the data on secure systems must be unclassified. Secure limited access sites operating approved classified computing systems sometimes also have a system ostensibly containing only unclassified files but operating within the secure environment. That system could be networked or otherwise connected to a classified system(s) in order that both be able to use common resources for file storage or computing power. Such a system must operate under the same rules as the secure classified systems. It is in themore » nature of unclassified files that they either came from, or will eventually migrate to, a non-secure system. Today, unclassified files are exported from systems within the secure environment typically by loading transport media and carrying them to an open system. Import of unclassified files is handled similarly. This media transport process, sometimes referred to as sneaker net, often is manually logged and controlled only by administrative procedures. A comprehensive system for secure bi-directional transfer of unclassified files between secure and open environments has yet to be developed. Any such secure file transport system should be required to meet several stringent criteria. It is the purpose of this document to begin a definition of these criteria.« less

Comparison of secure messaging application (WhatsApp) and standard telephone usage for consultations on Length of Stay in the ED. A prospective randomized controlled study.

PubMed

Gulacti, Umut; Lok, Ugur

2017-07-19

Consultation, the process of an Emergency Physician seeking an opinion from other specialties, occurs frequently in the Emergency Department (ED). The aim of this study was to determine the effect of secure messaging application (WhatsApp) usage for medical consultations on Emergency Department Length of Stay (ED LOS) and consult time. We conducted a prospective, randomized controlled trial in the ED using allocation concealment over three months. Consultations requested in the ED were allocated into two groups: consultations requested via the secure messaging application and consultations requested by telephone as verbal. A total of 439 consultations requested in the ED were assessed for eligibility and 345 were included in the final analysis: 173 consultations were conducted using secure messaging application and 172 consultations were conducted using standard telephone communications. The median ED LOS was 240 minutes (IQR:230-270, 95% CI:240 to 255.2) for patients in the secure messaging application group and 277 minutes (IQR:270-287.8, 95% CI:277 to 279) for patients in the telephone group. The median total ED LOS was significantly lower among consults conducted using Secure messaging application relative to consults conducted by telephone (median dif: -30, 95%CI:-37to-25, p<0.0001). The median consult time was 158 minutes (IQR:133 to 177.25, 95% CI:150 to 169) for patients in the Secure messaging application group and 170 minutes (IQR:165 to 188.5, 95% CI:170-171) for patients in the Telephone group (median dif: -12, 95%CI:-19 to-7,p<0.0001). Consultations completed without ED arrival was 61.8% in the secure messaging group and 33.1% in the Telephone group (dif: 28.7, 95% CI:48.3 to 66, p<0.001). Use of secure messaging application for consultations in the ED reduces the total ED LOS and consultation time. Consultation with secure messaging application eliminated more than half of in-person ED consultation visits.

Information technology security system engineering methodology

NASA Technical Reports Server (NTRS)

Childs, D.

2003-01-01

A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

Creativity: Creativity in Complex Military Systems

DTIC Science & Technology

2017-05-25

generation later in the problem-solving process. The design process is an alternative problem-solving framework individuals or groups use to orient...no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control ...the potential of their formations. 15. SUBJECT TERMS Creativity, Divergent Thinking, Design , Systems Thinking, Operational Art 16. SECURITY

The Secure Distributed Operating System Design Project

DTIC Science & Technology

1988-06-01

a di- verse group of people . Its organization isolates different aspects of the project, such as expected results, preliminary results, and technical...modeled after these procedures. " Automation: computers are commonly used to automate tasks previously performed by people ; many of these tasks are... people commonly con- sidered the threats anticipated to the system and mechanisms that are used to prevent those threats. Both hardware and software

Case Studies Working Group Report Volume 2

DTIC Science & Technology

2012-03-01

necessarily reflect the official policy or position of the De- partment of the Army, the Department of Defense, or the U.S. Government . Authors of...able to handle complex 21st century issues by working col- laboratively across government or agency boundaries. In diagnosing key systemic...nonprofit, public interest organiza- tion working to revitalize the American government by transforming the national security system. Since the

Lidar and Dial application for detection and identification: a proposal to improve safety and security

NASA Astrophysics Data System (ADS)

Gaudio, P.; Malizia, A.; Gelfusa, M.; Murari, A.; Parracino, S.; Poggi, L. A.; Lungaroni, M.; Ciparisse, J. F.; Di Giovanni, D.; Cenciarelli, O.; Carestia, M.; Peluso, E.; Gabbarini, V.; Talebzadeh, S.; Bellecci, C.

2017-01-01

Nowadays the intentional diffusion in air (both in open and confined environments) of chemical contaminants is a dramatic source of risk for the public health worldwide. The needs of a high-tech networks composed by software, diagnostics, decision support systems and cyber security tools are urging all the stakeholders (military, public, research & academic entities) to create innovative solutions to face this problem and improve both safety and security. The Quantum Electronics and Plasma Physics (QEP) Research Group of the University of Rome Tor Vergata is working since the 1960s on the development of laser-based technologies for the stand-off detection of contaminants in the air. Up to now, four demonstrators have been developed (two LIDAR-based and two DIAL-based) and have been used in experimental campaigns during all 2015. These systems and technologies can be used together to create an innovative solution to the problem of public safety and security: the creation of a network composed by detection systems: A low cost LIDAR based system has been tested in an urban area to detect pollutants coming from urban traffic, in this paper the authors show the results obtained in the city of Crotone (south of Italy). This system can be used as a first alarm and can be coupled with an identification system to investigate the nature of the threat. A laboratory dial based system has been used in order to create a database of absorption spectra of chemical substances that could be release in atmosphere, these spectra can be considered as the fingerprints of the substances that have to be identified. In order to create the database absorption measurements in cell, at different conditions, are in progress and the first results are presented in this paper.

6 CFR 5.31 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security of systems of records. 5.31 Section 5.31 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.31 Security of systems of records. (a) In general. Each component...

Personal health record systems and their security protection.

PubMed

Win, Khin Than; Susilo, Willy; Mu, Yi

2006-08-01

The objective of this study is to analyze the security protection of personal health record systems. To achieve this we have investigated different personal health record systems, their security functions, and security issues. We have noted that current security mechanisms are not adequate and we have proposed some security mechanisms to tackle these problems.

The role of personal values and basic traits in perceptions of the consequences of immigration: a three-nation study.

PubMed

Vecchione, Michele; Caprara, Gianvittorio; Schoen, Harald; Castro, Josè Luis Gonzàlez; Schwartz, Shalom H

2012-08-01

Using data from Italy, Spain, and Germany (N= 1,569), this study investigated the role of basic values (universalism and security) and basic traits (openness and agreeableness) in predicting perceptions of the consequences of immigration. In line with Schwartz's (1992) theory, we conceptualized security as having two distinct components, one concerned with safety of the self (personal security) and the other with harmony and stability of larger groups and of society (group security). Structural equation modelling revealed that universalism values underlie perceptions that immigration has positive consequences and group security values underlie perceptions that it has negative consequences. Personal security makes no unique, additional contribution. Multi-group analyses revealed that these associations are invariant across the three countries except for a stronger link between universalism and perceptions of the consequences of immigration in Spain. To examine whether values mediate relations of traits to perceptions of immigration, we used the five-factor model. Findings supported a full mediation model. Individuals' traits of openness and agreeableness explained significant variance in security and universalism values. Basic values, in turn, explained perceptions of the consequences of immigration. ©2011 The British Psychological Society.

28 CFR 700.24 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 28 Judicial Administration 2 2010-07-01 2010-07-01 false Security of systems of records. 700.24... Records Under the Privacy Act of 1974 § 700.24 Security of systems of records. (a) The Office Administrator or Security Officer shall be responsible for issuing regulations governing the security of systems...

A cross-case comparative analysis of international security forces' impacts on health systems in conflict-affected and fragile states.

PubMed

Bourdeaux, Margaret; Kerry, Vanessa; Haggenmiller, Christian; Nickel, Karlheinz

2015-01-01

Destruction of health systems in fragile and conflict-affected states increases civilian mortality. Despite the size, scope, scale and political influence of international security forces intervening in fragile states, little attention has been paid to array of ways they may impact health systems beyond their effects on short-term humanitarian health aid delivery. Using case studies we published on international security forces' impacts on health systems in Haiti, Kosovo, Afghanistan and Libya, we conducted a comparative analysis that examined three questions: What aspects, or building blocks, of health systems did security forces impact across the cases and what was the nature of these impacts? What forums or mechanisms did international security forces use to interact with health system actors? What policies facilitated or hindered security forces from supporting health systems? We found international security forces impacted health system governance, information systems and indigenous health delivery organizations. Positive impacts included bolstering the authority, transparency and capability of health system leadership. Negative impacts included undermining the impartial nature of indigenous health institutions by using health projects to achieve security objectives. Interactions between security and health actors were primarily ad hoc, often to the detriment of health system support efforts. When international security forces were engaged in health system support activities, the most helpful communication and consultative mechanisms to manage their involvement were ones that could address a wide array of problems, were nimble enough to accommodate rapidly changing circumstances, leveraged the power of personal relationships, and were able to address the tensions that arose between security and health system supporting strategies. Policy barriers to international security organizations participating in health system support included lack of mandate, conflicts between security strategies and health system preservation, and lack of interoperability between security and indigenous health organizations with respect to logistics and sharing information. The cases demonstrate both the opportunities and risks of international security organizations involvement in health sector protection, recovery and reconstruction. We discuss two potential approaches to engaging these organizations in health system support that may increase the chances of realizing these opportunities while mitigating risks.

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2013 CFR

2013-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2013-01-01 2013-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2014 CFR

2014-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2014-01-01 2014-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

Modeling Tools for Propulsion Analysis and Computational Fluid Dynamics on the Internet

NASA Technical Reports Server (NTRS)

Muss, J. A.; Johnson, C. W.; Gotchy, M. B.

2000-01-01

The existing RocketWeb(TradeMark) Internet Analysis System (httr)://www.iohnsonrockets.com/rocketweb) provides an integrated set of advanced analysis tools that can be securely accessed over the Internet. Since these tools consist of both batch and interactive analysis codes, the system includes convenient methods for creating input files and evaluating the resulting data. The RocketWeb(TradeMark) system also contains many features that permit data sharing which, when further developed, will facilitate real-time, geographically diverse, collaborative engineering within a designated work group. Adding work group management functionality while simultaneously extending and integrating the system's set of design and analysis tools will create a system providing rigorous, controlled design development, reducing design cycle time and cost.

Web-based self-management for patients with multiple sclerosis: a practical, randomized trial.

PubMed

Miller, Deborah M; Moore, Shirley M; Fox, Robert J; Atreja, Ashish; Fu, Alex Z; Lee, Jar-Chi; Saupe, Welf; Stadtler, Maria; Chakraborty, Swati; Harris, C M; Rudick, Richard A

2011-01-01

No studies have addressed the use of electronic personal health records (e-PHRs) for self-management in complex neurological disorders. We assessed and tested an Internet-based self-management system that utilized the e-PHR and determined its impact on self-assessed well-being, clinician-assessed well-being, and healthcare utilization in patients with multiple sclerosis (MS). Subjects were randomized to usual care (a secure Web-based messaging system) or active intervention, which included secure messaging, self-monitoring, self-management of MS symptoms, and communication about upcoming clinic visits. Computers and Internet access were provided. Subjects were included if they had MS, lived within the county or region surrounding our MS center, had at least two appointments at our center in the previous 12 months, and demonstrated basic typing and computer skills. Study duration was 12 months. Of 220 subjects completing informed consent, 206 met the inclusion criteria. At the study's end, 83 subjects remained in the usual care group and 84 in the enhanced care group. Both groups used the available system components. The groups did not significantly differ on the primary endpoints or healthcare utilization. Self-management support is an emerging aspect of chronic care management. We established the feasibility of conducting a randomized, controlled trial using e-PHRs for patient self-management. We did not find that e-PHR-enabled self-management augmented multidisciplinary MS center-based care, possibly because the differences between interventions were not great enough.

Building a Secure Library System.

ERIC Educational Resources Information Center

Benson, Allen C.

1998-01-01

Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

Cyber Security: Big Data Think II Working Group Meeting

NASA Technical Reports Server (NTRS)

Hinke, Thomas; Shaw, Derek

2015-01-01

This presentation focuses on approaches that could be used by a data computation center to identify attacks and ensure malicious code and backdoors are identified if planted in system. The goal is to identify actionable security information from the mountain of data that flows into and out of an organization. The approaches are applicable to big data computational center and some must also use big data techniques to extract the actionable security information from the mountain of data that flows into and out of a data computational center. The briefing covers the detection of malicious delivery sites and techniques for reducing the mountain of data so that intrusion detection information can be useful, and not hidden in a plethora of false alerts. It also looks at the identification of possible unauthorized data exfiltration.

[Inability to work: analysis of sickness benefits granted in the State of Rondônia].

PubMed

Jakobi, Heinz Roland; Barbosa-Branco, Anadergh; Bueno, Luis Fernando; Ferreira, Ricardo de Godoi Mattos; Camargo, Luís Marcelo Aranha

2013-11-01

This is a descriptive epidemiological study aiming to o estimate the prevalence and duration of sickness benefits granted by the Brazilian Social Security Institute, as well as the clinical causes of inability to work among employees in Rondonia in 2008. The prevalence was submitted by 10,000 workers and stratified by sex, age, diagnosis, economic activity, and type and duration of benefits. Men had a higher prevalence and duration of benefits. Social security benefits were found to be 2,5 times more prevalent than accident benefits and both increased with age. Labor accidents were more prevalent in the age group ranging between 50-59 years, and Forestry, construction and manpower leasing: had the highest prevalence. The main diagnostic groups were injuries, musculoskeletal system disorders and digestive diseases. The duration of the sickness benefits was higher among men, =40 years and in the social security category. The economic activity is an important risk factor for Inability to work, and it needs to be further explored in order to improve sickness prevention and reduce the impact on workers' health arising from environmental conditions and working processes.

Self-Mutilating Adolescents in Secure Confinement: A Nationwide Survey of Institutional Response Systems.

ERIC Educational Resources Information Center

Traver, Michael D.; Rule, Warren R.

1996-01-01

Reviews the types of treatment facilities being utilized by youth facilities nationwide and their practices regarding self-mutilating residents. Results indicate varied frequencies of self-harming behavior. Findings suggest that departments that chose to take responsibility for stabilizing mutilating adolescents as a distinct group express greater…

76 FR 80422 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-23

...-dealers would have been unable to accurately determine the market depth of, and demand for, securities in... inter-dealer quotation system, such as the OTC Bulletin Board (``OTCBB'') or OTC Link (formerly ``Pink Sheets''), operated by OTC Markets Group Inc. (``OTC Link''). According to representatives of both OTC...

78 FR 19530 - RG Steel Sparrows Point LLC, Formerly Known as Severstal Sparrows Point LLC, a Subsidiary of RG...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-01

..., Alliance Engineering, Inc., Washington Group International, Javan & Walter, Inc., Kinetic Technical... Consulting, Crown Security, Eastern Automation, EDS (HP), TekSystems, URS Corporation, B More Industrial... Service Company, Sun Associated Industries, Inc., MPI Consultants LLC, Alliance Engineering, Inc...

Cyber Strategic Inquiry: Enabling Change through a Strategic Simulation and Megacommunity Concept

DTIC Science & Technology

2009-02-01

malicious software embedded in thumb drives and CDs that thwarted protections, such as antivirus software , on computers. In the scenario, these...Executives for National Security • The Carlyle Group • Cassat Corporation • Cisco Systems, Inc. • Cyveillance • General Dynamics • General Motors

Child anger proneness moderates associations between child-mother attachment security and child behavior with mothers at 33 months.

PubMed

McElwain, Nancy L; Holland, Ashley S; Engle, Jennifer M; Wong, Maria S

2012-02-01

Child-mother attachment security, assessed via a modified Strange Situation procedure (Cassidy & Marvin, with the MacArthur Attachment Working Group, 1992), and parent-reported child proneness to anger were examined as correlates of observed child behavior toward mothers during a series of interactive tasks (N = 120, 60 girls). Controlling for maternal sensitivity and child gender and expressive language ability, greater attachment security, and lower levels of anger proneness were related to more child responsiveness to maternal requests and suggestions during play and snack sessions. As hypothesized, anger proneness also moderated several security-behavior associations. Greater attachment security was related to (a) more committed compliance during clean-up and snack-delay tasks for children high on anger proneness, (b) more self-assertiveness during play and snack for children moderate or high on anger proneness, and (c) more help-seeking during play and snack for children moderate or low on anger proneness. Findings further our understanding of the behavioral correlates of child-mother attachment security assessed during late toddlerhood via the Cassidy-Marvin system and underscore child anger proneness as a moderator of attachment-related differences in child behavior during this developmental period.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

PubMed

Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

Cryptographically supported NFC tags in medication for better inpatient safety.

PubMed

Özcanhan, Mehmet Hilal; Dalkılıç, Gökhan; Utku, Semih

2014-08-01

Reliable sources report that errors in drug administration are increasing the number of harmed or killed inpatients, during healthcare. This development is in contradiction to patient safety norms. A correctly designed hospital-wide ubiquitous system, using advanced inpatient identification and matching techniques, should provide correct medicine and dosage at the right time. Researchers are still making grouping proof protocol proposals based on the EPC Global Class 1 Generation 2 ver. 1.2 standard tags, for drug administration. Analyses show that such protocols make medication unsecure and hence fail to guarantee inpatient safety. Thus, the original goal of patient safety still remains. In this paper, a very recent proposal (EKATE) upgraded by a cryptographic function is shown to fall short of expectations. Then, an alternative proposal IMS-NFC which uses a more suitable and newer technology; namely Near Field Communication (NFC), is described. The proposed protocol has the additional support of stronger security primitives and it is compliant to ISO communication and security standards. Unlike previous works, the proposal is a complete ubiquitous system that guarantees full patient safety; and it is based on off-the-shelf, new technology products available in every corner of the world. To prove the claims the performance, cost, security and scope of IMS-NFC are compared with previous proposals. Evaluation shows that the proposed system has stronger security, increased patient safety and equal efficiency, at little extra cost.

Reconsidering non-traditional export agriculture and household food security: A case study in rural Guatemala

PubMed Central

Bennett, Elena M.

2018-01-01

As the production of non-traditional export (NTX) crops by smallholder households in developing countries expands, there is a compelling need to understand the potential effects of this type of agricultural production on household food security and nutrition. We use two household surveys with a sample of 52 households, interviews, and focus groups to examine whether smallholder farmers who produce broccoli for export in a rural Guatemalan community have different household food security than farmers in the same community who are still growing traditional maize and bean crops. We explore and compare the food security status of broccoli farmers (adopters) and traditional farmers (non-adopters) across four dimensions of food security: availability, access, utilization, and stability. Adopters earned significantly more income (40%) than non-adopters, but higher incomes did not coincide with improvements in food availability, food access, or food utilization. Results indicate that adopters and non-adopters alike struggle with access to food, while the intensity of broccoli production may be undermining the ability of local agricultural systems to naturally control pests and regulate nutrients. More systematic approaches to food security assessment, especially those that consider all four dimensions of food security, are needed to better target interventions designed to alleviate food insecurity among rural smallholders. PMID:29795691

Reconsidering non-traditional export agriculture and household food security: A case study in rural Guatemala.

PubMed

Méthot, Josée; Bennett, Elena M

2018-01-01

As the production of non-traditional export (NTX) crops by smallholder households in developing countries expands, there is a compelling need to understand the potential effects of this type of agricultural production on household food security and nutrition. We use two household surveys with a sample of 52 households, interviews, and focus groups to examine whether smallholder farmers who produce broccoli for export in a rural Guatemalan community have different household food security than farmers in the same community who are still growing traditional maize and bean crops. We explore and compare the food security status of broccoli farmers (adopters) and traditional farmers (non-adopters) across four dimensions of food security: availability, access, utilization, and stability. Adopters earned significantly more income (40%) than non-adopters, but higher incomes did not coincide with improvements in food availability, food access, or food utilization. Results indicate that adopters and non-adopters alike struggle with access to food, while the intensity of broccoli production may be undermining the ability of local agricultural systems to naturally control pests and regulate nutrients. More systematic approaches to food security assessment, especially those that consider all four dimensions of food security, are needed to better target interventions designed to alleviate food insecurity among rural smallholders.

77 FR 33794 - Future Now Group, Inc., and Gammacan International, Inc.; Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-07

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Future Now Group, Inc., and Gammacan International, Inc.; Order of Suspension of Trading June 5, 2012. It appears to the Securities and Exchange... concerning the securities of Gammacan International, Inc. because it has not filed any periodic reports since...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Development and Operation of a Modern Information Portal for the ISS Medical Groups

NASA Technical Reports Server (NTRS)

Damann, V.; Johnson, MaGee; Sargsyan, Ashot; McDonald, P. Vernon; Armstrong, C.; Scheer, M.; Duncan, J. Michael

2007-01-01

This viewgraph presentation begins with a review of some of the problems inherent in running medical services for the International Space Station. Part of the solution for the problems is the development of the information portal for the ISS medical groups. The presentation shows the tools that have been developed to assist in collaboration for the medical services, the security system and the capabilities of the portal.

33 CFR 106.265 - Security measures for restricted areas.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Telecommunications; (iii) Power distribution system; (iv) Access points for ventilation and air-conditioning systems... security areas within the OCS facility; (6) Protect security and surveillance equipment and systems; and (7... security and surveillance equipment and systems and their controls, and lighting system controls; and (3...

77 FR 32111 - Privacy Act System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-31

... or fraud, or harm to the security or integrity of this system or other systems or programs (whether... to comment. FCC/MB-2 System Name: Broadcast Station Public Inspection Files. Security Classification: The FCC's Security Operations Center (SOC) has not assigned a security classification to this system...

A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

PubMed Central

Lee, Tian-Fu; Wang, Zeng-Bo

2017-01-01

The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions. PMID:29207509

NorthAm Fest : fostering a North American continent approach to countering terrorism.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gerdes, Dick; Moore, Judy Hennessey; Whitley, John B.

2004-12-01

On September 14-16, 2004, the Advanced Concepts Group of Sandia National Laboratories in conjunction with the University of Texas at El Paso and the North American Institute hosted a workshop (fest) designed to explore the concept of a North American continental approach to countering terrorism. The fest began with the basic premise that the successful defense of North America against the threat of terrorism will require close collaboration among the North American allies--Canada, Mexico and the U.S.--as well as a powerful set of information collection and analysis tools and deterrence strategies. The NorthAm Fest recast the notion of ''homeland defense''more » as a tri-national effort to protect the North American continent against an evolving threat that respects no borders. This is a report of the event summarizing the ideas explored. The fest examined the uniqueness of dealing with terrorism from a tri-national North American viewpoint, the role and possible features of joint security systems, concepts for ideal continental security systems for North America, and the challenges and opportunities for such systems to become reality. The following issues were identified as most important for the advancement of this concept. (1) The three countries share a set of core values--democracy, prosperity and security--which form the basis for joint interactions and allow for the development of a culture of cooperation without affecting the sovereignty of the members. (2) The creation of a continental defensive strategy will require a set of strategic guidelines and that smart secure borders play a pivotal role. (3) Joint security systems will need to operate from a set of complementary but not identical policies and procedures. (4) There is a value in joint task forces for response and shared information systems for the prevention of attacks. (5) The private sector must play a critical role in cross-border interactions. Finally, participants envisioned a ''Tri-National Security Laboratory'' to develop and test new counter-terrorism technologies and processes. The fest was an important first step in developing a tri-national approach to continental security and very different approaches to countering terrorism were explored. Participants came to the conclusion that continental security would be easier to achieve if the focus were on broader security issues, such as transnational crime, with terrorism being only a part of the focus. A series of fledgling relationships were begun between individuals and organizations through which actions can occur. A first commitment is the publication by a set of participants representing the three countries of a joint paper outlining the elements of a Continental Security approach.« less

Interpreter composition issues in the formal verification of a processor-memory module

NASA Technical Reports Server (NTRS)

Fura, David A.; Cohen, Gerald C.

1994-01-01

This report describes interpreter composition techniques suitable for the formal specification and verification of a processor-memory module using the HOL theorem proving system. The processor-memory module is a multichip subsystem within a fault-tolerant embedded system under development within the Boeing Defense and Space Group. Modeling and verification methods were developed that permit provably secure composition at the transaction-level of specification, significantly reducing the complexity of the hierarchical verification of the system.

Attachment anxiety benefits from security priming: Evidence from working memory performance

PubMed Central

2018-01-01

The present study investigates the relationship between the attachment dimensions (anxious vs. avoidance) and the cognitive performance of individuals, specifically whether the attachment dimensions would predict the working memory (WM) performance. In the n-back task, reflecting the WM capacity, both attachment related and non-attachment related words were used. Participants were randomly assigned into two groups that received either the secure or the neutral subliminal priming. In the secure priming condition, the aim was to induce sense of security by presenting secure attachment words prior to the n-back task performance. In neutral priming condition, neutral words that did not elicit sense of security were presented. Structural equation modeling revealed divergent patterns for attachment anxiety and avoidance dimensions under the different priming conditions. In neutral priming condition, WM performance declined in terms of capacity in the n-back task for individuals who rated higher levels of attachment anxiety. However in the secure priming condition, WM performance was boosted in the n-back task for individuals who rated higher levels of attachment anxiety. In other words, the subliminal priming of the security led to increased WM capacity of individuals who rated higher levels of attachment anxiety. This effect, however, was not observed for higher levels of attachment avoidance. Results are discussed along the lines of hyperactivation and deactivation strategies of the attachment system. PMID:29522549

75 FR 8096 - Privacy Act of 1974; Department of Homeland Security Transportation Security Administration-023...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-23

... Prevention Program System of Records AGENCY: Privacy Office, DHS. ACTION: Notice of Privacy Act system of... to establish a new system of records titled, ``Department of Homeland Security/Transportation Security Administration--023 Workplace Violence Prevention Program System of Records.'' This system will...

Ethics Certification of Health Information Professionals.

PubMed

Kluge, Eike-Henner; Lacroix, Paulette; Ruotsalainen, Pekka

2018-04-22

 To provide a model for ensuring the ethical acceptability of the provisions that characterize the interjurisdictional use of eHealth, telemedicine, and associated modalities of health care deliveiy that are currently in place.  Following the approach initiated in their Global Protection of Health Data project within the Security in Health Information Systems (SiHIS) working group of the International Medical Informatics Association (IMIA), the authors analyze and evaluate relevant privacy and security approaches that are intended to stem the erosion of patients' trustworthiness in the handling of their sensitive information by health care and informatics professionals in the international context.  The authors found that while the majority of guidelines and ethical codes essentially focus on the role and functioning of the institutions that use EHRs and information technologies, little if any attention has been paid to the qualifications of the health informatics professionals (HIPs) who actualize and operate information systems to deal with or address relevant ethical issues.  The apparent failure to address this matter indicates that the ethical qualification of HIPs remains an important security issue and that the Global Protection of Health Data project initiated by the SiHIS working group in 2015 should be expanded to develop into an internationally viable method of certification. An initial model to this effect is sketched and discussed. Georg Thieme Verlag KG Stuttgart.

An enhanced security solution for electronic medical records based on AES hybrid technique with SOAP/XML and SHA-1.

PubMed

Kiah, M L Mat; Nabi, Mohamed S; Zaidan, B B; Zaidan, A A

2013-10-01

This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.

Comparison of three mid-urethral tension-free tapes (TVT, TVT-O, and TVT-Secur) in the treatment of female stress urinary incontinence: 1-year follow-up.

PubMed

Wang, Yi-jun; Li, Fei-ping; Wang, Qian; Yang, Sen; Cai, Xian-guo; Chen, Ying-he

2011-11-01

The purpose of the study was to evaluate and compare the clinical values of tension-free vaginal tape (TVT), tension-free vaginal tape-transobturator (TVT-O), or tension-free vaginal tape-Secur (TVT-Secur) as treatment for female stress urinary incontinence. The pre-operative and 1-year post-operative follow-up protocols for patients who were treated with serial mid-urethral tension-free tape procedures in two hospitals from October 2008 to December 2009 were prospectively studied. These patients were randomly allocated to TVT, TVT-O, or TVT-Secur. A total of 102 women participated. At the 1-year follow-up, complications were not statistically different across the three groups except for pain in the thigh, which was more common in the TVT-O group. The overall efficacy and cure rate were similar between the TVT and TVT-O groups, but were significantly lower in the TVT-Secur group. A comparison of the three procedures shows that TVT-O is easy to operate and is as safe as TVT-Secur, and it has similar long-term efficacy to TVT, though, as one of the third-generation mid-urethral tension-free tapes, TVT-Secur is still being evaluated. Basing on the outcome of our study, it had rare complications but unsatisfactory efficacy, and we suggest that TVT-Secur is not fit for severe cases. However, observation and comparison of these groups in a larger sample size on a longer term are needed.

78 FR 56263 - HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc., SLM Holdings, Inc., Spring Creek Healthcare Systems... securities of Security Intelligence Technologies, Inc. because it has not filed any periodic reports since...

The Effects of Evaluation and Production Blocking on the Performance of Brainstorming Groups

DTIC Science & Technology

1992-08-01

NUMBER OF PAGES 701 16. PRICE CODE 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 19. SECURITY CLASSIFICATION 20. LMIITATION OF ABSTRACT OF...special interest group. Once again, the people in the above examples share many things in common such as a sense of civil duty, an employer, a love for a...people respond differently in the presence of others, a phenomenon Zajonc refers to as compresence . In group settings, social facilitation can be

Development of a medical information system that minimizes staff workload and secures system safety at a small medical institution

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Koyama, Tadashi

2005-04-01

We developed a secure system that minimizes staff workload and secures safety of a medical information system. In this study, we assess the legal security requirements and risks occurring from the use of digitized data. We then analyze the security measures for ways of reducing these risks. In the analysis, not only safety, but also costs of security measures and ease of operability are taken into consideration. Finally, we assess the effectiveness of security measures by employing our system in small-sized medical institution. As a result of the current study, we developed and implemented several security measures, such as authentications, cryptography, data back-up, and secure sockets layer protocol (SSL) in our system. In conclusion, the cost for the introduction and maintenance of a system is one of the primary difficulties with its employment by a small-sized institution. However, with recent reductions in the price of computers, and certain advantages of small-sized medical institutions, the development of an efficient system configuration has become possible.

49 CFR 659.25 - Annual review of system safety program plan and system security plan.

Code of Federal Regulations, 2010 CFR

2010-10-01

... system security plan. 659.25 Section 659.25 Transportation Other Regulations Relating to Transportation... and system security plan. (a) The oversight agency shall require the rail transit agency to conduct an annual review of its system safety program plan and system security plan. (b) In the event the rail...

45 CFR 95.621 - ADP reviews.

Code of Federal Regulations, 2011 CFR

2011-10-01

... use; (C) Software and data security; (D) Telecommunications security; (E) Personnel security; (F... Federal review. (f) ADP System Security Requirements and Review Process—(1) ADP System Security Requirement. State agencies are responsible for the security of all ADP projects under development, and...

Data Management Working Group report

NASA Technical Reports Server (NTRS)

Filardo, Edward J.; Smith, David B.

1986-01-01

The current flight qualification program lags technology insertion by 6 to 10 years. The objective is to develop an integrated software engineering and development environment assisted by an expert system technology. An operating system needs to be developed which is portable to the on-board computers of the year 2000. The use of ADA verses a High-Order Language; fault tolerance; fiber optics networks; communication protocols; and security are also examined and outlined.

Health services analysis as a tool for evidence-based policy decisions: the case of the Ministry of Health and Social Security in Mexico.

PubMed

Kroeger, Axel; Hernandez, Juan Manuel

2003-12-01

To describe the strengths and weaknesses of two Mexican health care providers for poor populations [Ministry of Health (MoH) and Social Security (SS)] in order to facilitate policy decisions about the future of the two systems. In four Mexican states we conducted (i) a household interview survey in 10 724 households; (ii) a user satisfaction survey in 1319 households; (iii) a satisfaction survey of 236 health workers; (iv) in-depth interviews with 190 health workers; (v) 188 focus-group discussions with different population groups; (vi) a document analysis. Both systems serve populations with similar characteristics of poverty. The availability of resources was better in the MoH system; SS care was better concerning process indicators (family planning, antenatal care; in-service delivery of drugs, staff productivity, user satisfaction and staff motivation), efficiency and effectiveness (reduction of morbidity and mortality). Possible explanatory factors for the better performance of the SS system were strong supervision, regular communication, joint data analysis and annual population surveys. Better service organization makes a difference regarding efficiency and effectiveness. Policy-makers, deciding on which kind of health services are best for the poor, should take into account health services' analyses.

Data Collection for Mobile Group Consumption: An Asynchronous Distributed Approach.

PubMed

Zhu, Weiping; Chen, Weiran; Hu, Zhejie; Li, Zuoyou; Liang, Yue; Chen, Jiaojiao

2016-04-06

Mobile group consumption refers to consumption by a group of people, such as a couple, a family, colleagues and friends, based on mobile communications. It differs from consumption only involving individuals, because of the complex relations among group members. Existing data collection systems for mobile group consumption are centralized, which has the disadvantages of being a performance bottleneck, having single-point failure and increasing business and security risks. Moreover, these data collection systems are based on a synchronized clock, which is often unrealistic because of hardware constraints, privacy concerns or synchronization cost. In this paper, we propose the first asynchronous distributed approach to collecting data generated by mobile group consumption. We formally built a system model thereof based on asynchronous distributed communication. We then designed a simulation system for the model for which we propose a three-layer solution framework. After that, we describe how to detect the causality relation of two/three gathering events that happened in the system based on the collected data. Various definitions of causality relations based on asynchronous distributed communication are supported. Extensive simulation results show that the proposed approach is effective for data collection relating to mobile group consumption.

Data Collection for Mobile Group Consumption: An Asynchronous Distributed Approach †

PubMed Central

Zhu, Weiping; Chen, Weiran; Hu, Zhejie; Li, Zuoyou; Liang, Yue; Chen, Jiaojiao

2016-01-01

Mobile group consumption refers to consumption by a group of people, such as a couple, a family, colleagues and friends, based on mobile communications. It differs from consumption only involving individuals, because of the complex relations among group members. Existing data collection systems for mobile group consumption are centralized, which has the disadvantages of being a performance bottleneck, having single-point failure and increasing business and security risks. Moreover, these data collection systems are based on a synchronized clock, which is often unrealistic because of hardware constraints, privacy concerns or synchronization cost. In this paper, we propose the first asynchronous distributed approach to collecting data generated by mobile group consumption. We formally built a system model thereof based on asynchronous distributed communication. We then designed a simulation system for the model for which we propose a three-layer solution framework. After that, we describe how to detect the causality relation of two/three gathering events that happened in the system based on the collected data. Various definitions of causality relations based on asynchronous distributed communication are supported. Extensive simulation results show that the proposed approach is effective for data collection relating to mobile group consumption. PMID:27058544

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

Managing medical and insurance information through a smart-card-based information system.

PubMed

Lambrinoudakis, C; Gritzalis, S

2000-08-01

The continuously increased mobility of patients and doctors, in conjunction with the existence of medical groups consisting of private doctors, general practitioners, hospitals, medical centers, and insurance companies, pose significant difficulties on the management of patients' medical data. Inevitably this affects the quality of the health care services provided. The evolving smart card technology can be utilized for the implementation of a secure portable electronic medical record, carried by the patient herself/himself. In addition to the medical data, insurance information can be stored in the smart card thus facilitating the creation of an "intelligent system" supporting the efficient management of patient's data. In this paper we present the main architectural and functional characteristics of such a system. We also highlight how the security features offered by smart cards can be exploited in order to ensure confidentiality and integrity of the medical data stored in the patient cards.

A Secure and Efficient Threshold Group Signature Scheme

NASA Astrophysics Data System (ADS)

Zhang, Yansheng; Wang, Xueming; Qiu, Gege

The paper presents a secure and efficient threshold group signature scheme aiming at two problems of current threshold group signature schemes: conspiracy attack and inefficiency. Scheme proposed in this paper takes strategy of separating designed clerk who is responsible for collecting and authenticating each individual signature from group, the designed clerk don't participate in distribution of group secret key and has his own public key and private key, designed clerk needs to sign part information of threshold group signature after collecting signatures. Thus verifier has to verify signature of the group after validating signature of the designed clerk. This scheme is proved to be secure against conspiracy attack at last and is more efficient by comparing with other schemes.

Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups

NASA Astrophysics Data System (ADS)

Desmedt, Yvo; Lange, Tanja; Burmester, Mike

Task-specific groups are often formed in an ad-hoc manner within large corporate structures, such as companies. Take the following typical scenario: A director decides to set up a task force group for some specific project. An order is passed down the hierarchy where it finally reaches a manager who selects some employees to form the group. The members should communicate in a secure way and for efficiency, a symmetric encryption system is chosen. To establish a joint secret key for the group, a group key exchange (GKE) protocol is used. We show how to use an existing Public Key Infrastructure (PKI) to achieve authenticated GKE by modifying the protocol and particularly by including signatures.

Cyber security risk assessment for SCADA and DCS networks.

PubMed

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Estimated costs of postoperative wound infections. A case-control study of marginal hospital and social security costs.

PubMed Central

Poulsen, K. B.; Bremmelgaard, A.; Sørensen, A. I.; Raahave, D.; Petersen, J. V.

1994-01-01

A cohort of 4515 surgical patients in ten selected intervention groups was followed. Three hundred and seventeen developed postoperative wound infections, and 291 of these cases were matched 1:1 to controls by operation, sex and age. In comparison to the controls the cases stayed longer in hospital after the intervention and had more contact after discharge with the social security system. Using data from a national sentinel reference database of the incidence of postoperative wound infections, and using national activity data, we established an empirical cost model based on the estimated marginal costs of hospital resources and social sick pay. It showed that the hospital resources spent on the ten groups, which represent half of the postoperative wound infections in Denmark, amounted to approximately 0.5% of the annual national hospital budget. This stratified model creates a better basis for selecting groups of operations which need priority in terms of preventive measures. PMID:7925666

78 FR 50135 - AIMS Worldwide, Inc., Apollo Capital Group, Inc., CommunitySouth Financial Corp., Last Mile...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-16

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] AIMS Worldwide, Inc., Apollo Capital Group, Inc., CommunitySouth Financial Corp., Last Mile Logistics Group, Inc., Made in America Entertainment... concerning the securities of Last Mile Logistics Group, Inc. because it has not filed any periodic reports...

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

Unconditional security of entanglement-based continuous-variable quantum secret sharing

NASA Astrophysics Data System (ADS)

Kogias, Ioannis; Xiang, Yu; He, Qiongyi; Adesso, Gerardo

2017-01-01

The need for secrecy and security is essential in communication. Secret sharing is a conventional protocol to distribute a secret message to a group of parties, who cannot access it individually but need to cooperate in order to decode it. While several variants of this protocol have been investigated, including realizations using quantum systems, the security of quantum secret sharing schemes still remains unproven almost two decades after their original conception. Here we establish an unconditional security proof for entanglement-based continuous-variable quantum secret sharing schemes, in the limit of asymptotic keys and for an arbitrary number of players. We tackle the problem by resorting to the recently developed one-sided device-independent approach to quantum key distribution. We demonstrate theoretically the feasibility of our scheme, which can be implemented by Gaussian states and homodyne measurements, with no need for ideal single-photon sources or quantum memories. Our results contribute to validating quantum secret sharing as a viable primitive for quantum technologies.

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

Evaluating Factors of Security Policy on Information Security Effectiveness in Developing Nations: A Case of Nigeria

ERIC Educational Resources Information Center

Okolo, Nkiru Benjamin

2016-01-01

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

Secure Multicast Tree Structure Generation Method for Directed Diffusion Using A* Algorithms

NASA Astrophysics Data System (ADS)

Kim, Jin Myoung; Lee, Hae Young; Cho, Tae Ho

The application of wireless sensor networks to areas such as combat field surveillance, terrorist tracking, and highway traffic monitoring requires secure communication among the sensor nodes within the networks. Logical key hierarchy (LKH) is a tree based key management model which provides secure group communication. When a sensor node is added or evicted from the communication group, LKH updates the group key in order to ensure the security of the communications. In order to efficiently update the group key in directed diffusion, we propose a method for secure multicast tree structure generation, an extension to LKH that reduces the number of re-keying messages by considering the addition and eviction ratios of the history data. For the generation of the proposed key tree structure the A* algorithm is applied, in which the branching factor at each level can take on different value. The experiment results demonstrate the efficiency of the proposed key tree structure against the existing key tree structures of fixed branching factors.

Remote software upload techniques in future vehicles and their performance analysis

NASA Astrophysics Data System (ADS)

Hossain, Irina

Updating software in vehicle Electronic Control Units (ECUs) will become a mandatory requirement for a variety of reasons, for examples, to update/fix functionality of an existing system, add new functionality, remove software bugs and to cope up with ITS infrastructure. Software modules of advanced vehicles can be updated using Remote Software Upload (RSU) technique. The RSU employs infrastructure-based wireless communication technique where the software supplier sends the software to the targeted vehicle via a roadside Base Station (BS). However, security is critically important in RSU to avoid any disasters due to malfunctions of the vehicle or to protect the proprietary algorithms from hackers, competitors or people with malicious intent. In this thesis, a mechanism of secure software upload in advanced vehicles is presented which employs mutual authentication of the software provider and the vehicle using a pre-shared authentication key before sending the software. The software packets are sent encrypted with a secret key along with the Message Digest (MD). In order to increase the security level, it is proposed the vehicle to receive more than one copy of the software along with the MD in each copy. The vehicle will install the new software only when it receives more than one identical copies of the software. In order to validate the proposition, analytical expressions of average number of packet transmissions for successful software update is determined. Different cases are investigated depending on the vehicle's buffer size and verification methods. The analytical and simulation results show that it is sufficient to send two copies of the software to the vehicle to thwart any security attack while uploading the software. The above mentioned unicast method for RSU is suitable when software needs to be uploaded to a single vehicle. Since multicasting is the most efficient method of group communication, updating software in an ECU of a large number of vehicles could benefit from it. However, like the unicast RSU, the security requirements of multicast communication, i.e., authenticity, confidentiality and integrity of the software transmitted and access control of the group members is challenging. In this thesis, an infrastructure-based mobile multicasting for RSU in vehicle ECUs is proposed where an ECU receives the software from a remote software distribution center using the road side BSs as gateways. The Vehicular Software Distribution Network (VSDN) is divided into small regions administered by a Regional Group Manager (RGM). Two multicast Group Key Management (GKM) techniques are proposed based on the degree of trust on the BSs named Fully-trusted (FT) and Semi-trusted (ST) systems. Analytical models are developed to find the multicast session establishment latency and handover latency for these two protocols. The average latency to perform mutual authentication of the software vendor and a vehicle, and to send the multicast session key by the software provider during multicast session initialization, and the handoff latency during multicast session is calculated. Analytical and simulation results show that the link establishment latency per vehicle of our proposed schemes is in the range of few seconds and the ST system requires few ms higher time than the FT system. The handoff latency is also in the range of few seconds and in some cases ST system requires less handoff time than the FT system. Thus, it is possible to build an efficient GKM protocol without putting too much trust on the BSs.

48 CFR 2301.101 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 2301.101 Federal Acquisition Regulations System SOCIAL SECURITY ADMINISTRATION GENERAL SOCIAL SECURITY ACQUISITION REGULATION SYSTEM Purpose, Authority, Issuance 2301.101 Purpose. (a) The Social Security... Social Security Administration (SSA) which conform to the Federal Acquisition Regulation (FAR) System. (b...

Quality of protection evaluation of security mechanisms.

PubMed

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

Breaking down the barriers of using strong authentication and encryption in resource constrained embedded systems

NASA Astrophysics Data System (ADS)

Knobler, Ron; Scheffel, Peter; Jackson, Scott; Gaj, Kris; Kaps, Jens Peter

2013-05-01

Various embedded systems, such as unattended ground sensors (UGS), are deployed in dangerous areas, where they are subject to compromise. Since numerous systems contain a network of devices that communicate with each other (often times with commercial off the shelf [COTS] radios), an adversary is able to intercept messages between system devices, which jeopardizes sensitive information transmitted by the system (e.g. location of system devices). Secret key algorithms such as AES are a very common means to encrypt all system messages to a sufficient security level, for which lightweight implementations exist for even very resource constrained devices. However, all system devices must use the appropriate key to encrypt and decrypt messages from each other. While traditional public key algorithms (PKAs), such as RSA and Elliptic Curve Cryptography (ECC), provide a sufficiently secure means to provide authentication and a means to exchange keys, these traditional PKAs are not suitable for very resource constrained embedded systems or systems which contain low reliability communication links (e.g. mesh networks), especially as the size of the network increases. Therefore, most UGS and other embedded systems resort to pre-placed keys (PPKs) or other naïve schemes which greatly reduce the security and effectiveness of the overall cryptographic approach. McQ has teamed with the Cryptographic Engineering Research Group (CERG) at George Mason University (GMU) to develop an approach using revolutionary cryptographic techniques that provides both authentication and encryption, but on resource constrained embedded devices, without the burden of large amounts of key distribution or storage.

77 FR 50204 - Star Entertainment Group, Inc., Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-20

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Star Entertainment Group, Inc., Order of... lack of current and accurate information concerning the securities of Star Entertainment Group, Inc. (``Star Entertainment'') because of questions regarding the accuracy of the company's financial statements...

77 FR 14839 - Harris & Harris Group, Inc.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-13

... SECURITIES AND EXCHANGE COMMISSION [Investment Company Act Release No. 29976; 812-13313] Harris & Harris Group, Inc.; Notice of Application March 7, 2012. AGENCY: Securities and Exchange Commission... from section 23(c) of the Act. SUMMARY OF THE APPLICATION: Harris & Harris Group, Inc. (``Applicant...

75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held December 9, 2010...

75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held March 10, 2011, from...

76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-21

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held February 8, 2011...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2011 CFR

2011-10-01

... 47 Telecommunication 5 2011-10-01 2011-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2014 CFR

2014-10-01

... 47 Telecommunication 5 2014-10-01 2014-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2012 CFR

2012-10-01

... 47 Telecommunication 5 2012-10-01 2012-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2013 CFR

2013-10-01

... 47 Telecommunication 5 2013-10-01 2013-10-01 false Ship Security Alert System (SSAS). 80.277... SERVICES STATIONS IN THE MARITIME SERVICES Equipment Authorization for Compulsory Ships § 80.277 Ship Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety...

78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-01

... to Facility Vulnerability Assessments and the Integration of Security Systems AGENCY: Coast Guard...-sharing measures. Security System Integration Alternatives Require each MTSA-regulated facility owner or... other forms of security system integration. Information Requested 1. We request comments on the...

20 CFR 404.1901 - Introduction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... social security system of the United States and the social security system of a foreign country. An... be based on a combination of a person's periods of coverage under the social security system of the United States and the social security system of the foreign country. An agreement also provides for the...

45 CFR 307.13 - Security and confidentiality for computerized support enforcement systems in operation after...

Code of Federal Regulations, 2010 CFR

2010-10-01

... ENFORCEMENT SYSTEMS § 307.13 Security and confidentiality for computerized support enforcement systems in... systems in operation after October 1, 1997. (a) Information integrity and security. Have safeguards... 45 Public Welfare 2 2010-10-01 2010-10-01 false Security and confidentiality for computerized...

49 CFR 659.21 - System security plan: general requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: general requirements. 659.21... State Oversight Agency § 659.21 System security plan: general requirements. (a) The oversight agency shall require the rail transit agency to implement a system security plan that, at a minimum, complies...

Multimedia Security System for Security and Medical Applications

ERIC Educational Resources Information Center

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-06

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held November 2, 2010...

76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems DATES: The meeting will be held April 13, 2011, from...

The Rebirth of a World Power? German Unification and the Future of European Security

DTIC Science & Technology

1990-12-01

Government. 17 COSATI CODES 18 SUBJECT TERMS (Continue on reverse if necessary and identify by block number) FIELD GROUP SUB- GROUP German unification...in the balance of power system. Germany (and Prussia) was used as a territorial "shock absorber" to maintain a buffer between the great powers--a...European statecraft was not pressured by internal problems which later forced governments to take actions that aroused the suspicions and fears of the

James Reilly | NREL

Science.gov Websites

experience and expertise in energy projects ranging from 50 kW to 150 MW across distribution and transmission security for Department of Defense Transmission and distribution system design. Education B.S., Energy Working in the Engineering and Modeling Group of NREL's Integrated Applications Center under the Energy

78 FR 9768 - Bureau of International Security and Nonproliferation Imposition of Nonproliferation Measures...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-11

... technology controlled under multilateral control lists (Missile Technology Control Regime, Australia Group... or ballistic missile sytems. The latter category includes (a) items of the same kind as those on... potential of making a material contribution to WMD or cruise or ballistic missile systems, (b) items on U.S...

Hierarchical Bio-Inspired Cooperative Control for Nonlinear Dynamical Systems and Hardware Demonstration

DTIC Science & Technology

2013-04-03

cooperative control, LEGO robotic testbed, non-linear dynamics 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18. NUMBER OF PAGES...testbed The architecture of the LEGO robots (® LEGO is a trademark and/or copyright of the LEGO Group) used in tests were based off the quick-start

49 CFR 383.73 - State procedures.

Code of Federal Regulations, 2014 CFR

2014-10-01

... endorsement knowledge tests; (iv) Allow only a group-specific passenger (P) and school bus (S) endorsement and... issuing a CLP or a CDL to a person the State must verify the name, date of birth, and Social Security... the CLP, Non-domiciled CLP, CDL or Non-domiciled CDL. (n) Computer system controls. The State must...

Semiannual Report to the Congress (April 1, 2000 - September 30, 2000) Volume 44

DTIC Science & Technology

2000-09-01

remains concerned over the strength of traditional La Cosa Nostra crime groups in the labor union area as well as in union-related employee benefit plans...Department needs to assure that its major systems are secure from threats and loss of assets. The rapidly expanding use of Internet applications exposes...

The systems approach to airport security: The FAA (Federal Aviation Administration)/BWI (Baltimore-Washington International) Airport demonstration project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Caskey, D.L.; Olascoaga, M.T.

1990-01-01

Sandia National Laboratories has been involved in designing, installing and evaluating security systems for various applications during the past 15 years. A systems approach to security that evolved from this experience was applied to aviation security for the Federal Aviation Administration. A general systems study of aviation security in the United States was concluded in 1987. One result of the study was a recommendation that an enhanced security system concept designed to meet specified objectives be demonstrated at an operational airport. Baltimore-Washington International Airport was selected as the site for the demonstration project which began in 1988 and will bemore » completed in 1992. This article introduced the systems approach to airport security and discussed its application at Baltimore-Washington International Airport. Examples of design features that could be included in an enhanced security concept also were presented, including details of the proposed Ramps Area Intrusion Detection System (RAIDS).« less

Research and realization of info-net security controlling system

NASA Astrophysics Data System (ADS)

Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-03-01

The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

The decision to exclude agricultural and domestic workers from the 1935 Social Security Act.

PubMed

DeWitt, Larry

2010-01-01

The Social Security Act of 1935 excluded from coverage about half the workers in the American economy. Among the excluded groups were agricultural and domestic workers-a large percentage of whom were African Americans. This has led some scholars to conclude that policymakers in 1935 deliberately excluded African Americans from the Social Security system because of prevailing racial biases during that period. This article examines both the logic of this thesis and the available empirical evidence on the origins of the coverage exclusions. The author concludes that the racial-bias thesis is both conceptually flawed and unsupported by the existing empirical evidence. The exclusion of agricultural and domestic workers from the early program was due to considerations of administrative feasibility involving tax-collection procedures. The author finds no evidence of any other policy motive involving racial bias.

Privacy vs usability: a qualitative exploration of patients' experiences with secure Internet communication with their general practitioner.

PubMed

Tjora, Aksel; Tran, Trung; Faxvaag, Arild

2005-05-31

Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces.

Privacy vs Usability: A Qualitative Exploration of Patients' Experiences With Secure Internet Communication With Their General Practitioner

PubMed Central

Tran, Trung; Faxvaag, Arild

2005-01-01

Background Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. Objectives The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Methods Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Results Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Conclusions Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces. PMID:15998606

Openness of patients' reporting with use of electronic records: psychiatric clinicians' views

PubMed Central

Blackford, Jennifer Urbano; Rosenbloom, S Trent; Seidel, Sandra; Clayton, Ellen Wright; Dilts, David M; Finder, Stuart G

2010-01-01

Objectives Improvements in electronic health record (EHR) system development will require an understanding of psychiatric clinicians' views on EHR system acceptability, including effects on psychotherapy communications, data-recording behaviors, data accessibility versus security and privacy, data quality and clarity, communications with medical colleagues, and stigma. Design Multidisciplinary development of a survey instrument targeting psychiatric clinicians who recently switched to EHR system use, focus group testing, data analysis, and data reliability testing. Measurements Survey of 120 university-based, outpatient mental health clinicians, with 56 (47%) responding, conducted 18 months after transition from a paper to an EHR system. Results Factor analysis gave nine item groupings that overlapped strongly with five a priori domains. Respondents both praised and criticized the EHR system. A strong majority (81%) felt that open therapeutic communications were preserved. Regarding data quality, content, and privacy, clinicians (63%) were less willing to record highly confidential information and disagreed (83%) with including their own psychiatric records among routinely accessed EHR systems. Limitations single time point; single academic medical center clinic setting; modest sample size; lack of prior instrument validation; survey conducted in 2005. Conclusions In an academic medical center clinic, the presence of electronic records was not seen as a dramatic impediment to therapeutic communications. Concerns regarding privacy and data security were significant, and may contribute to reluctances to adopt electronic records in other settings. Further study of clinicians' views and use patterns may be helpful in guiding development and deployment of electronic records systems. PMID:20064802

Systemizers Are Better Code-Breakers: Self-Reported Systemizing Predicts Code-Breaking Performance in Expert Hackers and Naïve Participants.

PubMed

Harvey, India; Bolgan, Samuela; Mosca, Daniel; McLean, Colin; Rusconi, Elena

2016-01-01

Studies on hacking have typically focused on motivational aspects and general personality traits of the individuals who engage in hacking; little systematic research has been conducted on predispositions that may be associated not only with the choice to pursue a hacking career but also with performance in either naïve or expert populations. Here, we test the hypotheses that two traits that are typically enhanced in autism spectrum disorders-attention to detail and systemizing-may be positively related to both the choice of pursuing a career in information security and skilled performance in a prototypical hacking task (i.e., crypto-analysis or code-breaking). A group of naïve participants and of ethical hackers completed the Autism Spectrum Quotient, including an attention to detail scale, and the Systemizing Quotient (Baron-Cohen et al., 2001, 2003). They were also tested with behavioral tasks involving code-breaking and a control task involving security X-ray image interpretation. Hackers reported significantly higher systemizing and attention to detail than non-hackers. We found a positive relation between self-reported systemizing (but not attention to detail) and code-breaking skills in both hackers and non-hackers, whereas attention to detail (but not systemizing) was related with performance in the X-ray screening task in both groups, as previously reported with naïve participants (Rusconi et al., 2015). We discuss the theoretical and translational implications of our findings.

The impact of joint responses of devices in an airport security system.

PubMed

Nie, Xiaofeng; Batta, Rajan; Drury, Colin G; Lin, Li

2009-02-01

In this article, we consider a model for an airport security system in which the declaration of a threat is based on the joint responses of inspection devices. This is in contrast to the typical system in which each check station independently declares a passenger as having a threat or not having a threat. In our framework the declaration of threat/no-threat is based upon the passenger scores at the check stations he/she goes through. To do this we use concepts from classification theory in the field of multivariate statistics analysis and focus on the main objective of minimizing the expected cost of misclassification. The corresponding correct classification and misclassification probabilities can be obtained by using a simulation-based method. After computing the overall false alarm and false clear probabilities, we compare our joint response system with two other independently operated systems. A model that groups passengers in a manner that minimizes the false alarm probability while maintaining the false clear probability within specifications set by a security authority is considered. We also analyze the staffing needs at each check station for such an inspection scheme. An illustrative example is provided along with sensitivity analysis on key model parameters. A discussion is provided on some implementation issues, on the various assumptions made in the analysis, and on potential drawbacks of the approach.

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

Profiles of Irish survivors of institutional abuse with different adult attachment styles.

PubMed

Carr, Alan; Flanagan, Edel; Dooley, Barbara; Fitzpatrick, Mark; Flanagan-Howard, Roisín; Shevlin, Mark; Tierney, Kevin; White, Megan; Daly, Margaret; Egan, Jonathan

2009-03-01

Two hundred and forty seven survivors of institutional abuse in Ireland were classified with the Experiences in Close Relationships Inventory as having fearful (44%), preoccupied (13%), dismissive (27%), or secure (17%) adult attachment styles. The group with the secure adult attachment style had the most positive profile, while the most negative profile occurred for the fearful group in terms of DSM IV diagnoses and scores on the Trauma Symptom Inventory, the Global Assessment of Functioning Scale, the World Health Organization Quality of Life 100 scale, and the Kansas Marital Satisfaction Scale. The profile of the preoccupied group was more similar to that of the fearful group. The profile of the dismissive group was more similar to that of the secure group.

An SSH key management system: easing the pain of managing key/user/account associations

NASA Astrophysics Data System (ADS)

Arkhipkin, D.; Betts, W.; Lauret, J.; Shiryaev, A.

2008-07-01

Cyber security requirements for secure access to computing facilities often call for access controls via gatekeepers and the use of two-factor authentication. Using SSH keys to satisfy the two factor authentication requirement has introduced a potentially challenging task of managing the keys and their associations with individual users and user accounts. Approaches for a facility with the simple model of one remote user corresponding to one local user would not work at facilities that require a many-to-many mapping between users and accounts on multiple systems. We will present an SSH key management system we developed, tested and deployed to address the many-to-many dilemma in the environment of the STAR experiment. We will explain its use in an online computing context and explain how it makes possible the management and tracing of group account access spread over many sub-system components (data acquisition, slow controls, trigger, detector instrumentation, etc.) without the use of shared passwords for remote logins.

A Secure and Robust Object-Based Video Authentication System

NASA Astrophysics Data System (ADS)

He, Dajun; Sun, Qibin; Tian, Qi

2004-12-01

An object-based video authentication system, which combines watermarking, error correction coding (ECC), and digital signature techniques, is presented for protecting the authenticity between video objects and their associated backgrounds. In this system, a set of angular radial transformation (ART) coefficients is selected as the feature to represent the video object and the background, respectively. ECC and cryptographic hashing are applied to those selected coefficients to generate the robust authentication watermark. This content-based, semifragile watermark is then embedded into the objects frame by frame before MPEG4 coding. In watermark embedding and extraction, groups of discrete Fourier transform (DFT) coefficients are randomly selected, and their energy relationships are employed to hide and extract the watermark. The experimental results demonstrate that our system is robust to MPEG4 compression, object segmentation errors, and some common object-based video processing such as object translation, rotation, and scaling while securely preventing malicious object modifications. The proposed solution can be further incorporated into public key infrastructure (PKI).

Everything moves on: referral trends to a leavers' group in a high secure hospital and trial leave progress of group graduates.

PubMed

Adshead, Gwen; Pyszora, Natalie; Wilson, Claire; Gopie, Ramesh; Thomas, Deryk; Smith, Julia; Glorney, Emily; Moore, Estelle; Tapp, James

2017-04-01

Moving on from high secure psychiatric care can be a complex and potentially stressful experience, which may hinder progression. A leavers' group in a UK high secure hospital is offered to support patients with this transition. The aims of this study are to investigate characteristics of patients referred for the leavers' group and compare outcomes for leavers' group graduates with those for patients who never attended a leavers' group for any reason. A retrospective quasi-experimental design was applied to data extracted from various records sources - within and outside the high security hospital. About one-fifth of patients who left the hospital on trial leave during the study were referred to the leavers' group (N = 109). Referred patients were significantly more likely to have either been admitted from another high-security hospital or transferred from prison for treatment and have a diagnosis of paranoid schizophrenia. Patients not referred had a significantly higher rate of previously refusing to participate in groups. There was a tendency for rate of return from trial leave for group graduates to be lower than that of patients who did not attend the leavers' group, but this just failed to reach statistical significance (rate ratio [RR] = 1.04; CI 0.97-1.11). A leavers' group appeared to be a valued therapy option for people who had spent a long time in high secure psychiatric care, or those who continued to require hospital treatment beyond prison tariffs. There was a low return rate from trial leave, which made the evaluation of this outcome difficult. A detailed study into both the reasons for return from trial leave and successes would provide further information on ideal preparation for moving on. Copyright © 2016 John Wiley & Sons, Ltd. Copyright © 2016 John Wiley & Sons, Ltd.

22 CFR 308.10 - Security of records systems-manual and automated.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 22 Foreign Relations 2 2010-04-01 2010-04-01 true Security of records systems-manual and automated... Security of records systems—manual and automated. The head of the agency has the responsibility of... destruction of manual and automatic record systems. These security safeguards shall apply to all systems in...

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Security of systems of records. 792.67 Section... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792.67 Security of systems of records. (a) Each system manager, with the approval of the head of that...

78 FR 24161 - Bureau of Industry and Security

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-24

... of Industry and Security senior management. 4. Discussion on General Technology Note as it applies to.... Report of Composite Working Group and other working groups. 7. Report on regime-based activities. 8...

Individualizing Japan: searching for its origin in first modernity.

PubMed

Suzuki, Munenori; Ito, Midori; Ishida, Mitsunori; Nihei, Norihiro; Maruyama, Masao

2010-09-01

Since the mid-1990s Japanese society has entered a period of major change. The previous patterns of social order and social integration have collapsed, and it has become increasingly difficult to envision a stable life course for oneself. The 'secure' foundation has been weakening and anxiety has spread at an accelerated pace. Japan could enter the age of second modernity, or reflexive modernization. In Japan's first modernity, the mechanism responsible for risk management, an integrated society, and stabilized social order, was, first, private corporations that guaranteed long-term stability for employees and their families (company-centrism) and, second, land development rapidly implemented under the guidance of bureaucrats (developmentalism). From the 1990s, these systems were fundamentally destroyed by globalization and neoliberal policies. Private corporations limited the groups that could benefit from the seniority wage system, undermining in-house welfare benefits. The government abandoned its role of improving the industrial and economic conditions of surrounding areas through offering public works projects. After these risk-stabilizing mechanisms were gone, two problems became conspicuous - poverty among young workers in urban areas and the collapse of the local community in marginal areas. As the seniority wage system and lifetime employment were substitutes for the public social security system, public measures to deal with poverty remain inadequate. Now, the individualization of the family has advanced somewhat under compulsion as the rate of unmarried people and the divorce rate have climbed. The Japanese have a tendency to seek 'self-realization'; at the same time, they also want 'secure employment'. Thus, they are torn between individualization and the desire for security. What is now necessary is a more stable system that will ensure them adequate material and spiritual 'elbowroom' to allow them to make their own choices. © London School of Economics and Political Science 2010.

Securing the Global Airspace System Via Identity-Based Security

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Security Assessment Simulation Toolkit (SAST) Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Meitzler, Wayne D.; Ouderkirk, Steven J.; Hughes, Chad O.

2009-11-15

The Department of Defense Technical Support Working Group (DoD TSWG) investment in the Pacific Northwest National Laboratory (PNNL) Security Assessment Simulation Toolkit (SAST) research planted a technology seed that germinated into a suite of follow-on Research and Development (R&D) projects culminating in software that is used by multiple DoD organizations. The DoD TSWG technology transfer goal for SAST is already in progress. The Defense Information Systems Agency (DISA), the Defense-wide Information Assurance Program (DIAP), the Marine Corps, Office Of Naval Research (ONR) National Center For Advanced Secure Systems Research (NCASSR) and Office Of Secretary Of Defense International Exercise Program (OSDmore » NII) are currently investing to take SAST to the next level. PNNL currently distributes the software to over 6 government organizations and 30 DoD users. For the past five DoD wide Bulwark Defender exercises, the adoption of this new technology created an expanding role for SAST. In 2009, SAST was also used in the OSD NII International Exercise and is currently scheduled for use in 2010.« less

Leveraging Social Media to Engage the Public in Homeland Security

DTIC Science & Technology

2009-09-01

are so preoccupied that they have tunnel visions – you never really hear much from them. 10. The key is engaging the public before disaster...organized group). This is info coming from someone on their blackberry or pda. 87  New Zealand – focus is on citizen participation. Building a culture...dynamic information systems (temperature readings, blackberry or iphone network systems).  Need guidelines, a primer on how to use it effectively

Progress in Y-00 physical cipher for Giga bit/sec optical data communications (intensity modulation method)

NASA Astrophysics Data System (ADS)

Hirota, Osamu; Futami, Fumio

2014-10-01

To guarantee a security of Cloud Computing System is urgent problem. Although there are several threats in a security problem, the most serious problem is cyber attack against an optical fiber transmission among data centers. In such a network, an encryption scheme on Layer 1(physical layer) with an ultimately strong security, a small delay, and a very high speed should be employed, because a basic optical link is operated at 10 Gbit/sec/wavelength. We have developed a quantum noise randomied stream cipher so called Yuen- 2000 encryption scheme (Y-00) during a decade. This type of cipher is a completely new type random cipher in which ciphertext for a legitimate receiver and eavesdropper are different. This is a condition to break the Shannon limit in theory of cryptography. In addition, this scheme has a good balance on a security, a speed and a cost performance. To realize such an encryption, several modulation methods are candidates such as phase-modulation, intensity-modulation, quadrature amplitude modulation, and so on. Northwestern university group demonstrated a phase modulation system (α=η) in 2003. In 2005, we reported a demonstration of 1 Gbit/sec system based on intensity modulation scheme(ISK-Y00), and gave a design method for quadratic amplitude modulation (QAM-Y00) in 2005 and 2010. An intensity modulation scheme promises a real application to a secure fiber communication of current data centers. This paper presents a progress in quantum noise randomized stream cipher based on ISK-Y00, integrating our theoretical and experimental achievements in the past and recent 100 Gbit/sec(10Gbit/sec × 10 wavelengths) experiment.

Information Systems Security Management: A Review and a Classification of the ISO Standards

NASA Astrophysics Data System (ADS)

Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

Quality of Protection Evaluation of Security Mechanisms

PubMed Central

Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

2014-01-01

Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

Adult Attachment Styles Associated with Brain Activity in Response to Infant Faces in Nulliparous Women: An Event-Related Potentials Study.

PubMed

Ma, Yuanxiao; Ran, Guangming; Chen, Xu; Ma, Haijing; Hu, Na

2017-01-01

Adult attachment style is a key for understanding emotion regulation and feelings of security in human interactions as well as for the construction of the caregiving system. The caregiving system is a group of representations about affiliative behaviors, which is guided by the caregiver's sensitivity and empathy, and is mature in young adulthood. Appropriate perception and interpretation of infant emotions is a crucial component of the formation of a secure attachment relationship between infant and caregiver. As attachment styles influence the ways in which people perceive emotional information, we examined how different attachment styles associated with brain response to the perception of infant facial expressions in nulliparous females with secure, anxious, and avoidant attachment styles. The event-related potentials of 65 nulliparous females were assessed during a facial recognition task with joy, neutral, and crying infant faces. The results showed that anxiously attached females exhibited larger N170 amplitudes than those with avoidant attachment in response to all infant faces. Regarding the P300 component, securely attached females showed larger amplitudes to all infant faces in comparison with avoidantly attached females. Moreover, anxiously attached females exhibited greater amplitudes than avoidantly attached females to only crying infant faces. In conclusion, the current results provide evidence that attachment style differences are associated with brain responses to the perception of infant faces. Furthermore, these findings further separate the psychological mechanisms underlying the caregiving behavior of those with anxious and avoidant attachment from secure attachment.

75 FR 49943 - New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-16

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY: Transportation... INFORMATION CONTACT: Joanna Johnson, Office of Information Technology, TSA-11, Transportation Security...

Contextualizing Secure Information System Design: A Socio-Technical Approach

ERIC Educational Resources Information Center

Charif, Abdul Rahim

2017-01-01

Secure Information Systems (SIS) design paradigms have evolved in generations to adapt to IS security needs. However, modern IS are still vulnerable and are far from secure. The development of an underlying IS cannot be reduced to "technological fixes" neither is the design of SIS. Technical security cannot ensure IS security.…

Governing through time: preparing for future threats to health and security.

PubMed

Samimian-Darash, Limor

2011-09-01

During preparations for the Second Gulf War, Israel considered universal smallpox vaccination. In doing so, it faced a problem: how to legitimise carrying out a security action against an uncertain future danger (smallpox pandemic), when this action carried specific, known risks (vaccine complications). To solve this problem, the Israeli preparedness system created a new domain through which the security action could reach its goal with minimum risk: first responders (a group of medical personnel and security forces). First-responder vaccination represents a shift in the form of 'securing health' and in the governmental technology applied to this goal, in which past, present, and future occurrences are governed to enable the execution of a security action. Through this practice, risks are not located in the present or in the future but in a 'shared' temporal space and thus can be seen as existing simultaneously. Preparedness for emerging future biological events, then, involves more than questioning how the future is contingent on the present and how the present is contingent on the future's perception; it also recognises the need for a new time positioning that allows operating on both present and future risks simultaneously. Governing these risks, then, means governing through time. © 2011 The Author. Sociology of Health & Illness © 2011 Foundation for the Sociology of Health & Illness/Blackwell Publishing Ltd.

Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

PubMed Central

Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

2018-01-01

Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

Threat, security and attitude formation among the young

NASA Astrophysics Data System (ADS)

Radin, Furio

1985-12-01

The perception of threat to security on the part of young people reflects a central aspect of the societal phenomenon of attitude formation, whose primary function is, ideally, to meet the need for security. In all modern societies, however, the process of socialization — which by its very nature is educational in that it prepares individuals to function as members of society — operates on the principle of systematically frustrating this need by employing a system of reward and punishment based on competition. This system creates a fundamental insecurity and a corresponding attitude (de)formation in the individual, which is exploited by the state in order to consolidate the power of the dominant groups. Due to this fundamental insecurity, the individual is incapable of coping rationally with threat and seeks pseudo-security, e.g., in conformity. Threat — particularly global threat — is perceived as an external factor over which the individual has no control, i.e., it is perceived as falling exclusively within the province of those in power, whose control is further strengthened by this perception. Since the essential damage to the individual's attitude system has been done by the time he leaves school, this undesirable condition of modern societies can only be rectified by a socialization process in general — and an educational process in particular — which cultivates in the individual the development of critical judgment, free self-realization and the spirit of co-operation instead of competition.

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities.

PubMed

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min; Yoo, Sooyoung

2012-06-01

The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another.

Secure electronic commerce communication system based on CA

NASA Astrophysics Data System (ADS)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

Evaluation on Electronic Securities Settlements Systems by AHP Methods

NASA Astrophysics Data System (ADS)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

Methods of Organizational Information Security

NASA Astrophysics Data System (ADS)

Martins, José; Dos Santos, Henrique

The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

E PLURIBUS UNUM Homeland Security versus Homeland Defense Who Does What and to Whom

DTIC Science & Technology

2010-04-01

112 APPENDIX IV: SWOT ANALYSIS ............................................................................. 113 APPENDIX V...violent extremism taking root here in the United States. We don‘t have the luxury of focusing our efforts on one group ; we must protect the country from... group that engages in an activity referred to in subparagraph (A). 12 The National Security Act of 1947 created the National Security Council

Unholy Charity

DTIC Science & Technology

2011-05-05

groups emerge sporadic.ally. In patticular, the JMJB is widely perceived by the security and intelligent officials in Bangladesh to be the youth wing...organizations and protect others. According to National Security Intelligence sources, there are 20 to 33 Islamist ten·orist groups active in Bangladesh.29 Only...Additional Direction, National Security Intelligence , Bangladesh, broke down how the influx of charitable money is being used and misused in Bangladesh

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Patient informed governance of distributed research networks: results and discussion from six patient focus groups.

PubMed

Mamo, Laura A; Browe, Dennis K; Logan, Holly C; Kim, Katherine K

2013-01-01

Understanding how to govern emerging distributed research networks is essential to their success. Distributed research networks aggregate patient medical data from many institutions leaving data within the local provider security system. While much is known about patients' views on secondary medical research, little is known about their views on governance of research networks. We conducted six focus groups with patients from three medical centers across the U.S. to understand their perspectives on privacy, consent, and ethical concerns of sharing their data as part of research networks. Participants positively endorsed sharing their health data with these networks believing that doing so could advance healthcare knowledge. However, patients expressed several concerns regarding security and broader ethical issues such as commercialism, public benefit, and social responsibility. We suggest that network governance guidelines move beyond strict technical requirements and address wider socio-ethical concerns by fully including patients in governance processes.

Patient Informed Governance of Distributed Research Networks: Results and Discussion from Six Patient Focus Groups

PubMed Central

Mamo, Laura A.; Browe, Dennis K.; Logan, Holly C.; Kim, Katherine K.

2013-01-01

Understanding how to govern emerging distributed research networks is essential to their success. Distributed research networks aggregate patient medical data from many institutions leaving data within the local provider security system. While much is known about patients’ views on secondary medical research, little is known about their views on governance of research networks. We conducted six focus groups with patients from three medical centers across the U.S. to understand their perspectives on privacy, consent, and ethical concerns of sharing their data as part of research networks. Participants positively endorsed sharing their health data with these networks believing that doing so could advance healthcare knowledge. However, patients expressed several concerns regarding security and broader ethical issues such as commercialism, public benefit, and social responsibility. We suggest that network governance guidelines move beyond strict technical requirements and address wider socio-ethical concerns by fully including patients in governance processes. PMID:24551383

Design and implementation of a secure workflow system based on PKI/PMI

NASA Astrophysics Data System (ADS)

Yan, Kai; Jiang, Chao-hui

2013-03-01

As the traditional workflow system in privilege management has the following weaknesses: low privilege management efficiency, overburdened for administrator, lack of trust authority etc. A secure workflow model based on PKI/PMI is proposed after studying security requirements of the workflow systems in-depth. This model can achieve static and dynamic authorization after verifying user's ID through PKC and validating user's privilege information by using AC in workflow system. Practice shows that this system can meet the security requirements of WfMS. Moreover, it can not only improve system security, but also ensures integrity, confidentiality, availability and non-repudiation of the data in the system.

76 FR 25702 - National Maritime Security Advisory Committee; Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-05

... DEPARTMENT OF HOMELAND SECURITY Coast Guard [USCG-2011-0310] National Maritime Security Advisory... Maritime Security Advisory Committee (NMSAC) will meet by teleconference to discuss the results of the... Maritime Organization (IMO). Agenda (1) Results of Seafarer Access Working Group's review and...

Flattening the organization: implementing self-directed work groups.

PubMed

Brandon, G M

1996-01-01

In response to tremendous growth of managed care and threats to financial stability and job security, the Greater Baltimore Medical Center (GBMC) restructured itself into independent business units. The radiology department at GBMC resolved to reduce cost per unit-of-service, improve service, determine optimal staffing levels and reduce the number of layers of organization. It was decided to achieve those goals by implementing self-directed work groups. Staff buy-in was critical to success of the project. To begin, the staff was educated intensively about current trends in healthcare, managed care and potential changes in the job market. The radiology department was allowed to reduce the size of its staff through attrition and worked hard to focus staff concern on the impact each individual could have on the bottom line and the resultant effect on job security. Self-directed work groups were designed on a matrix that used small "service teams" in combinations to form larger "work groups." Actual work and daily activities occur at the service team level; information exchange and major decisions occue at the work group level. Seventeen months after beginning the project and 10 months after implementation, the organization has flattened, staff members have adjusted well to new roles, there have been no lay-offs, and the matrix system of small and large groups have proved particularly valuable.

ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

DOT National Transportation Integrated Search

2013-07-29

The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

Securing a Lock on Safety.

ERIC Educational Resources Information Center

Daneman, Kathy

1998-01-01

Describes the integration of security systems to provide enhanced security that is both effective and long lasting. Examines combining card-access systems with camera surveillance, and highly visible emergency phones and security officers. as one of many possible combinations. Some systems most capable of being integrated are listed. (GR)

The electronic security partnership of safety/security and information systems departments.

PubMed

Yow, J Art

2012-01-01

The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

DTIC Science & Technology

2007-09-01

the Systems Security Engineering Capability Maturity Model (SSE- CMM / ISO 21827) and its use in system software developments ...software development life cycle ( SDLC )? 6. In what ways should process improvement support security in the SDLC ? 1.2 10BPANEL RESOURCES For each... project management, and support practices through the use of the capability maturity models including the CMMI and the Systems Security

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

Petri net modeling of encrypted information flow in federated cloud

NASA Astrophysics Data System (ADS)

Khushk, Abdul Rauf; Li, Xiaozhong

2017-08-01

Solutions proposed and developed for the cost-effective cloud systems suffer from a combination of secure private clouds and less secure public clouds. Need to locate applications within different clouds poses a security risk to the information flow of the entire system. This study addresses this by assigning security levels of a given lattice to the entities of a federated cloud system. A dynamic flow sensitive security model featuring Bell-LaPadula procedures is explored that tracks and authenticates the secure information flow in federated clouds. Additionally, a Petri net model is considered as a case study to represent the proposed system and further validate the performance of the said system.

Systemizers Are Better Code-Breakers: Self-Reported Systemizing Predicts Code-Breaking Performance in Expert Hackers and Naïve Participants

PubMed Central

Harvey, India; Bolgan, Samuela; Mosca, Daniel; McLean, Colin; Rusconi, Elena

2016-01-01

Studies on hacking have typically focused on motivational aspects and general personality traits of the individuals who engage in hacking; little systematic research has been conducted on predispositions that may be associated not only with the choice to pursue a hacking career but also with performance in either naïve or expert populations. Here, we test the hypotheses that two traits that are typically enhanced in autism spectrum disorders—attention to detail and systemizing—may be positively related to both the choice of pursuing a career in information security and skilled performance in a prototypical hacking task (i.e., crypto-analysis or code-breaking). A group of naïve participants and of ethical hackers completed the Autism Spectrum Quotient, including an attention to detail scale, and the Systemizing Quotient (Baron-Cohen et al., 2001, 2003). They were also tested with behavioral tasks involving code-breaking and a control task involving security X-ray image interpretation. Hackers reported significantly higher systemizing and attention to detail than non-hackers. We found a positive relation between self-reported systemizing (but not attention to detail) and code-breaking skills in both hackers and non-hackers, whereas attention to detail (but not systemizing) was related with performance in the X-ray screening task in both groups, as previously reported with naïve participants (Rusconi et al., 2015). We discuss the theoretical and translational implications of our findings. PMID:27242491

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Information Systems, Security, and Privacy.

ERIC Educational Resources Information Center

Ware, Willis H.

1984-01-01

Computer security and computer privacy issues are discussed. Among the areas addressed are technical and human security threats, security and privacy issues for information in electronic mail systems, the need for a national commission to examine these issues, and security/privacy issues relevant to colleges and universities. (JN)

Wide Area Security Region Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Makarov, Yuri V.; Lu, Shuai; Guo, Xinxin

2010-03-31

This report develops innovative and efficient methodologies and practical procedures to determine the wide-area security region of a power system, which take into consideration all types of system constraints including thermal, voltage, voltage stability, transient and potentially oscillatory stability limits in the system. The approach expands the idea of transmission system nomograms to a multidimensional case, involving multiple system limits and parameters such as transmission path constraints, zonal generation or load, etc., considered concurrently. The security region boundary is represented using its piecewise approximation with the help of linear inequalities (so called hyperplanes) in a multi-dimensional space, consisting of systemmore » parameters that are critical for security analyses. The goal of this approximation is to find a minimum set of hyperplanes that describe the boundary with a given accuracy. Methodologies are also developed to use the security hyperplanes, pre-calculated offline, to determine system security margins in real-time system operations, to identify weak elements in the system, and to calculate key contributing factors and sensitivities to determine the best system controls in real time and to assist in developing remedial actions and transmission system enhancements offline . A prototype program that automates the simulation procedures used to build the set of security hyperplanes has also been developed. The program makes it convenient to update the set of security hyperplanes necessitated by changes in system configurations. A prototype operational tool that uses the security hyperplanes to assess security margins and to calculate optimal control directions in real time has been built to demonstrate the project success. Numerical simulations have been conducted using the full-size Western Electricity Coordinating Council (WECC) system model, and they clearly demonstrated the feasibility and the effectiveness of the developed technology. Recommendations for the future work have also been formulated.« less

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-23

... risk of harm to economic or property interests, identity theft or fraud, or harm to the security or... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2009-0041] Privacy Act of 1974; Department of Homeland Security/ALL--023 Personnel Security Management System of Records AGENCY...

Building Security. Honeywell Planning Guide.

ERIC Educational Resources Information Center

Honeywell, Inc., Minneapolis, Minn.

A general discussion of building detection and alarm systems to provide security against burglary and vandalism is provided by a manufacturer of automated monitoring and control systems. Security systems are identified as--(1) local alarm system, (2) central station alarm system, (3) proprietary alarm system, and (4) direct connect alarm system..…

Using SysML to model complex systems for security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cano, Lester Arturo

2010-08-01

As security systems integrate more Information Technology the design of these systems has tended to become more complex. Some of the most difficult issues in designing Complex Security Systems (CSS) are: Capturing Requirements: Defining Hardware Interfaces: Defining Software Interfaces: Integrating Technologies: Radio Systems: Voice Over IP Systems: Situational Awareness Systems.

Perimeter security alarm system based on fiber Bragg grating

NASA Astrophysics Data System (ADS)

Zhang, Cui; Wang, Lixin

2010-11-01

With the development of the society and economy and the improvement of living standards, people need more and more pressing security. Perimeter security alarm system is widely regarded as the first line of defense. A highly sensitive Fiber Bragg grating (FBG) vibration sensor based on the theory of the string vibration, combined with neural network adaptive dynamic programming algorithm for the perimeter security alarm system make the detection intelligently. Intelligent information processing unit identify the true cause of the vibration of the invasion or the natural environment by analyzing the frequency of vibration signals, energy, amplitude and duration. Compared with traditional perimeter security alarm systems, such as infrared perimeter security system and electric fence system, FBG perimeter security alarm system takes outdoor passive structures, free of electromagnetic interference, transmission distance through optical fiber can be as long as 20 km It is able to detect the location of event within short period of time (high-speed response, less than 3 second).This system can locate the fiber cable's breaking sites and alarm automatically if the cable were be cut. And the system can prevent effectively the false alarm from small animals, birds, strong wind, scattering things, snowfalls and vibration of sensor line itself. It can also be integrated into other security systems. This system can be widely used in variety fields such as military bases, nuclear sites, airports, warehouses, prisons, residence community etc. It will be a new force of perimeter security technology.

Pilot study of a program delivered within the regular service system in Germany: effect of a short-term attachment-based intervention on maternal sensitivity in mothers at risk for child abuse and neglect.

PubMed

Pillhofer, Melanie; Spangler, Gottfried; Bovenschen, Ina; Kuenster, Anne K; Gabler, Sandra; Fallon, Barbara; Fegert, Joerg M; Ziegenhain, Ute

2015-04-01

This pilot study examined the effectiveness of a short-term attachment-based intervention, the Ulm Model, in a German population at risk for child abuse and neglect. The intervention used home visits and video feedback to promote maternal sensitivity, and was implemented by trained staff within the health care and youth welfare systems. Mothers in the control group (n=33) received standard services only, while those in the intervention group (n=63) additionally the Ulm Model intervention. The outcomes measured were maternal sensitivity, as assessed by the CARE-Index at pre-intervention, after the last session, and at about 6 and 12 months of age; and infant socio-emotional development, as assessed by the ET6-6 development test at about 6 and 12 months of age. The moderating effects on treatment outcomes of two variables were examined: risk for child abuse (moderate vs. high) and type of maternal attachment representation (secure vs. insecure). Among participants at moderate risk for child abuse, no differences were found between the intervention group and control group in either maternal sensitivity or infant development. Among those considered high risk, mothers in the intervention group showed a significant increase in maternal sensitivity from pre- to post-intervention; however, no group differences were seen at follow-up. There were some indications that infants of mothers in the intervention group showed better emotional development. The variable of maternal attachment representation was not a significant moderator for the intervention effect, but post hoc analysis indicated that the mean sensitivity of secure mothers was significant higher at the 6-month follow-up. Copyright © 2014 Elsevier Ltd. All rights reserved.

Cheating in OSCEs: The Impact of Simulated Security Breaches on OSCE Performance.

PubMed

Gotzmann, Andrea; De Champlain, André; Homayra, Fahmida; Fotheringham, Alexa; de Vries, Ingrid; Forgie, Melissa; Pugh, Debra

2017-01-01

Construct: Valid score interpretation is important for constructs in performance assessments such as objective structured clinical examinations (OSCEs). An OSCE is a type of performance assessment in which a series of standardized patients interact with the student or candidate who is scored by either the standardized patient or a physician examiner. In high-stakes examinations, test security is an important issue. Students accessing unauthorized test materials can create an unfair advantage and lead to examination scores that do not reflect students' true ability level. The purpose of this study was to assess the impact of various simulated security breaches on OSCE scores. Seventy-six 3rd-year medical students participated in an 8-station OSCE and were randomized to either a control group or to 1 of 2 experimental conditions simulating test security breaches: station topic (i.e., providing a list of station topics prior to the examination) or egregious security breach (i.e., providing detailed content information prior to the examination). Overall total scores were compared for the 3 groups using both a one-way between-subjects analysis of variance and a repeated measure analysis of variance to compare the checklist, rating scales, and oral question subscores across the three conditions. Overall total scores were highest for the egregious security breach condition (81.8%), followed by the station topic condition (73.6%), and they were lowest for the control group (67.4%). This trend was also found with checklist subscores only (79.1%, 64.9%, and 60.3%, respectively for the security breach, station topic, and control conditions). Rating scale subscores were higher for both the station topic and egregious security breach conditions compared to the control group (82.6%, 83.1%, and 77.6%, respectively). Oral question subscores were significantly higher for the egregious security breach condition (88.8%) followed by the station topic condition (64.3%), and they were the lowest for the control group (48.6%). This simulation of different OSCE security breaches demonstrated that student performance is greatly advantaged by having prior access to test materials. This has important implications for medical educators as they develop policies and procedures regarding the safeguarding and reuse of test content.

Attachment, self-worth, and peer-group functioning in middle childhood.

PubMed

Booth-Laforce, Cathryn; Oh, Wonjung; Kim, Angel Hayoung; Rubin, Kenneth H; Rose-Krasnor, Linda; Burgess, Kim

2006-12-01

We evaluated links between peer-group functioning and indicators of attachment security in relation to both mother and father in middle childhood, among 73 10-year-olds (37 girls). Children's perceptions of security with both parents, coping styles with mother, and self-worth were assessed. Classmates, teachers, and mothers evaluated the participants' peer-related behavioral characteristics. Children's perceptions of security to both parents were related to others' appraisals of their social competence; perceptions of security to father were related to lower aggression. We did not find child gender effects, but children had higher security scores in relation to mother than to father. Self-worth perceptions mediated the relation between attachment and social competence.

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will...

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

Developing an Undergraduate Information Systems Security Track

ERIC Educational Resources Information Center

Sharma, Aditya; Murphy, Marianne C.; Rosso, Mark A.; Grant, Donna

2013-01-01

Information Systems Security as a specialized area of study has mostly been taught at the graduate level. This paper highlights the efforts of establishing an Information Systems (IS) Security track at the undergraduate level. As there were many unanswered questions and concerns regarding the Security curriculum, focus areas, the benefit of…

Designing a Retirement System for Federal Workers Covered by Social Security.

ERIC Educational Resources Information Center

Library of Congress, Washington, DC. Congressional Research Service.

A study examined principal cost and benefit issues to be resolved in designing a new retirement system for Federal workers covered by Social Security. The new Federal system would be built on the base of Social Security and would take into account the Social Security program's taxes and benefits. The current Civil Service Retirement System (CSRS)…

Encrypted Tracking System (ETS) Integration for Maryland Natural Resource Police (NRP) and the Maritime Tactical Operations Group (MTOG)

DTIC Science & Technology

2013-10-01

important economic and cultural asset for the approximately 15 million people who live in the Chesapeake Bay basin. It is also vital to the economic ... stability of the United States: terrorist attacks on any of these assets would destabilize the security and economy of the country. Protecting the

75 FR 76041 - Chrysler Group LLC Formerly Known as Chrysler LLC Kenosha Engine Plant Including On-Site Leased...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-07

... Formerly Known as Chrysler LLC Kenosha Engine Plant Including On-Site Leased Workers From Caravan Knight..., K+S Services, Inc., G4S Secure Solutions, Crassociates, Inc., CES, Inc., Evans Distribution Systems..., LLC, formerly known as Chrysler, LLC, Kenosha Engine Plant, Kenosha, Wisconsin (subject firm). The...

A Guard Dog Perspective on the Role of Media.

ERIC Educational Resources Information Center

Donohue, George A.; And Others

1995-01-01

Offers a "guard dog" metaphor for the functioning of the mass media, suggesting that media perform as a sentry for groups having sufficient power and influence to create and control their own security systems. Delineates this perspective from others, and suggests several hypotheses that may be derived for testing the utility of the guard dog…

76 FR 56244 - Dialpoint Communications Corp., Pacel Corp., Quantum Group, Inc. (The), and Tradequest...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Dialpoint Communications Corp., Pacel Corp., Quantum Group, Inc. (The), and Tradequest International, Inc.; Order of Suspension of Trading September 8... securities of Quantum Group, Inc. (The) because it has not filed any periodic reports since the period ended...

A Complex Systems Approach to More Resilient Multi-Layered Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Nathanael J. K.; Jones, Katherine A.; Bandlow, Alisa

In July 2012, protestors cut through security fences and gained access to the Y-12 National Security Complex. This was believed to be a highly reliable, multi-layered security system. This report documents the results of a Laboratory Directed Research and Development (LDRD) project that created a consistent, robust mathematical framework using complex systems analysis algorithms and techniques to better understand the emergent behavior, vulnerabilities and resiliency of multi-layered security systems subject to budget constraints and competing security priorities. Because there are several dimensions to security system performance and a range of attacks that might occur, the framework is multi-objective for amore » performance frontier to be estimated. This research explicitly uses probability of intruder interruption given detection (P I) as the primary resilience metric. We demonstrate the utility of this framework with both notional as well as real-world examples of Physical Protection Systems (PPSs) and validate using a well-established force-on-force simulation tool, Umbra.« less

The availability and affordability of long-term care for disabled older people in China: The issues related to inequalities in social security benefits.

PubMed

Lei, Peng; Feng, Zhixin; Wu, Zhuochun

2016-01-01

China is experiencing increasing pressure from issues relating to an ageing population. The rationality of different eligibility criteria of the benefits within the social security system has been widely challenged; however, to date, no previous study has explored its association with the availability and affordability of long-term care (LTC). This study evaluates the availability and affordability of Long-Term Care (LTC) services for disabled older people (aged 65 and above) in China, with special attention to the differences among groups in receipt of specific social security benefits. The data of availability and affordability of LTC services for disabled older people is from a nationally representative sample Chinese Longitudinal Healthy Longevity Survey (CLHLS). Three different social security benefits were identified and their effects on the long-term care services for disabled older people were explored. The overall proportions of disabled older people who have only limited or no available or affordable LTC services were remarkably high, especially for those who have moderate or no social security benefits. Compared to those who are entitled to generous social security benefits, older people who have no social security benefits are 18.45 times more likely to be unable to afford health care expenses. The findings imply that policy makers in China could focus on the LTC needs for the social security and socioeconomically disadvantaged (who have limited or no social security benefits and in low household income) disabled older people which could reduce the gap between them and those who are entitled to generous social security benefits. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Methodology development for quantitative optimization of security enhancement in medical information systems -Case study in a PACS and a multi-institutional radiotherapy database-.

PubMed

Haneda, Kiyofumi; Umeda, Tokuo; Koyama, Tadashi; Harauchi, Hajime; Inamura, Kiyonari

2002-01-01

The target of our study is to establish the methodology for analyzing level of security requirements, for searching suitable security measures and for optimizing security distribution to every portion of medical practice. Quantitative expression must be introduced to our study as possible for the purpose of easy follow up of security procedures and easy evaluation of security outcomes or results. Results of system analysis by fault tree analysis (FTA) clarified that subdivided system elements in detail contribute to much more accurate analysis. Such subdivided composition factors very much depended on behavior of staff, interactive terminal devices, kinds of service, and routes of network. As conclusion, we found the methods to analyze levels of security requirements for each medical information systems employing FTA, basic events for each composition factor and combination of basic events. Methods for searching suitable security measures were found. Namely risk factors for each basic event, number of elements for each composition factor and candidates of security measure elements were found. Method to optimize the security measures for each medical information system was proposed. Namely optimum distribution of risk factors in terms of basic events were figured out, and comparison of them between each medical information systems became possible.

Casemix in the Islamic Republic of Iran: current knowledge and attitudes of health care staff.

PubMed

Ghaffari, S; Doran, C M; Wilson, A

2008-01-01

Casemix is a tool that classifies patients according to their clinical similarity and the homogeneity of resources required. A descriptive study was conducted to assess the level of knowledge and attitude toward the casemix-based funding system among staff working in the Iranian Social Security Organization in Tehran. The survey showed that knowledge of casemix and diagnosis-related groups (DRG) was poor among the study group and any attempt to implement the casemix system--which about three-quarters of high-level staff had never heard of--would be likely to fail. This highlights the necessity for creating awareness of the casemix and DRG systems among the hospital staff before any action takes place.

Authentic leadership, group cohesion and group identification in security and emergency teams.

PubMed

García-Guiu López, Carlos; Molero Alonso, Fernando; Moya Morales, Miguel; Moriano León, Juan Antonio

2015-01-01

Authentic leadership (AL) is a kind of leadership that inspires and promotes positive psychological capacities, underlining the moral and ethical component of behavior. The proposed investigation studies the relations among AL, cohesion, and group identification in security and emergency teams. A cross-sectional research design was conducted in which participated 221 members from 26 fire departments and operative teams from the local police of three Spanish provinces. The following questionnaires were administered: Authentic Leadership (ALQ), Group Cohesion (GEQ), and Mael and Ashford's Group Identification Questionnaire. A direct and positive relation was found between AL, cohesion, and group identification. An indirect relation was also found between AL and group cohesion through group identification, indicating the existence of partial mediation. The utility of the proposed model based on AL is considered; this model can be employed by those in charge of the fire departments and operative groups in organizations to improve workteams' cohesion. Both AL and group identification help to explain group cohesion in organizations committed to security and emergencies.

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

PubMed Central

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

2012-01-01

Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks

PubMed Central

Castillo, Encarnación; López-Ramos, Juan A.; Morales, Diego P.

2018-01-01

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature. PMID:29337921

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks.

PubMed

Parrilla, Luis; Castillo, Encarnación; López-Ramos, Juan A; Álvarez-Bermejo, José A; García, Antonio; Morales, Diego P

2018-01-16

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature.

Analyzing the security of an existing computer system

NASA Technical Reports Server (NTRS)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

Food insecurity among Cambodian refugee women two decades post resettlement.

PubMed

Peterman, Jerusha Nelson; Wilde, Parke E; Silka, Linda; Bermudez, Odilia I; Rogers, Beatrice Lorge

2013-04-01

Resettled refugees have high rates of chronic disease, which may be partially due to persistent food insecurity. This study describes food experiences on arrival in the U.S. and current food security status and examines characteristics related to food insecurity in a well-established refugee community. Focus groups and a survey assessed food security status and personal characteristics of Cambodian women in Lowell, MA, USA. Multivariate logistic regression was used to examine relationships with food insecurity. Current rates of food insecurity are high. In multivariate models, food insecurity was positively associated with being depressed and being widowed, and negatively associated with higher income and acculturation. Early arrivers (1980s) had difficulty in the U.S. food system on arrival, while later arrivers (1990s-2000s) did not. Refugee agencies should consider strategically devoting resources to ensure successful early transition to the U.S. food environment and long-term food security of refugees.

Redefining Maritime Security Threats in the Eastern Indian Ocean Region.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Banerjee, Arjun

This occasional paper analyzes the general security issues and trends relating to maritime trafficking of radiological and nuclear material using small vessels, minor ports, and unchecked areas of coastline existing in the Eastern Indian Ocean Region today. By the Eastern Indian Ocean Region is meant the area starting from the tip of the Indian peninsula in the west to the Straits of Malacca in the east. It lays focus on the potential sources of nuclear or radiological material that may be trafficked here. It further undertakes a study of the terrorist groups active in the region as well as themore » multinational or national interdiction organizations that have been created to counter maritime threats. It also seeks to discern the various technologies for detecting materials of concern available in the area. Finally, it ascertains possible methods and technologies to improve the maritime security system in the region.« less

The relationship between human security, demand for arms and disarmament in the horn of Africa.

PubMed

Gebrewold, Kiflemariam

2002-01-01

The drive to find security through possession of weapons is linked to the history and culture of a social group. Amongst pastoralists in the Horn of Africa there is a failure of security through state systems such as police and the recent replacement of less-lethal traditional weapons by small arms and other light weapons. A warrior or vendetta culture with these arms leads to violent inter-clan clashes with many casualties, although traditional methods of weapons control still seem operational within clans. Understanding the drive to seek weapons is essential in finding ways to control their use. Improving the capacities of the police must come hand in hand with human rights training and an end to corruption. Further work is required on how traditional methods of arms control can be co-operatively linked with state controls.

Protecting the United States Against Terrorist Nuclear Attacks: A System of Systems Approach

DTIC Science & Technology

2001-10-25

for retribution that might be applied to nations may not be useful against other groups doesn’t mean that no useful measures can be found. Arrest and...more—have been applied in response to the 9/11/2001 attacks, and similar measures were taken in the wake of the Aum Shinrikyo attack, the World...and nuclear materials. More could be done bilaterally, including expanded cooperation on security measures, relevant economic development assistance4

Internship at Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dunham, Ryan Q.

2012-07-11

Los Alamos National Laboratory (LANL) is located in Los Alamos, New Mexico. It provides support for our country's nuclear weapon stockpile as well as many other scientific research projects. I am an Undergraduate Student Intern in the Systems Design and Analysis group within the Nuclear Nonproliferation division of the Global Security directorate at LANL. I have been tasked with data analysis and modeling of particles in a fluidized bed system for the capture of carbon dioxide from power plant flue gas.

Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

ERIC Educational Resources Information Center

Edwards, Gregory

2011-01-01

Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

10 CFR 95.49 - Security of automatic data processing (ADP) systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of...

48 CFR 3052.204-70 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 7 2014-10-01 2014-10-01 false Security requirements for... System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 3052.204-70 Security requirements...

48 CFR 3052.204-70 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 7 2013-10-01 2012-10-01 true Security requirements for... System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 3052.204-70 Security requirements...

Application of the Quality Functional Deployment Method in Mobility Aid Securement System Design

DOT National Transportation Integrated Search

1992-12-01

The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

Association between secure patient–clinician email and clinical services utilisation in a US integrated health system: a retrospective cohort study

PubMed Central

Meng, Di; Palen, Ted E; Tsai, Joanne; McLeod, Melanie; Garrido, Terhilda; Qian, Heather

2015-01-01

Objective To assess associations between secure patient–clinician email use and clinical services utilisation over time. Design Retrospective cohort study between July 2010 and December 2013. Controlling for a utilisation surge around first secure email use, we analysed difference of differences between propensity score-matched groups of secure patient–clinician email users and non-users for utilisation 1–12 months before and 7–18 months after first email (users) or a randomly assigned index date (non-users). Setting US integrated healthcare delivery system. Participants 9345 adults with first secure email use between July 2011 and July 2012 and continuous enrolment for ≥30 months and 9345 adults without secure email use between July 2010 and July 2012 matched to users on demographics, health status, and baseline utilisation. Primary Outcome Measures Rates of office visits, patient-initiated phone calls, scheduled telephone visits, after-hours clinic visits, emergency department visits, and hospitalisations. Results After controlling for multiple factors, no statistically significant differences in utilisation between secure email users and non-users occurred. Utilisation transiently increased by 88–237% around first email use. Annual rates of patient-initiated phone calls decreased among secure email users, 0.2 fewer calls per person (95% CI −0.3 to −0.1), from a mean of 4.1 calls per person 1–12 months before first use to a mean of 3.8 calls per person 7–18 months after first use. Rates of patient-initiated phone calls also decreased among non-users, 0.1 fewer calls per person (95% CI −0.2 to 0.0), from a mean of 4.2 calls per person 1–12 months before the index date to mean of 4.1 calls per person 7–18 months after the index date. Conclusions Compared with non-users, patient use of secure email with clinicians was not associated with statistically significant differences in clinical services utilisation 7–18 months after first use. PMID:26553841

5 CFR 9701.231 - Conversion of positions and employees to the DHS classification system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Transitional...

Technical solutions for mitigating security threats caused by health professionals in clinical settings.

PubMed

Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

2015-08-01

The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

77 FR 70792 - Privacy Act of 1974; Retirement of Department of Homeland Security Transportation Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-27

... from its inventory of record systems. TSA will rely upon DHS/ALL-017 General Legal Records (November 23, 2011, 76 FR 72428) to cover its legal activities. Eliminating the system of records notice DHS/TSA-009... Department of Homeland Security Transportation Security Administration System of Records AGENCY: Privacy...

78 FR 25282 - Privacy Act of 1974; Department of Homeland Security Federal Emergency Management Agency-008...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-30

... Assistance Files System of Records AGENCY: Privacy Office, Department of Homeland Security. ACTION: Notice of Privacy Act System of Records. SUMMARY: In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to update and reissue a current Department of Homeland Security system of...

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... data and automated systems shall be adequately trained in the security and privacy of personal data. (4... technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of manual and...

45 CFR 2508.10 - Who has the responsibility for maintaining adequate technical, physical, and security safeguards...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... the security and privacy of such records. (7) The disposal and destruction of records within a system... adequate technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 4 2014-01-01 2014-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

10 CFR 1008.22 - Use and collection of social security numbers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Use and collection of social security numbers. 1008.22... (PRIVACY ACT) Maintenance and Establishment of Systems of Records § 1008.22 Use and collection of social security numbers. (a) The System Manager of each system of records which utilizes social security numbers...

Security Techniques for Sensor Systems and the Internet of Things

ERIC Educational Resources Information Center

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

Computer applications for the hospital security department--buying or developing a shift log reporting system.

PubMed

Gruber, T

1996-01-01

The author presents guidelines to help a security department select a computer system to track security activities--whether it's a commercial software product, an in-house developed program, or a do-it-yourself designed system. Computerized security activity reporting, he believes, is effective and beneficial.

Network security system for health and medical information using smart IC card

NASA Astrophysics Data System (ADS)

Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

1998-07-01

A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

Secure vendor environment (SVE) for PACS

NASA Astrophysics Data System (ADS)

Honeyman-Buck, Janice; Frost, Meryll

2005-04-01

A Secure Vendor Environment (SVE) was created to protect radiology modalities from network intrusion, worms, viruses, and other forms of damaging attacks. Many vendors do not attempt any form of network security and if an institution demands a non-standard and secure installation, a future system upgrade could and frequently does eliminate any security measures installed during the initial installation. The SVE isolates the vendor equipment behind a virtual firewall on a private network that is invisible to the outside world. All interactions must go though a device containing two network interface cards called an Application Processor that acts as a store-and forward router, performs DICOM repair, proxies modality worklist, and isolates the vendor modalities. A small VPN appliance can open the device temporarily for remote access by vendor engineers. Prior to the routine installation of the SVE, vendor equipment was often attacked by hostile network intruders and viruses or worms, sometimes rendering the equipment unusable until the vendor could reload the system. The resulted in considerable clinical downtime and loss of revenue. Since the relatively low cost SVE solution has routinely been installed with all new equipment, no intrusions have occurred, although our network sniffers and intrusion detectors indicate that we are constantly being scanned for vulnerability. Purpose: To provide a secure network for vendor equipment in a PACS environment while allowing vendor access for upgrades and system repairs. Method: The network administrators at our university believe that network security should be implemented at the machine level rather than relying on a firewall. A firewall solution could conceivably block unwanted intrusion from outside the university network, but would still allow literally thousands of potential network users to get through to the PACS network. All the PACS archive, display and routing systems are individually protected from intrusion, but vendors of image producing modalities such as CT, MRI, and CR typically do not protect their equipment from network intrusion. Most vendors use the same user-ids and passwords for their service and administrative accounts which makes it easy for them to get to their systems for remote repairs and upgrades, but also makes it easy for hackers and other unwelcome intruders to gain access. We use a device with two network interface cards to isolate the vendor network from the main PACS / university / hospital network. This device is a store and forward PACS routing device, a DICOM repair device, a modality worklist proxy device, and a de-facto firewall. This device is named an Application Processor (AP). In addition, a small virtual private network (VPN) device is placed on the system that can be controlled only by the PACS administration. If a vendor engineer needs remote access to upgrade or service the equipment, a temporary connection is enabled for only the computer the engineer is using at the time, then is closed when he/she has completed their work. Results: The secure vendor environment (SVE) consists of a computer and a VPN appliance and costs approximately 2,000 USD to build. With software, the total system costs approximately 2800 - $3500. The SVE is typically deployed as part of every equipment installation. Since the SVE has been used, we have had no intrusion and no downtime due to hackers, viruses, worms, etc. This is now a part of every project plan for equipment that will become part of the PACS. New work: The SVE is a unique and new work by our group, developed as a solution totally within our group. Conclusions: Our results have convinced our administration that this small cost to protect vendor equipment is well worth the investment. Prior to developing this solution, there were numerous occasions where intruders invaded our equipment and rendered it unusable until the software could be reloaded, sometimes resulting in the loss of a day or more of clinical use.

Educating the security forces, a high risk group in malaria elimination efforts: an example from Sri Lanka.

PubMed

Fernando, Sumadhya Deepika; Rodrigo, Chaturaka; de Silva, Nipun; Semege, Saveen; Rajapakse, Senaka; Samaranayake, Nilakashi; Senenayake, Sanath; Premaratne, Risintha Gayan

2014-09-01

The security forces are a high risk group for malaria transmission in Sri Lanka. Interrupting transmission and maintaining surveillance in this group is an important component of elimination efforts. The objective of the study was to develop a prototype educational programme on malaria for security forces serving in endemic areas. An interactive seminar was designed to deliver the required knowledge. The content was on current status, transmission, signs and symptoms and the role of security personnel in identification and prevention of malaria. Each seminar was preceded by a pre-test and followed by a post test to assess the improvement of knowledge. Fifty seminars were held in eight districts over 2 months with 2301 security forces personnel participating. Pre seminar knowledge on malaria was significantly better in the medical corps, those who had completed secondary education and in the Army compared to other security forces (p<0.001). Participation in the seminar resulted in an improvement in all domains tested as shown by test scores in post seminar assessment (p<0.001). Conducting a formal educational programme is an effective strategy to improve awareness on malaria amongst security forces personnel who are a high risk group for re-introduction of malaria into the country. © The Author 2014. Published by Oxford University Press on behalf of Royal Society of Tropical Medicine and Hygiene. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

Securing General Aviation

DTIC Science & Technology

2009-03-03

ajor vulnerabilities still exist in ... general aviation security ,”3 the commission did not further elaborate on the nature of those vulnerabilities...commercial operations may make them an attractive alternative to terrorists seeking to identify and exploit vulnerabilities in aviation security . In this...3, 2003, p. A7. 2 See Report of the Aviation Security Advisory Committee Working Group on General Aviation Airport Security (October 1, 2003); and

Information security system quality assessment through the intelligent tools

NASA Astrophysics Data System (ADS)

Trapeznikov, E. V.

2018-04-01

The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

33 CFR 105.250 - Security systems and equipment maintenance.

Code of Federal Regulations, 2010 CFR

2010-07-01

... systems must be regularly tested in accordance with the manufacturers' recommendations; noted deficiencies... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security systems and equipment... systems and equipment maintenance. (a) Security systems and equipment must be in good working order and...

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

Evaluation of power system security and development of transmission pricing method

NASA Astrophysics Data System (ADS)

Kim, Hyungchul

The electric power utility industry is presently undergoing a change towards the deregulated environment. This has resulted in unbundling of generation, transmission and distribution services. The introduction of competition into unbundled electricity services may lead system operation closer to its security boundaries resulting in smaller operating safety margins. The competitive environment is expected to lead to lower price rates for customers and higher efficiency for power suppliers in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing. In power system security assessment, the following issues are discussed (1) The description of probabilistic methods for power system security assessment; (2) The computation time of simulation methods; (3) on-line security assessment for operation. A probabilistic method using Monte-Carlo simulation is proposed for power system security assessment. This method takes into account dynamic and static effects corresponding to contingencies. Two different Kohonen networks, Self-Organizing Maps and Learning Vector Quantization, are employed to speed up the probabilistic method. The combination of Kohonen networks and Monte-Carlo simulation can reduce computation time in comparison with straight Monte-Carlo simulation. A technique for security assessment employing Bayes classifier is also proposed. This method can be useful for system operators to make security decisions during on-line power system operation. This dissertation also suggests an approach for allocating transmission transaction costs based on reliability benefits in transmission services. The proposed method shows the transmission transaction cost of reliability benefits when transmission line capacities are considered. The ratio between allocation by transmission line capacity-use and allocation by reliability benefits is computed using the probability of system failure.

Using RFID to enhance security in off-site data storage.

PubMed

Lopez-Carmona, Miguel A; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system's benefits in terms of efficiency and failure prevention.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2011 CFR

2011-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

Development of an Independent Locking Securement System for Mobility Aids on Public Transportation Vehicles

DOT National Transportation Integrated Search

1992-12-01

The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

Implementation and evaluation of an efficient secure computation system using ‘R’ for healthcare statistics

PubMed Central

Chida, Koji; Morohashi, Gembu; Fuji, Hitoshi; Magata, Fumihiko; Fujimura, Akiko; Hamada, Koki; Ikarashi, Dai; Yamamoto, Ryuichi

2014-01-01

Background and objective While the secondary use of medical data has gained attention, its adoption has been constrained due to protection of patient privacy. Making medical data secure by de-identification can be problematic, especially when the data concerns rare diseases. We require rigorous security management measures. Materials and methods Using secure computation, an approach from cryptography, our system can compute various statistics over encrypted medical records without decrypting them. An issue of secure computation is that the amount of processing time required is immense. We implemented a system that securely computes healthcare statistics from the statistical computing software ‘R’ by effectively combining secret-sharing-based secure computation with original computation. Results Testing confirmed that our system could correctly complete computation of average and unbiased variance of approximately 50 000 records of dummy insurance claim data in a little over a second. Computation including conditional expressions and/or comparison of values, for example, t test and median, could also be correctly completed in several tens of seconds to a few minutes. Discussion If medical records are simply encrypted, the risk of leaks exists because decryption is usually required during statistical analysis. Our system possesses high-level security because medical records remain in encrypted state even during statistical analysis. Also, our system can securely compute some basic statistics with conditional expressions using ‘R’ that works interactively while secure computation protocols generally require a significant amount of processing time. Conclusions We propose a secure statistical analysis system using ‘R’ for medical data that effectively integrates secret-sharing-based secure computation and original computation. PMID:24763677

5 CFR 9701.101 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... establishment of a new human resources management system within the Department of Homeland Security (DHS), as...

78 FR 54634 - National Security Education Board; Notice of Federal Advisory Committee Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-05

... DEPARTMENT OF DEFENSE Office of the Secretary National Security Education Board; Notice of Federal... and National Security Education Office (DLNSEO), Office of the Secretary, DoD. ACTION: Meeting notice... committee working group meeting of the National Security Education Board will take place. DATES: Monday...

Women's Marginalization, Economic Flows, and Environmental Flows: A Classroom Approach.

ERIC Educational Resources Information Center

O'Lear, Shannon

1999-01-01

Discusses environmental security, focusing on the meaning of "security." Defines the global economy as a process in which the security of groups is sought, maintained, or threatened. Illustrates connections among environmental security, the global economy, and abuse of women and children in less economically developed places,…

Exploring Factors That Affect Adoption of Computer Security Practices among College Students

ERIC Educational Resources Information Center

Alqarni, Amani

2017-01-01

Cyber-attacks threaten the security of computer users' information, networks, machines, and privacy. Studies of computer security education, awareness, and training among ordinary computer users, college students, non-IT-oriented user groups, and non-technically trained citizens are limited. Most research has focused on computer security standards…

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

PubMed Central

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-01

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

Situated Usability Testing for Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.

2011-03-02

While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused onmore » matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.« less

Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

PubMed

Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

2016-01-06

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

Implementing a High-Assurance Smart-Card OS

NASA Astrophysics Data System (ADS)

Karger, Paul A.; Toll, David C.; Palmer, Elaine R.; McIntosh, Suzanne K.; Weber, Samuel; Edwards, Jonathan W.

Building a high-assurance, secure operating system for memory constrained systems, such as smart cards, introduces many challenges. The increasing power of smart cards has made their use feasible in applications such as electronic passports, military and public sector identification cards, and cell-phone based financial and entertainment applications. Such applications require a secure environment, which can only be provided with sufficient hardware and a secure operating system. We argue that smart cards pose additional security challenges when compared to traditional computer platforms. We discuss our design for a secure smart card operating system, named Caernarvon, and show that it addresses these challenges, which include secure application download, protection of cryptographic functions from malicious applications, resolution of covert channels, and assurance of both security and data integrity in the face of arbitrary power losses.

Finite-Time Performance of Local Search Algorithms: Theory and Application

DTIC Science & Technology

2010-06-10

security devices deployed at airport security checkpoints are used to detect prohibited items (e.g., guns, knives, explosives). Each security device...security devices are deployed, the practical issue of determining how to optimally use them can be difficult. For an airport security system design...checked baggage), explosive detection systems (designed to detect explosives in checked baggage), and detailed hand search by an airport security official

Information security requirements in patient-centred healthcare support systems.

PubMed

Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

2013-01-01

Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

77 FR 36031 - ROK Entertainment Group, Inc., RussOil Corp., Tricell, Inc., Tunex International, Inc. (n/k/a...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-15

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] ROK Entertainment Group, Inc., RussOil Corp., Tricell, Inc., Tunex International, Inc. (n/k/a Aone Dental International Group, Inc.), and Wireless Age... there is a lack of current and accurate information concerning the securities of Wireless Age...

78 FR 35087 - Parts and Accessories Necessary for Safe Operation; Exemption Renewal for the Flatbed Carrier...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-11

... intermodal container loaded with eyes crosswise, grouped in rows, in which the coils are loaded to contact... cargo securement regulations for the transportation of groups of metal coils with eyes crosswise, as... cargo securement regulations (then at 49 CFR 393.100(c)) for the transportation of groups of metal coils...

The Influence of Secure Emotional Expression on Team Effectiveness

ERIC Educational Resources Information Center

Bailey, Emily; Dewitt, Matt

2014-01-01

The present study examined the relationship between group effectiveness and secure emotional expression over the course of a 10 week period. The participants consisted of 12 college students who were enrolled in a senior seminar on teamwork. Participants worked in two groups of six and participated in a group meeting each week that consisted of a…

Cyber security with radio frequency interferences mitigation study for satellite systems

NASA Astrophysics Data System (ADS)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

PubMed

Ghanti, Shaila; Naik, G M

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

PubMed Central

Ghanti, Shaila

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

Merging leadership and innovation to secure a large health system.

PubMed

Bellino, Joseph V; Shaw, Sharon

2014-01-01

In this article the security system executive for a 13-hospital system spells out how partnering with capable and motivated vendors and gaining the cooperation of other departments enabled him to convert disparate security systems with equipment from multiple manufacturers into a cost-effective centralized system.

77 FR 60401 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-03

... computer password protection.'' * * * * * System manager(s) and address: Delete entry and replace with...; Systems of Records AGENCY: National Security Agency/Central Security Service, DoD. ACTION: Notice to amend a system of records. SUMMARY: The National Security Agency (NSA) is proposing to amend a system of...

Green Secure Processors: Towards Power-Efficient Secure Processor Design

NASA Astrophysics Data System (ADS)

Chhabra, Siddhartha; Solihin, Yan

With the increasing wealth of digital information stored on computer systems today, security issues have become increasingly important. In addition to attacks targeting the software stack of a system, hardware attacks have become equally likely. Researchers have proposed Secure Processor Architectures which utilize hardware mechanisms for memory encryption and integrity verification to protect the confidentiality and integrity of data and computation, even from sophisticated hardware attacks. While there have been many works addressing performance and other system level issues in secure processor design, power issues have largely been ignored. In this paper, we first analyze the sources of power (energy) increase in different secure processor architectures. We then present a power analysis of various secure processor architectures in terms of their increase in power consumption over a base system with no protection and then provide recommendations for designs that offer the best balance between performance and power without compromising security. We extend our study to the embedded domain as well. We also outline the design of a novel hybrid cryptographic engine that can be used to minimize the power consumption for a secure processor. We believe that if secure processors are to be adopted in future systems (general purpose or embedded), it is critically important that power issues are considered in addition to performance and other system level issues. To the best of our knowledge, this is the first work to examine the power implications of providing hardware mechanisms for security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, Hsien-Hsin S

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniquesmore » and system software for achieving a robust, secure, and reliable computing system toward our goal.« less

Security credentials management system (SCMS) design and analysis for the connected vehicle system : draft.

DOT National Transportation Integrated Search

2013-12-27

This report presents an analysis by Booz Allen Hamilton (Booz Allen) of the technical design for the Security Credentials Management System (SCMS) intended to support communications security for the connected vehicle system. The SCMS technical design...

Security warning system monitors up to fifteen remote areas simultaneously

NASA Technical Reports Server (NTRS)

Fusco, R. C.

1966-01-01

Security warning system consisting of 15 television cameras is capable of monitoring several remote or unoccupied areas simultaneously. The system uses a commutator and decommutator, allowing time-multiplexed video transmission. This security system could be used in industrial and retail establishments.

5 CFR 9701.373 - Conversion of employees to the DHS pay system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... system. 9701.373 Section 9701.373 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Transitional Provisions...

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

Food security and the nutritional status of children in foster care: new horizons in the protection of a fragile population.

PubMed

Ferrara, Pietro; Scancarello, Marta; Khazrai, Yeganeh M; Romani, Lorenza; Cutrona, Costanza; DE Gara, Laura; Bona, Gianni

2016-10-12

The nutritional status of foster children, the quality of daily menus in group homes and the Food Security inside these organizations have been poorly studied and this study means to investigate them. A sample of 125 children, ranging in age from 0-17 years, among seven group homes (group A) was compared with 121 children of the general population we (group B). To evaluate nutritional status, BMI percentiles were used. Mean percentiles of both groups were compared through statistical analysis. Both nutritional and caloric daily distributions in each organization were obtained using the 24-hour recall method. A specific questionnaire was administered to evaluate Food Security. From the analysis of mean BMI-for-age (or height-for-length) percentiles, did not observe statistically significant differences between group A and group B. The average daily nutrient and calorie distribution in group homes proves to be nearly optimal with the exception of a slight excess in proteins and a slight deficiency in PUFAs. Moreover, a low intake of iron and calcium was revealed. All organizations obtained a "High Food Security" profile. Nutritional conditions of foster children are no worse than that of children of the general population. Foster care provides the necessary conditions to support their growth.

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Assessment on security system of radioactive sources used in hospitals of Thailand

NASA Astrophysics Data System (ADS)

Jitbanjong, Petchara; Wongsawaeng, Doonyapong

2016-01-01

Unsecured radioactive sources have caused deaths and serious injuries in many parts of the world. In Thailand, there are 17 hospitals that use teletherapy with cobalt-60 radioactive sources. They need to be secured in order to prevent unauthorized removal, sabotage and terrorists from using such materials in a radiological weapon. The security system of radioactive sources in Thailand is regulated by the Office of Atoms for Peace in compliance with Global Threat Reduction Initiative (GTRI), U.S. DOE, which has started to be implemented since 2010. This study aims to perform an assessment on the security system of radioactive sources used in hospitals in Thailand and the results can be used as a recommended baseline data for development or improvement of hospitals on the security system of a radioactive source at a national regulatory level and policy level. Results from questionnaires reveal that in 11 out of 17 hospitals (64.70%), there were a few differences in conditions of hospitals using radioactive sources with installation of the security system and those without installation of the security system. Also, personals working with radioactive sources did not clearly understand the nuclear security law. Thus, government organizations should be encouraged to arrange trainings on nuclear security to increase the level of understanding. In the future, it is recommended that the responsible government organization issues a minimum requirement of nuclear security for every medical facility using radioactive sources.

Critical Infrastructure Protection II, The International Federation for Information Processing, Volume 290.

NASA Astrophysics Data System (ADS)

Papa, Mauricio; Shenoi, Sujeet

The information infrastructure -- comprising computers, embedded devices, networks and software systems -- is vital to day-to-day operations in every sector: information and telecommunications, banking and finance, energy, chemicals and hazardous materials, agriculture, food, water, public health, emergency services, transportation, postal and shipping, government and defense. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: - Themes and Issues - Infrastructure Security - Control Systems Security - Security Strategies - Infrastructure Interdependencies - Infrastructure Modeling and Simulation This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008.

Water security evaluation in Yellow River basin

NASA Astrophysics Data System (ADS)

Jiang, Guiqin; He, Liyuan; Jing, Juan

2018-03-01

Water security is an important basis for making water security protection strategy, which concerns regional economic and social sustainable development. In this paper, watershed water security evaluation index system including 3 levels of 5 criterion layers (water resources security, water ecological security and water environment security, water disasters prevention and control security and social economic security) and 24 indicators were constructed. The entropy weight method was used to determine the weights of the indexes in the system. The water security index of 2000, 2005, 2010 and 2015 in Yellow River basin were calculated by linear weighting method based on the relative data. Results show that the water security conditions continue to improve in Yellow River basin but still in a basic security state. There is still a long way to enhance the water security in Yellow River basin, especially the water prevention and control security, the water ecological security and water environment security need to be promoted vigorously.

New Results on Unconditionally Secure Multi-receiver Manual Authentication

NASA Astrophysics Data System (ADS)

Wang, Shuhong; Safavi-Naini, Reihaneh

Manual authentication is a recently proposed model of communication motivated by the settings where the only trusted infrastructure is a low bandwidth authenticated channel, possibly realized by the aid of a human, that connects the sender and the receiver who are otherwise connected through an insecure channel and do not have any shared key or public key infrastructure. A good example of such scenarios is pairing of devices in Bluetooth. Manual authentication systems are studied in computational and information theoretic security model and protocols with provable security have been proposed. In this paper we extend the results in information theoretic model in two directions. Firstly, we extend a single receiver scenario to multireceiver case where the sender wants to authenticate the same message to a group of receivers. We show new attacks (compared to single receiver case) that can launched in this model and demonstrate that the single receiver lower bound 2log(1/ɛ) + O(1) on the bandwidth of manual channel stays valid in the multireceiver scenario. We further propose a protocol that achieves this bound and provides security, in the sense that we define, if up to c receivers are corrupted. The second direction is the study of non-interactive protocols in unconditionally secure model. We prove that unlike computational security framework, without interaction a secure authentication protocol requires the bandwidth of the manual channel to be at least the same as the message size, hence non-trivial protocols do not exist.

The Digital Divide and Patient Portals: Internet Access Explained Differences in Patient Portal Use for Secure Messaging by Age, Race, and Income.

PubMed

Graetz, Ilana; Gordon, Nancy; Fung, Vick; Hamity, Courtnee; Reed, Mary E

2016-08-01

Online access to health records and the ability to exchange secure messages with physicians can improve patient engagement and outcomes; however, the digital divide could limit access to web-based portals among disadvantaged groups. To understand whether sociodemographic differences in patient portal use for secure messaging can be explained by differences in internet access and care preferences. Cross-sectional survey to examine the association between patient sociodemographic characteristics and internet access and care preferences; then, the association between sociodemographic characteristics and secure message use with and without adjusting for internet access and care preference. One thousand forty-one patients with chronic conditions in a large integrated health care delivery system (76% response rate). Internet access, portal use for secure messaging, preference for in-person or online care, and sociodemographic and health characteristics. Internet access and preference mediated some of the differences in secure message use by age, race, and income. For example, using own computer to access the internet explained 52% of the association between race and secure message use and 60% of the association between income and use (Sobel-Goodman mediation test, P<0.001 for both). Education and sex-related differences in portal use remained statistically significant when controlling for internet access and preference. As the availability and use of patient portals increase, it is important to understand which patients have limited access and the barriers they may face. Improving internet access and making portals available across multiple platforms, including mobile, may reduce some disparities in secure message use.

31 CFR 357.22 - Transfers.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy...-entry system, and TreasuryDirect ®. A security may also be transferred between accounts in Legacy... system. A transfer of a security from Legacy Treasury Direct to the commercial book-entry system is...

32 CFR 637.20 - Security surveillance systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 4 2010-07-01 2010-07-01 true Security surveillance systems. 637.20 Section 637... ENFORCEMENT AND CRIMINAL INVESTIGATIONS MILITARY POLICE INVESTIGATION Investigations § 637.20 Security surveillance systems. Closed circuit video recording systems, to include those with an audio capability, may be...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 4 2014-10-01 2014-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 4 2013-10-01 2013-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 4 2012-10-01 2012-10-01 false Security of warning system apparatus. 234.211 Section 234.211 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL RAILROAD....211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall...

Adult Attachment Styles Associated with Brain Activity in Response to Infant Faces in Nulliparous Women: An Event-Related Potentials Study

PubMed Central

Ma, Yuanxiao; Ran, Guangming; Chen, Xu; Ma, Haijing; Hu, Na

2017-01-01

Adult attachment style is a key for understanding emotion regulation and feelings of security in human interactions as well as for the construction of the caregiving system. The caregiving system is a group of representations about affiliative behaviors, which is guided by the caregiver’s sensitivity and empathy, and is mature in young adulthood. Appropriate perception and interpretation of infant emotions is a crucial component of the formation of a secure attachment relationship between infant and caregiver. As attachment styles influence the ways in which people perceive emotional information, we examined how different attachment styles associated with brain response to the perception of infant facial expressions in nulliparous females with secure, anxious, and avoidant attachment styles. The event-related potentials of 65 nulliparous females were assessed during a facial recognition task with joy, neutral, and crying infant faces. The results showed that anxiously attached females exhibited larger N170 amplitudes than those with avoidant attachment in response to all infant faces. Regarding the P300 component, securely attached females showed larger amplitudes to all infant faces in comparison with avoidantly attached females. Moreover, anxiously attached females exhibited greater amplitudes than avoidantly attached females to only crying infant faces. In conclusion, the current results provide evidence that attachment style differences are associated with brain responses to the perception of infant faces. Furthermore, these findings further separate the psychological mechanisms underlying the caregiving behavior of those with anxious and avoidant attachment from secure attachment. PMID:28484415

Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone

NASA Astrophysics Data System (ADS)

Sihombing, P.; Siregar, Y. M.; Tarigan, J. T.; Jaya, I.; Turnip, A.

2018-03-01

Security system is one of the common problems to protect an environment such as personal house or a warehouse. There are numerous methods and technologies that can be used as part of a security system. In this paper, we present a security system that offers a better efficiency. The purpose of this study is to build a system that can monitor home security at any time in particular fire and theft. Through sensors, the system will be able to provide warning information of hazard conditions via LCD monitor, sound, and alarm. This information will be sent automatically to the home owner’s smartphone as well as to the corresponding to the security agency. Thus the prevention of theft and fire hazards can be immediately anticipated by the police and firefighters. The system will also notify the position of the coordinates of the location of the building (the house) by a link to the Google map in order to make it easier to get the location quickly.

System and method for key generation in security tokens

DOE Office of Scientific and Technical Information (OSTI.GOV)

Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

20 CFR 404.1903 - Negotiating totalization agreements.

Code of Federal Regulations, 2010 CFR

2010-04-01

... security system of general application in effect. The system shall be considered to be in effect if it is collecting social security taxes or paying social security benefits. ... Section 404.1903 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE, SURVIVORS AND...

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry

ERIC Educational Resources Information Center

Willey, Lorrie; White, Barbara Jo

2013-01-01

Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for…

75 FR 28319 - Thirteenth Meeting: EUROCAE WG-72: RTCA Special Committee 216: Aeronautical Systems Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-20

... for collaboration or joint work. ED204-SG4: Review the SOW of both groups, determine if full or partly... the expectations of the audience well understood? How will the work progress, fully joint, partly... Publication (separate in ED210 or integrated). 11:00 to 11:15: Break. 11:15 to 11:30: Discuss collaboration...

75 FR 16901 - Thirteenth Meeting: EUROCAE WG-72: RTCA Special Committee 216: Aeronautical Systems Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-02

... basis for collaboration or joint work. ED204-SG4: Review the SOW of both groups, determine if full or... the expectations of the audience well understood? How will the work progress, fully joint, partly... Publication (separate in ED210 or integrated). 11:00 to 11:15: Break. 11:15 to 11:30: Discuss collaboration...

A form of relapse prevention for men in a high security hospital.

PubMed

Newton, Liam; Coles, Dawn; Quayle, Marie

2005-01-01

Marlatt and Gordon's relapse prevention model has evolved, and been applied to many repetitive problem behaviours, including drug use, gambling and sexual offending. High security hospital patients often present with a number of such behaviours. To evaluate a relapse prevention group in one high security hospital. Nine patients were selected on clinical need for the group. In a naturalistic study design, each completed several self-report questionnaires pre- and post-group. Analysis of group results demonstrated a significant increase in guilt and acceptance of responsibility for offences (GBAI ratings), and reduced endorsement of pro-offending thinking styles (PICTS). Movement towards increased empathy, and decreased impulsivity and venturesomeness, did not reach significance. All participants showed some changes in desired directions but effects were small. Both relapse prevention and its evaluation are limited in high security hospitals by the restricted opportunities for testing out new skills. The feasibility of delivering an RP programme and evaluating it in high security has nevertheless been established. The small effects found may be promising, and suggest both justification and need for a randomized controlled trial of this approach in that setting. Copyright (c) 2005 John Wiley & Sons, Ltd.

Aviation security : vulnerabilities still exist in the aviation security system

DOT National Transportation Integrated Search

2000-04-06

The testimony today discusses the Federal Aviation Administration's (FAA) efforts to implement and improve security in two key areas: air traffic control computer systems and airport passenger screening checkpoints. Computer systems-and the informati...

76 FR 18445 - Financial Market Utilities

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-04

... IOSCO jointly issued a set of minimum standards for securities settlement systems (the ``Recommendations for Securities Settlement Systems''). In 2004, the CPSS and IOSCO jointly published recommendations...,'' and collectively with the Recommendations for Securities Settlement Systems, the ``CPSS-IOSCO...

Enhanced Images for Checked and Carry-on Baggage and Cargo Screening

NASA Technical Reports Server (NTRS)

Woodell, Glenn; Rahman, Zia-ur; Jobson, Daniel J.; Hines, Glenn

2004-01-01

The current X-ray systems used by airport security personnel for the detection of contraband, and objects such as knives and guns that can impact the security of a flight, have limited effect because of the limited display quality of the X-ray images. Since the displayed images do not possess optimal contrast and sharpness, it is possible for the security personnel to miss potentially hazardous objects. This problem is also common to other disciplines such as medical Xrays, and can be mitigated, to a large extent, by the use of state-of-the-art image processing techniques to enhance the contrast and sharpness of the displayed image. The NASA Langley Research Center's Visual Information Processing Group has developed an image enhancement technology that has direct applications to this problem of inadequate display quality. Airport security X-ray imaging systems would benefit considerably by using this novel technology, making the task of the personnel who have to interpret the X-ray images considerably easier, faster, and more reliable. This improvement would translate into more accurate screening as well as minimizing the screening time delays to airline passengers. This technology, Retinex, has been optimized for consumer applications but has been applied to medical X-rays on a very preliminary basis. The resultant technology could be incorporated into a new breed of commercial x-ray imaging systems which would be transparent to the screener yet allow them to see subtle detail much more easily, reducing the amount of time needed for screening while greatly increasing the effectiveness of contraband detection and thus public safety.

Enhanced Images for Checked and Carry-on Baggage and Cargo Screening

NASA Technical Reports Server (NTRS)

Woodell, Glen; Rahman, Zia-ur; Jobson, Daniel J.; Hines, Glenn

2004-01-01

The current X-ray systems used by airport security personnel for the detection of contraband, and objects such as knives and guns that can impact the security of a flight, have limited effect because of the limited display quality of the X-ray images. Since the displayed images do not possess optimal contrast and sharpness, it is possible for the security personnel to miss potentially hazardous objects. This problem is also common to other disciplines such as medical X-rays, and can be mitigated, to a large extent, by the use of state-of-the-art image processing techniques to enhance the contrast and sharpness of the displayed image. The NASA Langley Research Centers Visual Information Processing Group has developed an image enhancement technology that has direct applications to this problem of inadequate display quality. Airport security X-ray imaging systems would benefit considerably by using this novel technology, making the task of the personnel who have to interpret the X-ray images considerably easier, faster, and more reliable. This improvement would translate into more accurate screening as well as minimizing the screening time delays to airline passengers. This technology, Retinex, has been optimized for consumer applications but has been applied to medical X-rays on a very preliminary basis. The resultant technology could be incorporated into a new breed of commercial x-ray imaging systems which would be transparent to the screener yet allow them to see subtle detail much more easily, reducing the amount of time needed for screening while greatly increasing the effectiveness of contraband detection and thus public safety.

NSI security task: Overview

NASA Technical Reports Server (NTRS)

Tencati, Ron

1991-01-01

An overview is presented of the NASA Science Internet (NSI) security task. The task includes the following: policies and security documentation; risk analysis and management; computer emergency response team; incident handling; toolkit development; user consulting; and working groups, conferences, and committees.

76 FR 28795 - Privacy Act of 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-18

... 1974; Department of Homeland Security United States Coast Guard-024 Auxiliary Database System of... Security/United States Coast Guard-024 Auxiliary Database (AUXDATA) System of Records.'' This system of... titled, ``DHS/USCG-024 Auxiliary Database (AUXDATA) System of Records.'' The AUXDATA system is the USCG's...

12 CFR 615.5560 - Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... OPERATIONS Farm Credit System Financial Assistance Corporation Securities § 615.5560 Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities. (a) The Farm Credit System Financial... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Book-entry Procedure for Farm Credit System...

75 FR 28253 - Privacy Act of 1974; Notice of new System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-20

... certified by the National Computer Security Association. RETENTION AND DISPOSAL: System records are retained... Agency suspects or has confirmed that the security or confidentiality of information in the system of... security or integrity of this system or other systems or programs (whether maintained by GSA or another...

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

Mother-Child Attachment From Infancy to the Preschool Years: Predicting Security and Stability.

PubMed

Meins, Elizabeth; Bureau, Jean-François; Fernyhough, Charles

2018-05-01

Relations between maternal mind-mindedness (appropriate and nonattuned mind-related comments), children's age-2 perspective-taking abilities, and attachment security at 44 (n = 165) and 51 (n = 128) months were investigated. Nonattuned comments predicted insecure preschool attachment, via insecure 15-month attachment security (44-month attachment) and poorer age-2 perspective-taking abilities (51-month attachment). With regard to attachment stability, higher perspective-taking abilities distinguished the stable secure groups from (a) the stable insecure groups and (b) children who changed from secure to insecure (at trend level). These effects were independent of child gender, stressful life events, and socioeconomic status (SES). The contribution of these findings to our understanding of stability and change in attachment security from infancy to the preschool years is discussed. © 2017 The Authors. Child Development © 2017 Society for Research in Child Development, Inc.

2017 Joint Annual NDIA/AIA Industrial Security Committee Fall Conference

DTIC Science & Technology

2017-11-15

beyond credit data to offer the insights that government professionals need to make informed decisions and ensure citizen safety, manage compliance...business that provides information technology and professional services. We specialize in managing business processes and systems integration for both... Information Security System ISFD Industrial Security Facilities Database OBMS ODAA Business Management System STEPP Security, Training, Education and

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...

24 CFR 350.11 - Notice of Attachment for Ginnie Mae Securities in Book-entry System.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities in Book-entry System. 350.11 Section 350.11 Housing and Urban Development Regulations Relating to... AND URBAN DEVELOPMENT BOOK-ENTRY PROCEDURES § 350.11 Notice of Attachment for Ginnie Mae Securities in Book-entry System. The interest of a debtor in a Security Entitlement may be reached by a creditor only...