Wireless device monitoring methods, wireless device monitoring systems, and articles of manufacture

DOEpatents

McCown, Steven H [Rigby, ID; Derr, Kurt W [Idaho Falls, ID; Rohde, Kenneth W [Idaho Falls, ID

2012-05-08

Wireless device monitoring methods, wireless device monitoring systems, and articles of manufacture are described. According to one embodiment, a wireless device monitoring method includes accessing device configuration information of a wireless device present at a secure area, wherein the device configuration information comprises information regarding a configuration of the wireless device, accessing stored information corresponding to the wireless device, wherein the stored information comprises information regarding the configuration of the wireless device, comparing the device configuration information with the stored information, and indicating the wireless device as one of authorized and unauthorized for presence at the secure area using the comparing.

76 FR 79536 - Security Zones; Captain of the Port Lake Michigan; Technical Amendment

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-22

... ACTION: Final rule. SUMMARY: The Coast Guard is revising the contact information for Security Zones in... Federal holidays. FOR FURTHER INFORMATION CONTACT: If you have questions on this rule, contact or email... exist in 33 CFR 165.910. Persons desiring to transit the areas of these security zones must contact the...

Developing a Security Metrics Scorecard for Healthcare Organizations.

PubMed

Elrefaey, Heba; Borycki, Elizabeth; Kushniruk, Andrea

2015-01-01

In healthcare, information security is a key aspect of protecting a patient's privacy and ensuring systems availability to support patient care. Security managers need to measure the performance of security systems and this can be achieved by using evidence-based metrics. In this paper, we describe the development of an evidence-based security metrics scorecard specific to healthcare organizations. Study participants were asked to comment on the usability and usefulness of a prototype of a security metrics scorecard that was developed based on current research in the area of general security metrics. Study findings revealed that scorecards need to be customized for the healthcare setting in order for the security information to be useful and usable in healthcare organizations. The study findings resulted in the development of a security metrics scorecard that matches the healthcare security experts' information requirements.

14 CFR 1203.300 - General.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true General. 1203.300 Section 1203.300 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM... information and material requiring protection in the interest of national security lie in the areas of applied...

14 CFR 1203.300 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false General. 1203.300 Section 1203.300 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM... information and material requiring protection in the interest of national security lie in the areas of applied...

Is Your Security Budget Used Effectively?

ERIC Educational Resources Information Center

Kaufer, Steve

1997-01-01

Presents survey information showing where school districts have invested their security budgets. Included are the rankings of the various threats school districts see as requiring security action and the areas most often covered by closed circuit television systems are pointed. (GR)

Ownership, Privacy, Confidentiality, and Security Data.

ERIC Educational Resources Information Center

Staman, E. Michael

1986-01-01

One of the areas most often neglected by those responsible for information systems in colleges and universities relates to ownership, privacy, confidentiality, and security of data. Background information and definitions are provided, and a suggested environment is described. Model recommendations for institutional policy are offered. (MLW)

The European cooperative approach to securing critical information infrastructure.

PubMed

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo

2006-01-01

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglectedmore » or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .« less

Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

PubMed

Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

2013-06-01

Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

Evaluation on Electronic Securities Settlements Systems by AHP Methods

NASA Astrophysics Data System (ADS)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

14 CFR 1203a.102 - Establishment, maintenance, and revocation of security areas.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Establishment, maintenance, and revocation of security areas. 1203a.102 Section 1203a.102 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE... persons either to: (i) Obtain knowledge of classified information, (ii) Damage or remove property, or to...

14 CFR 1203a.102 - Establishment, maintenance, and revocation of security areas.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Establishment, maintenance, and revocation of security areas. 1203a.102 Section 1203a.102 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE... persons either to: (i) Obtain knowledge of classified information, (ii) Damage or remove property, or to...

An updated look at document security: from initiation to storage or shredder.

PubMed

McConnell, Charles R

2014-01-01

In these days of close attention to security of information handled electronically, there is often a tendency to overlook the security of hard-copy documents. Document security can involve many areas of business, but the health care department manager's concerns are primarily for patient records and employee documentation. Document security is closely related to growing concerns for individual privacy; guidelines are furnished for protecting employee privacy by separating retention practices for business information from personal information. Sensitive documentation requires rules and procedures for processing, retaining, accessing, storing, and eventually destroying. Also, documents that are missing or incomplete at times present unique problems for the organization. The department manager is provided with some simple rules for safeguarding employee and patient documentation.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Security Controls Hurt Research, NAS Warns.

ERIC Educational Resources Information Center

Kolata, Gina

1982-01-01

A National Academy of Sciences (NAS) report found no evidence that leaks of technical information from universities or other research centers have damaged national security. However, in areas where control is warranted, decisions should be based on criteria. These criteria and issues related to security control and technological transfer are…

Coordinating UAV information for executing national security-oriented collaboration

NASA Astrophysics Data System (ADS)

Isenor, Anthony W.; Allard, Yannick; Lapinski, Anna-Liesa S.; Demers, Hugues; Radulescu, Dan

2014-10-01

Unmanned Aerial Vehicles (UAVs) are being used by numerous nations for defence-related missions. In some cases, the UAV is considered a cost-effective means to acquire data such as imagery over a location or object. Considering Canada's geographic expanse, UAVs are also being suggested as a potential platform for use in surveillance of remote areas, such as northern Canada. However, such activities are typically associated with security as opposed to defence. The use of a defence platform for security activities introduces the issue of information exchange between the defence and security communities and their software applications. This paper explores the flow of information from the system used by the UAVs employed by the Royal Canadian Navy. Multiple computers are setup, each with the information system used by the UAVs, including appropriate communication between the systems. Simulated data that may be expected from a typical maritime UAV mission is then fed into the information system. The information structures common to the Canadian security community are then used to store and transfer the simulated data. The resulting data flow from the defence-oriented UAV system to the security-oriented information structure is then displayed using an open source geospatial application. Use of the information structures and applications relevant to the security community avoids the distribution restrictions often associated with defence-specific applications.

Survey of Cyber Crime in Big Data

NASA Astrophysics Data System (ADS)

Rajeswari, C.; Soni, Krishna; Tandon, Rajat

2017-11-01

Big data is like performing computation operations and database operations for large amounts of data, automatically from the data possessor’s business. Since a critical strategic offer of big data access to information from numerous and various areas, security and protection will assume an imperative part in big data research and innovation. The limits of standard IT security practices are notable, with the goal that they can utilize programming sending to utilize programming designers to incorporate pernicious programming in a genuine and developing risk in applications and working frameworks, which are troublesome. The impact gets speedier than big data. In this way, one central issue is that security and protection innovation are sufficient to share controlled affirmation for countless direct get to. For powerful utilization of extensive information, it should be approved to get to the information of that space or whatever other area from a space. For a long time, dependable framework improvement has arranged a rich arrangement of demonstrated ideas of demonstrated security to bargain to a great extent with the decided adversaries, however this procedure has been to a great extent underestimated as “needless excess” and sellers In this discourse, essential talks will be examined for substantial information to exploit this develop security and protection innovation, while the rest of the exploration difficulties will be investigated.

Eavesdropping-aware routing and spectrum allocation based on multi-flow virtual concatenation for confidential information service in elastic optical networks

NASA Astrophysics Data System (ADS)

Bai, Wei; Yang, Hui; Yu, Ao; Xiao, Hongyun; He, Linkuan; Feng, Lei; Zhang, Jie

2018-01-01

The leakage of confidential information is one of important issues in the network security area. Elastic Optical Networks (EON) as a promising technology in the optical transport network is under threat from eavesdropping attacks. It is a great demand to support confidential information service (CIS) and design efficient security strategy against the eavesdropping attacks. In this paper, we propose a solution to cope with the eavesdropping attacks in routing and spectrum allocation. Firstly, we introduce probability theory to describe eavesdropping issue and achieve awareness of eavesdropping attacks. Then we propose an eavesdropping-aware routing and spectrum allocation (ES-RSA) algorithm to guarantee information security. For further improving security and network performance, we employ multi-flow virtual concatenation (MFVC) and propose an eavesdropping-aware MFVC-based secure routing and spectrum allocation (MES-RSA) algorithm. The presented simulation results show that the proposed two RSA algorithms can both achieve greater security against the eavesdropping attacks and MES-RSA can also improve the network performance efficiently.

A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth.

PubMed

Jiang, Qi; Lian, Xinxin; Yang, Chao; Ma, Jianfeng; Tian, Youliang; Yang, Yuanyuan

2016-11-01

Wireless body area networks (WBANs) have become one of the key components of mobile health (mHealth) which provides 24/7 health monitoring service and greatly improves the quality and efficiency of healthcare. However, users' concern about the security and privacy of their health information has become one of the major obstacles that impede the wide adoption of WBANs. Anonymous and unlinkable authentication is critical to protect the security and privacy of sensitive physiological information in transit from the client to the application provider. We first show that the anonymous authentication scheme of Wang and Zhang based on bilinear pairing is prone to client impersonation attack. Then, we propose an enhanced anonymous authentication scheme to remedy the flaw in Wang and Zhang's scheme. We give the security analysis to demonstrate that the enhanced scheme achieves the desired security features and withstands various known attacks.

Information security governance: a risk assessment approach to health information systems protection.

PubMed

Williams, Patricia A H

2013-01-01

It is no small task to manage the protection of healthcare data and healthcare information systems. In an environment that is demanding adaptation to change for all information collection, storage and retrieval systems, including those for of e-health and information systems, it is imperative that good information security governance is in place. This includes understanding and meeting legislative and regulatory requirements. This chapter provides three models to educate and guide organisations in this complex area, and to simplify the process of information security governance and ensure appropriate and effective measures are put in place. The approach is risk based, adapted and contextualized for healthcare. In addition, specific considerations of the impact of cloud services, secondary use of data, big data and mobile health are discussed.

[Hospital information system performance for road traffic accidents analysis in a hospital recruitment based area].

PubMed

Jannot, A-S; Fauconnier, J

2013-06-01

Road traffic accidents in France are mainly analyzed through reports completed by the security forces (police and gendarmerie). But the hospital information systems can also identify road traffic accidents via specific documentary codes of the International Classification of Diseases (ICD-10). The aim of this study was therefore to determine whether hospital stays consecutive to road traffic accident were truly identified by these documentary codes in a facility that collects data routinely and to study the consistency of results from hospital information systems and from security forces during the 2002-2008 period. We retrieved all patients for whom a documentary code for road traffic accident was entered in 2002-2008. We manually checked the concordance of documentary code for road traffic accident and trauma origin in 350 patient files. The number of accidents in the Grenoble area was then inferred by combining with hospitalization regional data and compared to the number of persons injured by traffic accidents declared by the security force. These hospital information systems successfully report road traffic accidents with 96% sensitivity (95%CI: [92%, 100%]) and 97% specificity (95%CI: [95%, 99%]). The decrease in road traffic accidents observed was significantly less than that observed was significantly lower than that observed in the data from the security force (45% for security force data against 27% for hospital data). Overall, this study shows that hospital information systems are a powerful tool for studying road traffic accidents morbidity in hospital and are complementary to security force data. Copyright © 2013 Elsevier Masson SAS. All rights reserved.

Downgrade of the Savannah River Sites FB-Line

DOE Office of Scientific and Technical Information (OSTI.GOV)

SADOWSKI, ED; YOURCHAK, RANDY; PRETZELLO MARJI

2005-07-05

This paper will discuss the Safeguards & Security (S&S) activities that resulted in the downgrade of the Savannah River Site's FB-Line (FBL) from a Category I Material Balance Area (MBA) in a Material Access Area (MAA) to a Category IV MBA in a Property Protection Area (PPA). The Safeguards activities included measurement of final product items, transferal of nuclear material to other Savannah River Site (SRS) facilities, discard of excess nuclear material items, and final measurements of holdup material. The Security activities included relocation and destruction of classified documents and repositories, decertification of a classified computer, access control changes, updatesmore » to planning documents, deactivation and removal of security systems, Human Reliability Program (HRP) removals, and information security training for personnel that will remain in the FBL PPA.« less

Implantable electronics: emerging design issues and an ultra light-weight security solution.

PubMed

Narasimhan, Seetharam; Wang, Xinmu; Bhunia, Swarup

2010-01-01

Implantable systems that monitor biological signals require increasingly complex digital signal processing (DSP) electronics for real-time in-situ analysis and compression of the recorded signals. While it is well-known that such signal processing hardware needs to be implemented under tight area and power constraints, new design requirements emerge with their increasing complexity. Use of nanoscale technology shows tremendous benefits in implementing these advanced circuits due to dramatic improvement in integration density and power dissipation per operation. However, it also brings in new challenges such as reliability and large idle power (due to higher leakage current). Besides, programmability of the device as well as security of the recorded information are rapidly becoming major design considerations of such systems. In this paper, we analyze the emerging issues associated with the design of the DSP unit in an implantable system. Next, we propose a novel ultra light-weight solution to address the information security issue. Unlike the conventional information security approaches like data encryption, which come at large area and power overhead and hence are not amenable for resource-constrained implantable systems, we propose a multilevel key-based scrambling algorithm, which exploits the nature of the biological signal to effectively obfuscate it. Analysis of the proposed algorithm in the context of neural signal processing and its hardware implementation shows that we can achieve high level of security with ∼ 13X lower power and ∼ 5X lower area overhead than conventional cryptographic solutions.

Wireless security in mobile health.

PubMed

Osunmuyiwa, Olufolabi; Ulusoy, Ali Hakan

2012-12-01

Mobile health (m-health) is an extremely broad term that embraces mobile communication in the health sector and data packaging. The four broad categories of wireless networks are wireless personal area network, wireless metropolitan area network, wireless wide area network, and wireless local area network. Wireless local area network is the most notable of the wireless networking tools obtainable in the health sector. Transfer of delicate and critical information on radio frequencies should be secure, and the right to use must be meticulous. This article covers the business opportunities in m-health, threats faced by wireless networks in hospitals, and methods of mitigating these threats.

Information security: where computer science, economics and psychology meet.

PubMed

Anderson, Ross; Moore, Tyler

2009-07-13

Until ca. 2000, information security was seen as a technological discipline, based on computer science but with mathematics helping in the design of ciphers and protocols. That perspective started to change as researchers and practitioners realized the importance of economics. As distributed systems are increasingly composed of machines that belong to principals with divergent interests, incentives are becoming as important to dependability as technical design. A thriving new field of information security economics provides valuable insights not just into 'security' topics such as privacy, bugs, spam and phishing, but into more general areas of system dependability and policy. This research programme has recently started to interact with psychology. One thread is in response to phishing, the most rapidly growing form of online crime, in which fraudsters trick people into giving their credentials to bogus websites; a second is through the increasing importance of security usability; and a third comes through the psychology-and-economics tradition. The promise of this multidisciplinary research programme is a novel framework for analysing information security problems-one that is both principled and effective.

Vehicle Tracking and Security

NASA Astrophysics Data System (ADS)

Scorer, A. G.

1998-09-01

This paper covers the wide area and short range locational technologies that are available for vehicle tracking in particular and mobile user security in general. It also summarises the radio communications services that can deliver information to the user. It considers the use that can be made of these technologies, when combined with procedures for delivering a response, in the security field, notably in relation to personal security, high-value load protection and the after-theft tracking markets.

76 FR 81516 - Homeland Security Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... security; and provide information on the threat of an electromagnetic pulse attack and its associated... Operational Update. Electromagnetic Pulse (EMP) Threat--Lessons Learned and Areas of Vulnerability, and... and the potential threat of an electromagnetic pulse attack. Both will include lessons learned and...

Information Security Risk Assessment in Hospitals.

PubMed

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies.

Mechanical Verification of Cryptographic Protocols

NASA Astrophysics Data System (ADS)

Cheng, Xiaochun; Ma, Xiaoqi; Huang, Scott C.-H.; Cheng, Maggie

Information security is playing an increasingly important role in modern society, driven especially by the uptake of the Internet for information transfer. Large amount of information is transmitted everyday through the Internet, which is often the target of malicious attacks. In certain areas, this issue is vital. For example, military departments of governments often transmit a great amount of top-secret data, which, if divulged, could become a huge threat to the public and to national security. Even in our daily life, it is also necessary to protect information. Consider e-commerce systems as an example. No one is willing to purchase anything over the Internet before being assured that all their personal and financial information will always be kept secure and will never be leaked to any unauthorised person or organisation.

Unequal Probability Marking Approach to Enhance Security of Traceback Scheme in Tree-Based WSNs.

PubMed

Huang, Changqin; Ma, Ming; Liu, Xiao; Liu, Anfeng; Zuo, Zhengbang

2017-06-17

Fog (from core to edge) computing is a newly emerging computing platform, which utilizes a large number of network devices at the edge of a network to provide ubiquitous computing, thus having great development potential. However, the issue of security poses an important challenge for fog computing. In particular, the Internet of Things (IoT) that constitutes the fog computing platform is crucial for preserving the security of a huge number of wireless sensors, which are vulnerable to attack. In this paper, a new unequal probability marking approach is proposed to enhance the security performance of logging and migration traceback (LM) schemes in tree-based wireless sensor networks (WSNs). The main contribution of this paper is to overcome the deficiency of the LM scheme that has a higher network lifetime and large storage space. In the unequal probability marking logging and migration (UPLM) scheme of this paper, different marking probabilities are adopted for different nodes according to their distances to the sink. A large marking probability is assigned to nodes in remote areas (areas at a long distance from the sink), while a small marking probability is applied to nodes in nearby area (areas at a short distance from the sink). This reduces the consumption of storage and energy in addition to enhancing the security performance, lifetime, and storage capacity. Marking information will be migrated to nodes at a longer distance from the sink for increasing the amount of stored marking information, thus enhancing the security performance in the process of migration. The experimental simulation shows that for general tree-based WSNs, the UPLM scheme proposed in this paper can store 1.12-1.28 times the amount of stored marking information that the equal probability marking approach achieves, and has 1.15-1.26 times the storage utilization efficiency compared with other schemes.

Unequal Probability Marking Approach to Enhance Security of Traceback Scheme in Tree-Based WSNs

PubMed Central

Huang, Changqin; Ma, Ming; Liu, Xiao; Liu, Anfeng; Zuo, Zhengbang

2017-01-01

Fog (from core to edge) computing is a newly emerging computing platform, which utilizes a large number of network devices at the edge of a network to provide ubiquitous computing, thus having great development potential. However, the issue of security poses an important challenge for fog computing. In particular, the Internet of Things (IoT) that constitutes the fog computing platform is crucial for preserving the security of a huge number of wireless sensors, which are vulnerable to attack. In this paper, a new unequal probability marking approach is proposed to enhance the security performance of logging and migration traceback (LM) schemes in tree-based wireless sensor networks (WSNs). The main contribution of this paper is to overcome the deficiency of the LM scheme that has a higher network lifetime and large storage space. In the unequal probability marking logging and migration (UPLM) scheme of this paper, different marking probabilities are adopted for different nodes according to their distances to the sink. A large marking probability is assigned to nodes in remote areas (areas at a long distance from the sink), while a small marking probability is applied to nodes in nearby area (areas at a short distance from the sink). This reduces the consumption of storage and energy in addition to enhancing the security performance, lifetime, and storage capacity. Marking information will be migrated to nodes at a longer distance from the sink for increasing the amount of stored marking information, thus enhancing the security performance in the process of migration. The experimental simulation shows that for general tree-based WSNs, the UPLM scheme proposed in this paper can store 1.12–1.28 times the amount of stored marking information that the equal probability marking approach achieves, and has 1.15–1.26 times the storage utilization efficiency compared with other schemes. PMID:28629135

Information engineering

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hunt, D.N.

1997-02-01

The Information Engineering thrust area develops information technology to support the programmatic needs of Lawrence Livermore National Laboratory`s Engineering Directorate. Progress in five programmatic areas are described in separate reports contained herein. These are entitled Three-dimensional Object Creation, Manipulation, and Transport, Zephyr:A Secure Internet-Based Process to Streamline Engineering Procurements, Subcarrier Multiplexing: Optical Network Demonstrations, Parallel Optical Interconnect Technology Demonstration, and Intelligent Automation Architecture.

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

Leveraging Service Oriented Architecture to Enhance Information Sharing for Surface Transportation Security

DTIC Science & Technology

2008-09-01

telephone, conference calls, emails, alert notifications, and blackberry . The RDTSF holds conference calls with its stakeholders to provide routine... tunnels ) is monitored by CCTV cameras with live feeds to WMATA’s Operations Control Center (OCC) to detect unauthorized entry into areas not intended for...message by email, blackberry and phone to the Security Coordinators. Dissemination of classified information however, is generally handled through the

12 CFR 978.5 - Storage of confidential information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 7 2010-01-01 2010-01-01 false Storage of confidential information. 978.5... OPERATIONS AND AUTHORITIES BANK REQUESTS FOR INFORMATION § 978.5 Storage of confidential information. Each Bank shall: (a) Store all identified confidential information in secure storage areas or filing...

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

Communicating food safety, authenticity and consumer choice. Field experiences.

PubMed

Syntesa, Heiner Lehr

2013-04-01

The paper reviews patented and non-patented technologies, methods and solutions in the area of food traceability. It pays special attention to the communication of food safety, authenticity and consumer choice. Twenty eight recent patents are reviewed in the areas of (secure) identification, product freshness indicators, meat traceability, (secure) transport of information along the supply chain, country/region/place of origin, automated authentication, supply chain management systems, consumer interaction systems. In addition, solutions and pilot projects are described in the areas of Halal traceability, traceability of bird's nests, cold chain management, general food traceability and other areas.

Big data, little security: Addressing security issues in your platform

NASA Astrophysics Data System (ADS)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

Efficient proof of ownership for cloud storage systems

NASA Astrophysics Data System (ADS)

Zhong, Weiwei; Liu, Zhusong

2017-08-01

Cloud storage system through the deduplication technology to save disk space and bandwidth, but the use of this technology has appeared targeted security attacks: the attacker can deceive the server to obtain ownership of the file by get the hash value of original file. In order to solve the above security problems and the different security requirements of the files in the cloud storage system, an efficient and information-theoretical secure proof of ownership sceme is proposed to support the file rating. Through the K-means algorithm to implement file rating, and use random seed technology and pre-calculation method to achieve safe and efficient proof of ownership scheme. Finally, the scheme is information-theoretical secure, and achieve better performance in the most sensitive areas of client-side I/O and computation.

A novel wireless local positioning system for airport (indoor) security

NASA Astrophysics Data System (ADS)

Zekavat, Seyed A.; Tong, Hui; Tan, Jindong

2004-09-01

A novel wireless local positioning system (WLPS) for airport (or indoor) security is introduced. This system is used by airport (indoor) security guards to locate all of, or a group of airport employees or passengers within the airport area. WLPS consists of two main parts: (1) a base station that is carried by security personnel; hence, introducing dynamic base station (DBS), and (2) a transponder (TRX) that is mounted on all people (including security personnel) present at the airport; thus, introducing them as active targets. In this paper, we (a) draw a futuristic view of the airport security systems, and the flow of information at the airports, (b) investigate the techniques of extending WLPS coverage area beyond the line-of-sight (LoS), and (c) study the performance of this system via standard transceivers, and direct sequence code division multiple access (DS-CDMA) systems with and without antenna arrays and conventional beamforming (BF).

Information Security Risk Assessment in Hospitals

PubMed Central

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

Background: To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective: The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. Method: This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). Results: The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). Conclusion: The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies. PMID:29204226

A survey of visualization systems for network security.

PubMed

Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

2012-08-01

Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

Verifying the secure setup of UNIX client/servers and detection of network intrusion

NASA Astrophysics Data System (ADS)

Feingold, Richard; Bruestle, Harry R.; Bartoletti, Tony; Saroyan, R. A.; Fisher, John M.

1996-03-01

This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today's global `Infosphere' presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to check on their security configuration. SPI's broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI's use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on the Ethernet broadcast Local Area Network segment and product transcripts of suspicious user connections. NID's retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.

Independent Review of Aviation Technology and Research Information Analysis System (ATRIAS) Database

DTIC Science & Technology

1994-02-01

capability to support the Federal Aviation Administration (FAA)/ Aviation Security Research and Development Service’s (ACA) Explosive Detection...Systems (EDS) programs and Aviation Security Human Factors Program (ASHFP). This review was conducted by an independent consultant selected by the FAA...sections 2 and 3 of the report. Overall, ATRIAS was found to address many technology application areas relevant to the FAA’s aviation security programs

42 CFR 431.115 - Disclosure of survey information and provider or contractor evaluation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... inspection and copying in both the public assistance office and the Social Security Administration district... in standard metropolitian statistical areas where this information would be helpful to persons likely...

77 FR 513 - Intent To Request Renewal From OMB of One Current Public Collection of Information; Maryland...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-05

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), Office of Management and Budget (OMB) control number 1652-0029, abstracted below that we will submit to OMB for renewal in compliance with the Paperwork Reduction Act (PRA). The ICR describes the nature of the information collection and its expected burden. This collection requires individuals to successfully complete a security threat assessment in order to operate an aircraft to or from one of the three Maryland airports that are located within the Washington, DC, Metropolitan Area Flight Restricted Zone (Maryland Three Airports), or to serve as an airport security coordinator at one of these three airports.

A security scheme of SMS system

NASA Astrophysics Data System (ADS)

Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

2005-02-01

With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

77 FR 42753 - Agency Information Collection Activities: Application for Identification Card

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-20

... the collection of information is necessary for the proper performance of the functions of the agency... Card which is used to gain access to CBP security areas. This form is usually completed by licensed...

IT Data Mining Tool Uses in Aerospace

NASA Technical Reports Server (NTRS)

Monroe, Gilena A.; Freeman, Kenneth; Jones, Kevin L.

2012-01-01

Data mining has a broad spectrum of uses throughout the realms of aerospace and information technology. Each of these areas has useful methods for processing, distributing, and storing its corresponding data. This paper focuses on ways to leverage the data mining tools and resources used in NASA's information technology area to meet the similar data mining needs of aviation and aerospace domains. This paper details the searching, alerting, reporting, and application functionalities of the Splunk system, used by NASA's Security Operations Center (SOC), and their potential shared solutions to address aircraft and spacecraft flight and ground systems data mining requirements. This paper also touches on capacity and security requirements when addressing sizeable amounts of data across a large data infrastructure.

Medical Devices Transition to Information Systems: Lessons Learned

PubMed Central

Charters, Kathleen G.

2012-01-01

Medical devices designed to network can share data with a Clinical Information System (CIS), making that data available within clinician workflow. Some lessons learned by transitioning anesthesia reporting and monitoring devices (ARMDs) on a local area network (LAN) to integration of anesthesia documentation within a CIS include the following categories: access, contracting, deployment, implementation, planning, security, support, training and workflow integration. Areas identified for improvement include: Vendor requirements for access reconciled with the organizations’ security policies and procedures. Include clauses supporting transition from stand-alone devices to information integrated into clinical workflow in the medical device procurement contract. Resolve deployment and implementation barriers that make the process less efficient and more costly. Include effective field communication and creative alternatives in planning. Build training on the baseline knowledge of trainees. Include effective help desk processes and metrics. Have a process for determining where problems originate when systems share information. PMID:24199054

Advancing the Use of Earth Observations to Benefit Global Food Security and Agriculture

USDA-ARS?s Scientific Manuscript database

USDA plays an important role as “fair broker” of information on the status and security of the United States and global food supply. USDA surveys and farmer relationships are the source of much of the “ground-truth” required for statistical assessments of crop area, yield, and production domestical...

Sustainable Food Security in the Mountains of Pakistan: Towards a Policy Framework.

PubMed

Rasul, Golam; Hussain, Abid

2015-01-01

The nature and causes of food and livelihood security in mountain areas are quite different to those in the plains. Rapid socioeconomic and environmental changes added to the topographical constraints have exacerbated the problem of food insecurity in the Hindu Kush-Himalayan (HKH) region. In Pakistan, food insecurity is significantly higher in the mountain areas than in the plains as a result of a range of biophysical and socioeconomic factors. The potential of mountain niche products such as fruit, nuts, and livestock has remained underutilized. Moreover, the opportunities offered by globalization, market integration, remittances, and non-farm income have not been fully tapped. This paper analyzes the opportunities and challenges of food security in Pakistan's mountain areas, and outlines a framework for addressing the specific issues in terms of four different types of area differentiated by agro-ecological potential and access to markets, information, and institutional services.

TRENCADIS - secure architecture to share and manage DICOM objects in a ontological framework based on OGSA.

PubMed

Blanquer, Ignacio; Hernandez, Vicente; Segrelles, Damià; Torres, Erik

2007-01-01

Today most European healthcare centers use the digital format for their databases of images. TRENCADIS is a software architecture comprising a set of services as a solution for interconnecting, managing and sharing selected parts of medical DICOM data for the development of training and decision support tools. The organization of the distributed information in virtual repositories is based on semantic criteria. Different groups of researchers could organize themselves to propose a Virtual Organization (VO). These VOs will be interested in specific target areas, and will share information concerning each area. Although the private part of the information to be shared will be removed, special considerations will be taken into account to avoid the access by non-authorized users. This paper describes the security model implemented as part of TRENCADIS. The paper is organized as follows. First introduces the problem and presents our motivations. Section 1 defines the objectives. Section 2 presents an overview of the existing proposals per objective. Section 3 outlines the overall architecture. Section 4 describes how TRENCADIS is architected to realize the security goals discussed in the previous sections. The different security services and components of the infrastructure are briefly explained, as well as the exposed interfaces. Finally, Section 5 concludes and gives some remarks on our future work.

Right Technology, Right Now: An Evaluation Methodology for Rapidly Deployable Information and Communications Technologies in Humanitarian Assistance/Disaster Relief

DTIC Science & Technology

2012-03-01

30  c.  IEEE 802.16/WiMAX .............................................................31  4.  Broadband Global Area Network...Space Agency, 2006) ...........................34  Figure 19.  Global BGAN Coverage (From Inmarsat, 2009...BGAN Broadband Global Area Network C2 Command and Control CHSC California Homeland Security Consortium CIE Collaborative Information Environment CJCS

Verifying the secure setup of Unix client/servers and detection of network intrusion

DOE Office of Scientific and Technical Information (OSTI.GOV)

Feingold, R.; Bruestle, H.R.; Bartoletti, T.

1995-07-01

This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today`s global ``Infosphere`` presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to checkmore » on their security configuration. SPI`s broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI`s use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on an Ethernet broadcast Local Area Network segment and produce transcripts of suspicious user connections. NID`s retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.« less

77 FR 43506 - DoD Unclassified Controlled Nuclear Information (UCNI)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-25

... Systems. (i) Information on the layout or design of security and alarm systems at a specific DoD SNM or... information is not observable from a public area. (iii) Performance characteristics of installed systems. (5... 0790-AI64 DoD Unclassified Controlled Nuclear Information (UCNI) AGENCY: Department of Defense. ACTION...

Fuzzy assessment of health information system users' security awareness.

PubMed

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

Assessing staff attitudes towards information security in a European healthcare establishment.

PubMed

Furnell, S M; Gaunt, P N; Holben, R F; Sanders, P W; Stockel, C T; Warren, M J

1996-01-01

Information security is now recognized as an important consideration in modern healthcare establishments (HCEs), with a variety of guidelines and standards currently available to enable the environments to be properly protected. However, financial and operational constraints often exist which influence the practicality of these recommendations. This paper establishes that the staff culture of the organization is of particular importance in determining the level and types of security that will be accepted. This culture will be based upon staff awareness of and attitudes towards security and it is, therefore, important to have a clear idea of what these attitudes are. To this end, two surveys have been conducted within a reference environment to establish the attitudes of general users and technical staff, allowing the results to be fed back to HCE management to enable security policy to be appropriately defined. These results indicated that, although the establishment had participated in a European healthcare security initiative, staff attitudes and awareness were still weak in some areas.

Homeland security: sharing and managing critical incident information

NASA Astrophysics Data System (ADS)

Ashley, W. R., III

2003-09-01

Effective critical incident response for homeland security requires access to real-time information from many organizations. Command and control, as well as basic situational awareness, are all dependant on quickly communicating a dynamically changing picture to a variety of decision makers. For the most part, critical information management is not unfamiliar or new to the public safety community. However, new challenges present themselves when that information needs to be seamlessly shared across multiple organizations at the local, state and federal level in real-time. The homeland security problem does not lend itself to the traditional military joint forces planning model where activities shift from a deliberate planning process to a crisis action planning process. Rather, the homeland security problem is more similar to a traditional public safety model where the current activity state moves from complete inactivity or low-level attention to immediate crisis action planning. More often than not the escalation occurs with no warning or baseline information. This paper addresses the challenges of sharing critical incident information and the impacts new technologies will have on this problem. The value of current and proposed approaches will be critiqued for operational value and areas will be identified for further development.

Human detection in sensitive security areas through recognition of omega shapes using MACH filters

NASA Astrophysics Data System (ADS)

Rehman, Saad; Riaz, Farhan; Hassan, Ali; Liaquat, Muwahida; Young, Rupert

2015-03-01

Human detection has gained considerable importance in aggravated security scenarios over recent times. An effective security application relies strongly on detailed information regarding the scene under consideration. A larger accumulation of humans than the number of personal authorized to visit a security controlled area must be effectively detected, amicably alarmed and immediately monitored. A framework involving a novel combination of some existing techniques allows an immediate detection of an undesirable crowd in a region under observation. Frame differencing provides a clear visibility of moving objects while highlighting those objects in each frame acquired by a real time camera. Training of a correlation pattern recognition based filter on desired shapes such as elliptical representations of human faces (variants of an Omega Shape) yields correct detections. The inherent ability of correlation pattern recognition filters caters for angular rotations in the target object and renders decision regarding the existence of the number of persons exceeding an allowed figure in the monitored area.

The Role of Human Factors/Ergonomics in the Science of Security: Decision Making and Action Selection in Cyberspace.

PubMed

Proctor, Robert W; Chen, Jing

2015-08-01

The overarching goal is to convey the concept of science of security and the contributions that a scientifically based, human factors approach can make to this interdisciplinary field. Rather than a piecemeal approach to solving cybersecurity problems as they arise, the U.S. government is mounting a systematic effort to develop an approach grounded in science. Because humans play a central role in security measures, research on security-related decisions and actions grounded in principles of human information-processing and decision-making is crucial to this interdisciplinary effort. We describe the science of security and the role that human factors can play in it, and use two examples of research in cybersecurity--detection of phishing attacks and selection of mobile applications--to illustrate the contribution of a scientific, human factors approach. In these research areas, we show that systematic information-processing analyses of the decisions that users make and the actions they take provide a basis for integrating the human component of security science. Human factors specialists should utilize their foundation in the science of applied information processing and decision making to contribute to the science of cybersecurity. © 2015, Human Factors and Ergonomics Society.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nelson, Cynthia Lee

There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allowmore » special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal concept.« less

Medical image security in a HIPAA mandated PACS environment.

PubMed

Cao, F; Huang, H K; Zhou, X Q

2003-01-01

Medical image security is an important issue when digital images and their pertinent patient information are transmitted across public networks. Mandates for ensuring health data security have been issued by the federal government such as Health Insurance Portability and Accountability Act (HIPAA), where healthcare institutions are obliged to take appropriate measures to ensure that patient information is only provided to people who have a professional need. Guidelines, such as digital imaging and communication in medicine (DICOM) standards that deal with security issues, continue to be published by organizing bodies in healthcare. However, there are many differences in implementation especially for an integrated system like picture archiving and communication system (PACS), and the infrastructure to deploy these security standards is often lacking. Over the past 6 years, members in the Image Processing and Informatics Laboratory, Childrens Hospital, Los Angeles/University of Southern California, have actively researched image security issues related to PACS and teleradiology. The paper summarizes our previous work and presents an approach to further research on the digital envelope (DE) concept that provides image integrity and security assurance in addition to conventional network security protection. The DE, including the digital signature (DS) of the image as well as encrypted patient information from the DICOM image header, can be embedded in the background area of the image as an invisible permanent watermark. The paper outlines the systematic development, evaluation and deployment of the DE method in a PACS environment. We have also proposed a dedicated PACS security server that will act as an image authority to check and certify the image origin and integrity upon request by a user, and meanwhile act also as a secure DICOM gateway to the outside connections and a PACS operation monitor for HIPAA supporting information. Copyright 2002 Elsevier Science Ltd.

Design and Implementation of Secure Area Expansion Scheme for Public Wireless LAN Services

NASA Astrophysics Data System (ADS)

Watanabe, Ryu; Tanaka, Toshiaki

Recently, wireless LAN (WLAN) technology has become a major wireless communication method. The communication bandwidth is increasing and speeds have attained rates exceeding 100 Mbps. Therefore, WLAN technology is regarded as one of the promising communication methods for future networks. In addition, public WLAN connection services can be used in many locations. However, the number of the access points (AP) is insufficient for seamless communication and it cannot be said that users can use the service ubiquitously. An ad-hoc network style connection can be used to expand the coverage area of a public WLAN service. By relaying the user messages among the user nodes, a node can obtain an Internet connection via an AP, even though the node is located outside the AP's direct wireless connection area. Such a coverage area extending technology has many advantages thanks to the feature that no additional infrastructure is required. Therefore, there is a strong demand for this technology as it allows the cost-effective construction of future networks. When a secure ad-hoc routing protocol is used for message exchange in the WLAN service, the message routes are protected from malicious behavior such as route forging and can be maintained appropriately. To do this, however, a new node that wants to join the WLAN service has to obtain information such as the public key certificate and IP address in order to start secure ad-hoc routing. In other words, an initial setup is required for every network node to join the WLAN service properly. Ordinarily, such information should be assigned from the AP. However, new nodes cannot always contact an AP directly. Therefore, there are problems about information delivery in the initial setup of a network node. These problems originate in the multi hop connection based on the ad-hoc routing protocols. In order to realize an expanded area WLAN service, in this paper, the authors propose a secure public key certificate and address provision scheme during the initial setup phase on mobile nodes for the service. The proposed scheme also considers the protection of user privacy. Accordingly, none of the user nodes has to reveal their unique and persistent information to other nodes. Instead of using such information, temporary values are sent by an AP to mobile nodes and used for secure ad-hoc routing operations. Therefore, our proposed scheme prevents tracking by malicious parties by avoiding the use of unique information. Moreover, a test bed was also implemented based on the proposal and an evaluation was carried out in order to confirm performance. In addition, the authors describe a countermeasure against denial of service (DoS) attacks based on the approach to privacy protection described in our proposal.

Computer Security Awareness Guide for Department of Energy Laboratories, Government Agencies, and others for use with Lawrence Livermore National Laboratory`s (LLNL): Computer security short subjects videos

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

Lonnie Moore, the Computer Security Manager, CSSM/CPPM at Lawrence Livermore National Laboratory (LLNL) and Gale Warshawsky, the Coordinator for Computer Security Education & Awareness at LLNL, wanted to share topics such as computer ethics, software piracy, privacy issues, and protecting information in a format that would capture and hold an audience`s attention. Four Computer Security Short Subject videos were produced which ranged from 1-3 minutes each. These videos are very effective education and awareness tools that can be used to generate discussions about computer security concerns and good computing practices. Leaders may incorporate the Short Subjects into presentations. After talkingmore » about a subject area, one of the Short Subjects may be shown to highlight that subject matter. Another method for sharing them could be to show a Short Subject first and then lead a discussion about its topic. The cast of characters and a bit of information about their personalities in the LLNL Computer Security Short Subjects is included in this report.« less

Geovisualization for Smart Video Surveillance

NASA Astrophysics Data System (ADS)

Oves García, R.; Valentín, L.; Serrano, S. A.; Palacios-Alonso, M. A.; Sucar, L. Enrique

2017-09-01

Nowadays with the emergence of smart cities and the creation of new sensors capable to connect to the network, it is not only possible to monitor the entire infrastructure of a city, including roads, bridges, rail/subways, airports, communications, water, power, but also to optimize its resources, plan its preventive maintenance and monitor security aspects while maximizing services for its citizens. In particular, the security aspect is one of the most important issues due to the need to ensure the safety of people. However, if we want to have a good security system, it is necessary to take into account the way that we are going to present the information. In order to show the amount of information generated by sensing devices in real time in an understandable way, several visualization techniques are proposed for both local (involves sensing devices in a separated way) and global visualization (involves sensing devices as a whole). Taking into consideration that the information is produced and transmitted from a geographic location, the integration of a Geographic Information System to manage and visualize the behavior of data becomes very relevant. With the purpose of facilitating the decision-making process in a security system, we have integrated the visualization techniques and the Geographic Information System to produce a smart security system, based on a cloud computing architecture, to show relevant information about a set of monitored areas with video cameras.

Secure anonymous mutual authentication for star two-tier wireless body area networks.

PubMed

Ibrahim, Maged Hamada; Kumari, Saru; Das, Ashok Kumar; Wazid, Mohammad; Odelu, Vanga

2016-10-01

Mutual authentication is a very important service that must be established between sensor nodes in wireless body area network (WBAN) to ensure the originality and integrity of the patient's data sent by sensors distributed on different parts of the body. However, mutual authentication service is not enough. An adversary can benefit from monitoring the traffic and knowing which sensor is in transmission of patient's data. Observing the traffic (even without disclosing the context) and knowing its origin, it can reveal to the adversary information about the patient's medical conditions. Therefore, anonymity of the communicating sensors is an important service as well. Few works have been conducted in the area of mutual authentication among sensor nodes in WBAN. However, none of them has considered anonymity among body sensor nodes. Up to our knowledge, our protocol is the first attempt to consider this service in a two-tier WBAN. We propose a new secure protocol to realize anonymous mutual authentication and confidential transmission for star two-tier WBAN topology. The proposed protocol uses simple cryptographic primitives. We prove the security of the proposed protocol using the widely-accepted Burrows-Abadi-Needham (BAN) logic, and also through rigorous informal security analysis. In addition, to demonstrate the practicality of our protocol, we evaluate it using NS-2 simulator. BAN logic and informal security analysis prove that our proposed protocol achieves the necessary security requirements and goals of an authentication service. The simulation results show the impact on the various network parameters, such as end-to-end delay and throughput. The nodes in the network require to store few hundred bits. Nodes require to perform very few hash invocations, which are computationally very efficient. The communication cost of the proposed protocol is few hundred bits in one round of communication. Due to the low computation cost, the energy consumed by the nodes is also low. Our proposed protocol is a lightweight anonymous mutually authentication protocol to mutually authenticate the sensor nodes with the controller node (hub) in a star two-tier WBAN topology. Results show that our protocol proves efficiency over previously proposed protocols and at the same time, achieves the necessary security requirements for a secure anonymous mutual authentication scheme. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

75 FR 40867 - Modifications to the HIPAA Privacy, Security, and Enforcement Rules Under the Health Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-14

.... The Act also provides for the development of guidance, reports, and studies in a number of areas... Privacy and Security enforcement (section 13424(a)); a study and report on the application of privacy and... (section 13424(c)); and a study on the Privacy Rule's definition of ``psychotherapy notes'' at 45 CFR 164...

The secure authorization model for healthcare information system.

PubMed

Hsu, Wen-Shin; Pan, Jiann-I

2013-10-01

Exploring healthcare system for assisting medical services or transmitting patients' personal health information in web application has been widely investigated. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. In the healthcare system, not all users are allowed to access all the information. Several authorization models for restricting users to access specific information at specific permissions have been proposed. However, as the number of users and the amount of information grows, the difficulties for administrating user authorization will increase. The critical problem limits the widespread usage of the healthcare system. This paper proposes an approach for role-based and extends it to deal with the information for authorizations in the healthcare system. We propose the role-based authorization model which supports authorizations for different kinds of objects, and a new authorization domain. Based on this model, we discuss the issues and requirements of security in the healthcare systems. The security issues for services shared between different healthcare industries will also be discussed.

MOD control center automated information systems security evolution

NASA Technical Reports Server (NTRS)

Owen, Rich

1991-01-01

The role of the technology infusion process in future Control Center Automated Information Systems (AIS) is highlighted. The following subject areas are presented in the form of the viewgraphs: goals, background, threat, MOD's AISS program, TQM, SDLC integration, payback, future challenges, and bottom line.

76 FR 46297 - HIT Policy Committee's Workgroup Meetings; Notice of Meetings

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-02

... with the Federal Health IT Strategic Plan and that includes recommendations on the areas in which... site for additional information or revised schedules as it becomes available. Contact Person: Judy...., meaningful use, information exchange, privacy and security, quality measures, governance, or adoption...

33 CFR 103.300 - Area Maritime Security (AMS) Committee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Area Maritime Security (AMS... SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Committee § 103.300 Area Maritime Security (AMS) Committee. (a) The AMS Committee is established under the...

A Weakest Precondition Approach to Robustness

NASA Astrophysics Data System (ADS)

Balliu, Musard; Mastroeni, Isabella

With the increasing complexity of information management computer systems, security becomes a real concern. E-government, web-based financial transactions or military and health care information systems are only a few examples where large amount of information can reside on different hosts distributed worldwide. It is clear that any disclosure or corruption of confidential information in these contexts can result fatal. Information flow controls constitute an appealing and promising technology to protect both data confidentiality and data integrity. The certification of the security degree of a program that runs in untrusted environments still remains an open problem in the area of language-based security. Robustness asserts that an active attacker, who can modify program code in some fixed points (holes), is unable to disclose more private information than a passive attacker, who merely observes unclassified data. In this paper, we extend a method recently proposed for checking declassified non-interference in presence of passive attackers only, in order to check robustness by means of weakest precondition semantics. In particular, this semantics simulates the kind of analysis that can be performed by an attacker, i.e., from public output towards private input. The choice of semantics allows us to distinguish between different attacks models and to characterize the security of applications in different scenarios.

33 CFR 103.510 - Area Maritime Security (AMS) Plan review and approval.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Area Maritime Security (AMS) Plan... HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Plan § 103.510 Area Maritime Security (AMS) Plan review and approval. Each AMS Plan will be submitted...

Securing While Sampling in Wireless Body Area Networks With Application to Electrocardiography.

PubMed

Dautov, Ruslan; Tsouri, Gill R

2016-01-01

Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources, and present an implementation obstacle in compact sensor nodes. This paper proposes a lightweight encryption framework augmenting compressed sensing with wireless physical layer security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key, and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm, as well as the predeployment of a key thereby conserving sensor node's limited resources. The proposed framework is evaluated using analysis, simulation, and experimentation applied to a wireless electrocardiogram setup consisting of a sensor node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor node and the access point.

Trends in Research on the Security of Medical Information in Korea: Focused on Information Privacy Security in Hospitals.

PubMed

Kim, Yong-Woon; Cho, Namin; Jang, Hye-Jung

2018-01-01

Information technology involves a risk of privacy violation in providing easy access to confidential information,such as personal information and medical information through the Internet. In this study, we investigated medical information security to gain a better understanding of trends in research related to medical information security. We researched papers published on '의료정보' and 'medical information' in various Korean journals during a 10-year period from 2005 to 2015. We also analyzed these journal papers for each fiscal year; these papers were categorized into the areas of literature research and empirical research, and were further subdivided according to themes and subjects. It was confirmed that 48 papers were submitted to 35 academic journals. There were 33 (68.8%) literature review articles, and analysis of secondary data was not carried out at all. In terms of empirical research, 8 (16.7%) surveys and 7 (14.6%) program developments were studied. As a result of analyzing these papers according to the research theme by research method, 17 (35.4%) papers on laws, systems, and policies were the most numerous. It was found that among the literature research papers on medical personnel were the most common, and among the empirical research papers, research on experts in information protection and medical personnel were the most common. We suggest that further research should be done in terms of social perception, human resource development, and technology development to improve risk management in medical information systems.

Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing

PubMed Central

Fujiwara, M.; Waseda, A.; Nojima, R.; Moriai, S.; Ogata, W.; Sasaki, M.

2016-01-01

Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir’s (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km). PMID:27363566

Unbreakable distributed storage with quantum key distribution network and password-authenticated secret sharing.

PubMed

Fujiwara, M; Waseda, A; Nojima, R; Moriai, S; Ogata, W; Sasaki, M

2016-07-01

Distributed storage plays an essential role in realizing robust and secure data storage in a network over long periods of time. A distributed storage system consists of a data owner machine, multiple storage servers and channels to link them. In such a system, secret sharing scheme is widely adopted, in which secret data are split into multiple pieces and stored in each server. To reconstruct them, the data owner should gather plural pieces. Shamir's (k, n)-threshold scheme, in which the data are split into n pieces (shares) for storage and at least k pieces of them must be gathered for reconstruction, furnishes information theoretic security, that is, even if attackers could collect shares of less than the threshold k, they cannot get any information about the data, even with unlimited computing power. Behind this scenario, however, assumed is that data transmission and authentication must be perfectly secure, which is not trivial in practice. Here we propose a totally information theoretically secure distributed storage system based on a user-friendly single-password-authenticated secret sharing scheme and secure transmission using quantum key distribution, and demonstrate it in the Tokyo metropolitan area (≤90 km).

Security Recommendations for mHealth Apps: Elaboration of a Developer's Guide.

PubMed

Morera, Enrique Pérez; de la Torre Díez, Isabel; Garcia-Zapirain, Begoña; López-Coronado, Miguel; Arambarri, Jon

2016-06-01

Being the third fastest-growing app category behind games and utilities, mHealth apps are changing the healthcare model, as medicine today involves the data they compile and analyse, information known as Big Data. However, the majority of apps are lacking in security when gathering and dealing with the information, which becomes a serious problem. This article presents a guide regarding security solution, intended to be of great use for developers of mHealth apps. In August 2015 current mobile health apps were sought out in virtual stores such as Android Google Play, Apple iTunes App Store etc., in order to classify them in terms of usefulness. After this search, the most widespread weaknesses in the field of security in the development of these mobile apps were examined, based on sources such as the "OWASP Mobile Security Project, the initiative recently launched by the Office of Civil Rights (OCR), and other articles of scientific interest. An informative, elemental guide has been created for the development of mHealth apps. It includes information about elements of security and its implementation on different levels for all types of mobile health apps based on the data that each app manipulates, the associated calculated risk as a result of the likelihood of occurrence and the threat level resulting from its vulnerabilities - high level (apps for monitoring, diagnosis, treatment and care) from 6 ≤ 9, medium level (calculator, localizer and alarm) from 3 ≤ 6 and low level (informative and educational apps) from 0 ≤ 3. The guide aims to guarantee and facilitate security measures in the development of mobile health applications by programmers unconnected to the ITC and professional health areas.

Critical theory as an approach to the ethics of information security.

PubMed

Stahl, Bernd Carsten; Doherty, Neil F; Shaw, Mark; Janicke, Helge

2014-09-01

Information security can be of high moral value. It can equally be used for immoral purposes and have undesirable consequences. In this paper we suggest that critical theory can facilitate a better understanding of possible ethical issues and can provide support when finding ways of addressing them. The paper argues that critical theory has intrinsic links to ethics and that it is possible to identify concepts frequently used in critical theory to pinpoint ethical concerns. Using the example of UK electronic medical records the paper demonstrates that a critical lens can highlight issues that traditional ethical theories tend to overlook. These are often linked to collective issues such as social and organisational structures, which philosophical ethics with its typical focus on the individual does not tend to emphasise. The paper suggests that this insight can help in developing ways of researching and innovating responsibly in the area of information security.

A secure EHR system based on hybrid clouds.

PubMed

Chen, Yu-Yi; Lu, Jun-Chao; Jan, Jinn-Ke

2012-10-01

Consequently, application services rendering remote medical services and electronic health record (EHR) have become a hot topic and stimulating increased interest in studying this subject in recent years. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. Sharing EHR information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. With the widespread use of EHR, building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructures for facilitating EHR sharing and EHR integration. In this paper, we propose an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.

Measurement-Device-Independent Quantum Key Distribution over Untrustful Metropolitan Network

NASA Astrophysics Data System (ADS)

Tang, Yan-Lin; Yin, Hua-Lei; Zhao, Qi; Liu, Hui; Sun, Xiang-Xiang; Huang, Ming-Qi; Zhang, Wei-Jun; Chen, Si-Jing; Zhang, Lu; You, Li-Xing; Wang, Zhen; Liu, Yang; Lu, Chao-Yang; Jiang, Xiao; Ma, Xiongfeng; Zhang, Qiang; Chen, Teng-Yun; Pan, Jian-Wei

2016-01-01

Quantum cryptography holds the promise to establish an information-theoretically secure global network. All field tests of metropolitan-scale quantum networks to date are based on trusted relays. The security critically relies on the accountability of the trusted relays, which will break down if the relay is dishonest or compromised. Here, we construct a measurement-device-independent quantum key distribution (MDIQKD) network in a star topology over a 200-square-kilometer metropolitan area, which is secure against untrustful relays and against all detection attacks. In the field test, our system continuously runs through one week with a secure key rate 10 times larger than previous results. Our results demonstrate that the MDIQKD network, combining the best of both worlds—security and practicality, constitutes an appealing solution to secure metropolitan communications.

Freedom, security and justice: the thin end of the wedge for biometrics?

PubMed

Lodge, Juliet

2007-01-01

This paper examines an area of EU policy where the application of information and communication tecnology (ICT) poses acutely difficult problems for policymakers: freedom, security and justice. It focuses on the absence of an ethical debate about the adoption of ICT-based instruments in this area. It highlights the implausibility of simply adopting codes of ethical practice from the health sector to close the public trust deficit. It argues that health and justice professionals need to cooperate in order to create a code of ethical e-governance fit for an e-governance age.

75 FR 61099 - Security Zones; Captain of the Port Buffalo Zone; Technical Amendment

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-04

.... ACTION: Final rule. SUMMARY: The Coast Guard is revising the contact information for Marine Safety... gain permission to transit these areas. DATES: This rule is effective October 4, 2010. ADDRESSES... Friday, except Federal holidays. FOR FURTHER INFORMATION CONTACT: If you have questions on this rule...

33 CFR 103.410 - Persons involved in the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Maritime Security (AMS) Assessment. 103.410 Section 103.410 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.410 Persons involved in the Area Maritime Security (AMS) Assessment. The...

33 CFR 103.410 - Persons involved in the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Maritime Security (AMS) Assessment. 103.410 Section 103.410 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.410 Persons involved in the Area Maritime Security (AMS) Assessment. The...

33 CFR 103.410 - Persons involved in the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Maritime Security (AMS) Assessment. 103.410 Section 103.410 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.410 Persons involved in the Area Maritime Security (AMS) Assessment. The...

33 CFR 103.410 - Persons involved in the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Maritime Security (AMS) Assessment. 103.410 Section 103.410 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.410 Persons involved in the Area Maritime Security (AMS) Assessment. The...

33 CFR 103.410 - Persons involved in the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2012 CFR

2012-07-01

... Maritime Security (AMS) Assessment. 103.410 Section 103.410 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.410 Persons involved in the Area Maritime Security (AMS) Assessment. The...

DXBC: a long distance wireless broadband communication system for coastal maritime surveillance applications

NASA Astrophysics Data System (ADS)

Vastianos, George E.; Argyreas, Nick D.; Xilouris, Chris K.; Thomopoulos, Stelios C. A.

2015-05-01

The field of Homeland Security focuses on the air, land, and sea borders surveillance in order to prevent illegal activities while facilitating lawful travel and trade. The achievement of this goal requires collaboration of complex decentralized systems and services, and transfer of huge amount of information between the remote surveillance areas and the command & control centers. It becomes obvious that the effectiveness of the provided security depends highly on the available communication capabilities between the interconnected areas. Although nowadays the broadband communication between remote places is presumed easy because of the extensive infrastructure inside residential areas, it becomes a real challenge when the required information should be acquired from locations where no infrastructure is available such as mountain or sea areas. The Integrated Systems Lab of NCSR Demokritos within the PERSEUS FP7- SEC-2011-261748 project has developed a wireless broadband telecommunication system that combines different communication channels from subGHz to microwave frequencies and provides secure IP connectivity between sea surveillance vessels and the Command and Control Centers (C3). The system was deployed in Fast Patrol Boats of the Hellenic Coast Guard that are used for maritime surveillance in sea boarders and tested successfully in two demonstration exercises for irregular migration and smuggling scenarios in the Aegean Archipelagos. This paper describes in detail the system architecture in terms of hardware and software and the evaluation measurements of the system communication capabilities.

Protecting the confidentiality and security of personal health information in low- and middle-income countries in the era of SDGs and Big Data.

PubMed

Beck, Eduard J; Gill, Wayne; De Lay, Paul R

2016-01-01

As increasing amounts of personal information are being collected through a plethora of electronic modalities by statutory and non-statutory organizations, ensuring the confidentiality and security of such information has become a major issue globally. While the use of many of these media can be beneficial to individuals or populations, they can also be open to abuse by individuals or statutory and non-statutory organizations. Recent examples include collection of personal information by national security systems and the development of national programs like the Chinese Social Credit System. In many low- and middle-income countries, an increasing amount of personal health information is being collected. The collection of personal health information is necessary, in order to develop longitudinal medical records and to monitor and evaluate the use, cost, outcome, and impact of health services at facility, sub-national, and national levels. However, if personal health information is not held confidentially and securely, individuals with communicable or non-communicable diseases (NCDs) may be reluctant to use preventive or therapeutic health services, due to fear of being stigmatized or discriminated against. While policymakers and other stakeholders in these countries recognize the need to develop and implement policies for protecting the privacy, confidentiality and security of personal health information, to date few of these countries have developed, let alone implemented, coherent policies. The global HIV response continues to emphasize the importance of collecting HIV-health information, recently re-iterated by the Fast Track to End AIDS by 2030 program and the recent changes in the Guidelines on When to Start Antiretroviral Therapy and on Pre-exposure Prophylaxis for HIV . The success of developing HIV treatment cascades in low- and middle-income countries will require the development of National Health Identification Systems. The success of programs like Universal Health Coverage, under the recently ratified Sustainable Development Goals is also contingent on the availability of personal health information for communicable and non-communicable diseases. Guidance for countries to develop and implement their own guidelines for protecting HIV-information formed the basis of identifying a number of fundamental principles, governing the areas of privacy, confidentiality and security. The use of individual-level data must balance maximizing the benefits from their most effective and fullest use, and minimizing harm resulting from their malicious or inadvertent release. These general principles are described in this paper, as along with a bibliography referring to more detailed technical information. A country assessment tool and user's manual, based on these principles, have been developed to support countries to assess the privacy, confidentiality, and security of personal health information at facility, data warehouse/repository, and national levels. The successful development and implementation of national guidance will require strong collaboration at local, regional, and national levels, and this is a pre-condition for the successful implementation of a range of national and global programs. This paper is a call for action for stakeholders in low- and middle-income countries to develop and implement such coherent policies and provides fundamental principles governing the areas of privacy, confidentiality, and security of personal health information being collected in low- and middle-income countries.

Environmental security: a geographic information system analysis approach--the case of Kenya.

PubMed

Bocchi, Stefano; Disperati, Stefano Peppino; Rossi, Simone

2006-02-01

Studies into the relationships between environmental factors and violence or conflicts constitute a very debated research field called environmental security. Several authors think that environmental scarcity, which is scarcity of renewable resources, can contribute to generate violence or social unrest, particularly within states scarcely endowed with technical know-how and social structures, such as developing countries. In this work, we referred to the theoretical model developed by the Environmental Change and Acute Conflict Project. Our goal was to use easily available spatial databases to map the various sources of environmental scarcity through geographic information systems, in order to locate the areas apparently most at risk of suffering negative social effects and their consequences in terms of internal security. The analysis was carried out at a subnational level and applied to the case of Kenya. A first phase of the work included a careful selection of databases relative to renewable resources. Spatial operations among these data allowed us to obtain new information on the availability of renewable resources (cropland, forests, water), on the present and foreseen demographic pressure, as well as on the social and technical ingenuity. The results made it possible to identify areas suffering from scarcity of one or more renewable resources, indicating different levels of gravity. Accounts from Kenya seem to confirm our results, reporting clashes between tribal groups over the access to scarce resources in areas that our work showed to be at high risk.

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Code of Federal Regulations, 2010 CFR

2010-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Code of Federal Regulations, 2014 CFR

2014-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Code of Federal Regulations, 2013 CFR

2013-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Code of Federal Regulations, 2011 CFR

2011-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

49 CFR 1542.205 - Security of the security identification display area (SIDA).

Code of Federal Regulations, 2012 CFR

2012-10-01

... area (SIDA). 1542.205 Section 1542.205 Transportation Other Regulations Relating to Transportation... AIRPORT SECURITY Operations § 1542.205 Security of the security identification display area (SIDA). (a... one SIDA, as follows: (1) Each secured area must be a SIDA. (2) Each part of the air operations area...

Critical Infrastructure Protection II, The International Federation for Information Processing, Volume 290.

NASA Astrophysics Data System (ADS)

Papa, Mauricio; Shenoi, Sujeet

The information infrastructure -- comprising computers, embedded devices, networks and software systems -- is vital to day-to-day operations in every sector: information and telecommunications, banking and finance, energy, chemicals and hazardous materials, agriculture, food, water, public health, emergency services, transportation, postal and shipping, government and defense. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: - Themes and Issues - Infrastructure Security - Control Systems Security - Security Strategies - Infrastructure Interdependencies - Infrastructure Modeling and Simulation This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008.

The educational needs of health information managers in an electronic environment: what information technology and health informatics skills and knowledge are required?

PubMed

Robertson, Merryn; Callen, Joanne

The profile of health information managers (HIMs) employed within one metropolitan area health service in New South Wales (NSW) was identified, together with which information technology and health informatics knowledge and skills they possess, and which ones they require in their workplace. The subjects worked in a variety of roles: 26% were employed in the area's Information Systems Division developing and implementing point-of-care clinical systems. Health information managers perceived they needed further continuing and formal education in point-of-care clinical systems, decision support systems, the electronic health record, privacy and security, health data collections, and database applications.

7 CFR 2.93 - Director, Office of Procurement and Property Management.

Code of Federal Regulations, 2010 CFR

2010-01-01

... in rural areas (7 U.S.C. 2206b). (20) In coordination with the Chief Financial Officer, implement the... of the Chief Information Officer. This delegation includes the authority to: (i) Insure that OMB... security activities with the Chief Information Officer who has primary responsibility for PDD 63, Critical...

Standards Setting and Federal Information Policy: The Escrowed Encryption Standard (EES).

ERIC Educational Resources Information Center

Gegner, Karen E.; Veeder, Stacy B.

1994-01-01

Examines the standards process used for developing the Escrowed Encryption Standard (EES) and its possible impact on national communication and information policies. Discusses the balance between national security and law enforcement concerns versus privacy rights and economic competitiveness in the area of foreign trade and export controls. (67…

75 FR 70923 - Office of the National Coordinator for Health Information Technology; HIT Policy Committee...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-19

... Federal Health IT Strategic Plan and that includes recommendations on the areas in which standards... & Security Tiger Team, the Information Exchange Workgroup, the Enrollment Workgroup, and the Governance Workgroup. ONC intends to make background material available to the public no later than two (2) business...

Identification d'indicateurs de risque des populations victimes de conflits par imagerie satellitaire. Etude de cas: Le nord de l'Irak

NASA Astrophysics Data System (ADS)

Mubareka, Sarah Betoul

Remote sensing and security, terms which are not usually associated, have found a common platform this decade with the conjuring of the GMOSS network (Global Monitoring for Security and Stability), whose mandate is to discover new applications for satellite-derived imagery to security issues. This study focuses on human security, concentrating on the characterisation of vulnerable areas to conflict. A time-series of satellite imagery taken from Landsat sensors from 1987 to 2001 and the SRTM mission imagery are used for this purpose over a site in northern Iraq. Human security issues include the exposure to any type of hazard. The region of study is first characterised in order to understand which hazards are and were present in the past for the region of study. The principal hazard for the region of study is armed conflict and the relative field data was analysed to determine the links between geographical indicators and vulnerable areas. This is done through historical research and the study of open-sourced information about disease outbreaks; the movements of refugees and the internally displaced; and humanitarian aid and security issues. These open sources offer information which are not always consistent, objective, or normalized and are therefore difficult to quantify. A method for the rapid mapping and graphing and subsequent analysis of the situation in a region where limited information is available is developed. This information is coupled with population numbers to create a "risk map": A disaggregated matrix of areas most at risk during conflict situations. The results show that describing the risk factor for a population to the hazard conflict depends on three complex indicators: Population density, remoteness and economic diversity. Each of these complex indicators is then derived from Landsat and SRTM imagery and a satellite-driven model is formulated. This model based on satellite imagery is applied to the study site for a temporal study. The output are three 90 m x 90 m resolution grids which describe, at a pixel level, the risk level within the region for each of the dates studies, and the changes which occur in northern Iraq as the result of the Anfal Campaigns. Results show that satellite imagery, with a minimum of processing, can yield indicators for characterising risk in a region. Although by no means a replacement for field data, this technological source, in the absence of local knowledge, can provide users with a starting point in understanding which areas are most at risk within a region. If this data is coupled with open sourced information such as political and cultural discrimination, economy and agricultural practices, a fairly accurate risk map can be generated in the absence of field data. Keywords. SRTM, Landsat, risk indicators, Iraq, conflict, population vulnerability, segmentation, land-use, fuzzy-classification, atmospheric corrections.

Roadmap on optical security

NASA Astrophysics Data System (ADS)

Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

2016-08-01

Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections: Sheridan reviews phase retrieval algorithms to perform different attacks, whereas Situ discusses nonlinear optical encryption techniques and the development of a rigorous optical information security theory. The fourth category with two contributions reports how encryption could be implemented at the nano- or micro-scale. Naruse discusses the use of nanostructures in security applications and Carnicer proposes encoding information in a tightly focused beam. In the fifth category, encryption based on ghost imaging using single-pixel detectors is also considered. In particular, the authors [Chen, Tajahuerce] emphasize the need for more specialized hardware and image processing algorithms. Finally, in the sixth category, Mosk and Javidi analyze in their corresponding papers how quantum imaging can benefit optical encryption systems. Sources that use few photons make encryption systems much more difficult to attack, providing a secure method for authentication.

iFlorida model deployment final evaluation report.

DOT National Transportation Integrated Search

2009-01-01

This document is the final report for the evaluation of the USDOT-sponsored Surface Transportation Security and Reliability Information System Model Deployment, or iFlorida Model Deployment. This report discusses findings in the following areas: ITS ...

iFlorida model deployment final evaluation report

DOT National Transportation Integrated Search

2009-01-01

This document is the final report for the evaluation of the USDOT-sponsored Surface Transportation Security and Reliability Information System Model Deployment, or iFlorida Model Deployment. This report discusses findings in the following areas: ITS ...

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System.

PubMed

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-12-15

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients' personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack.

Trends in Research on the Security of Medical Information in Korea: Focused on Information Privacy Security in Hospitals

PubMed Central

Kim, Yong-Woon; Cho, Namin

2018-01-01

Objectives Information technology involves a risk of privacy violation in providing easy access to confidential information,such as personal information and medical information through the Internet. In this study, we investigated medical information security to gain a better understanding of trends in research related to medical information security. Methods We researched papers published on ‘의료정보’ and ‘medical information’ in various Korean journals during a 10-year period from 2005 to 2015. We also analyzed these journal papers for each fiscal year; these papers were categorized into the areas of literature research and empirical research, and were further subdivided according to themes and subjects. Results It was confirmed that 48 papers were submitted to 35 academic journals. There were 33 (68.8%) literature review articles, and analysis of secondary data was not carried out at all. In terms of empirical research, 8 (16.7%) surveys and 7 (14.6%) program developments were studied. As a result of analyzing these papers according to the research theme by research method, 17 (35.4%) papers on laws, systems, and policies were the most numerous. It was found that among the literature research papers on medical personnel were the most common, and among the empirical research papers, research on experts in information protection and medical personnel were the most common. Conclusions We suggest that further research should be done in terms of social perception, human resource development, and technology development to improve risk management in medical information systems. PMID:29503754

Security of fragile authentication watermarks with localization

NASA Astrophysics Data System (ADS)

Fridrich, Jessica

2002-04-01

In this paper, we study the security of fragile image authentication watermarks that can localize tampered areas. We start by comparing the goals, capabilities, and advantages of image authentication based on watermarking and cryptography. Then we point out some common security problems of current fragile authentication watermarks with localization and classify attacks on authentication watermarks into five categories. By investigating the attacks and vulnerabilities of current schemes, we propose a variation of the Wong scheme18 that is fast, simple, cryptographically secure, and resistant to all known attacks, including the Holliman-Memon attack9. In the new scheme, a special symmetry structure in the logo is used to authenticate the block content, while the logo itself carries information about the block origin (block index, the image index or time stamp, author ID, etc.). Because the authentication of the content and its origin are separated, it is possible to easily identify swapped blocks between images and accurately detect cropped areas, while being able to accurately localize tampered pixels.

New Authentication Scheme for Wireless Body Area Networks Using the Bilinear Pairing.

PubMed

Wang, Chunzhi; Zhang, Yanmei

2015-11-01

Due to the development of information technologies and network technologies, healthcare systems have been employed in many countries. As an important part of healthcare systems, the wireless body area network (WBAN) could bring convenience to both patients and physicians because it could help physicians to monitor patients' physiological values remotely. It is essential to ensure secure communication in WBANs because patients' physiological values are very sensitive. Recently, Liu et al. proposed an efficient authentication scheme for WBANs. Unfortunately, Zhao pointed out that their scheme suffered from the stolen verifier-table attack. To improve security and efficiency, Zhao proposed an anonymous authentication scheme for WBANs. However, Zhao's scheme cannot provide real anonymity because the users' pseudo identities are constant value and the attack could tract the users. In this paper, we propose a new anonymous authentication scheme for WBANs. Security analysis shows that the proposed scheme could overcome weaknesses in previous scheme. We also use the BAN logic to demonstrate the security of the proposed scheme.

33 CFR 103.500 - General.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Plan § 103.500 General. (a) The Area Maritime... with the National Maritime Transportation Security Plan and the National Transportation Security Plan...

Protecting software agents from malicious hosts using quantum computing

NASA Astrophysics Data System (ADS)

Reisner, John; Donkor, Eric

2000-07-01

We evaluate how quantum computing can be applied to security problems for software agents. Agent-based computing, which merges technological advances in artificial intelligence and mobile computing, is a rapidly growing domain, especially in applications such as electronic commerce, network management, information retrieval, and mission planning. System security is one of the more eminent research areas in agent-based computing, and the specific problem of protecting a mobile agent from a potentially hostile host is one of the most difficult of these challenges. In this work, we describe our agent model, and discuss the capabilities and limitations of classical solutions to the malicious host problem. Quantum computing may be extremely helpful in addressing the limitations of classical solutions to this problem. This paper highlights some of the areas where quantum computing could be applied to agent security.

Building a Successful Security Infrastructure: What You Want vs. What You Need vs. What You Can Afford

NASA Technical Reports Server (NTRS)

Crabb, Michele D.; Woodrow, Thomas S. (Technical Monitor)

1995-01-01

With the fast growing popularity of the Internet, many organizations are racing to get onto the on-ramp to the Information Superhighway. However, with frequent headlines such as 'Hackers' break in at General Electric raises questions about the Net's Security', 'Internet Security Imperiled - Hackers steal data that could threaten computers world-wide' and 'Stanford Computer system infiltrated; Security fears grow', organizations find themselves rethinking their approach to the on-ramp. Is the Internet safe? What do I need to do to protect my organization? Will hackers try to break into my systems? These are questions many organizations are asking themselves today. In order to safely travel along the Information Superhighway, organizations need a strong security framework. Developing such a framework for a computer site, whether it be just a few dozen hosts or several thousand hosts is not an easy task. The security infrastructure for a site is often developed piece-by-piece in response to security incidents which have affected that site over time. Or worse yet, no coordinated effort has been dedicated toward security. The end result is that many sites are still poorly prepared to handle the security dangers of the Internet. This paper presents guidelines for building a successful security infrastructure. The problem is addressed in a cookbook style method. First is a discussion on how to identify your assets and evaluate the threats to those assets; next are suggestions and tips for identifying the weak areas in your security armor. Armed with this information we can begin to think about what you really need for your site and what you can afford. In this stage of the process we examine the different categories of security tools and products that are available and then present some tips for deciding what is best for your site.

Measuring Operational Resilience Using the CERT(Registered) Resilience Management Model

DTIC Science & Technology

2010-09-01

such as ISO 27002 [ ISO 2005]) and then measure the implementation and performance of practices contained in the standard. This checklist-based ap...Security techniques – Code of practice for information security management. ISO /IEC 27002 :2005, June 2005. Also known as ISO /IEC 17799:2005. [ ISO 2007...Table 23: ISO 15939 Process Activities and Tasks 54 Table 24: CERT-RMM Measurement and Analysis Process Area Goals and Practices 55 CMU/SEI

Corrective Action Decision Document/Closure Report for Corrective Action Unit 570: Area 9 Yucca Flat Atmospheric Test Sites, Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthews, Patrick

2013-11-01

This Corrective Action Decision Document/Closure Report presents information supporting the closure of Corrective Action Unit (CAU) 570: Area 9 Yucca Flat Atmospheric Test Sites, Nevada National Security Site, Nevada. This complies with the requirements of the Federal Facility Agreement and Consent Order (FFACO) that was agreed to by the State of Nevada; U.S. Department of Energy (DOE), Environmental Management; U.S. Department of Defense; and DOE, Legacy Management. The purpose of the CADD/CR is to provide justification and documentation supporting the recommendation that no further corrective action is needed.

33 CFR 103.405 - Elements of the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2011 CFR

2011-07-01

... networks; (6) Relevant transportation infrastructure; (7) Utilities; (8) Security resources and... Security (AMS) Assessment. 103.405 Section 103.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

33 CFR 103.405 - Elements of the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2014 CFR

2014-07-01

... networks; (6) Relevant transportation infrastructure; (7) Utilities; (8) Security resources and... Security (AMS) Assessment. 103.405 Section 103.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

33 CFR 103.405 - Elements of the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2010 CFR

2010-07-01

... networks; (6) Relevant transportation infrastructure; (7) Utilities; (8) Security resources and... Security (AMS) Assessment. 103.405 Section 103.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

33 CFR 103.405 - Elements of the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2012 CFR

2012-07-01

... networks; (6) Relevant transportation infrastructure; (7) Utilities; (8) Security resources and... Security (AMS) Assessment. 103.405 Section 103.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

33 CFR 103.405 - Elements of the Area Maritime Security (AMS) Assessment.

Code of Federal Regulations, 2013 CFR

2013-07-01

... networks; (6) Relevant transportation infrastructure; (7) Utilities; (8) Security resources and... Security (AMS) Assessment. 103.405 Section 103.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

National Institute of Justice (NIJ): improving the effectiveness of law enforcement via homeland security technology improvements (Keynote Address)

NASA Astrophysics Data System (ADS)

Morgan, John S.

2005-05-01

Law enforcement agencies play a key role in protecting the nation from and responding to terrorist attacks. Preventing terrorism and promoting the nation"s security is the Department of Justice"s number one strategic priority. This is reflected in its technology development efforts, as well as its operational focus. The National Institute of Justice (NIJ) is the national focal point for the research, development, test and evaluation of technology for law enforcement. In addition to its responsibilities in supporting day-to-day criminal justice needs in areas such as less lethal weapons and forensic science, NIJ also provides critical support for counter-terrorism capacity improvements in state and local law enforcement in several areas. The most important of these areas are bomb response, concealed weapons detection, communications and information technology, which together offer the greatest potential benefit with respect to improving the ability to law enforcement agencies to respond to all types of crime including terrorist acts. NIJ coordinates its activities with several other key federal partners, including the Department of Homeland Security"s Science and Technology Directorate, the Technical Support Working Group, and the Department of Defense.

76 FR 12209 - Access to Aircraft Situation Display (ASDI) and National Airspace System Status Information (NASSI)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-04

..., a recent history of violent terrorist activity in the geographic area in which the transportation is...-oriented security concern'' that requires an employee to travel on a company plane for business and... history of violent terrorist activity in the geographic area in which the transportation is provided, or a...

33 CFR 103.305 - Composition of an Area Maritime Security (AMS) Committee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... port stakeholders having a special competence in maritime security; and (7) Port stakeholders affected... Security (AMS) Committee. 103.305 Section 103.305 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime...

Surveillance data management system

NASA Astrophysics Data System (ADS)

Teague, Ralph

2002-10-01

On October 8, 2001, an Executive Order was signed creating the White House Office of Homeland Security. With its formaiton comes focused attention in setting goals and priorities for homeland security. Analysis, preparation, and implementation of strategies will hinge not only on how information is collected and analyzed, but more important, on how it is coordinated and shared. Military installations/facilities, Public safety agencies, airports, federal and local offices, public utilities, harbors, transportation and others critical areas must work either independently or as a team to ensure the safety of our citizens and visitor. In this new era of increased security, the key to interoperation is continuous information exchanged-events must be rapidly identified, reported and responded to by the appropriate agencies. For instance when a threat has been detected the security officers must be immediately alerted and must have access to the type of threat, location, movement, heading, threat size, etc to respond accordingly and the type of support required. This requires instant communications and teamwork with reliable and flexible technology.

Corrective Action Decision Document/Closure Report for Corrective Action Unit 569: Area 3 Yucca Flat Atmospheric Test Sites Nevada National Security Site, Nevada with ROTC 1, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sloop, Christy

2013-04-01

This Corrective Action Decision Document/Closure Report presents information supporting the closure of Corrective Action Unit (CAU) 569: Area 3 Yucca Flat Atmospheric Test Sites, Nevada National Security Site, Nevada. CAU 569 comprises the following nine corrective action sites (CASs): • 03-23-09, T-3 Contamination Area • 03-23-10, T-3A Contamination Area • 03-23-11, T-3B Contamination Area • 03-23-12, T-3S Contamination Area • 03-23-13, T-3T Contamination Area • 03-23-14, T-3V Contamination Area • 03-23-15, S-3G Contamination Area • 03-23-16, S-3H Contamination Area • 03-23-21, Pike Contamination Area The purpose of this Corrective Action Decision Document/Closure Report is to provide justification and documentation supportingmore » the recommendation that no further corrective action is needed for CAU 569 based on the implementation of the corrective actions listed in Table ES-2.« less

Experience of wireless local area network in a radiation oncology department.

PubMed

Mandal, Abhijit; Asthana, Anupam Kumar; Aggarwal, Lalit Mohan

2010-01-01

The aim of this work is to develop a wireless local area network (LAN) between different types of users (Radiation Oncologists, Radiological Physicists, Radiation Technologists, etc) for efficient patient data management and to made easy the availability of information (chair side) to improve the quality of patient care in Radiation Oncology department. We have used mobile workstations (Laptops) and stationary workstations, all equipped with wireless-fidelity (Wi-Fi) access. Wireless standard 802.11g (as recommended by Institute of Electrical and Electronic Engineers (IEEE, Piscataway, NJ) has been used. The wireless networking was configured with the Service Set Identifier (SSID), Media Access Control (MAC) address filtering, and Wired Equivalent Privacy (WEP) network securities. We are successfully using this wireless network in sharing the indigenously developed patient information management software. The proper selection of the hardware and the software combined with a secure wireless LAN setup will lead to a more efficient and productive radiation oncology department.

Remote Sensing for Farmers and Flood Watching

NASA Technical Reports Server (NTRS)

2005-01-01

The Applied Sciences Directorate, part of NASA s Science Mission Directorate, makes use of the Agency s remote-sensing capabilities to acquire detailed information about our home planet. It uses this information for a variety of purposes, ranging from increasing agricultural efficiency to protecting homeland security. Sensors fly over areas of interest to detect and record information that sometimes is not even visible from the ground with the human eye. Scientists analyze these data for a variety of purposes and make maps of the areas. These maps are often used to answer questions about the environment, weather, natural resources, community growth, and natural disasters.

Intelligence in Denied Areas: New Concepts for a Changing Security Environment

DTIC Science & Technology

2007-12-01

Muslim extremists to bomb the jet fuel pipeline that supplies the JFK Airport . The informant, a twice-convicted drug dealer who found himself in the...helps+stop+ jfk + airport +plot&hl=en&ct=clnk&c d=1&gl=us>. 40. JFK Terror Plot Informant Crucial to Case,” CBS News, June 4, 2007. Available at

76 FR 33306 - Medicare Program; Pioneer Accountable Care Organization Model, Request for Applications; Correction

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-08

... information posted on our Center for Medicare and Medicaid Innovation (CMMI) Web site and in the Pioneer ACO Application. (For more information see http://innovations.cms.gov/areas-of-focus/seamless-and-coordinated-care... postmarked on or before July 18, 2011.'' Authority: Section 1115A of the Social Security Act. Dated: June 2...

Planting structure adjustment and food security in major food production district: A case study on 10 main food production counties in Gansu Province, China

NASA Astrophysics Data System (ADS)

Wang, S. J.; Yang, C. L.; Zhou, L. Y.

2017-07-01

This paper made an empirical study on planting structure adjustment and food security, in which main data and information came from the questionnaires of 10 main food-production counties in Gansu Province, China. The investigation results showed that: 1) During 1995 and 2014, the cultivated land area per household dropped by 2.40%, in which food crop area declined by 3.16%, yet cash crop area increased by 129% in the survey area. In the same period, the revenue per household increased by 162.99%, while food income from the revenue only increased by 17.42%; 2) In Hexi and Longzhong districts, mean wheat crop area per household shows a downtrend, while cash crop area increased significantly in the past 20 years. Especially, the household food output and income did not appear a simultaneous increase trend. In Longdong district, the household food output and income showed a simultaneous uptrend, and household income came mainly from miscellaneous grain (e.g. sorghum, bean, buckwheat, etc.); 3) In order to pursue higher economic efficiency of cultivated land, the farmers were forced to adjust planting structure and develop characteristics industries, profitable agriculture and cash crop with comparative advantage, which resulted in few food stock and impacted seriously on regional food security.

Aviation Security: Background and Policy Options for Screening and Securing Air Cargo

DTIC Science & Technology

2008-02-25

today, employees with unescorted access privileges to security identification display areas ( SIDAs ) may access secured areas and aircraft without...where all-cargo aircraft are loaded and unloaded, as security identification display areas ( SIDAs ). This effectively elevates the required security

33 CFR 103.520 - Recordkeeping.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 103.520 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Plan § 103.520 Recordkeeping. (a) All records pertaining to the Area Maritime Security (AMS) Assessment and AMS Plan will be retained by...

33 CFR 103.400 - General.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: AREA MARITIME SECURITY Area Maritime Security (AMS) Assessment § 103.400 General. (a) The Area Maritime Security (AMS) Committee will ensure that a risk based AMS Assessment, is completed and meets the...

Regional Collaboration Among Urban Area Security Initiative Regions: Results of the Johns Hopkins Urban Area Survey

PubMed Central

Bowman, Calvin; Barnett, Daniel J.; Resnick, Beth A.; Frattaroli, Shannon; Rutkow, Lainie

2014-01-01

Regional collaboration has been identified as a potential facilitator of public health preparedness efforts. The Urban Area Security Initiative (UASI) grant program, administered by the Federal Emergency Management Agency (FEMA) since 2003, has provided 64 high-risk metropolitan areas funding to enhance their regional preparedness capabilities. This study describes informal and formal regional collaboration infrastructure, as well as regional collaboration–related activities and assessment methods, in FFY2010 UASI regions. A cross-sectional online survey was administered via Survey Monkey from September through December 2013. Points of contact from FFY2010 funded UASI metropolitan areas completed the survey, with a response rate of 77.8% (n=49). Summary statistics were calculated to describe the current informal and formal regional collaboration infrastructure. Additionally, the cross-sectional survey collected rates of agreement with 8 collaborative preparedness statements at 3 time points. The survey found that UASI regions are engaging in collaborative activities and investments to build capabilities, with most collaboration occurring in the prevention, protection, and response mission areas. Collaborative relationships in preparedness among emergency managers and municipal chief executive officers improved during the FFY2010 UASI performance period compared to the pre-UASI award period, with lasting effects. The majority of UASI regions reported conducting independent assessments of capabilities and their measurement at the UASI region level. Urban areas that received a FFY2010 UASI grant award are engaging in collaborative activities and have established interjurisdictional relationships in preparedness. The use of grant funds to encourage collaboration in preparedness has the potential to leverage limited resources and promote informed investments. PMID:25398073

Regional collaboration among Urban Area Security Initiative regions: results of the Johns Hopkins urban area survey.

PubMed

Errett, Nicole A; Bowman, Calvin; Barnett, Daniel J; Resnick, Beth A; Frattaroli, Shannon; Rutkow, Lainie

2014-01-01

Regional collaboration has been identified as a potential facilitator of public health preparedness efforts. The Urban Area Security Initiative (UASI) grant program, administered by the Federal Emergency Management Agency (FEMA) since 2003, has provided 64 high-risk metropolitan areas funding to enhance their regional preparedness capabilities. This study describes informal and formal regional collaboration infrastructure, as well as regional collaboration-related activities and assessment methods, in FFY2010 UASI regions. A cross-sectional online survey was administered via Survey Monkey from September through December 2013. Points of contact from FFY2010 funded UASI metropolitan areas completed the survey, with a response rate of 77.8% (n=49). Summary statistics were calculated to describe the current informal and formal regional collaboration infrastructure. Additionally, the cross-sectional survey collected rates of agreement with 8 collaborative preparedness statements at 3 time points. The survey found that UASI regions are engaging in collaborative activities and investments to build capabilities, with most collaboration occurring in the prevention, protection, and response mission areas. Collaborative relationships in preparedness among emergency managers and municipal chief executive officers improved during the FFY2010 UASI performance period compared to the pre-UASI award period, with lasting effects. The majority of UASI regions reported conducting independent assessments of capabilities and their measurement at the UASI region level. Urban areas that received a FFY2010 UASI grant award are engaging in collaborative activities and have established interjurisdictional relationships in preparedness. The use of grant funds to encourage collaboration in preparedness has the potential to leverage limited resources and promote informed investments.

Persistent maritime traffic monitoring for the Canadian Arctic

NASA Astrophysics Data System (ADS)

Ulmke, M.; Battistello, G.; Biermann, J.; Mohrdieck, C.; Pelot, R.; Koch, W.

2017-05-01

This paper presents results of the Canadian-German research project PASSAGES (Protection and Advanced Surveillance System for the Arctic: Green, Efficient, Secure)1 on an advanced surveillance system for safety and security of maritime operations in Arctic areas. The motivation for a surveillance system of the Northwest Passage is the projected growth of maritime traffic along Arctic sea routes and the need for securing Canada's sovereignty by controlling its arctic waters as well as for protecting the safety of international shipping and the intactness of the arctic marine environment. To ensure border security and to detect and prevent illegal activities it is necessary to develop a system for surveillance and reconnaissance that brings together all related means, assets, organizations, processes and structures to build one homogeneous and integrated system. The harsh arctic conditions require a new surveillance concept that fuses heterogeneous sensor data, contextual information, and available pre-processed surveillance data and combines all components to efficiently extract and provide the maximum available amount of information. The fusion of all these heterogeneous data and information will provide improved and comprehensive situation awareness for risk assessment and decision support of different stakeholder groups as governmental authorities, commercial users and Northern communities.

Automated Classification of Consumer Health Information Needs in Patient Portal Messages.

PubMed

Cronin, Robert M; Fabbri, Daniel; Denny, Joshua C; Jackson, Gretchen Purcell

2015-01-01

Patients have diverse health information needs, and secure messaging through patient portals is an emerging means by which such needs are expressed and met. As patient portal adoption increases, growing volumes of secure messages may burden healthcare providers. Automated classification could expedite portal message triage and answering. We created four automated classifiers based on word content and natural language processing techniques to identify health information needs in 1000 patient-generated portal messages. Logistic regression and random forest classifiers detected single information needs well, with area under the curves of 0.804-0.914. A logistic regression classifier accurately found the set of needs within a message, with a Jaccard index of 0.859 (95% Confidence Interval: (0.847, 0.871)). Automated classification of consumer health information needs expressed in patient portal messages is feasible and may allow direct linking to relevant resources or creation of institutional resources for commonly expressed needs.

Automated Classification of Consumer Health Information Needs in Patient Portal Messages

PubMed Central

Cronin, Robert M.; Fabbri, Daniel; Denny, Joshua C.; Jackson, Gretchen Purcell

2015-01-01

Patients have diverse health information needs, and secure messaging through patient portals is an emerging means by which such needs are expressed and met. As patient portal adoption increases, growing volumes of secure messages may burden healthcare providers. Automated classification could expedite portal message triage and answering. We created four automated classifiers based on word content and natural language processing techniques to identify health information needs in 1000 patient-generated portal messages. Logistic regression and random forest classifiers detected single information needs well, with area under the curves of 0.804–0.914. A logistic regression classifier accurately found the set of needs within a message, with a Jaccard index of 0.859 (95% Confidence Interval: (0.847, 0.871)). Automated classification of consumer health information needs expressed in patient portal messages is feasible and may allow direct linking to relevant resources or creation of institutional resources for commonly expressed needs. PMID:26958285

African Security Challenges: Now and Over the Horizon - Voices from the NGO Community

DTIC Science & Technology

2010-11-01

economies will have a tendency to shift back to dependence on unskilled sectors such as mining, black -market or informal trading and international aid...PEPFAR Watch. Pepfarwatch.org. Rice , A. 2007. “An African Solution.” Nation, June 11. Voices from the NGO Community - 5.19 - African Security...oversight role in this area by parliaments, regardless of formal mandates, roles and responsibilities. In order to avoid the risk of cosmetic changes

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2013 CFR

2013-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2013-10-01 2013-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2010 CFR

2010-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2010-10-01 2010-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2011 CFR

2011-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2011-10-01 2011-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2012 CFR

2012-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2012-10-01 2012-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2014 CFR

2014-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2014-10-01 2014-10-01 false Security of the air operations area (AOA). 1542...

Design of the national health security preparedness index.

PubMed

Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

2014-01-01

The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

Draft secure medical database standard.

PubMed

Pangalos, George

2002-01-01

Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

A global assessment of wildfire risks to human and environmental water security

NASA Astrophysics Data System (ADS)

Robinne, François-Nicolas; Parisien, Marc-André; Flannigan, Mike; Miller, Carol; Bladon, Kevin D.

2017-04-01

Extreme wildfire events extensively affect hydrosystem stability and generate an important threat to the reliability of the water supply for human and natural communities. While actively studied at the watershed scale, the development of a global vision of wildfire risk to water security has only been undertaken recently, pointing at potential water security concerns in an era of global changes. In order to address this concern, we propose a global-scale analysis of the wildfire risk to surface water supplies based on the Driving forces-Pressures-States-Impacts-Responses (DPSIR) framework. This framework relies on the cause-and-effect relationships existing between the five categories of the DPSIR chain. Based on the literature, we gathered an extensive set of spatial indicators relevant to fire-induced hydrological hazards and water consumption patterns by human and natural communities. Each indicator was assigned a DPSIR category. Then, we collapsed the information in each category using a principal component analysis in order to extract the most relevant pixel-based information provided by each spatial indicator. Finally, we compiled our five categories using an additive indexation process to produce a spatially-explicit index of the wildfire-water risk (WWR). For comparison purposes, we aggregated index scores by global hydrological regions, or hydrobelts, for analysis. Overall, our results show a distinct pattern of medium-to-high risk levels in areas where sizeable wildfire activity, water resources, and water consumption are concomitant, which mainly encompasses temperate and sub-tropical zones. A closer look at hydrobelts reveals differences in the factors driving the risk, with fire activity being the primary factor of risk in the circumboreal forest, and freshwater resource density being prevalent in tropical areas. We also identified major urban areas across the world whose source waters should be protected from extreme fire events, particularly when they are dependent on mountainous headwaters. This study offers new insights towards a better understanding of global water security issues that can inform and help guide international water governance.

Design and implementation of modular home security system with short messaging system

NASA Astrophysics Data System (ADS)

Budijono, Santoso; Andrianto, Jeffri; Axis Novradin Noor, Muhammad

2014-03-01

Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile) mobile device using SMS (Short Messaging System) and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red) motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

Mapping agroecosystem zone using remote sensing for food security analysis in Bantul district Daerah Istimewa Yogyakarta

NASA Astrophysics Data System (ADS)

Murti, Sigit Heru

2017-10-01

Food security is one of the most important issue for Indonesia. The huge population number and high population growing rate has made the food security a critical issue. This paper describe the application of remote sensing data to (1) map agroecosystem zones in Bantul District, Special Region of Yogyakarta, Indonesia in 2012 and (2) analyze the food security in the study area based on the resulting agro-ecosystem map. Bantul District is selected as the pilot area because this area is among the highest food crop production area in the Province. ALOS AVNIR-2 image accquired on 15 June 2010 was integrated with Indonesian Surface map (RBI map), soil types map, and slope steepness map. Population statistics data was also used to calculate the food needs. Field survey was conducted to obtain the crop field productivity information on each agro-ecosystem zone and assess the accuracy of the model. This research indicates that (1) Bantul District can be divided into three agroecosystem zones, where each zone has unique topograhic configuration and soil types composition, and (2) Bantul Distict is categorized as food secure area since the rice production in 2012 managed to cover the food needs of the people with the surplus of 33,208.6 tonnes of rice. However, when the analysis was conducted at sub-district level, there are four subdistrict with food insecurity where the food needs surpass the rice production. These sub-district are Kasihan Sub-district (-5,598.4 t), Banguntapan Sub-district (-2,483.4 t), Pajangan Sub-district (-1,039.6 t) and Dlingo Sub-district (-798.7 t).

Impacts of marine protected areas on fishing communities.

PubMed

Mascia, Michael B; Claus, C Anne; Naidoo, Robin

2010-10-01

Marine protected areas (MPAs) are a popular conservation strategy, but their impacts on human welfare are poorly understood. To inform future research and policy decisions, we reviewed the scientific literature to assess MPA impacts on five indicators of human welfare: food security, resource rights, employment, community organization, and income. Following MPA establishment, food security generally remained stable or increased in older and smaller MPAs. The ability of most fishing groups to govern MPA resources changed. Increased resource rights were positively correlated with MPA zoning and compliance with MPA regulations. Small sample sizes precluded statistical tests of the impacts of MPAs on employment, community organization, and income. Our results demonstrate that MPAs shape the social well-being and political power of fishing communities; impacts (positive and negative) vary within and among social groups; and social impacts are correlated with some--but not all--commonly hypothesized explanatory factors. Accordingly, MPAs may represent a viable strategy for enhancing food security and empowering local communities, but current practices negatively affect at least a minority of fishers. To inform policy making, further research must better document and explain variation in the positive and negative social impacts of MPAs. © 2010 Society for Conservation Biology.

Roadmap for K-12 and Postsecondary Linkages: Key Focus Areas to Ensure Quality Implementation. Data for Action

ERIC Educational Resources Information Center

Data Quality Campaign, 2014

2014-01-01

States rely on data from both the K-12 and postsecondary sectors to inform policy discussions; chart the progress of students, schools, districts, colleges, and the state; pinpoint best practices and areas of need; allocate scarce resources; and make other important education decisions every day. However, states need to securely link limited, but…

HIPAA--a real world perspective.

PubMed

Nulan, C

2001-01-01

An effective and realistic approach to HIPAA compliance requires healthcare organizations to achieve a fundamental shift in attitude, awareness, habits and capabilities in the areas of privacy and security. They must create a sense of accountability among staff, and even patients, for the safeguarding of patient information. Only when this culture shift has occurred, along with the required technological advancements, can HIPAA compliance be realistically achieved. There is still ample time to create the organizational shift necessary, along with technological enhancements, to meet HIPAA requirements. Beyond compliance, HIPAA will benefit the healthcare industry by promoting administrative simplification--the original intention of the Act. And it will require the healthcare industry, in an abbreviated timeframe, to upgrade its level of sophistication in managing information. HIPAA certification springs from an organizational compliance method that has been underway in government for the past two decades. The HIPAA playbook is taken lock, stock and barrel from other Federal guidelines. HIPAA's legislative lineage includes the Healthcare Reform Act of 1993, Paperwork Reduction Act of 1980, Computer Security Act of 1987 and the Privacy Act of 1974. HIPAA means that public and private sector healthcare organizations are going to be required by law to adopt the same information-handling practices that have been in effect in the Federal government for years. That boils down to two things: Standardized formatting of data electronically exchanged between providers, payers and business partners (EDI) Federalization of security and privacy practices within private-sector healthcare information management The key to making HIPAA compliance achievable within a practical timeframe, as well as instituting the culture changes that go with enhanced privacy and security standards, is a process that is largely unfamiliar in the private sector, called administrative certification and accreditation. Certification is an organizational change-management methodology that drives accountability for security down to that level in the organization where it will concretely and tangibly get done. It is a comprehensive managerial assessment of the technical and non-technical security features and other safeguards of a system associated with its use and environment. The assessment seeks to establish and document the extent to which a particular system meets a set of specified security requirements. HIPAA accreditation occurs when all functional managers in an organization have completed reports of what they know they need to do in their areas. They submit that information to an executive official within the organization who functions as the accrediting official for the organization. Accreditation is the formal declaration that an information system is approved to operate in a particular security mode using a prescribed set of safeguards and should be strongly based on the solvable vulnerabilities and residual risks identified during certification. Institutionalizing a practical and formal HIPAA certification program is important to support business activities and can provide several benefits including increased communication within an organization.

19 CFR 122.181 - Definition of Customs security area.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 19 Customs Duties 1 2010-04-01 2010-04-01 false Definition of Customs security area. 122.181...; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.181 Definition of Customs security area. For purposes of this section, the term “Customs security area” means the Federal...

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System

PubMed Central

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-01-01

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients’ personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack. PMID:29244776

Experimental measurement-device-independent quantum digital signatures over a metropolitan network

NASA Astrophysics Data System (ADS)

Yin, Hua-Lei; Wang, Wei-Long; Tang, Yan-Lin; Zhao, Qi; Liu, Hui; Sun, Xiang-Xiang; Zhang, Wei-Jun; Li, Hao; Puthoor, Ittoop Vergheese; You, Li-Xing; Andersson, Erika; Wang, Zhen; Liu, Yang; Jiang, Xiao; Ma, Xiongfeng; Zhang, Qiang; Curty, Marcos; Chen, Teng-Yun; Pan, Jian-Wei

2017-04-01

Quantum digital signatures (QDSs) provide a means for signing electronic communications with information-theoretic security. However, all previous demonstrations of quantum digital signatures assume trusted measurement devices. This renders them vulnerable against detector side-channel attacks, just like quantum key distribution. Here we exploit a measurement-device-independent (MDI) quantum network, over a metropolitan area, to perform a field test of a three-party MDI QDS scheme that is secure against any detector side-channel attack. In so doing, we are able to successfully sign a binary message with a security level of about 10-7. Remarkably, our work demonstrates the feasibility of MDI QDSs for practical applications.

Legal issues concerning electronic health information: privacy, quality, and liability.

PubMed

Hodge, J G; Gostin, L O; Jacobson, P D

1999-10-20

Personally identifiable health information about individuals and general medical information is increasingly available in electronic form in health databases and through online networks. The proliferation of electronic data within the modern health information infrastructure presents significant benefits for medical providers and patients, including enhanced patient autonomy, improved clinical treatment, advances in health research and public health surveillance, and modern security techniques. However, it also presents new legal challenges in 3 interconnected areas: privacy of identifiable health information, reliability and quality of health data, and tortbased liability. Protecting health information privacy (by giving individuals control over health data without severely restricting warranted communal uses) directly improves the quality and reliability of health data (by encouraging individual uses of health services and communal uses of data), which diminishes tort-based liabilities (by reducing instances of medical malpractice or privacy invasions through improvements in the delivery of health care services resulting in part from better quality and reliability of clinical and research data). Following an analysis of the interconnectivity of these 3 areas and discussing existing and proposed health information privacy laws, recommendations for legal reform concerning health information privacy are presented. These include (1) recognizing identifiable health information as highly sensitive, (2) providing privacy safeguards based on fair information practices, (3) empowering patients with information and rights to consent to disclosure (4) limiting disclosures of health data absent consent, (5) incorporating industry-wide security protections, (6) establishing a national data protection authority, and (7) providing a national minimal level of privacy protections.

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2010 CFR

2010-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2011 CFR

2011-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2012 CFR

2012-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

An assessment of PKI and networked electronic patient record system: lessons learned from real patient data exchange at the platform of OCHIS (Osaka Community Healthcare Information System).

PubMed

Takeda, Hiroshi; Matsumura, Yasushi; Kuwata, Shigeki; Nakano, Hirohiko; Shanmai, Ji; Qiyan, Zhang; Yufen, Chen; Kusuoka, Hideo; Matsuoka, Masaki

2004-03-31

To enhance medical cooperation between the hospitals and clinics around Osaka local area, the healthcare network system, named Osaka Community Healthcare Information System (OCHIS), was established with support of a supplementary budget from the Japanese government in fiscal year 2002. Although the system has been based on healthcare public key infrastructure (PKI), there remain security issues to be solved technically and operationally. An experimental study was conducted to elucidate the central and the local function in terms of a registration authority and a time stamp authority in contract with the Japanese Medical Information Systems Organization (MEDIS) in 2003. This paper describes the experimental design and the results of the study concerning message security.

The Shaping of Managers' Security Objectives through Information Security Awareness Training

ERIC Educational Resources Information Center

Harris, Mark A.

2010-01-01

Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

Consolidation and development roadmap of the EMI middleware

NASA Astrophysics Data System (ADS)

Kónya, B.; Aiftimiei, C.; Cecchi, M.; Field, L.; Fuhrmann, P.; Nilsen, J. K.; White, J.

2012-12-01

Scientific research communities have benefited recently from the increasing availability of computing and data infrastructures with unprecedented capabilities for large scale distributed initiatives. These infrastructures are largely defined and enabled by the middleware they deploy. One of the major issues in the current usage of research infrastructures is the need to use similar but often incompatible middleware solutions. The European Middleware Initiative (EMI) is a collaboration of the major European middleware providers ARC, dCache, gLite and UNICORE. EMI aims to: deliver a consolidated set of middleware components for deployment in EGI, PRACE and other Distributed Computing Infrastructures; extend the interoperability between grids and other computing infrastructures; strengthen the reliability of the services; establish a sustainable model to maintain and evolve the middleware; fulfil the requirements of the user communities. This paper presents the consolidation and development objectives of the EMI software stack covering the last two years. The EMI development roadmap is introduced along the four technical areas of compute, data, security and infrastructure. The compute area plan focuses on consolidation of standards and agreements through a unified interface for job submission and management, a common format for accounting, the wide adoption of GLUE schema version 2.0 and the provision of a common framework for the execution of parallel jobs. The security area is working towards a unified security model and lowering the barriers to Grid usage by allowing users to gain access with their own credentials. The data area is focusing on implementing standards to ensure interoperability with other grids and industry components and to reuse already existing clients in operating systems and open source distributions. One of the highlights of the infrastructure area is the consolidation of the information system services via the creation of a common information backbone.

Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications.

PubMed

Gangadari, Bhoopal Rao; Rafi Ahamed, Shaik

2016-09-01

In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA 2 ) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA 2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA 2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA 2 based S-Box have comparatively better performance than that of conventional LUT based S-Box.

Design of cryptographically secure AES like S-Box using second-order reversible cellular automata for wireless body area network applications

PubMed Central

Rafi Ahamed, Shaik

2016-01-01

In biomedical, data security is the most expensive resource for wireless body area network applications. Cryptographic algorithms are used in order to protect the information against unauthorised access. Advanced encryption standard (AES) cryptographic algorithm plays a vital role in telemedicine applications. The authors propose a novel approach for design of substitution bytes (S-Box) using second-order reversible one-dimensional cellular automata (RCA2) as a replacement to the classical look-up-table (LUT) based S-Box used in AES algorithm. The performance of proposed RCA2 based S-Box and conventional LUT based S-Box is evaluated in terms of security using the cryptographic properties such as the nonlinearity, correlation immunity bias, strict avalanche criteria and entropy. Moreover, it is also shown that RCA2 based S-Boxes are dynamic in nature, invertible and provide high level of security. Further, it is also found that the RCA2 based S-Box have comparatively better performance than that of conventional LUT based S-Box. PMID:27733924

Stennis holds Information Technology Expo

NASA Image and Video Library

2010-06-16

Brian Wagner (l to r) with the U.S. Navy, Andrew Hiukenbein with NVision Solutions and Theresa Avoskey with the Naval Oceanographic Office at Stennis Space Center learn about the latest improvements in making flash drives secure during an Information Technology Expo held June 16. Various area companies visited Stennis during the day to offer exhibits for employees on a range of information technology topics. The theme of the daylong expo was 'The Road to Green IT Computing.'

Activities report of PTT Research

NASA Astrophysics Data System (ADS)

In the field of postal infrastructure research, activities were performed on postcode readers, radiolabels, and techniques of operations research and artificial intelligence. In the field of telecommunication, transportation, and information, research was made on multipurpose coding schemes, speech recognition, hypertext, a multimedia information server, security of electronic data interchange, document retrieval, improvement of the quality of user interfaces, domotics living support (techniques), and standardization of telecommunication prototcols. In the field of telecommunication infrastructure and provisions research, activities were performed on universal personal telecommunications, advanced broadband network technologies, coherent techniques, measurement of audio quality, near field facilities, local beam communication, local area networks, network security, coupling of broadband and narrowband integrated services digital networks, digital mapping, and standardization of protocols.

49 CFR 1540.5 - Terms used in this subchapter.

Code of Federal Regulations, 2010 CFR

2010-10-01

... within a secured area or SIDA. Exclusive area means any portion of a secured area, AOA, or SIDA... Identification Display Area (SIDA) means a portion of an airport, specified in the airport security program, in... present without an escort in, secured areas and SIDA's of airports. Unescorted access to cargo means the...

Developing measures of food and nutrition security within an Australian context.

PubMed

Archer, Claire; Gallegos, Danielle; McKechnie, Rebecca

2017-10-01

To develop a measure of food and nutrition security for use among an Australian population that measures all pillars of food security and to establish its content validity. The study consisted of two phases. Phase 1 involved focus groups with experts working in the area of food security. Data were assessed using content analysis and results informed the development of a draft tool. Phase 2 consisted of a series of three online surveys using the Delphi technique. Findings from each survey were used to establish content validity and progressively modify the tool until consensus was reached for all items. Australia. Phase 1 focus groups involved twenty-five experts working in the field of food security, who were attending the Dietitians Association of Australia National Conference, 2013. Phase 2 included twenty-five experts working in food security, who were recruited via email. Findings from Phase 1 supported the need for an Australian-specific tool and highlighted the failure of current tools to measure across all pillars of food security. Participants encouraged the inclusion of items to measure barriers to food acquisition and the previous single item to enable comparisons with previous data. Phase 2 findings informed the selection and modification of items for inclusion in the final tool. The results led to the development of a draft tool to measure food and nutrition security, and supported its content validity. Further research is needed to validate the tool among the Australian population and to establish inter- and intra-rater reliability.

A layered trust information security architecture.

PubMed

de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

2014-12-01

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

32 CFR 2700.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be chaired...

77 FR 12623 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-01

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National... Information Security Oversight Office no later than Friday, March 16, 2012. The Information Security Oversight... FURTHER INFORMATION CONTACT: David O. Best, Senior Program Analyst, The Information Security Oversight...

32 CFR 2700.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be chaired...

75 FR 49943 - New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-16

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY: Transportation... INFORMATION CONTACT: Joanna Johnson, Office of Information Technology, TSA-11, Transportation Security...

Multimedia Information eXchange for I-NET, Inc. at the Kennedy Space Center: A continuing study of the application of worldwideweb technology

NASA Technical Reports Server (NTRS)

Metcalf, David

1995-01-01

Multimedia Information eXchange (MIX) is a multimedia information system that accommodates multiple data types and provides consistency across platforms. Information from all over the world can be accessed quickly and efficiently with the Internet-based system. I-NET's MIX uses the World Wide Web and Mosaic graphical user interface. Mosaic is available on all platforms used at I-NET's Kennedy Space Center (KSC) facilities. Key information system design concepts and benefits are reviewed. The MIX system also defines specific configuration and helper application parameters to ensure consistent operations across the entire organization. Guidelines and procedures for other areas of importance in information systems design are also addressed. Areas include: code of ethics, content, copyright, security, system administration, and support.

Enabling private and public sector organizations as agents of homeland security

NASA Astrophysics Data System (ADS)

Glassco, David H. J.; Glassco, Jordan C.

2006-05-01

Homeland security and defense applications seek to reduce the risk of undesirable eventualities across physical space in real-time. With that functional requirement in mind, our work focused on the development of IP based agent telecommunication solutions for heterogeneous sensor / robotic intelligent "Things" that could be deployed across the internet. This paper explains how multi-organization information and device sharing alliances may be formed to enable organizations to act as agents of homeland security (in addition to other uses). Topics include: (i) using location-aware, agent based, real-time information sharing systems to integrate business systems, mobile devices, sensor and actuator based devices and embedded devices used in physical infrastructure assets, equipment and other man-made "Things"; (ii) organization-centric real-time information sharing spaces using on-demand XML schema formatted networks; (iii) object-oriented XML serialization as a methodology for heterogeneous device glue code; (iv) how complex requirements for inter / intra organization information and device ownership and sharing, security and access control, mobility and remote communication service, tailored solution life cycle management, service QoS, service and geographic scalability and the projection of remote physical presence (through sensing and robotics) and remote informational presence (knowledge of what is going elsewhere) can be more easily supported through feature inheritance with a rapid agent system development methodology; (v) how remote object identification and tracking can be supported across large areas; (vi) how agent synergy may be leveraged with analytics to complement heterogeneous device networks.

Future Autonomous Robotic Systems in the Pacific Theater

DTIC Science & Technology

2015-05-06

areas to inform the friendly units behind of what potential threats lurk within. Once secure supply routes are established, driverless vehicles can...developing new ARS, from driverless vehicles to handheld medical devices that dispense personal diagnoses, tailored to that individual’s medical

An Analysis of Fraud on the Internet.

ERIC Educational Resources Information Center

Baker, C. Richard

1999-01-01

Examines the issue of fraud on the Internet and discusses three areas with significant potential for misleading and fraudulent practices: securities sales and trading; electronic commerce, including privacy and information protection; and the rapid growth of Internet companies, including advertising issues. (Author/LRW)

77 FR 75970 - Information Collection Activity; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-26

... (RUS) makes mortgage loans and loan guarantees to electric and telecommunications systems to provide and improve electric and telecommunications service in rural areas pursuant to the Rural... RUS borrowers are ordinarily mortgaged or pledged to the Federal Government as security for RUS loans...

[Application of classified protection of information security in the information system of air pollution and health impact monitoring].

PubMed

Hao, Shuxin; Lü, Yiran; Liu, Jie; Liu, Yue; Xu, Dongqun

2018-01-01

To study the application of classified protection of information security in the information system of air pollution and health impact monitoring, so as to solve the possible safety risk of the information system. According to the relevant national standards and requirements for the information system security classified protection, and the professional characteristics of the information system, to design and implement the security architecture of information system, also to determine the protection level of information system. Basic security measures for the information system were developed in the technical safety and management safety aspects according to the protection levels, which effectively prevented the security risk of the information system. The information system established relatively complete information security protection measures, to enhanced the security of professional information and system service, and to ensure the safety of air pollution and health impact monitoring project carried out smoothly.

14 CFR 1203.201 - Information security objectives.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives of...

14 CFR 1203.201 - Information security objectives.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Information security objectives. 1203.201 Section 1203.201 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.201 Information security objectives. The objectives of...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

Managing the Aviation Insider Threat

DTIC Science & Technology

2010-12-01

World Airport NSAS National Strategy for Aviation Security OIS Office of Intelligence SIDA Security Identification Display Area STA Security...Security of the secured area”, 1542.205, “Security of the security identification display area ( SIDA )”, and 1542.209, “Fingerprint-based criminal

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

76 FR 78009 - Information Collection; Implementation of Information Technology Security Provision

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-15

...] Information Collection; Implementation of Information Technology Security Provision AGENCY: General Services... collection requirement regarding Implementation of Information Technology Security Provision. Public comments... Information Collection 3090- 0294, Implementation of Information Technology Security Provision, by any of the...

75 FR 10300 - South Texas Area Maritime Security (STAMS) Committee; Vacancies

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-05

... DEPARTMENT OF HOMELAND SECURITY Coast Guard [USCG-2010-0074] South Texas Area Maritime Security... notice requests individuals interested in serving on the South Texas Area Maritime Security (STAMS... Section 102 of the Maritime Transportation Security Act (MTSA) of 2002 (Pub. L. 107-295) added section...

44 CFR 8.3 - Senior FEMA official responsible for the information security program.

Code of Federal Regulations, 2011 CFR

2011-10-01

... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the Security...

75 FR 44800 - Notice of Meeting of the Homeland Security Information Network Advisory Committee, Tuesday...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-29

... DEPARTMENT OF HOMELAND SECURITY Notice of Meeting of the Homeland Security Information Network... Security. ACTION: Notice of open meeting. SUMMARY: The Homeland Security Information Network Advisory... (Pub. L. 92-463). The mission of the Homeland Security Information Network Advisory Committee is to...

Fractional optical cryptographic protocol for data containers in a noise-free multiuser environment

NASA Astrophysics Data System (ADS)

Jaramillo, Alexis; Barrera, John Fredy; Zea, Alejandro Vélez; Torroba, Roberto

2018-03-01

Optical encryption systems have great potential for flexible and high-performance data protection, making them an area of rapid development. However, most approaches present two main issues, namely, the presence of speckle noise, and the degree of security they offer. Here we introduce an experimental implementation of an optical encrypting protocol that tackles these issues by taking advantage of recent developments in the field. These developments include the introduction of information containers for noise free information retrieval, the use of multiplexing to allow for a multiple user environment and an architecture based on the Joint fractional Fourier transform that allows increased degrees of freedom and simplifies the experimental requirements. Thus, data handling via QR code containers involving multiple users processed in a fractional joint transform correlator produce coded information with increased security and ease of use. In this way, we can guarantee that only the user with the correct combination of encryption key and security parameters can achieve noise free information after deciphering. We analyze the performance of the system when the order of the fractional Fourier transform is changed during decryption. We show experimental results that confirm the validity of our proposal.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

12 CFR 605.501 - Information Security Officer.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 12 Banks and Banking 6 2011-01-01 2011-01-01 false Information Security Officer. 605.501 Section... Information Security Officer. (a) The Information Security Officer of the Farm Credit Administration shall be responsible for implementation and oversight of the information security program and procedures adopted by the...

12 CFR 605.501 - Information Security Officer.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Information Security Officer. 605.501 Section... Information Security Officer. (a) The Information Security Officer of the Farm Credit Administration shall be responsible for implementation and oversight of the information security program and procedures adopted by the...

Validation of the Malaysian Coping Strategy Instrument to measure household food insecurity in Kelantan, Malaysia.

PubMed

Sulaiman, Norhasmah; Shariff, Zalilah Mohd; Jalil, Rohana Abdul; Taib, Mohd Nasir Mohd; Kandiah, Mirnalini; Samah, Asnarulkhadi Abu

2011-12-01

Food insecurity occurs whenever people are not able to access enough food at all times for an active and healthy life or when adequate and safe food acquired by socially acceptable ways is not available. To validate the Malaysian Coping Strategy Instrument (MCSI) to measure household food insecurity in Kelantan, Malaysia. A cross-sectional study was conducted on 301 nonpregnant, nonlactating Malay women, aged between 19 and 49 years, living in rural and urban areas. The respondents were interviewed with the use of a structured questionnaire to obtain information on their demographic and socioeconomic characteristics, household food security, and dietary intake. Demographic and socioeconomic characteristics (household size, number of children, number of children attending school, household income, and per capita income) were significantly associated with household food-security status in rural and urban areas. Energy intake, fat intake, percentage of energy from fat, and number of servings of meat,fish, or poultry and legumes were significantly associated with household food-security status in rural areas. The dietary diversity score was significantly associated with household food-security status in rural and urban areas. Validating the MCSI in other areas of Malaysia as well as in similar settings elsewhere in the world before it is used to measure household food insecurity in the population is strongly recommended. In this study, the MCSI was found to be a reliable and valid measure of household food insecurity based on criterion-related validity, particularly in terms of demographic and socioeconomic characteristics and dietary diversity.

Acquisition of an Adiabatic Demagnetization Refrigerator for Quantum Information Science with Superconducting Circuits

DTIC Science & Technology

2015-11-23

SECURITY CLASSIFICATION OF: The DURIP award provided funds for acquiring a cryogen-free adiabatic demagnetization refrigerator at Syracuse University...The new refrigerator has been installed and is now fully operational. The PI has intensive research efforts in the area of Quantum Information...Aug-2014 24-Aug-2015 Approved for Public Release; Distribution Unlimited Final Report: Acquisition of an Adiabatic Demagnetization Refrigerator for

Negotiating Livelihoods beyond Beijing: The Burden of Women Food Vendors in the Informal Economy of Limbe, Cameroon

ERIC Educational Resources Information Center

Fonchingong, Charles C.

2005-01-01

As a response to the trappings of globalisation and the commoditisation of the sphere of production, women continue to play a crucial role in securing livelihoods by guaranteeing access to food in rural, peri-urban, and urban areas. Based on a survey of food vendors, this paper evaluates women's input through informal earnings, the coping…

Addressing security, collaboration, and usability with tactical edge mobile devices and strategic cloud-based systems

NASA Astrophysics Data System (ADS)

Graham, Christopher J.

2012-05-01

Success in the future battle space is increasingly dependent on rapid access to the right information. Faced with a shrinking budget, the Government has a mandate to improve intelligence productivity, quality, and reliability. To achieve increased ISR effectiveness, leverage of tactical edge mobile devices via integration with strategic cloud-based infrastructure is the single, most likely candidate area for dramatic near-term impact. This paper discusses security, collaboration, and usability components of this evolving space. These three paramount tenets outlined below, embody how mission information is exchanged securely, efficiently, with social media cooperativeness. Tenet 1: Complete security, privacy, and data integrity, must be ensured within the net-centric battle space. This paper discusses data security on a mobile device, data at rest on a cloud-based system, authorization and access control, and securing data transport between entities. Tenet 2: Lack of collaborative information sharing and content reliability jeopardizes mission objectives and limits the end user capability. This paper discusses cooperative pairing of mobile devices and cloud systems, enabling social media style interaction via tagging, meta-data refinement, and sharing of pertinent data. Tenet 3: Fielded mobile solutions must address usability and complexity. Simplicity is a powerful paradigm on mobile platforms, where complex applications are not utilized, and simple, yet powerful, applications flourish. This paper discusses strategies for ensuring mobile applications are streamlined and usable at the tactical edge through focused features sets, leveraging the power of the back-end cloud, minimization of differing HMI concepts, and directed end-user feedback.teInput=

Scientific Openness and National Security at the National Laboratories

NASA Astrophysics Data System (ADS)

McTague, John

2000-04-01

The possible loss to the People's Republic of China of important U.S. nuclear-weapons-related information has aroused concern about interactions of scientists employed by the national laboratories with foreign nationals. As a result, the National Academies assembled a committee to examine the roles of the national laboratories, the contribution of foreign interactions to the fulfillment of those roles, the risks and benefits of scientific openness in this context, and the merits and liabilities of the specific policies being implemented or proposed with respect to contacts with foreign nationals. The committee concluded that there are many aspects of the work at the laboratories that benefit from or even demand the opportunity for foreign interactions. The committee recommended five principles for guiding policy: (1) Maintain balance. Policy governing international dialogue by laboratory staff should seek to encourage international engagement in some areas, while tightly controlling it in others. (2) Educate staff. Security procedures should be clear, easy to follow, and serve an understandable purpose. (3) Streamline procedures. Good science is compatible with good security if there is intelligent line management both at the labs and in Washington, which applies effective tools for security in a sensible fashion. (4) Focus efforts. DOE should focus its efforts governing tightened security for information. The greatest attention should obviously be provided to the protection of classified information by appropriate physical and cybersecurity measures, and by personnel procedures and training. (5) Beware of prejudice against foreigners. Over the past half-century foreign-born individuals have contributed broadly and profoundly to national security through their work at the national laboratories.

A Layered Trust Information Security Architecture

PubMed Central

de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

2014-01-01

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted Data...

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

Interpretive Analysis of the Joint Maritime Command Information System (JMCIS) Sensitive Compartmented Information (SCI) Local Area Network (LAN) security Requirements

DTIC Science & Technology

1994-09-01

as Copernicus brought about a revolutionary paradigm shift in astronomy , the Copernicus Architecture was so named because it represents a...34 ........................................ 7 3. The Navy’s Copernicus Architecture .......................................... 8 B . SY ST E M S...evolution of JMCIS are DoD’s Corporate Information Management (CIM), The Joint Staffs "C41 for the Warrior", and the Navy’s Copernicus architecture programs

Securing Cyber Acquisitions

DTIC Science & Technology

2015-02-01

networking provides 24-hour access to data and information between friends and strangers alike. Technology also has played a significant role in the world’s...economic environment, many or- ganizations look at cyber budgets as areas to cut back. And many top-level managers and members of the acquisition

75 FR 10414 - Researcher Identification Card

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-08

... capturing administrative information on the characteristics of our users. Other forms of identification are... use bar-codes on researcher identification cards in the Washington, DC, area. The plastic cards we... plastic researcher identification cards as part of their security systems, we issue a plastic card to...

33 CFR 165.30 - Security zones.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security zones. 165.30 Section... AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Security Zones § 165.30 Security zones. (a) A security zone is an area of land, water, or land and water which is so designated by...

A contribution to the development of an economic atlas of the Houston Area Test Site

NASA Technical Reports Server (NTRS)

1972-01-01

An outine description of the Houston Area Test Site was prepared, in the form of an atlas-catalog of Universal Transverse Mercator grid coordinate locations, building on the manufacturing sector and expanding along agreed lines as far as possible. It was concluded that (1) the effort expended in securing and verifying the locations of larger manufacturing plants yielded 5,000-plus usable entries, in addition to certain valuable conclusions about the general feasibility of obtaining ground information by economic sector; (2) on the basis of the number and the quality of the usable entries obtained, the resources expended on nonmanufacturing sectors and on historical data cannot be wholly justified; and (3) even without the 5,000-odd locations of completely satisfactory quality, the relatively modest cost of this pilot study secured enough data to provide a sound basis for obtaining feasibly and systematically some appropriate ground information on almost any economic or social activity, together with some indication of their relative areal and economic significance.

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

Corrective Action Investigation Plan for Corrective Action Unit 573: Alpha Contaminated Sites, Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthews, Patrick

2014-05-01

Corrective Action Unit (CAU) 573 is located in Area 5 of the Nevada National Security Site, which is approximately 65 miles northwest of Las Vegas, Nevada. CAU 573 is a grouping of sites where there has been a suspected release of contamination associated with non-nuclear experiments and nuclear testing. This document describes the planned investigation of CAU 573, which comprises the following corrective action sites (CASs): • 05-23-02, GMX Alpha Contaminated Area • 05-45-01, Atmospheric Test Site - Hamilton These sites are being investigated because existing information on the nature and extent of potential contamination is insufficient to evaluate andmore » recommend corrective action alternatives.« less

A study of IEEE 802.15.4 security framework for wireless body area networks.

PubMed

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

PubMed Central

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

14 CFR 1203a.104 - Violation of security areas.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Violation of security areas. 1203a.104 Section 1203a.104 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.104 Violation of security areas. (a) Removal of unauthorized persons. The directors of NASA field...

14 CFR 1203a.103 - Access to security areas.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees, and...

14 CFR 1203a.103 - Access to security areas.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees, and...

14 CFR 1203a.104 - Violation of security areas.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Violation of security areas. 1203a.104 Section 1203a.104 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.104 Violation of security areas. (a) Removal of unauthorized persons. The directors of NASA field...

The Training and Employment of Area Specialists in the Military

DTIC Science & Technology

1989-06-01

Unit Acca =o N I1. Title (Include Security Classification) The Training and Employment of Area Specialists in the Military 12 Personal Author(s) Randy P...administering, and analyzing a survey that accounts for about half of the information to come. This work does not answer all the ques- tions that exist...original Academic Associate and co-author of the area studies curriculum at NPS, that these factors accounted for the original decision by the Army to begin

A noise immunity controlled quantum teleportation protocol

NASA Astrophysics Data System (ADS)

Li, Dong-fen; Wang, Rui-jin; Zhang, Feng-li; Baagyere, Edward; Qin, Zhen; Xiong, Hu; Zhan, Huayi

2016-11-01

With the advent of the Internet and information and communication technology, quantum teleportation has become an important field in information security and its application areas. This is because quantum teleportation has the ability to attain a timely secret information delivery and offers unconditional security. And as such, the field of quantum teleportation has become a hot research topic in recent years. However, noise has serious effect on the safety of quantum teleportation within the aspects of information fidelity, channel capacity and information transfer. Therefore, the main purpose of this paper is to address these problems of quantum teleportation. Firstly, in order to resist collective noise, we construct a decoherence-free subspace under different noise scenarios to establish a two-dimensional fidelity quantum teleportation models. And also create quantum teleportation of multiple degree of freedom, and these models ensure the accuracy and availability of the exchange of information and in multiple degree of freedom. Secondly, for easy preparation, measurement and implementation, we use super dense coding features to build an entangled quantum secret exchange channel. To improve the channel utilization and capacity, an efficient super dense coding method based on ultra-entanglement exchange is used. Thirdly, continuous variables of the controlled quantum key distribution were designed for quantum teleportation; in addition, we perform Bell-basis measurement under the collective noise and also prepare the storage technology of quantum states to achieve one-bit key by three-photon encoding to improve its security and efficiency. We use these two methods because they conceal information, resist a third party attack and can detect eavesdropping. Our proposed methods, according to the security analysis, are able to solve the problems associated with the quantum teleportation under various noise environments.

Lawrence Livermore National Laboratory Safeguards and Security quarterly progress report to the US Department of Energy: Quarter ending December 31, 1993

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

1994-01-01

The Lawrence Livermore National Laboratory (LLNL) carries out safeguards and security activities for the Department of Energy (DOE), Office of Safeguards and Security (OSS), as well as other organizations, both within and outside the DOE. This document summarizes the activities conducted for the OSS during the first quarter of fiscal year 1994 (October through December, 1993). The nature and scope of the activities carried out for OSS at LLNL require a broad base of technical expertise. To assure projects are staffed and executed effectively, projects are conducted by the organization at LLNL best able to supply the needed technical expertise.more » These projects are developed and managed by senior program managers. Institutional oversight and coordination is provided through the LLNL Deputy Director`s office. At present, the Laboratory is supporting OSS in five areas: (1) Safeguards Technology, (2) Safeguards and Decision Support, (3) Computer Security, (4) DOE Automated Physical Security, and (5) DOE Automated Visitor Access Control System. This report describes the activities in each of these five areas. The information provided includes an introduction which briefly describes the activity, summary of major accomplishments, task descriptions with quarterly progress, summaries of milestones and deliverables and publications published this quarter.« less

Lawrence Livermore National Laboratory safeguards and security quarterly progress report to the U.S. Department of Energy. Quarter ending December 31, 1996

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

The Lawrence Livermore National Laboratory (LLNL) carries out safeguards and security activities for the Department of Energy (DOE), Office of Safeguards and Security (OSS), as well as other organizations, both within and outside the DOE. This document summarizes the activities conducted for the OSS during the First Quarter of Fiscal Year 1997 (October through December, 1996). The nature and scope of the activities carried out for OSS at LLNL require a broad base of technical expertise. To assure projects are staffed and executed effectively, projects are conducted by the organization at LLNL best able to supply the needed technical expertise.more » These projects are developed and managed by senior program managers. Institutional oversight and coordination is provided through the LLNL Deputy Director`s office. At present, the Laboratory is supporting OSS in four areas: (1) safeguards technology; (2) safeguards and material accountability; (3) computer security--distributed systems; and (4) physical and personnel security support. The remainder of this report describes the activities in each of these four areas. The information provided includes an introduction which briefly describes the activity, summary of major accomplishments, task descriptions with quarterly progress, summaries of milestones and deliverables and publications published this quarter.« less

Concept of Operations for the Next Generation Air Transportation System. Version 3.2

DTIC Science & Technology

2011-01-01

Airside. Security Identification Display Area/Airport ( SIDA ) operations area, terminal perimeter, terminal airspace (security) • Landside. Terminal...Definition RTSS Remote Terminal Security Screening SAA Special Activity Airspace SIDA Security Identification Display Area SM Separation Management

12 CFR Appendix B to Part 30 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2011 CFR

2011-01-01

... Establishing Information Security Standards Table of Contents I. Introduction A. Scope B. Preservation of... Security Program B. Objectives III. Development and Implementation of Customer Information Security Program.... Introduction The Interagency Guidelines Establishing Information Security Standards (Guidelines) set forth...

76 FR 67750 - Homeland Security Information Network Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-02

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0107] Homeland Security Information Network... Information Network Advisory Committee. SUMMARY: The Secretary of Homeland Security has determined that the renewal of the Homeland Security Information Network Advisory Committee (HSINAC) is necessary and in the...

78 FR 7797 - Homeland Security Information Network Advisory Committee (HSINAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0005] Homeland Security Information Network... Committee Meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSIN AC) will meet... received by the (Homeland Security Information Network Advisory Committee), go to http://www.regulations...

78 FR 34665 - Homeland Security Information Network Advisory Committee (HSINAC); Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-10

... DEPARTMENT OF HOMELAND SECURITY [DHS-2013-0037] Homeland Security Information Network Advisory... Committee Meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSINAC) will meet... posted beforehand at this link: http://www.dhs.gov/homeland-security-information-network-advisory...

Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments.

PubMed

Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

2016-12-01

The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments.

Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments

PubMed Central

Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

2016-01-01

The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments. PMID:27916962

Information barrier technology applied to less restrictive environments

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacArthur, D. W.; Langner, D. C.; Hypes, P. A.

2004-01-01

The information barrier is an important part of any system that allows inspector verification of declared classified materials. In this context, the information barrier must protect classified information while allowing the inspectors to reach correct and independent conclusions concerning the veracity of the declaration. Although other applications may not involve national security, information barrier techniques can still be used to protect information considered sensitive by individuals, commercial entities, or national organizations. Other potential areas of application include homeland security and airport screening, personal information disclosed by modern scanning techniques, nuclear information not considered classified but still sensitive, and industrial secretmore » information that could be compromised during 3rd party acceptance testing. Modern personnel screening devices are limited more by their potential for release of personal information than by technology. Screening systems that could be used in airports and other sensitive areas are often not utilized because the same system that can show the details of weapons carried on a person's body can also reveal potentially embarrassing and sensitive details of the body itself. Much other nuclear information, as well as industrially secret information, while not actually classified, is not appropriate for widespread dissemination. In both cases an inspector may need to verify elements of the manufacturer's or owner's claims, but at the same time not disclose sensitive information to either the inspector or the general public. Thus, information barrier technology, although originally developed for protection of nuclear weapons information, is also directly usable in a number of counter-terrorism and nonproliferation applications. Although these applications may not (or may) require the same level of rigor as the original application to classified items, many of the same techniques can be used in protecting this non-classified, but still sensitive, information.« less

Emerging Science And Technologies: Securing The Nation Through Dicovery and Innovation

DTIC Science & Technology

2013-04-01

potential material for use in quantum computing and spintronics. R&D in the area of advanced carbon-based materials has the potential to revolutionize...seem to involve a dual-approach strategy. First, the vast majority of our sensory input information does not reach the level of consciousness ...WHITE PAPER | 17 Relevant technology areas that support Protection of the Intelligence Enterprise include: Quantum Computing and Associated

Security model for picture archiving and communication systems.

PubMed

Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

2000-05-01

The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model.

32 CFR 2103.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Oversight Committee. 2103... BE DECLASSIFIED Implementation and Review § 2103.51 Information Security Oversight Committee. The NCS Information Security Oversight Committee shall be chaired by the Staff Counsel of the National Security...

32 CFR 2103.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Oversight Committee. 2103... BE DECLASSIFIED Implementation and Review § 2103.51 Information Security Oversight Committee. The NCS Information Security Oversight Committee shall be chaired by the Staff Counsel of the National Security...

33 CFR 165.767 - Security Zone; Manbirtee Key, Port of Manatee, Florida.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Seventh Coast Guard District § 165.767 Security Zone; Manbirtee Key, Port of Manatee, Florida. (a) Regulated area. The following area...

Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

PubMed

Kraemer, Sara; Carayon, Pascale

2007-03-01

This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

Computer Science and Technology Publications. NBS Publications List 84.

ERIC Educational Resources Information Center

National Bureau of Standards (DOC), Washington, DC. Inst. for Computer Sciences and Technology.

This bibliography lists publications of the Institute for Computer Sciences and Technology of the National Bureau of Standards. Publications are listed by subject in the areas of computer security, computer networking, and automation technology. Sections list publications of: (1) current Federal Information Processing Standards; (2) computer…

76 FR 28121 - Notice of Passenger Facility Charge (PFC) Approvals and Disapprovals

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-13

.... Security cameras. Snow removal equipment. Update airport master plan study phases I and II. Obstruction... general aviation area. Preconditioned air and fixed ground power. Airfield environmental assessment... Withdrawal: April 19, 2011. Decision Date: April 25, 2011. FOR FURTHER INFORMATION CONTACT: Anna Guss...

76 FR 28784 - HIT Policy Committee's Workgroup Meetings; Notice of Meetings

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-18

...: Meaningful Use, Privacy & Security Tiger Team, Quality Measures, Governance, Adoption/Certification, and... with the Federal Health IT Strategic Plan and that includes recommendations on the areas in which... information or revised schedules as it becomes available. Contact Person: Judy Sparrow, Office of the National...

10 CFR 727.2 - What are the definitions of the terms used in this part?

Code of Federal Regulations, 2012 CFR

2012-01-01

... information. Computer means desktop computers, portable computers, computer networks (including the DOE network and local area networks at or controlled by DOE organizations), network devices, automated.... DOE means the Department of Energy, including the National Nuclear Security Administration. DOE...

10 CFR 727.2 - What are the definitions of the terms used in this part?

Code of Federal Regulations, 2014 CFR

2014-01-01

... information. Computer means desktop computers, portable computers, computer networks (including the DOE network and local area networks at or controlled by DOE organizations), network devices, automated.... DOE means the Department of Energy, including the National Nuclear Security Administration. DOE...

10 CFR 727.2 - What are the definitions of the terms used in this part?

Code of Federal Regulations, 2013 CFR

2013-01-01

... information. Computer means desktop computers, portable computers, computer networks (including the DOE network and local area networks at or controlled by DOE organizations), network devices, automated.... DOE means the Department of Energy, including the National Nuclear Security Administration. DOE...

10 CFR 727.2 - What are the definitions of the terms used in this part?

Code of Federal Regulations, 2011 CFR

2011-01-01

... information. Computer means desktop computers, portable computers, computer networks (including the DOE network and local area networks at or controlled by DOE organizations), network devices, automated.... DOE means the Department of Energy, including the National Nuclear Security Administration. DOE...

10 CFR 727.2 - What are the definitions of the terms used in this part?

Code of Federal Regulations, 2010 CFR

2010-01-01

... information. Computer means desktop computers, portable computers, computer networks (including the DOE network and local area networks at or controlled by DOE organizations), network devices, automated.... DOE means the Department of Energy, including the National Nuclear Security Administration. DOE...

Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

PubMed

Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

2018-04-28

Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

Security Shift in Future Network Architectures

DTIC Science & Technology

2010-11-01

RTO-MP-IST-091 2 - 1 Security Shift in Future Network Architectures Tim Hartog, M.Sc Information Security Dept. TNO Information and...current practice military communication infrastructures are deployed as stand-alone networked information systems. Network -Enabled Capabilities (NEC) and...information architects and security specialists about the separation of network and information security, the consequences of this shift and our view

RSA cryptosystem with fuzzy set theory for encryption and decryption

NASA Astrophysics Data System (ADS)

Abdullah, Kamilah; Bakar, Sumarni Abu; Kamis, Nor Hanimah; Aliamis, Hardi

2017-11-01

In the communication area, user is more focus on communication instead of security of the data communication. Many cryptosystems have been improvised to achieved the effectiveness in communication. RSA cryptosystem is one of well-known cryptosystem used to secure the information and protect the communication by providing a difficulty to the attackers specifically in encryption and decryption. As need arises for guarantee the security of the cryptosystem while the communication must be ensured, we propose a new RSA cryptosystem which is based on fuzzy set theory whereby the plaintext and the ciphertext are in terms of Triangular Fuzzy Number (TFN). Decryption result shows that the message obtained is the same as the original plaintext. This study reveals that the fuzzy set theory is suitable to be used as an alternative tool in securing other cryptosystem.

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 4 2011-10-01 2011-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 4 2014-10-01 2014-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 4 2012-10-01 2012-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 4 2013-10-01 2013-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

75 FR 57904 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-23

... Office, --Update of NIST Computer Security Division, and --Information Security and Privacy Advisory... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

Interpreting international governance standards for health IT use within general medical practice.

PubMed

Mahncke, Rachel J; Williams, Patricia A H

2014-01-01

General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

49 CFR 1542.111 - Exclusive area agreements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport Security Program § 1542.111 Exclusive area agreements. (a) TSA may approve an amendment to an airport security program... aircraft operator or foreign air carrier, and maintained in the airport security program. This agreement...

49 CFR 1542.111 - Exclusive area agreements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport Security Program § 1542.111 Exclusive area agreements. (a) TSA may approve an amendment to an airport security program... aircraft operator or foreign air carrier, and maintained in the airport security program. This agreement...

49 CFR 1542.111 - Exclusive area agreements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport Security Program § 1542.111 Exclusive area agreements. (a) TSA may approve an amendment to an airport security program... aircraft operator or foreign air carrier, and maintained in the airport security program. This agreement...

49 CFR 1542.111 - Exclusive area agreements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport Security Program § 1542.111 Exclusive area agreements. (a) TSA may approve an amendment to an airport security program... aircraft operator or foreign air carrier, and maintained in the airport security program. This agreement...

49 CFR 1542.111 - Exclusive area agreements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Airport Security Program § 1542.111 Exclusive area agreements. (a) TSA may approve an amendment to an airport security program... aircraft operator or foreign air carrier, and maintained in the airport security program. This agreement...

Information Security: Computer Hacker Information Available on the Internet

DTIC Science & Technology

1996-06-05

INFORMATION SECURITY Computer Hacker Information Available on the Internet Statement for the Record of...Report Type N/A Dates Covered (from... to) - Title and Subtitle INFORMATION SECURITY Computer Hacker Information Available on the Internet Contract...1996 4. TITLE AND SUBTITLE Information Security: Computer Hacker Information Available on the Internet 5. FUNDING NUMBERS 6. AUTHOR(S) Jack L.

A review of security of electronic health records.

PubMed

Win, Khin Than

The objective of this study is to answer the research question, "Are current information security technologies adequate for electronic health records (EHRs)?" In order to achieve this, the following matters have been addressed in this article: (i) What is information security in the context of EHRs? (ii) Why is information security important for EHRs? and (iii) What are the current technologies for information security available to EHRs? It is concluded that current EHR security technologies are inadequate and urgently require improvement. Further study regarding information security of EHRs is indicated.

Portfolio Management

NASA Technical Reports Server (NTRS)

Duncan, Sharon L.

2011-01-01

Enterprise Business Information Services Division (EBIS) supports the Laboratory and its functions through the implementation and support of business information systems on behalf of its business community. EBIS Five Strategic Focus Areas: (1) Improve project estimating, planning and delivery capability (2) Improve maintainability and sustainability of EBIS Application Portfolio (3) Leap forward in IT Leadership (4) Comprehensive Talent Management (5) Continuous IT Security Program. Portfolio Management is a strategy in which software applications are managed as assets

49 CFR 1548.19 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information... security measures are necessary to respond to a threat assessment, or to a specific threat against civil...

19 CFR Appendix A to Part 113 - Airport Customs Security Area Bond

Code of Federal Regulations, 2011 CFR

2011-04-01

... 19 Customs Duties 1 2011-04-01 2011-04-01 false Airport Customs Security Area Bond A Appendix A to... OF THE TREASURY CUSTOMS BONDS Pt. 113, App. A Appendix A to Part 113—Airport Customs Security Area Bond Airport Customs Security Area Bond (name of principal) of and (name of surety) of are held and...

19 CFR Appendix A to Part 113 - Airport Customs Security Area Bond

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Airport Customs Security Area Bond A Appendix A to... OF THE TREASURY CUSTOMS BONDS Pt. 113, App. A Appendix A to Part 113—Airport Customs Security Area Bond Airport Customs Security Area Bond (name of principal) of and (name of surety) of are held and...

19 CFR Appendix A to Part 113 - Airport Customs Security Area Bond

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Airport Customs Security Area Bond A Appendix A to... OF THE TREASURY CUSTOMS BONDS Pt. 113, App. A Appendix A to Part 113—Airport Customs Security Area Bond Airport Customs Security Area Bond (name of principal) of and (name of surety) of are held and...

19 CFR Appendix A to Part 113 - Airport Customs Security Area Bond

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Airport Customs Security Area Bond A Appendix A to... OF THE TREASURY CUSTOMS BONDS Pt. 113, App. A Appendix A to Part 113—Airport Customs Security Area Bond Airport Customs Security Area Bond (name of principal) of and (name of surety) of are held and...

19 CFR Appendix A to Part 113 - Airport Customs Security Area Bond

Code of Federal Regulations, 2010 CFR

2010-04-01

... 19 Customs Duties 1 2010-04-01 2010-04-01 false Airport Customs Security Area Bond A Appendix A to... OF THE TREASURY CUSTOMS BONDS Pt. 113, App. A Appendix A to Part 113—Airport Customs Security Area Bond Airport Customs Security Area Bond (name of principal) of and (name of surety) of are held and...

A Study of the Effect of Information Security Policies on Information Security Breaches in Higher Education Institutions

ERIC Educational Resources Information Center

Waddell, Stanie Adolphus

2013-01-01

Many articles within the literature point to the information security policy as one of the most important elements of an effective information security program. Even though this belief is continually referred to in many information security scholarly articles, very few research studies have been performed to corroborate this sentiment. Doherty and…

48 CFR 1339.107-70 - Information security.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security...

48 CFR 1339.107-70 - Information security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security...

49 CFR 8.9 - Information Security Review Committee.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 1 2011-10-01 2011-10-01 false Information Security Review Committee. 8.9 Section.../DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established a Department of Transportation Information Security Review Committee...

48 CFR 1339.107-70 - Information security.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... Clause 1352.239-73, Security Requirements for Information Technology Resources, is needed, contracting... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information security. 1339...

49 CFR 8.9 - Information Security Review Committee.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 1 2010-10-01 2010-10-01 false Information Security Review Committee. 8.9 Section.../DECLASSIFICATION/ACCESS Classification/Declassification of Information § 8.9 Information Security Review Committee. (a) There is hereby established a Department of Transportation Information Security Review Committee...

48 CFR 1339.107-70 - Information security.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Information security. 1339... CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY General 1339.107-70 Information security. (a... coordinate with the designated Contracting Officer Representative (COR) to complete the Information Security...

49 CFR 1554.101 - Security Measures.

Code of Federal Regulations, 2014 CFR

2014-10-01

... certificated repair stations located— (1) On airport. On an air operations area or security identification display area of an airport covered by an airport security program under 49 CFR part 1542 in the United States, or on the security restricted area of any commensurate airport outside the United States...

Defining Information Security.

PubMed

Lundgren, Björn; Möller, Niklas

2017-11-15

This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

Common object request broker architecture (CORBA)-based security services for the virtual radiology environment.

PubMed

Martinez, R; Cole, C; Rozenblit, J; Cook, J F; Chacko, A K

2000-05-01

The US Army Great Plains Regional Medical Command (GPRMC) has a requirement to conform to Department of Defense (DoD) and Army security policies for the Virtual Radiology Environment (VRE) Project. Within the DoD, security policy is defined as the set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive information. Security policy in the DoD is described by the Trusted Computer System Evaluation Criteria (TCSEC), Army Regulation (AR) 380-19, Defense Information Infrastructure Common Operating Environment (DII COE), Military Health Services System Automated Information Systems Security Policy Manual, and National Computer Security Center-TG-005, "Trusted Network Interpretation." These documents were used to develop a security policy that defines information protection requirements that are made with respect to those laws, rules, and practices that are required to protect the information stored and processed in the VRE Project. The goal of the security policy is to provide for a C2-level of information protection while also satisfying the functional needs of the GPRMC's user community. This report summarizes the security policy for the VRE and defines the CORBA security services that satisfy the policy. In the VRE, the information to be protected is embedded into three major information components: (1) Patient information consists of Digital Imaging and Communications in Medicine (DICOM)-formatted fields. The patient information resides in the digital imaging network picture archiving and communication system (DIN-PACS) networks in the database archive systems and includes (a) patient demographics; (b) patient images from x-ray, computed tomography (CT), magnetic resonance imaging (MRI), and ultrasound (US); and (c) prior patient images and related patient history. (2) Meta-Manager information to be protected consists of several data objects. This information is distributed to the Meta-Manager nodes and includes (a) radiologist schedules; (b) modality worklists; (c) routed case information; (d) DIN-PACS and Composite Health Care system (CHCS) messages, and Meta-Manager administrative and security information; and (e) patient case information. (3) Access control and communications security is required in the VRE to control who uses the VRE and Meta-Manager facilities and to secure the messages between VRE components. The CORBA Security Service Specification version 1.5 is designed to allow up to TCSEC's B2-level security for distributed objects. The CORBA Security Service Specification defines the functionality of several security features: identification and authentication, authorization and access control, security auditing, communication security, nonrepudiation, and security administration. This report describes the enhanced security features for the VRE and their implementation using commercial CORBA Security Service software products.

Physics and Its Multiple Roles in the International Atomic Energy Agency

NASA Astrophysics Data System (ADS)

Massey, Charles D.

2017-01-01

The IAEA is the world's centre for cooperation in the nuclear field. It was set up as the world's ``Atoms for Peace'' organization in 1957 within the United Nations family. The Agency works with its Member States and multiple partners worldwide to promote the safe, secure and peaceful use of nuclear technologies. Three main areas of work underpin the IAEA's mission: Safety and Security, Science and Technology, and Safeguards and Verification. To carry out its mission, the Agency is authorized to encourage and assist research on, and development and practical application of, atomic energy for peaceful uses throughout the world; foster the exchange of scientific and technical information on peaceful uses of atomic energy; and encourage the exchange of training of scientists and experts in the field of peaceful uses of atomic energy. Nowadays, nuclear physics and nuclear technology are applied in a great variety of social areas, such as power production, medical diagnosis and therapies, environmental protection, security control, material tests, food processing, waste treatments, agriculture and artifacts analysis. This presentation will cover the role and practical application of physics at the IAEA, and, in particular, focus on the role physics has, and will play, in nuclear security.

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs

PubMed Central

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-01-01

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme. PMID:28338620

A Secure and Privacy-Preserving Navigation Scheme Using Spatial Crowdsourcing in Fog-Based VANETs.

PubMed

Wang, Lingling; Liu, Guozhu; Sun, Lijun

2017-03-24

Fog-based VANETs (Vehicular ad hoc networks) is a new paradigm of vehicular ad hoc networks with the advantages of both vehicular cloud and fog computing. Real-time navigation schemes based on fog-based VANETs can promote the scheme performance efficiently. In this paper, we propose a secure and privacy-preserving navigation scheme by using vehicular spatial crowdsourcing based on fog-based VANETs. Fog nodes are used to generate and release the crowdsourcing tasks, and cooperatively find the optimal route according to the real-time traffic information collected by vehicles in their coverage areas. Meanwhile, the vehicle performing the crowdsourcing task can get a reasonable reward. The querying vehicle can retrieve the navigation results from each fog node successively when entering its coverage area, and follow the optimal route to the next fog node until it reaches the desired destination. Our scheme fulfills the security and privacy requirements of authentication, confidentiality and conditional privacy preservation. Some cryptographic primitives, including the Elgamal encryption algorithm, AES, randomized anonymous credentials and group signatures, are adopted to achieve this goal. Finally, we analyze the security and the efficiency of the proposed scheme.

6 CFR 27.200 - Information regarding security risk for a chemical facility.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information...

Trust and Privacy Solutions Based on Holistic Service Requirements.

PubMed

Sánchez Alcón, José Antonio; López, Lourdes; Martínez, José-Fernán; Rubio Cifuentes, Gregorio

2015-12-24

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens' information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing.

Trust and Privacy Solutions Based on Holistic Service Requirements

PubMed Central

Sánchez Alcón, José Antonio; López, Lourdes; Martínez, José-Fernán; Rubio Cifuentes, Gregorio

2015-01-01

The products and services designed for Smart Cities provide the necessary tools to improve the management of modern cities in a more efficient way. These tools need to gather citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. This paper presents one of the possible solutions to manage this heterogeneity, bearing in mind these types of networks, such as Wireless Sensor Networks, have important resource limitations. A knowledge and ontology management system is proposed to facilitate the collaboration between the business, legal and technological areas. This will ease the implementation of adequate specific security and privacy policies for a given service. All these security and privacy policies are based on the information provided by the deployed platforms and by expert system processing. PMID:26712752

19 CFR 122.181 - Definition of Customs security area.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Definition of Customs security area. 122.181 Section 122.181 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.181 Definition of...

19 CFR 122.181 - Definition of Customs security area.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 19 Customs Duties 1 2011-04-01 2011-04-01 false Definition of Customs security area. 122.181 Section 122.181 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.181 Definition of...

19 CFR 122.181 - Definition of Customs security area.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Definition of Customs security area. 122.181 Section 122.181 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.181 Definition of...

19 CFR 122.181 - Definition of Customs security area.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Definition of Customs security area. 122.181 Section 122.181 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.181 Definition of...

Examining the Impact of Non-Technical Security Management Factors on Information Security Management in Health Informatics

ERIC Educational Resources Information Center

Imam, Abbas H.

2013-01-01

Complexity of information security has become a major issue for organizations due to incessant threats to information assets. Healthcare organizations are particularly concerned with security owing to the inherent vulnerability of sensitive information assets in health informatics. While the non-technical security management elements have been at…

14 CFR 1203.202 - Responsibilities.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.202 Responsibilities. (a) The Chairperson, NASA Information Security...) Ensuring effective compliance with and implementation of “the Order” and the Information Security Oversight...

14 CFR 1203.202 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM NASA Information Security Program § 1203.202 Responsibilities. (a) The Chairperson, NASA Information Security...) Ensuring effective compliance with and implementation of “the Order” and the Information Security Oversight...

38 CFR 75.117 - Notification.

Code of Federal Regulations, 2011 CFR

2011-07-01

... information that were involved in the data breach (e.g., full name, Social Security number, date of birth... conspicuous posting on the home page of VA's Web site and notification in major print and broadcast media, including major media in geographic areas where the affected individuals likely reside. Such a notice in...

38 CFR 75.117 - Notification.

Code of Federal Regulations, 2014 CFR

2014-07-01

... information that were involved in the data breach (e.g., full name, Social Security number, date of birth... conspicuous posting on the home page of VA's Web site and notification in major print and broadcast media, including major media in geographic areas where the affected individuals likely reside. Such a notice in...

38 CFR 75.117 - Notification.

Code of Federal Regulations, 2012 CFR

2012-07-01

... information that were involved in the data breach (e.g., full name, Social Security number, date of birth... conspicuous posting on the home page of VA's Web site and notification in major print and broadcast media, including major media in geographic areas where the affected individuals likely reside. Such a notice in...

38 CFR 75.117 - Notification.

Code of Federal Regulations, 2013 CFR

2013-07-01

... information that were involved in the data breach (e.g., full name, Social Security number, date of birth... conspicuous posting on the home page of VA's Web site and notification in major print and broadcast media, including major media in geographic areas where the affected individuals likely reside. Such a notice in...

38 CFR 75.117 - Notification.

Code of Federal Regulations, 2010 CFR

2010-07-01

... information that were involved in the data breach (e.g., full name, Social Security number, date of birth... conspicuous posting on the home page of VA's Web site and notification in major print and broadcast media, including major media in geographic areas where the affected individuals likely reside. Such a notice in...

32 CFR 552.91 - Individual permit procedures.

Code of Federal Regulations, 2014 CFR

2014-07-01

.... (2) Personal information including Social Security Number. (3) Vehicle identification and license number, if a vehicle is to be brought on post. (4) Names and ages of minor family members who will... section. (c) A permit and a vehicle pass will be issued to each person authorized area access. The permit...

32 CFR 552.91 - Individual permit procedures.

Code of Federal Regulations, 2012 CFR

2012-07-01

.... (2) Personal information including Social Security Number. (3) Vehicle identification and license number, if a vehicle is to be brought on post. (4) Names and ages of minor family members who will... section. (c) A permit and a vehicle pass will be issued to each person authorized area access. The permit...

32 CFR 552.91 - Individual permit procedures.

Code of Federal Regulations, 2013 CFR

2013-07-01

.... (2) Personal information including Social Security Number. (3) Vehicle identification and license number, if a vehicle is to be brought on post. (4) Names and ages of minor family members who will... section. (c) A permit and a vehicle pass will be issued to each person authorized area access. The permit...

32 CFR 552.91 - Individual permit procedures.

Code of Federal Regulations, 2011 CFR

2011-07-01

.... (2) Personal information including Social Security Number. (3) Vehicle identification and license number, if a vehicle is to be brought on post. (4) Names and ages of minor family members who will... section. (c) A permit and a vehicle pass will be issued to each person authorized area access. The permit...

32 CFR 552.91 - Individual permit procedures.

Code of Federal Regulations, 2010 CFR

2010-07-01

.... (2) Personal information including Social Security Number. (3) Vehicle identification and license number, if a vehicle is to be brought on post. (4) Names and ages of minor family members who will... section. (c) A permit and a vehicle pass will be issued to each person authorized area access. The permit...

76 FR 22399 - HIT Policy Committee's Workgroup Meetings; Notice of Meetings

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-21

...: Meaningful Use, Privacy & Security Tiger Team, Quality Measures, Governance, Adoption/Certification, and... with the Federal Health IT Strategic Plan and that includes recommendations on the areas in which...://healthit.hhs.gov . Please check the ONC Web site for additional information or revised schedules as it...

Teachers' Perceptions of Financial Literacy and the Implications for Professional Learning

ERIC Educational Resources Information Center

Sawatzki, Carly M.; Sullivan, Peter A.

2017-01-01

Consumer, economic and financial literacy education at school is central to active and informed citizenship. Over the past decade, the Australian Securities and Investments Commission has led various policy initiatives and influenced curriculum and resource development in this area. However, there remains a paucity of research exploring how…

Cable T.V.: Boon to Vocational Guidance in Rural Areas.

ERIC Educational Resources Information Center

Bliss, James L.; And Others

Allegany Opportunities is a television series which is designed to assist people who may be unemployed, underemployed, or contemplating entering an occupational field by informing them of opportunities available for work, training, and education and procedures for securing work in rural Allegany County. Emphasis is on those occupations requiring…

33 CFR 165.500 - Safety/Security Zones; Chesapeake Bay, Maryland.

Code of Federal Regulations, 2010 CFR

2010-07-01

... designated representative. (3) Persons desiring to transit the area of the security zone may contact the COTP... HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Fifth Coast Guard District § 165.500...

33 CFR 165.1108 - Security Zones; Cruise Ships, Port of San Diego, California.

Code of Federal Regulations, 2010 CFR

2010-07-01

... to transit the area of the security zones may contact the Captain of the Port at telephone number..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eleventh Coast Guard District...

12 CFR Appendix B to Part 364 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2011 CFR

2011-01-01

... Part 364—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B. Assess Risk C. Manage and...

75 FR 63499 - Extension of Agency Information Collection Activity Under OMB Review: Sensitive Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-15

... Information Collection Activity Under OMB Review: Sensitive Security Information Threat Assessments AGENCY... Transportation Security Administration (TSA) has forwarded the Information Collection Request (ICR), Office of... of a party seeking access to sensitive security information (SSI) in a civil proceeding in Federal...

Economic Evaluation of the Information Security Levels Achieved by Electric Energy Providers in North Arctic Region

NASA Astrophysics Data System (ADS)

Sushko, O. P.; Kaznin, A. A.; Babkin, A. V.; Bogdanov, D. A.

2017-10-01

The study we are conducting involves the analysis of information security levels achieved by energy providers operating in the North Arctic Region. We look into whether the energy providers’ current information security levels meet reliability standards and determine what further actions may be needed for upgrading information security in the context of the digital transformation that the world community is undergoing. When developing the information security systems for electric energy providers or selecting the protection means for them, we are governed by the fact that the assets to be protected are process technologies. While information security risk can be assessed using different methods, the evaluation of the economic damage from these risks appears to be a difficult task. The most probable and harmful risks we have identified when evaluating the electric energy providers’ information security will be used by us as variables. To provide the evaluation, it is necessary to calculate the costs relating to elimination of the risks identified. The final stage of the study will involve the development of an operation algorithm for the North Arctic Region’s energy provider’s business information protection security system - a set of information security services, and security software and hardware.

75 FR 65526 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-25

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: Information Security Oversight Office... planning to attend must be submitted to the Information Security Oversight Office (ISOO) no later than...

76 FR 6636 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-07

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: Information Security Oversight Office... planning to attend must be submitted to the Information Security Oversight Office (ISOO) no later than...

76 FR 67484 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-01

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: Information Security Oversight Office... must be submitted to the Information Security Oversight Office (ISOO) no later than Friday, November 11...

76 FR 28099 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-13

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: Information Security Oversight Office... telephone number of individuals planning to attend must be submitted to the Information Security Oversight...

75 FR 39582 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-09

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: Information Security Oversight Office... telephone number of individuals planning to attend must be submitted to the Information Security Oversight...

10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Information and Restricted Data. 95.35 Section 95.35 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a...

Approach to estimation of level of information security at enterprise based on genetic algorithm

NASA Astrophysics Data System (ADS)

V, Stepanov L.; V, Parinov A.; P, Korotkikh L.; S, Koltsov A.

2018-05-01

In the article, the way of formalization of different types of threats of information security and vulnerabilities of an information system of the enterprise and establishment is considered. In a type of complexity of ensuring information security of application of any new organized system, the concept and decisions in the sphere of information security are expedient. One of such approaches is the method of a genetic algorithm. For the enterprises of any fields of activity, the question of complex estimation of the level of security of information systems taking into account the quantitative and qualitative factors characterizing components of information security is relevant.

17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

Code of Federal Regulations, 2011 CFR

2011-04-01

... registration as a securities information processor or to amend such an application or registration. 249.1001..., SECURITIES EXCHANGE ACT OF 1934 Form for Registration of, and Reporting by Securities Information Processors § 249.1001 Form SIP, for application for registration as a securities information processor or to amend...

17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

Code of Federal Regulations, 2010 CFR

2010-04-01

... registration as a securities information processor or to amend such an application or registration. 249.1001..., SECURITIES EXCHANGE ACT OF 1934 Form for Registration of, and Reporting by Securities Information Processors § 249.1001 Form SIP, for application for registration as a securities information processor or to amend...

Evapotranspiration Cover for the 92-Acre Area Retired Mixed Waste Pits, Area 5 Waste Management Division, Nevada National Security Site, Final CQA Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

NSTec Environmental Management; The Delphi Groupe, Inc.; J. A. Cesare and Associates, Inc.

The report is the Final Construction Quality Assurance (CQA) Report for the 92-Acrew Evapotranspiration Cover, Area 5 Waste Management Division Retired Mixed Waste Pits, Nevada National Security Site, Nevada, for the period of January 20, 2011, to January 31, 2012 The Area 5 RWMS uses engineered shallow-land burial cells to dispose of packaged waste. The 92-Acre Area encompasses the southern portion of the Area 5 RWMS, which has been designated for the first final closure operations. This area contains 13 Greater Confinement Disposal (GCD) boreholes, 16 narrow trenches, and 9 broader pits. With the exception of two active pits (P03more » and P06), all trenches and pits in the 92-Acre Area had operational covers approximately 2.4 meters thick, at a minimum, in most areas when this project began. The units within the 92-Acre Area are grouped into the following six informal categories based on physical location, waste types and regulatory requirements: (1) Pit 3 Mixed Waste Disposal Unit (MWDU); (2) Corrective Action Unit (CAU) 111; (3) CAU 207; (4) Low-level waste disposal units; (5) Asbestiform low-level waste disposal units; and (6) One transuranic (TRU) waste trench.« less

46 CFR 503.52 - Senior agency official.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 9 2011-10-01 2011-10-01 false Senior agency official. 503.52 Section 503.52 Shipping FEDERAL MARITIME COMMISSION GENERAL AND ADMINISTRATIVE PROVISIONS PUBLIC INFORMATION Information Security...'s information security program, which includes oversight (self-inspection) and security information...

Comprehensive evaluation of ecological security in mining area based on PSR-ANP-GRAY.

PubMed

He, Gang; Yu, Baohua; Li, Shuzhou; Zhu, Yanna

2017-09-06

With the large exploitation of mineral resources, a series of problems have appeared in the ecological environment of the mining area. Therefore, evaluating the ecological security of mining area is of great significance to promote its healthy development. In this paper, the evaluation index system of ecological security in mining area was constructed from three dimensions of nature, society and economy, combined with Pressure-State-Response framework model. Then network analytic hierarchy process and GRAY relational analysis method were used to evaluate the ecological security of the region, and the weighted correlation degree of ecological security was calculated through the index data of a coal mine from 2012 to 2016 in China. The results show that the ecological security in the coal mine area is on the rise as a whole, though it alternatively rose and dropped from 2012 to 2016. Among them, the ecological security of the study mining area is at the general security level from 2012 to 2015, and at a relatively safe level in 2016. It shows that the ecological environment of the study mining area can basically meet the requirement of the survival and development of the enterprises.

75 FR 10507 - Information Security Oversight Office; National Industrial Security Program Policy Advisory...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-08

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office; National Industrial Security Program Policy Advisory Committee (NISPPAC) AGENCY: National Archives and Records... individuals planning to attend must be submitted to the Information Security Oversight Office (ISOO) no later...

[Food poisoning--importance of international perspective].

PubMed

Nishibuchi, Mitsuaki

2012-08-01

It is important to obtain the information on food security in the countries other than Japan since more than 60 % of the food consumed come from these countries. Food security is now considered as a global issue. A global trend persuading us to provide safe food to humans is based on the concept of human security development associated with a sense of human mission to sustain one's life. Another global tendency pushing us to secure safety and hygiene of food is driven by the economic pressure coming from the rules in international trade established by Codex Committee under FAO/WHO. In contrast to these trends under globalization requesting safe and hygienic food, food habits based on tradition or religion are maintained locally in various parts of the world. These local habits include eating raw or improperly cooked foods, which may become a risk of being exposed to food poisoning pathogens. This issue may be adequately solved by a risk assessment approach based on the concept of appropriate level of protection (ALOP). Like or not, people in some local areas live in the unhygienic environment where they are unintentionally and frequently exposed to enteric pathogens or immunologically cross-reacting microorganisms through which they may acquire specific immunity to the pathogens and escape from infection by the pathogens. There are therefore many areas in the world where people understand the necessity to provide safe food at the international level (globalization) but actually consume food in varying hygienic conditions from area to area due in part to traditional food habits or living environments (localization); we call this situation as glocalization (global+local).

33 CFR 165.1104 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security Zone: San Diego Bay, CA... Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1104 Security Zone: San Diego Bay, CA. (a) Location. The following area is a security zone: on the waters along the northern...

33 CFR 165.1104 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security Zone: San Diego Bay, CA... Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1104 Security Zone: San Diego Bay, CA. (a) Location. The following area is a security zone: on the waters along the northern...

33 CFR 165.1104 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security Zone: San Diego Bay, CA... Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1104 Security Zone: San Diego Bay, CA. (a) Location. The following area is a security zone: on the waters along the northern...

33 CFR 165.1104 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security Zone: San Diego Bay, CA... Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1104 Security Zone: San Diego Bay, CA. (a) Location. The following area is a security zone: on the waters along the northern...

33 CFR 165.1104 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security Zone: San Diego Bay, CA... Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1104 Security Zone: San Diego Bay, CA. (a) Location. The following area is a security zone: on the waters along the northern...

33 CFR 165.1101 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2010 CFR

2010-07-01

... to transit the area of the security zone may contact the Captain of the Port at telephone number 619... (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1101 Security Zone: San Diego...

33 CFR 165.776 - Security Zone; Coast Guard Base San Juan, San Juan Harbor, Puerto Rico

Code of Federal Regulations, 2010 CFR

2010-07-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Seventh Coast...) Location. The following area is a security zone: All waters from surface to bottom, encompassed by an...

Assessing Grant Allocation Methods for Federal Homeland Security Urban Area Assistance Funding

DTIC Science & Technology

2015-12-01

ALLOCATION METHODS FOR FEDERAL HOMELAND SECURITY URBAN AREA ASSISTANCE FUNDING by Craig Mohar December 2015 Thesis Co-Advisors: Kathleen...REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE ASSESSING GRANT ALLOCATION METHODS FOR FEDERAL HOMELAND SECURITY URBAN AREA...the Department of Homeland Security (DHS) is critical for building and sustaining preparedness in urban areas. According to the 9/11 Commission Report

6 CFR 7.27 - Declassification and downgrading.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY INFORMATION Classified Information § 7.27 Declassification and downgrading. (a) Classified... Security Officer. (b) Information shall be declassified or downgraded by the official who authorized the... Secretary of Homeland Security or the Chief Security Officer. (c) It is presumed that information that...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2013 CFR

2013-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2013-01-01 2013-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2014 CFR

2014-01-01

....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2014-01-01 2014-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

33 CFR 165.820 - Security Zone; Ohio River Mile, 34.6 to 35.1, Shippingport, Pennsylvania.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eighth Coast...) Location. The following area is a security zone: The waters of the Ohio River, extending 200 feet from the... Captain of the Port, Pittsburgh. (2) Persons and vessels desiring to transit the area of the security zone...

A Historical Study of the Effectiveness of U.S. Security Assistance to Panama, Costa Rica and Nicaragua

DTIC Science & Technology

1986-09-01

United States aid to the rebels (16:9). The United States policy toward Central America originated with the Monroe Doctrine. As explained in Chapter...crisis in the area. The most often used were Mexico and Central America Report, Latinamerica Press, Mesoamerica , and Hemisphere Hotline. Especially...Information Exchange (DLSIE) and the Defense Technical Information Center (DTIC) to determine what studies were available. In addition, the historical

Recent progress of quantum communication in China (Conference Presentation)

NASA Astrophysics Data System (ADS)

Zhang, Qiang

2016-04-01

Quantum communication, based on the quantum physics, can provide information theoretical security. Building a global quantum network is one ultimate goal for the research of quantum information. Here, this talk will review the progress for quantum communication in China, including quantum key distribution over metropolitan area with untrustful relay, field test of quantum entanglement swapping over metropolitan network, the 2000 km quantum key distribution main trunk line, and satellite based quantum communication.

78 FR 26057 - Extension of Agency Information Collection Activity Under OMB Review: Pipeline Corporate Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-03

... Information Collection Activity Under OMB Review: Pipeline Corporate Security Review AGENCY: Transportation.... Information Collection Requirement Title: Pipeline Corporate Security Review (PCSR). Type of Request... current industry security practices through its Pipeline Corporate Security Review (PCSR) program. The...

Trends in social security benefits for oral and oropharyngeal cancer from 2006 to 2013 in Brazil.

PubMed

Bomfim, Rafael Aiello; Cascaes, Andreia Morales

2018-01-01

to analyze the trends in the concession of social security sick pay for oral and oropharyngeal cancer, from 2006 to 2013, in Brazil. time series study using data of workers insured by the Brazilian National Institute of Social Security (INSS); Prais-Winsten generalized linear regressions were used to calculate the annual percentage change (APC). social security benefits for oral and oropharyngeal cancer presented significant increase (APC=9.0%; 95%CI 1.4; 17.4); benefits for other parts of the mouth, nasopharynx, oropharynx, floor of mouth and palate have also shown significant increase; the areas of trade (5.5%) and manufacturing (5.2%) were the most prevalent activities; there was a high proportion of fields in blank in the information systems (average of 72.9%). trends in occupational benefits for oral and oropharyngeal cancer showed significant increase.

Information Security Management (ISM)

NASA Astrophysics Data System (ADS)

Šalgovičová, Jarmila; Prajová, Vanessa

2012-12-01

Currently, all organizations have to tackle the issue of information security. The paper deals with various aspects of Information Security Management (ISM), including procedures, processes, organizational structures, policies and control processes. Introduction of Information Security Management should be a strategic decision. The concept and implementation of Information Security Management in an organization are determined by the corporate needs and objectives, security requirements, the processes deployed as well as the size and structure of the organization. The implementation of ISM should be carried out to the extent consistent with the needs of the organization.

Information security of power enterprises of North-Arctic region

NASA Astrophysics Data System (ADS)

Sushko, O. P.

2018-05-01

The role of information technologies in providing technological security for energy enterprises is a component of the economic security for the northern Arctic region in general. Applying instruments and methods of information protection modelling of the energy enterprises' business process in the northern Arctic region (such as Arkhenergo and Komienergo), the authors analysed and identified most frequent risks of information security. With the analytic hierarchy process based on weighting factor estimations, information risks of energy enterprises' technological processes were ranked. The economic estimation of the information security within an energy enterprise considers weighting factor-adjusted variables (risks). Investments in information security systems of energy enterprises in the northern Arctic region are related to necessary security elements installation; current operating expenses on business process protection systems become materialized economic damage.

Practical and secure telemedicine systems for user mobility.

PubMed

Rezaeibagha, Fatemeh; Mu, Yi

2018-02-01

The application of wireless devices has led to a significant improvement in the quality delivery of care in telemedicine systems. Patients who live in a remote area are able to communicate with the healthcare provider and benefit from the doctor consultations. However, it has been a challenge to provide a secure telemedicine system, which captures users (patients and doctors) mobility and patient privacy. In this work, we present several secure protocols for telemedicine systems, which ensure the secure communication between patients and doctors who are located in different geographical locations. Our protocols are the first of this kind featured with confidentiality of patient information, mutual authentication, patient anonymity, data integrity, freshness of communication, and mobility. Our protocols are based on symmetric-key schemes and capture all desirable security requirements in order to better serve our objectives of research for secure telemedicine services; therefore, they are very efficient in implementation. A comparison with related works shows that our work contributes first comprehensive solution to capture user mobility and patient privacy for telemedicine systems. Copyright © 2018 Elsevier Inc. All rights reserved.

Disaster at a University: A Case Study in Information Security

ERIC Educational Resources Information Center

Ayyagari, Ramakrishna; Tyks, Jonathan

2012-01-01

Security and disaster training is identified as a top Information Technology (IT) required skill that needs to be taught in Information Systems (IS) curriculums. Accordingly, information security and privacy have become core concepts in information system education. Providing IT security on a shoestring budget is always difficult and many small…

6 CFR 7.12 - Violations of classified information requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Violations of classified information requirements. 7.12 Section 7.12 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION Administration § 7.12 Violations of classified information...

78 FR 77484 - Extension of Agency Information Collection Activity Under OMB Review: Pipeline System Operator...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-23

... Federal agency for pipeline security, it is important for TSA to have contact information for company... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY...

A Secure Cloud-Assisted Wireless Body Area Network in Mobile Emergency Medical Care System.

PubMed

Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

2016-05-01

Recent advances in medical treatment and emergency applications, the need of integrating wireless body area network (WBAN) with cloud computing can be motivated by providing useful and real time information about patients' health state to the doctors and emergency staffs. WBAN is a set of body sensors carried by the patient to collect and transmit numerous health items to medical clouds via wireless and public communication channels. Therefore, a cloud-assisted WBAN facilitates response in case of emergency which can save patients' lives. Since the patient's data is sensitive and private, it is important to provide strong security and protection on the patient's medical data over public and insecure communication channels. In this paper, we address the challenge of participant authentication in mobile emergency medical care systems for patients supervision and propose a secure cloud-assisted architecture for accessing and monitoring health items collected by WBAN. For ensuring a high level of security and providing a mutual authentication property, chaotic maps based authentication and key agreement mechanisms are designed according to the concept of Diffie-Hellman key exchange, which depends on the CMBDLP and CMBDHP problems. Security and performance analyses show how the proposed system guaranteed the patient privacy and the system confidentiality of sensitive medical data while preserving the low computation property in medical treatment and remote medical monitoring.

32 CFR 154.42 - Evaluation of personnel security information.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 1 2011-07-01 2011-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying the...

32 CFR 154.42 - Evaluation of personnel security information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 1 2010-07-01 2010-07-01 false Evaluation of personnel security information... SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Adjudication § 154.42 Evaluation of personnel security information. (a) The criteria and adjudicative policy to be used in applying the...

75 FR 38595 - Guidance to States Regarding Driver History Record Information Security, Continuity of Operation...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-02

... Standards and Technology's (NIST) Computer Security Division maintains a Computer Security Resource Center... Regarding Driver History Record Information Security, Continuity of Operation Planning, and Disaster... (SDLAs) to support their efforts at maintaining the security of information contained in the driver...

14 CFR 1203.409 - Exceptional cases.

Code of Federal Regulations, 2010 CFR

2010-01-01

....409 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION INFORMATION SECURITY PROGRAM... Information Security Program Committee, Security Division, Washington, DC 20546 for a classification..., to the Director, Information Security Oversight Office, GSA, for a determination. ...

The ISACA Business Model for Information Security: An Integrative and Innovative Approach

NASA Astrophysics Data System (ADS)

von Roessing, Rolf

In recent years, information security management has matured into a professional discipline that covers both technical and managerial aspects in an organisational environment. Information security is increasingly dependent on business-driven parameters and interfaces to a variety of organisational units and departments. In contrast, common security models and frameworks have remained largely technical. A review of extant models ranging from [LaBe73] to more recent models shows that technical aspects are covered in great detail, while the managerial aspects of security are often neglected.Likewise, the business view on organisational security is frequently at odds with the demands of information security personnel or information technology management. In practice, senior and executive level management remain comparatively distant from technical requirements. As a result, information security is generally regarded as a cost factor rather than a benefit to the organisation.

33 CFR 165.505 - Security Zone; Calvert Cliffs Nuclear Power Plant, Chesapeake Bay, Calvert County, Maryland.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Persons desiring to transit the area of the security zone may contact the Captain of the Port at telephone... REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Fifth Coast Guard District § 165.505 Security Zone; Calvert Cliffs Nuclear Power Plant, Chesapeake...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2014 CFR

2014-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2011 CFR

2011-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2012 CFR

2012-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2013 CFR

2013-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1549.109 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SCREENING PROGRAM Operations § 1549.109 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify certified cargo screening facilities of security concerns. (b) When TSA...

49 CFR 1544.305 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.305 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify aircraft operators of...

36 CFR 1256.70 - What controls access to national security-classified information?

Code of Federal Regulations, 2010 CFR

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

2002-2015 Texas Regional Travel Surveys | Transportation Secure Data

Science.gov Websites

have passed through NREL's drive cycle processing and filtering routines. Survey Records Survey records include 5,825 households. More Information Survey reports are available for the following areas: Abilene . Transportation data are available as zipped files. Download Winzip. Abilene Full Survey Data (excluding any GPS

Office of the 21st Century Workforce. XXI, Fall 2002.

ERIC Educational Resources Information Center

XXI, 2002

2002-01-01

This document presents information on the U.S. Department of Labor's activities in the following topics areas: developing a skilled workforce; keeping workers safe; building workforce security; and connecting workers with jobs. The following items are included: (1) a discussion by the president and chief executive officer of Cisco Systems, Inc.,…

Higher Education IT Compliance through the Prism of Risk Controls

ERIC Educational Resources Information Center

Feehan, Patrick J.

2013-01-01

In 2013, compliance issues march, unceasingly, through every aspect of higher education. Yet the intricacies of privacy, information security, data governance, and IT policy as compliance and risk areas within the IT organization can reverberate and impact every other department within the higher education institution. The primary focus is always…

U.S. Strategic Communications Against Islamic Fundamentalists

DTIC Science & Technology

2016-03-01

psychological abnormalities now focuses on the “root” or “push” and “trigger” or “pull” causes of radicalization. First described by Martha Crenshaw as...National Division - Baghdad NSC National Security Council PSYOPS Psychological Operations RCT Rational Choice Theory TAI Tactical Areas of...four pillars”: information operations (IO), psychological operations 8 Paul, Strategic

15 CFR 784.3 - Scope and conduct of complementary access.

Code of Federal Regulations, 2012 CFR

2012-01-01

... presence of a U.S. Government Host Team. No information of direct national security significance shall be... location accessed, the IAEA Team may: (i) Perform visual observation of parts or areas of the location; (ii... unless the Host Team leader, after receiving input from representatives of the location and consulting...

15 CFR 784.3 - Scope and conduct of complementary access.

Code of Federal Regulations, 2014 CFR

2014-01-01

... presence of a U.S. Government Host Team. No information of direct national security significance shall be... location accessed, the IAEA Team may: (i) Perform visual observation of parts or areas of the location; (ii... unless the Host Team leader, after receiving input from representatives of the location and consulting...

15 CFR 784.3 - Scope and conduct of complementary access.

Code of Federal Regulations, 2013 CFR

2013-01-01

... presence of a U.S. Government Host Team. No information of direct national security significance shall be... location accessed, the IAEA Team may: (i) Perform visual observation of parts or areas of the location; (ii... unless the Host Team leader, after receiving input from representatives of the location and consulting...

43 CFR 7.34 - Procedural information for securing permits.

Code of Federal Regulations, 2012 CFR

2012-10-01

.... 7.34 Section 7.34 Public Lands: Interior Office of the Secretary of the Interior PROTECTION OF..., the Federal land manager of the bureau that administers the specific area of the public lands or Indian lands for which a permit is desired, or from the state, regional, or national office of that...

43 CFR 7.34 - Procedural information for securing permits.

Code of Federal Regulations, 2011 CFR

2011-10-01

... permits. 7.34 Section 7.34 Public Lands: Interior Office of the Secretary of the Interior PROTECTION OF..., the Federal land manager of the bureau that administers the specific area of the public lands or Indian lands for which a permit is desired, or from the state, regional, or national office of that...

43 CFR 7.34 - Procedural information for securing permits.

Code of Federal Regulations, 2013 CFR

2013-10-01

... permits. 7.34 Section 7.34 Public Lands: Interior Office of the Secretary of the Interior PROTECTION OF..., the Federal land manager of the bureau that administers the specific area of the public lands or Indian lands for which a permit is desired, or from the state, regional, or national office of that...

78 FR 15381 - Agency Information Collection Activities; Submission to OMB for Reinstatement of a Previously...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-11

.../dealer selection criteria, and record credit decisions regarding deposits in financial institutions... complex investment portfolios need to address many areas of the rule. Depending on these and other factors... written report of investments; e. Obtaining price quotes on securities prior to purchase or sale; f...

Technology, the Law, and Higher Education Policy: Visions for Community College Administrators.

ERIC Educational Resources Information Center

Basham, Matt

2003-01-01

Analyzes the impact of the U.S. Patriot Act on educational institutions, particularly in the area of information technology security. Warns that the Act could impact distance learning and campus Internet service providers, and that lawsuits are being filed against universities for having lax cybersecurity. Makes suggestions for dealing with these…

77 FR 5481 - Codex Alimentarius Commission: Meeting of the Codex Committee on Contaminants in Food

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-03

... expedite entry into the building and its parking area. You should also bring photo identification and plan for adequate time to pass through security screening systems. If you require parking, please include... automatic and customized access to selected food safety news and information. This service is available at...

Vegetation map of the greater Denver area, Front Range urban corridor, Colorado

USGS Publications Warehouse

Marr, J.W.; Boyd, W.S.

1979-01-01

Vegetation is one of our most valuable renewable resources; it is the primary producer of organic matter on which all nongreen organisms are dependent for energy, construction materials, aesthetic enjoyment, and other necessities of life. In order to secure the greatest possible returns from the utilization of the different types of vegetation, people need to know what species are present, the ecological processes in which they are involved, and the ways in which they are arranged in the landscape. This vegetation map is designed to help persons in a wide variety of activities to secure that information.

Applications for radio-frequency identification technology in the perioperative setting.

PubMed

Zhao, Tiyu; Zhang, Xiaoxiang; Zeng, Lili; Xia, Shuyan; Hinton, Antentor Othrell; Li, Xiuyun

2014-06-01

We implemented a two-year project to develop a security-gated management system for the perioperative setting using radio-frequency identification (RFID) technology to enhance the management efficiency of the OR. We installed RFID readers beside the entrances to the OR and changing areas to receive and process signals from the RFID tags that we sewed into surgical scrub attire and shoes. The system also required integrating automatic access control panels, computerized lockers, light-emitting diode (LED) information screens, wireless networks, and an information system. By doing this, we are able to control the flow of personnel and materials more effectively, reduce OR costs, optimize the registration and attire-changing process for personnel, and improve management efficiency. We also anticipate this system will improve patient safety by reducing the risk of surgical site infection. Application of security-gated management systems is an important and effective way to help ensure a clean, convenient, and safe management process to manage costs in the perioperative area and promote patient safety. Copyright © 2014 AORN, Inc. Published by Elsevier Inc. All rights reserved.

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data...

10 CFR 2.903 - Protection of restricted data and national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Restricted Data and/or National Security Information § 2.903 Protection of restricted data and national security information. Nothing in this subpart shall relieve any person from safeguarding Restricted Data or National Security Information in accordance with the applicable provisions of laws of the United States and...

Examining the Relationship between Organization Systems and Information Security Awareness

ERIC Educational Resources Information Center

Tintamusik, Yanarong

2010-01-01

The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

Information Sharing for IT Security Professionals

ERIC Educational Resources Information Center

Petersen, Rodney J.

2008-01-01

Information sharing is a core value for information technology (IT) security professionals. It is also a familiar concept for those who work at institutions of higher education because of their long history of collaboration and openness. Information sharing has become part of the national fabric as IT security professionals attempt to secure cyber…

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data...

12 CFR Appendix B to Part 170 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2014 CFR

2014-01-01

... Security Standards B Appendix B to Part 170 Banks and Banking COMPTROLLER OF THE CURRENCY, DEPARTMENT OF... Part 170—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of...

12 CFR Appendix B to Part 170 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2013 CFR

2013-01-01

... Security Standards B Appendix B to Part 170 Banks and Banking COMPTROLLER OF THE CURRENCY, DEPARTMENT OF... Part 170—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of...

[How to establish the hospital information system security policies].

PubMed

Gong, Qing-Yue; Shi, Cheng

2008-03-01

It is important to establish the hospital information system security policies. While these security policies are being established, a comprehensive consideration should be given to the acceptable levels of users, IT supporters and hospital managers. We should have a formal policy designing process that is consistently followed by all security policies. Reasons for establishing the security policies and their coverage and applicable objects should be stated clearly. Besides, each policy should define user's responsibilities and penalties of violation. Every organization will need some key policies, such as of information sources usage, remote access, information protection, perimeter security, and baseline host/device security. Security managing procedures are the mechanisms to enforce the policies. An incident-handling procedure is the most important security managing procedure for all organizations.

33 CFR 165.809 - Security Zones; Port of Port Lavaca-Point Comfort, Point Comfort, TX and Port of Corpus Christi...

Code of Federal Regulations, 2010 CFR

2010-07-01

... (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eighth Coast Guard District § 165.809 Security Zones; Port of Port...) Location. The following area is designated as a security zone: all waters of the Corpus Christi Inner...

46 CFR 503.59 - Safeguarding classified information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Information Security Program § 503.59 Safeguarding classified information. (a) All classified information... security; (2) Takes appropriate steps to protect classified information from unauthorized disclosure or... security check; (2) To protect the classified information in accordance with the provisions of Executive...

78 FR 73819 - Information Collection; Financial Information Security Request Form

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-09

... DEPARTMENT OF AGRICULTURE Forest Service Information Collection; Financial Information Security... individuals and organizations on the extension with revision of a currently approved information collection, Financial Information Security Request Form. DATES: Comments must be received in writing on or before...

How ISO/IEC 17799 can be used for base lining information assurance among entities using data mining for defense, homeland security, commercial, and other civilian/commercial domains

NASA Astrophysics Data System (ADS)

Perry, William G.

2006-04-01

One goal of database mining is to draw unique and valid perspectives from multiple data sources. Insights that are fashioned from closely-held data stores are likely to possess a high degree of reliability. The degree of information assurance comes into question, however, when external databases are accessed, combined and analyzed to form new perspectives. ISO/IEC 17799, Information technology-Security techniques-Code of practice for information security management, can be used to establish a higher level of information assurance among disparate entities using data mining in the defense, homeland security, commercial and other civilian/commercial domains. Organizations that meet ISO/IEC information security standards have identified and assessed risks, threats and vulnerabilities and have taken significant proactive steps to meet their unique security requirements. The ISO standards address twelve domains: risk assessment and treatment, security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management and business continuity management and compliance. Analysts can be relatively confident that if organizations are ISO 17799 compliant, a high degree of information assurance is likely to be a characteristic of the data sets being used. The reverse may be true. Extracting, fusing and drawing conclusions based upon databases with a low degree of information assurance may be wrought with all of the hazards that come from knowingly using bad data to make decisions. Using ISO/IEC 17799 as a baseline for information assurance can help mitigate these risks.

49 CFR 1544.227 - Exclusive area agreement.

Code of Federal Regulations, 2012 CFR

2012-10-01

....227 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS... has entered into an exclusive area agreement with an airport operator, under § 1542.111 of this...

49 CFR 1544.227 - Exclusive area agreement.

Code of Federal Regulations, 2010 CFR

2010-10-01

....227 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS... has entered into an exclusive area agreement with an airport operator, under § 1542.111 of this...

49 CFR 1544.227 - Exclusive area agreement.

Code of Federal Regulations, 2013 CFR

2013-10-01

....227 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS... has entered into an exclusive area agreement with an airport operator, under § 1542.111 of this...

49 CFR 1544.227 - Exclusive area agreement.

Code of Federal Regulations, 2011 CFR

2011-10-01

....227 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS... has entered into an exclusive area agreement with an airport operator, under § 1542.111 of this...

49 CFR 1544.227 - Exclusive area agreement.

Code of Federal Regulations, 2014 CFR

2014-10-01

....227 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS... has entered into an exclusive area agreement with an airport operator, under § 1542.111 of this...

Information security for compliance with select agent regulations.

PubMed

Lewis, Nick; Campbell, Mark J; Baskin, Carole R

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as "select agents." While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts--still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment.

Information Security for Compliance with Select Agent Regulations

PubMed Central

Lewis, Nick; Campbell, Mark J.

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

78 FR 30319 - Intent to Request Renewal From OMB of One Current Public Collection of Information: Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-22

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration [Docket No. TSA-2002-11602] Intent to Request Renewal From OMB of One Current Public Collection of Information: Security Programs for..., Transportation Security Administration, 601 South 12th Street, Arlington, VA 20598-6011. FOR FURTHER INFORMATION...

Information Security Awareness On-Line Materials Design with Knowledge Maps

ERIC Educational Resources Information Center

Shaw, Ruey-Shiang; Keh, Huan-Chao; Huang, Nan-Ching; Huang, Tien-Chuan

2011-01-01

Information Security Awareness, though known as a primary and important issue in the domain of Information Security, CSI computer crime and security survey showed poor security awareness training in public and private sectors. In many studies, the authors have found that the usage of knowledge maps helps the process of learning and conception…

49 CFR 1540.105 - Security responsibilities of employees and other persons.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... (2) Enter, or be present within, a secured area, AOA, SIDA or sterile area without complying with the... in secured areas, AOA's, or SIDA's in any other manner than that for which it was issued by the...

49 CFR 1540.105 - Security responsibilities of employees and other persons.

Code of Federal Regulations, 2012 CFR

2012-10-01

.... (2) Enter, or be present within, a secured area, AOA, SIDA or sterile area without complying with the... in secured areas, AOA's, or SIDA's in any other manner than that for which it was issued by the...

49 CFR 1540.105 - Security responsibilities of employees and other persons.

Code of Federal Regulations, 2014 CFR

2014-10-01

.... (2) Enter, or be present within, a secured area, AOA, SIDA or sterile area without complying with the... in secured areas, AOA's, or SIDA's in any other manner than that for which it was issued by the...

49 CFR 1540.105 - Security responsibilities of employees and other persons.

Code of Federal Regulations, 2013 CFR

2013-10-01

.... (2) Enter, or be present within, a secured area, AOA, SIDA or sterile area without complying with the... in secured areas, AOA's, or SIDA's in any other manner than that for which it was issued by the...

49 CFR 1540.105 - Security responsibilities of employees and other persons.

Code of Federal Regulations, 2011 CFR

2011-10-01

.... (2) Enter, or be present within, a secured area, AOA, SIDA or sterile area without complying with the... in secured areas, AOA's, or SIDA's in any other manner than that for which it was issued by the...

Information infrastructure for emergency medical services.

PubMed

Orthner, Helmuth; Mishra, Ninad; Terndrup, Thomas; Acker, Joseph; Grimes, Gary; Gemmill, Jill; Battles, Marcie

2005-01-01

The pre-hospital emergency medical and public safety information environment is nearing a threshold of significant change. The change is driven in part by several emerging technologies such as secure, high-speed wireless communication in the local and wide area networks (wLAN, 3G), Geographic Information Systems (GIS), Global Positioning Systems (GPS), and powerful handheld computing and communication services, that are of sufficient utility to be more widely adopted. We propose a conceptual model to enable improved clinical decision making in the pre-hospital environment using these change agents.

Corrective Action Investigation Plan for Corrective Action Unit 568: Area 3 Plutonium Dispersion Sites Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthews, Patrick

2014-01-01

CAU 568 is a grouping of sites where there has been a suspected release of contamination associated with nuclear testing. This document describes the planned investigation of CAU 568, which comprises the following corrective action sites (CASs): • 03-23-17, S-3I Contamination Area • 03-23-19, T-3U Contamination Area • 03-23-20, Otero Contamination Area • 03-23-22, Platypus Contamination Area • 03-23-23, San Juan Contamination Area • 03-23-26, Shrew/Wolverine Contamination Area These sites are being investigated because existing information on the nature and extent of potential contamination is insufficient to evaluate and recommend corrective action alternatives (CAAs). Additional information will be obtained bymore » conducting a corrective action investigation before evaluating CAAs and selecting the appropriate corrective action for each CAS. The results of the field investigation will support a defensible evaluation of viable CAAs that will be presented in the investigation report.« less

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability. Contracting Officers are responsible for ensuring that all information technology acquisitions comply with the Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

Improving the Security of the U.S. Aeronautical Domain: Adopting an Intelligence-Led, Risk-Based Strategy and Partnership

DTIC Science & Technology

2010-12-01

Methodology RMAT Risk Management Assessment Tool SIDA Security Identification Display Area SIGINT Signals Intelligence SO18 Aviation Security...aircraft operate (§ 1542.203); • Provide detection and physical security measures for the “Security Identification Display Area” ( SIDA ), i.e., the area

Evapotranspiration Cover for the 92-Acre Area Retired Mixed Waste Pits:Interim CQA Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

The Delphi Groupe, Inc., and J. A. Cesare and Associates, Inc.

This Interim Construction Quality Assurance (CQA) Report is for the 92-Acre Evapotranspiration Cover, Area 5 Waste Management Division (WMD) Retired Mixed Waste Pits, Nevada National Security Site, Nevada for the period of January 20, 2011 to May 12, 2011. This Interim Construction Quality Assurance (CQA) Report is for the 92-Acre Evapotranspiration Cover, Area 5 Waste Management Division (WMD) Retired Mixed Waste Pits, Nevada National Security Site, Nevada for the period of January 20, 2011 to May 12, 2011. Construction was approved by the Nevada Division of Environmental Protection (NDEP) under the Approval of Corrective Action Decision Document/Corrective Action Plan (CADD/CAP)more » for Corrective Action Unit (CAU) 111: Area 5 WMD Retired Mixed Waste Pits, Nevada National Security Site, Nevada, on January 6, 2011, pursuant to Subpart XII.8a of the Federal Facility Agreement and Consent Order. The project is located in Area 5 of the Radioactive Waste Management Complex (RWMC) at the Nevada National Security Site (NNSS), formerly known as the Nevada Test Site, located in southern Nevada, approximately 65 miles northwest of Las Vegas, Nevada, in Nye County. The project site, in Area 5, is located in a topographically closed basin approximately 14 additional miles north of Mercury Nevada, in the north-central part of Frenchman Flat. The Area 5 RWMS uses engineered shallow-land burial cells to dispose of packaged waste. The 92-Acre Area encompasses the southern portion of the Area 5 RWMS, which has been designated for the first final closure operations. This area contains 13 Greater Confinement Disposal (GCD) boreholes, 16 narrow trenches, and 9 broader pits. With the exception of two active pits (P03 and P06), all trenches and pits in the 92-Acre Area had operational covers approximately 2.4 meters thick, at a minimum, in most areas when this project began. The units within the 92-Acre Area are grouped into the following six informal categories based on physical location, waste types and regulatory requirements: (1) Pit 3 Mixed Waste Disposal Unit (MWDU); (2) Corrective Action Unit (CAU) 111; (3) CAU 207; (4) Low-level waste disposal units; (5) Asbestiform low-level waste disposal units; and (6) One transuranic (TRU) waste trench.« less

DoD Program for Stability of Civilian Employment: Policies, Procedures, and Programs Manual

DTIC Science & Technology

1990-09-01

employment outside the labor market area of the releasing activity and who elect to have the movement of household goods at the expense of the Federal...other local media . 2. Providing an informational service to the workforce, including remote serviced activities, to reinstatement eligibles, and to...program in which they are to be entered. Starting with the Social Security Number, each element of information on the form is preceded by a number in

Supporting the Information-Centric 2001 Quadrennial Defense Review: The Case for an Information Service

DTIC Science & Technology

2002-04-01

Northeast Asia and the Persian Gulf region, leaving those areas temporarily uncovered. Pitts added that “The simple truth is that America’s air ...quently grounded, again the Air Force was struck with the impact of its own narrow- minded policies . With no launch vehicle to launch the DSCS III...Realist Tradition in the United States Foreign Policy .” Lecture. Dept of International Security and Military Studies. Air Command and Staff College

10 CFR 2.906 - Obligation of parties to avoid introduction of restricted data or national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... data or national security information. 2.906 Section 2.906 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.906 Obligation of parties to avoid introduction of restricted data or national security information. It is the...

22 CFR 9a.1 - Security of certain information and material related to the International Energy Program.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 22 Foreign Relations 1 2011-04-01 2011-04-01 false Security of certain information and material... GENERAL SECURITY INFORMATION REGULATIONS APPLICABLE TO CERTAIN INTERNATIONAL ENERGY PROGRAMS; RELATED MATERIAL § 9a.1 Security of certain information and material related to the International Energy Program...

10 CFR 2.913 - Review of Restricted Data or other National Security Information received in evidence.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.913 Review of Restricted Data or other National Security Information received in evidence. At the close of the reception of... National Security Information be expunged from the record where such expunction would not prejudice the...

10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a notice...

17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

Code of Federal Regulations, 2011 CFR

2011-04-01

... information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities....609 Registration of securities information processors: form of application and amendments. (a) An application for the registration of a securities information processor shall be filed on Form SIP (§ 249.1001...

17 CFR 140.20 - Designation of senior official to oversee Commission use of national security information.

Code of Federal Regulations, 2011 CFR

2011-04-01

... to oversee Commission use of national security information. 140.20 Section 140.20 Commodity and... safeguarding of national security information received by the Commission from other agencies, to chair a... suggestions and complaints with respect to the Commission administration of its information security program...

10 CFR 2.908 - Contents of notice of intent to introduce restricted data or other national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... or other national security information. 2.908 Section 2.908 Energy NUCLEAR REGULATORY COMMISSION... Applicable to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.908 Contents of notice of intent to introduce restricted data or other national security information. (a) A...

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

Key Factors in the Success of an Organization's Information Security Culture: A Quantitative Study and Analysis

ERIC Educational Resources Information Center

Pierce, Robert E.

2012-01-01

This research study reviewed relative literature on information security and information security culture within organizations to determine what factors potentially assist an organization in implementing, integrating, and maintaining a successful organizational information security culture. Based on this review of literature, five key factors were…

Incorporating Global Information Security and Assurance in I.S. Education

ERIC Educational Resources Information Center

White, Garry L.; Hewitt, Barbara; Kruck, S. E.

2013-01-01

Over the years, the news media has reported numerous information security incidents. Because of identity theft, terrorism, and other criminal activities, President Obama has made information security a national priority. Not only is information security and assurance an American priority, it is also a global issue. This paper discusses the…

10 CFR 2.908 - Contents of notice of intent to introduce restricted data or other national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... or other national security information. 2.908 Section 2.908 Energy NUCLEAR REGULATORY COMMISSION... Applicable to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.908 Contents of notice of intent to introduce restricted data or other national security information. (a) A...

22 CFR 9a.1 - Security of certain information and material related to the International Energy Program.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Security of certain information and material... GENERAL SECURITY INFORMATION REGULATIONS APPLICABLE TO CERTAIN INTERNATIONAL ENERGY PROGRAMS; RELATED MATERIAL § 9a.1 Security of certain information and material related to the International Energy Program...

10 CFR 2.913 - Review of Restricted Data or other National Security Information received in evidence.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.913 Review of Restricted Data or other National Security Information received in evidence. At the close of the reception of... National Security Information be expunged from the record where such expunction would not prejudice the...

10 CFR 2.906 - Obligation of parties to avoid introduction of restricted data or national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... data or national security information. 2.906 Section 2.906 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.906 Obligation of parties to avoid introduction of restricted data or national security information. It is the...

10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a notice...

17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

Code of Federal Regulations, 2010 CFR

2010-04-01

... information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities....609 Registration of securities information processors: form of application and amendments. (a) An application for the registration of a securities information processor shall be filed on Form SIP (§ 249.1001...

Exploring Factors that Influence Students' Behaviors in Information Security

ERIC Educational Resources Information Center

Yoon, Cheolho; Hwang, Jae-Won; Kim, Rosemary

2012-01-01

Due to the ever-increasing use of the Internet, information security has become a critical issue in society. This is especially the case for young adults who have different attitudes towards information security practices. In this research, we examine factors that motivate college students' information security behaviors. Based on the concept of…

A review on several key problems of standoff trace explosives detection by optical-related technology

NASA Astrophysics Data System (ADS)

Chen, Zhibin; Xiao, Cheng; Xiao, Wenjian; Qin, Mengze; Liu, Xianhong

2016-01-01

To prevent tragic disasters caused by terror acts and warfare threats, security check personnel must be capable of discovering, distinguishing and eliminating the explosives at multiple circumstances. Standoff technology for the remote detection of explosives and their traces on contaminated surfaces is a research field that has become a heightened priority in recent years for homeland security and counter-terrorism applications. There has been a huge increase in research within this area, the improvement of standoff trace explosives detection by optical-related technology. This paper provides a consolidation of information relating to recent advances in several key problems of, without being limited to one specific research area or explosive type. Working laser wavelength of detection system is discussed. Generation and collection of explosives spectra signal are summarized. Techniques for analysing explosives spectra signal are summed up.

48 CFR 339.7101 - Policy.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7101 Policy. HHS is responsible for implementing an information security program to ensure that its information systems and... information contained in those systems. Each system's level of security shall protect the integrity...

75 FR 1566 - National Industrial Security Program Directive No. 1

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-12

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office 32 CFR Part...: Information Security Oversight Office, NARA. ACTION: Proposed rule; correction. SUMMARY: This document... Management System (FDMS) number to the proposed rule for Information Security Oversight Office (ISOO...

6 CFR 7.11 - Components' responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... INFORMATION Administration § 7.11 Components' responsibilities. Each DHS component shall appoint a security... security information; (b) Report violations of the provisions of this regulation to the Chief Security... component acquire adequate security education and training, as required by the DHS classified information...

32 CFR 2001.50 - Telecommunications automated information systems and network security.

Code of Federal Regulations, 2014 CFR

2014-07-01

... and network security. 2001.50 Section 2001.50 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED... network security. Each agency head shall ensure that classified information electronically accessed...

32 CFR 2001.50 - Telecommunications automated information systems and network security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... and network security. 2001.50 Section 2001.50 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED... network security. Each agency head shall ensure that classified information electronically accessed...

32 CFR 2001.50 - Telecommunications automated information systems and network security.

Code of Federal Regulations, 2012 CFR

2012-07-01

... and network security. 2001.50 Section 2001.50 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED... network security. Each agency head shall ensure that classified information electronically accessed...

Network security system for health and medical information using smart IC card

NASA Astrophysics Data System (ADS)

Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

1998-07-01

A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

7 CFR 1962.14 - Account and security information in UCC cases.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 14 2013-01-01 2013-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after... States, other parties, and also may lose some of its security rights. The UCC provides that the borrower...

7 CFR 1962.14 - Account and security information in UCC cases.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 14 2014-01-01 2014-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after... States, other parties, and also may lose some of its security rights. The UCC provides that the borrower...

7 CFR 1962.14 - Account and security information in UCC cases.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 14 2011-01-01 2011-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after... States, other parties, and also may lose some of its security rights. The UCC provides that the borrower...

7 CFR 1962.14 - Account and security information in UCC cases.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 14 2012-01-01 2012-01-01 false Account and security information in UCC cases. 1962... Liquidation of Chattel Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after... States, other parties, and also may lose some of its security rights. The UCC provides that the borrower...

The Promise of Information and Communication Technology in Healthcare: Extracting Value From the Chaos.

PubMed

Mamlin, Burke W; Tierney, William M

2016-01-01

Healthcare is an information business with expanding use of information and communication technologies (ICTs). Current ICT tools are immature, but a brighter future looms. We examine 7 areas of ICT in healthcare: electronic health records (EHRs), health information exchange (HIE), patient portals, telemedicine, social media, mobile devices and wearable sensors and monitors, and privacy and security. In each of these areas, we examine the current status and future promise, highlighting how each might reach its promise. Steps to better EHRs include a universal programming interface, universal patient identifiers, improved documentation and improved data analysis. HIEs require federal subsidies for sustainability and support from EHR vendors, targeting seamless sharing of EHR data. Patient portals must bring patients into the EHR with better design and training, greater provider engagement and leveraging HIEs. Telemedicine needs sustainable payment models, clear rules of engagement, quality measures and monitoring. Social media needs consensus on rules of engagement for providers, better data mining tools and approaches to counter disinformation. Mobile and wearable devices benefit from a universal programming interface, improved infrastructure, more rigorous research and integration with EHRs and HIEs. Laws for privacy and security need updating to match current technologies, and data stewards should share information on breaches and standardize best practices. ICT tools are evolving quickly in healthcare and require a rational and well-funded national agenda for development, use and assessment. Copyright © 2016 Southern Society for Clinical Investigation. Published by Elsevier Inc. All rights reserved.

Technical solutions for mitigating security threats caused by health professionals in clinical settings.

PubMed

Fernandez-Aleman, Jose Luis; Belen Sanchez Garcia, Ana; Garcia-Mateos, Gines; Toval, Ambrosio

2015-08-01

The objective of this paper is to present a brief description of technical solutions for health information system security threats caused by inadequate security and privacy practices in healthcare professionals. A literature search was carried out in ScienceDirect, ACM Digital Library and IEEE Digital Library to find papers reporting technical solutions for certain security problems in information systems used in clinical settings. A total of 17 technical solutions were identified: measures for password security, the secure use of e-mail, the Internet, portable storage devices, printers and screens. Although technical safeguards are essential to the security of healthcare organization's information systems, good training, awareness programs and adopting a proper information security policy are particularly important to prevent insiders from causing security incidents.

A cooperative model for IS security risk management in distributed environment.

PubMed

Feng, Nan; Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

Cyber indicators of compromise: a domain ontology for security information and event management

DTIC Science & Technology

2017-03-01

COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT by Marsha D. Rowell March 2017 Thesis Co-Advisors: J. D...to automate this work is Security Information and Event Management (SIEM). In short, SIEM technology works by aggregating log information , and then...Distribution is unlimited. CYBER INDICATORS OF COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT Marsha D. Rowell

Remote sensing of soils, land forms, and land use in the northern Great Plains in preparation for ERTS applications

NASA Technical Reports Server (NTRS)

Frazee, C. J.; Westin, F. C.; Gropper, J.; Myers, V. I.

1972-01-01

Research to determine the optimum time or season for obtaining imagery to identify and map soil limitations was conducted in the proposed Oahe irrigation project area in South Dakota. The optimum time for securing photographs or imagery is when the soil surface patterns are most apparent. For cultivated areas similar to the study area, May is the optimum time. The density slicing analysis of the May image provided additional and more accurate information than did the existing soil map. The soil boundaries were more accurately located. The use of a density analysis system for an operational soil survey has not been tested, but is obviously dependent upon securing excellent photographs for interpretation. The colors or densities of photographs will have to be corrected for sun angle effects, vignetting effects, and processing to have maximum effectiveness for mapping soil limitations. Rangeland sites were established in Bennett County, South Dakota to determine the usefulness of ERTS imagery. Imagery from these areas was interpreted for land use and drainage patterns.

The Impact of the Security Competency on "Self-Efficacy in Information Security" for Effective Health Information Security in Iran.

PubMed

Shahri, Ahmad Bakhtiyari; Ismail, Zuraini; Mohanna, Shahram

2016-11-01

The security effectiveness based on users' behaviors is becoming a top priority of Health Information System (HIS). In the first step of this study, through the review of previous studies 'Self-efficacy in Information Security' (SEIS) and 'Security Competency' (SCMP) were identified as the important factors to transforming HIS users to the first line of defense in the security. Subsequently, a conceptual model was proposed taking into mentioned factors for HIS security effectiveness. Then, this quantitative study used the structural equation modeling to examine the proposed model based on survey data collected from a sample of 263 HIS users from eight hospitals in Iran. The result shows that SEIS is one of the important factors to cultivate of good end users' behaviors toward HIS security effectiveness. However SCMP appears a feasible alternative to providing SEIS. This study also confirms the mediation effects of SEIS on the relationship between SCMP and HIS security effectiveness. The results of this research paper can be used by HIS and IT managers to implement their information security process more effectively.

78 FR 37670 - Federal Acquisition Regulation; Contractors Performing Private Security Functions Outside the...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-21

...] RIN 9000-AM20 Federal Acquisition Regulation; Contractors Performing Private Security Functions...-181). Section 862, entitled ``Contractors Performing Private Security Functions in Areas of Combat...), as amended, entitled ``Contractors Performing Private Security Functions in Areas of Combat...

7 CFR 318.13-21 - Avocados from Hawaii to Alaska.

Code of Federal Regulations, 2014 CFR

2014-01-01

... sealable containers; (ii) The transloading is carried out within the secure area of the airport (i.e., that area of the airport that is open only to personnel authorized by the airport security authorities); (iii) The area used for any storage of the consignment is within the secure area of the airport, and is...

7 CFR 318.13-21 - Avocados from Hawaii to Alaska.

Code of Federal Regulations, 2012 CFR

2012-01-01

... sealable containers; (ii) The transloading is carried out within the secure area of the airport (i.e., that area of the airport that is open only to personnel authorized by the airport security authorities); (iii) The area used for any storage of the consignment is within the secure area of the airport, and is...

7 CFR 318.13-21 - Avocados from Hawaii to Alaska.

Code of Federal Regulations, 2013 CFR

2013-01-01

... sealable containers; (ii) The transloading is carried out within the secure area of the airport (i.e., that area of the airport that is open only to personnel authorized by the airport security authorities); (iii) The area used for any storage of the consignment is within the secure area of the airport, and is...

49 CFR 1520.1 - Scope.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY... of records and information that TSA has determined to be Sensitive Security Information, as defined...

49 CFR 1542.211 - Identification systems.

Code of Federal Regulations, 2010 CFR

2010-10-01

... secured area or SIDA continuously displays the identification medium issued to that individual on the... individual who has authorized unescorted access to secured areas and SIDA's to ascertain the authority of any... approved identification media. The procedure must— (1) Apply uniformly in secured areas, SIDAs, and...

49 CFR 1542.211 - Identification systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... secured area or SIDA continuously displays the identification medium issued to that individual on the... individual who has authorized unescorted access to secured areas and SIDA's to ascertain the authority of any... approved identification media. The procedure must— (1) Apply uniformly in secured areas, SIDAs, and...

49 CFR 1542.211 - Identification systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... secured area or SIDA continuously displays the identification medium issued to that individual on the... individual who has authorized unescorted access to secured areas and SIDA's to ascertain the authority of any... approved identification media. The procedure must— (1) Apply uniformly in secured areas, SIDAs, and...

49 CFR 1542.211 - Identification systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... secured area or SIDA continuously displays the identification medium issued to that individual on the... individual who has authorized unescorted access to secured areas and SIDA's to ascertain the authority of any... approved identification media. The procedure must— (1) Apply uniformly in secured areas, SIDAs, and...

49 CFR 1542.211 - Identification systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... secured area or SIDA continuously displays the identification medium issued to that individual on the... individual who has authorized unescorted access to secured areas and SIDA's to ascertain the authority of any... approved identification media. The procedure must— (1) Apply uniformly in secured areas, SIDAs, and...

78 FR 19073 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-28

... individual custodians; end-investors providing security-by-security information will require an average of...; end-investors providing security-by-security information will require an average of 146 hours; and... keeping burdens on respondents, including the use of information technologies to automate the collection...

17 CFR 242.600 - NMS security designation and definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

...) Interrogation device means any securities information retrieval system capable of displaying transaction reports... with respect to such order; and (v) Immediately and automatically displays information that updates the... security; and (ii) Consolidated last sale information for a security. (14) Consolidated last sale...

17 CFR 242.600 - NMS security designation and definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

...) Interrogation device means any securities information retrieval system capable of displaying transaction reports... with respect to such order; and (v) Immediately and automatically displays information that updates the... security; and (ii) Consolidated last sale information for a security. (14) Consolidated last sale...

17 CFR 242.600 - NMS security designation and definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

...) Interrogation device means any securities information retrieval system capable of displaying transaction reports... with respect to such order; and (v) Immediately and automatically displays information that updates the... security; and (ii) Consolidated last sale information for a security. (14) Consolidated last sale...

17 CFR 242.600 - NMS security designation and definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

...) Interrogation device means any securities information retrieval system capable of displaying transaction reports... with respect to such order; and (v) Immediately and automatically displays information that updates the... security; and (ii) Consolidated last sale information for a security. (14) Consolidated last sale...

6 CFR 7.1 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION § 7.1 Purpose. The purpose of this part is to ensure that information within the Department of Homeland Security... provisions of Executive Order 12958, as amended, and implementing directives from the Information Security...

46 CFR 503.58 - Appeals of denials of mandatory declassification review requests.

Code of Federal Regulations, 2010 CFR

2010-10-01

... PUBLIC INFORMATION Information Security Program § 503.58 Appeals of denials of mandatory declassification... Security Classification Appeals Panel. The appeal should be addressed to, Executive Secretary, Interagency Security Classification Appeals Panel, Attn: Classification Challenge Appeals, c/o Information Security...

78 FR 69286 - Facility Security Clearance and Safeguarding of National Security Information and Restricted Data

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-19

... Clearance and Safeguarding of National Security Information and Restricted Data AGENCY: Nuclear Regulatory... Executive Order 13526, Classified National Security Information. In addition, this direct final rule allowed... licensees (or their designees) to conduct classified [[Page 69287

75 FR 45151 - National Security Division; Agency Information Collection Activities: Proposed Collection...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-02

... DEPARTMENT OF JUSTICE [OMB Number 1124-0006] National Security Division; Agency Information...), National Security Division (NSD), will be submitting the following information collection request to the..., 10th & Constitution Avenue, NW., National Security Division, Counterespionage Section/Registration Unit...

6 CFR 7.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION § 7.1 Purpose. The purpose of this part is to ensure that information within the Department of Homeland Security... provisions of Executive Order 12958, as amended, and implementing directives from the Information Security...

49 CFR 1.27 - Delegations to the General Counsel.

Code of Federal Regulations, 2012 CFR

2012-10-01

...) (Security and research and development activities), as implemented by 49 CFR part 15 (Protection of Sensitive Security Information), relating to the determination that information is Sensitive Security Information, in consultation and coordination with the Office of Intelligence, Security and Emergency Response...

49 CFR 1.27 - Delegations to the General Counsel.

Code of Federal Regulations, 2013 CFR

2013-10-01

...) (Security and research and development activities), as implemented by 49 CFR part 15 (Protection of Sensitive Security Information), relating to the determination that information is Sensitive Security Information, in consultation and coordination with the Office of Intelligence, Security and Emergency Response...

49 CFR 1.27 - Delegations to the General Counsel.

Code of Federal Regulations, 2014 CFR

2014-10-01

...) (Security and research and development activities), as implemented by 49 CFR part 15 (Protection of Sensitive Security Information), relating to the determination that information is Sensitive Security Information, in consultation and coordination with the Office of Intelligence, Security and Emergency Response...

32 CFR 2001.1 - Purpose and scope.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Telecommunications, automated information systems, and network security 4.1, 4.2 2001.51 Technical security 4.1 2001... National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Scope of Part § 2001...

32 CFR 2001.1 - Purpose and scope.

Code of Federal Regulations, 2012 CFR

2012-07-01

... Telecommunications, automated information systems, and network security 4.1, 4.2 2001.51 Technical security 4.1 2001... National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Scope of Part § 2001...

32 CFR 2001.1 - Purpose and scope.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Telecommunications, automated information systems, and network security 4.1, 4.2 2001.51 Technical security 4.1 2001... National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Scope of Part § 2001...

32 CFR 2001.1 - Purpose and scope.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Telecommunications, automated information systems, and network security 4.1, 4.2 2001.51 Technical security 4.1 2001... National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Scope of Part § 2001...

32 CFR 2001.1 - Purpose and scope.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Telecommunications, automated information systems, and network security 4.1, 4.2 2001.51 Technical security 4.1 2001... National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Scope of Part § 2001...

Interoperability and security in wireless body area network infrastructures.

PubMed

Warren, Steve; Lebak, Jeffrey; Yao, Jianchu; Creekmore, Jonathan; Milenkovic, Aleksandar; Jovanov, Emil

2005-01-01

Wireless body area networks (WBANs) and their supporting information infrastructures offer unprecedented opportunities to monitor state of health without constraining the activities of a wearer. These mobile point-of-care systems are now realizable due to the convergence of technologies such as low-power wireless communication standards, plug-and-play device buses, off-the-shelf development kits for low-power microcontrollers, handheld computers, electronic medical records, and the Internet. To increase acceptance of personal monitoring technology while lowering equipment cost, advances must be made in interoperability (at both the system and device levels) and security. This paper presents an overview of WBAN infrastructure work in these areas currently underway in the Medical Component Design Laboratory at Kansas State University (KSU) and at the University of Alabama in Huntsville (UAH). KSU efforts include the development of wearable health status monitoring systems that utilize ISO/IEEE 11073, Bluetooth, Health Level 7, and OpenEMed. WBAN efforts at UAH include the development of wearable activity and health monitors that incorporate ZigBee-compliant wireless sensor platforms with hardware-level encryption and the TinyOS development environment. WBAN infrastructures are complex, requiring many functional support elements. To realize these infrastructures through collaborative efforts, organizations such as KSU and UAH must define and utilize standard interfaces, nomenclature, and security approaches.

Study on Mobile Object Positioning and Alarming System Based on the “Map World” in the Core Area of the Silk Road Economic Belt

NASA Astrophysics Data System (ADS)

Mu, Kai

2017-02-01

The established “Map World” on the National Geographic Information Public Service Platform offers free access to many geographic information in the Core Area of the Silk Road Economic Belt. Considering the special security situation and severe splittism and anti-splittism struggles in the Core Area of the Silk Road Economic Belt, a set of moving target positioning and alarming platform based on J2EE platform and B/S structure was designed and realized by combining the “Map World” data and global navigation satellite system. This platform solves various problems, such as effective combination of Global Navigation Satellite System (GNSS) and “Map World” resources, moving target alarming setting, inquiry of historical routes, system management, etc.

6 CFR 7.21 - Classification of information, limitations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Classification of information, limitations. 7.21... NATIONAL SECURITY INFORMATION Classified Information § 7.21 Classification of information, limitations. (a... protection in the interest of national security. (d) Information may be reclassified after it has been...

The Role of Health Care Experience and Consumer Information Efficacy in Shaping Privacy and Security Perceptions of Medical Records: National Consumer Survey Results

PubMed Central

Beckjord, Ellen; Moser, Richard P; Hughes, Penelope; Hesse, Bradford W

2015-01-01

Background Providers’ adoption of electronic health records (EHRs) is increasing and consumers have expressed concerns about the potential effects of EHRs on privacy and security. Yet, we lack a comprehensive understanding regarding factors that affect individuals’ perceptions regarding the privacy and security of their medical information. Objective The aim of this study was to describe national perceptions regarding the privacy and security of medical records and identify a comprehensive set of factors associated with these perceptions. Methods Using a nationally representative 2011-2012 survey, we reported on adults’ perceptions regarding privacy and security of medical records and sharing of health information between providers, and whether adults withheld information from a health care provider due to privacy or security concerns. We used multivariable models to examine the association between these outcomes and sociodemographic characteristics, health and health care experience, information efficacy, and technology-related variables. Results Approximately one-quarter of American adults (weighted n=235,217,323; unweighted n=3959) indicated they were very confident (n=989) and approximately half indicated they were somewhat confident (n=1597) in the privacy of their medical records; we found similar results regarding adults’ confidence in the security of medical records (very confident: n=828; somewhat confident: n=1742). In all, 12.33% (520/3904) withheld information from a health care provider and 59.06% (2100/3459) expressed concerns about the security of both faxed and electronic health information. Adjusting for other characteristics, adults who reported higher quality of care had significantly greater confidence in the privacy and security of their medical records and were less likely to withhold information from their health care provider due to privacy or security concerns. Adults with higher information efficacy had significantly greater confidence in the privacy and security of medical records and less concern about sharing of health information by both fax and electronic means. Individuals’ perceptions of whether their providers use an EHR was not associated with any privacy or security outcomes. Conclusions Although most adults are confident in the privacy and security of their medical records, many express concerns regarding sharing of information between providers; a minority report withholding information from their providers due to privacy and security concerns. Whether individuals thought their provider was using an EHR was not associated with negative privacy/security perceptions or withholding, suggesting the transition to EHRs is not associated with negative perceptions regarding the privacy and security of medical information. However, monitoring to see how this evolves will be important. Given that positive health care experiences and higher information efficacy were associated with more favorable perceptions of privacy and security, efforts should continue to encourage providers to secure medical records, provide patients with a “meaningful choice” in how their data are shared, and enable individuals to access information they need to manage their care. PMID:25843686

The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results.

PubMed

Patel, Vaishali; Beckjord, Ellen; Moser, Richard P; Hughes, Penelope; Hesse, Bradford W

2015-04-02

Providers' adoption of electronic health records (EHRs) is increasing and consumers have expressed concerns about the potential effects of EHRs on privacy and security. Yet, we lack a comprehensive understanding regarding factors that affect individuals' perceptions regarding the privacy and security of their medical information. The aim of this study was to describe national perceptions regarding the privacy and security of medical records and identify a comprehensive set of factors associated with these perceptions. Using a nationally representative 2011-2012 survey, we reported on adults' perceptions regarding privacy and security of medical records and sharing of health information between providers, and whether adults withheld information from a health care provider due to privacy or security concerns. We used multivariable models to examine the association between these outcomes and sociodemographic characteristics, health and health care experience, information efficacy, and technology-related variables. Approximately one-quarter of American adults (weighted n=235,217,323; unweighted n=3959) indicated they were very confident (n=989) and approximately half indicated they were somewhat confident (n=1597) in the privacy of their medical records; we found similar results regarding adults' confidence in the security of medical records (very confident: n=828; somewhat confident: n=1742). In all, 12.33% (520/3904) withheld information from a health care provider and 59.06% (2100/3459) expressed concerns about the security of both faxed and electronic health information. Adjusting for other characteristics, adults who reported higher quality of care had significantly greater confidence in the privacy and security of their medical records and were less likely to withhold information from their health care provider due to privacy or security concerns. Adults with higher information efficacy had significantly greater confidence in the privacy and security of medical records and less concern about sharing of health information by both fax and electronic means. Individuals' perceptions of whether their providers use an EHR was not associated with any privacy or security outcomes. Although most adults are confident in the privacy and security of their medical records, many express concerns regarding sharing of information between providers; a minority report withholding information from their providers due to privacy and security concerns. Whether individuals thought their provider was using an EHR was not associated with negative privacy/security perceptions or withholding, suggesting the transition to EHRs is not associated with negative perceptions regarding the privacy and security of medical information. However, monitoring to see how this evolves will be important. Given that positive health care experiences and higher information efficacy were associated with more favorable perceptions of privacy and security, efforts should continue to encourage providers to secure medical records, provide patients with a "meaningful choice" in how their data are shared, and enable individuals to access information they need to manage their care.

7 CFR 1962.14 - Account and security information in UCC cases.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 14 2010-01-01 2009-01-01 true Account and security information in UCC cases. 1962.14... Security § 1962.14 Account and security information in UCC cases. Within 2 weeks after receipt of a written... the information, it may be liable for any loss caused the borrower and, in some States, other parties...

CMMI(Registered) for Services, Version 1.3

DTIC Science & Technology

2010-11-01

ISO 2008b] ISO /IEC 27001 :2005 Information technology – Security techniques – Information Security Management Systems – Requirements [ ISO /IEC 2005...Commission. ISO /IEC 27001 Information Technology – Security Techniques – Information Security Management Systems – Requirements, 2005. http...CMM or International Organization for Standardization ( ISO ) 9001, you will immediately recognize many similarities in their structure and content

The Impact of Information Richness on Information Security Awareness Training Effectiveness

ERIC Educational Resources Information Center

Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

2009-01-01

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

46 CFR 503.53 - Oversight Committee.

Code of Federal Regulations, 2011 CFR

2011-10-01

... FEDERAL MARITIME COMMISSION GENERAL AND ADMINISTRATIVE PROVISIONS PUBLIC INFORMATION Information Security... provisions of Executive Order 13526 and directives of the Information Security Oversight Office. The program... and complaints concerning the Commission's information security program; (d) Recommend appropriate...

46 CFR 503.53 - Oversight Committee.

Code of Federal Regulations, 2010 CFR

2010-10-01

... FEDERAL MARITIME COMMISSION GENERAL AND ADMINISTRATIVE PROVISIONS PUBLIC INFORMATION Information Security... provisions of Executive Order 12958 and directives of the Information Security Oversight Office. The program... and complaints concerning the Commission's information security program; (d) Recommend appropriate...

Project Manager’s Guide to the Scientific and Technical Information (STINFO) Program and Technical Publications Process

DTIC Science & Technology

1993-12-01

Iaporta .. y be definitive for the tubjoct proaentod, exploratory in natura, or an evaluation of critical Aubayato• or of technical problema , 4...International Security 9 Social and Natural Science Studies Field 41 Edit: (Type 3) -Entry of an invalid code when Performance Type is "C" or "M" will...analysis SF Foreign area social science research SP Foreign area policy planAing research BF Identifies databases with data on foreign forces or