45 CFR 601.3 - Security program.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.3 Security program. The Director, Division of... employees concerned with classified information or material. (b) Encouraging Foundation personnel to...

45 CFR 601.3 - Security program.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.3 Security program. The Director, Division of... employees concerned with classified information or material. (b) Encouraging Foundation personnel to...

45 CFR 601.3 - Security program.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.3 Security program. The Director, Division of... employees concerned with classified information or material. (b) Encouraging Foundation personnel to...

45 CFR 601.3 - Security program.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.3 Security program. The Director, Division of... employees concerned with classified information or material. (b) Encouraging Foundation personnel to...

Secure quantum key distribution using continuous variables of single photons.

PubMed

Zhang, Lijian; Silberhorn, Christine; Walmsley, Ian A

2008-03-21

We analyze the distribution of secure keys using quantum cryptography based on the continuous variable degree of freedom of entangled photon pairs. We derive the information capacity of a scheme based on the spatial entanglement of photons from a realistic source, and show that the standard measures of security known for quadrature-based continuous variable quantum cryptography (CV-QKD) are inadequate. A specific simple eavesdropping attack is analyzed to illuminate how secret information may be distilled well beyond the bounds of the usual CV-QKD measures.

17 CFR 240.15g-100 - Schedule 15G-Information to be included in the document distributed pursuant to 17 CFR 240.15g-2.

Code of Federal Regulations, 2010 CFR

2010-04-01

... page] Important Information on Penny Stocks The U.S. Securities and Exchange Commission (SEC) requires... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Schedule 15G-Information to be... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... significance (Category III), and for protection of Restricted Data, National Security Information, Safeguards... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED...

17 CFR 240.17g-4 - Prevention of misuse of material nonpublic information.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Prevention of misuse of material nonpublic information. 240.17g-4 Section 240.17g-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17g-4 - Prevention of misuse of material nonpublic information.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Prevention of misuse of material nonpublic information. 240.17g-4 Section 240.17g-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17g-4 - Prevention of misuse of material nonpublic information.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Prevention of misuse of material nonpublic information. 240.17g-4 Section 240.17g-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17g-4 - Prevention of misuse of material nonpublic information.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Prevention of misuse of material nonpublic information. 240.17g-4 Section 240.17g-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

Determination of ISRA Framework Using Delphi Methodology for Small and Midsized Enterprises

ERIC Educational Resources Information Center

Shah, Ashish

2017-01-01

Unfathomable a few decades ago, the velocity of revolution in information technology (IT) security is accelerating. Small and midsized enterprises (SMEs) continue to make IT security a highest priority and foster security controls to safeguard their environments from adverse effects. Information technology security professionals must rely on one…

17 CFR 248.30 - Procedures to safeguard customer records and information; disposal of consumer report information.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Procedures to safeguard... and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM... administrative, technical, and physical safeguards for the protection of customer records and information. These...

17 CFR 248.30 - Procedures to safeguard customer records and information; disposal of consumer report information.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Procedures to safeguard... and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P, S-AM, AND S... administrative, technical, and physical safeguards for the protection of customer records and information. These...

17 CFR 248.30 - Procedures to safeguard customer records and information; disposal of consumer report information.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Procedures to safeguard... and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM... administrative, technical, and physical safeguards for the protection of customer records and information. These...

17 CFR 248.30 - Procedures to safeguard customer records and information; disposal of consumer report information.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Procedures to safeguard... and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM... administrative, technical, and physical safeguards for the protection of customer records and information. These...

17 CFR 248.30 - Procedures to safeguard customer records and information; disposal of consumer report information.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Procedures to safeguard... and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM... administrative, technical, and physical safeguards for the protection of customer records and information. These...

75 FR 5865 - Proposed Collection; Comment Request for Publication 1075

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-04

... Publication 1075, Tax Information Security Guidelines for Federal, State, and Local Agencies. [[Page 5866... internet at [email protected] . SUPPLEMENTARY INFORMATION: Title: Tax Information Security Guidelines... on proposed and/or continuing information collections, as required by the Paperwork Reduction Act of...

78 FR 23980 - Proposed Collection; Comment Request for Publication 1075

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-23

... Publication 1075, Tax Information Security Guidelines for Federal, State, and Local Agencies. DATES: Written... [email protected] . SUPPLEMENTARY INFORMATION: Title: Tax Information Security Guidelines for... on proposed and/or continuing information collections, as required by the Paperwork Reduction Act of...

17 CFR 240.15g-100 - Schedule 15G-Information to be included in the document distributed pursuant to 17 CFR 240.15g-2.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Schedule 15G-Information to be... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934...

17 CFR 240.15g-100 - Schedule 15G-Information to be included in the document distributed pursuant to 17 CFR 240.15g-2.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Schedule 15G-Information to be... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934...

17 CFR 240.15g-100 - Schedule 15G-Information to be included in the document distributed pursuant to 17 CFR 240.15g-2.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Schedule 15G-Information to be... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities Exchange Act of 1934...

Report: EPA Improved Its National Security Information Program, but Some Improvements Still Needed

EPA Pesticide Factsheets

Report #16-P-0196, June 2, 2016. The EPA will continue to improve its national security information program by completing information classification guides that can be used uniformly and consistently throughout the agency.

33 CFR 187.101 - What information must be collected to identify a vessel owner?

Code of Federal Regulations, 2010 CFR

2010-07-01

... this section. (4) One of the following unique identifiers for each owner: (i) Social Security Number... the individual who signed the application for numbering: (i) Social Security Number (SSN) or..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY VESSEL IDENTIFICATION SYSTEM Information to be...

Security Information and Event Management Tools and Insider Threat Detection

DTIC Science & Technology

2013-09-01

Orebaugh, A., Scholl , M., & Stine, K. (2011, September). Information security continuous monitoring (ISCM) for federal information systems and...E., Conway, T., Keverline, S., Williams , M., Capelli, D., Willke, B., & Moore, A. (2008, January). Insider threat study: illicit cyber activity in

49 CFR 1520.7 - Covered persons.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.7 Covered persons. Persons subject to the requirements of part 1520 are: (a...

49 CFR 1520.7 - Covered persons.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.7 Covered persons. Persons subject to the requirements of part 1520 are: (a...

49 CFR 1520.7 - Covered persons.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.7 Covered persons. Persons subject to the requirements of part 1520 are: (a...

49 CFR 1520.7 - Covered persons.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.7 Covered persons. Persons subject to the requirements of part 1520 are: (a...

49 CFR 1520.7 - Covered persons.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.7 Covered persons. Persons subject to the requirements of part 1520 are: (a...

10 CFR 824.7 - Final notice of violation.

Code of Federal Regulations, 2011 CFR

2011-01-01

... whether the person violated or is continuing to violate a classified information security requirement. (b... classified information security requirement, the Director may issue to the person a final notice of violation... DEPARTMENT OF ENERGY PROCEDURAL RULES FOR THE ASSESSMENT OF CIVIL PENALTIES FOR CLASSIFIED INFORMATION...

10 CFR 824.7 - Final notice of violation.

Code of Federal Regulations, 2010 CFR

2010-01-01

... whether the person violated or is continuing to violate a classified information security requirement. (b... classified information security requirement, the Director may issue to the person a final notice of violation... DEPARTMENT OF ENERGY PROCEDURAL RULES FOR THE ASSESSMENT OF CIVIL PENALTIES FOR CLASSIFIED INFORMATION...

The adoption of IT security standards in a healthcare environment.

PubMed

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

49 CFR 1520.13 - Marking SSI.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.13 Marking SSI. (a) Marking of paper records. In the case of paper records...

49 CFR 1520.19 - Destruction of SSI.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.19 Destruction of SSI. (a) DHS. Subject to the requirements of the Federal...

45 CFR 601.1 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.1 Purpose. Pursuant to Executive Order 12958 and Information Security Oversight Office Directive No. 1, the National Science Foundation [Foundation] issues the...

45 CFR 601.4 - Classification Review Committee.

Code of Federal Regulations, 2011 CFR

2011-10-01

....4 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.4 Classification Review Committee. The Security Officer (Information) chairs the Foundation's Classification Review Committee which has authority...

45 CFR 601.1 - Purpose.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.1 Purpose. Pursuant to Executive Order 12958 and Information Security Oversight Office Directive No. 1, the National Science Foundation [Foundation] issues the...

45 CFR 601.4 - Classification Review Committee.

Code of Federal Regulations, 2012 CFR

2012-10-01

....4 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.4 Classification Review Committee. The Security Officer (Information) chairs the Foundation's Classification Review Committee which has authority...

45 CFR 601.1 - Purpose.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.1 Purpose. Pursuant to Executive Order 12958 and Information Security Oversight Office Directive No. 1, the National Science Foundation [Foundation] issues the...

45 CFR 601.1 - Purpose.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.1 Purpose. Pursuant to Executive Order 12958 and Information Security Oversight Office Directive No. 1, the National Science Foundation [Foundation] issues the...

45 CFR 601.4 - Classification Review Committee.

Code of Federal Regulations, 2014 CFR

2014-10-01

....4 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.4 Classification Review Committee. The Security Officer (Information) chairs the Foundation's Classification Review Committee which has authority...

45 CFR 601.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.1 Purpose. Pursuant to Executive Order 12958 and Information Security Oversight Office Directive No. 1, the National Science Foundation [Foundation] issues the...

45 CFR 601.4 - Classification Review Committee.

Code of Federal Regulations, 2013 CFR

2013-10-01

....4 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.4 Classification Review Committee. The Security Officer (Information) chairs the Foundation's Classification Review Committee which has authority...

45 CFR 601.4 - Classification Review Committee.

Code of Federal Regulations, 2010 CFR

2010-10-01

....4 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.4 Classification Review Committee. The Security Officer (Information) chairs the Foundation's Classification Review Committee which has authority...

17 CFR 270.8b-3 - Title of securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Title of securities. 270.8b-3 Section 270.8b-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) RULES... securities is required to be stated, there shall be given such information as will indicate the type and...

78 FR 34161 - Proposed Collection: Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-06

... Time Deposits. PD F 4144-1--Account Information for U.S. Treasury Securities State and Local Government.... Abstract: The information is requested to establish and maintain accounts for the owners of securities of... agencies to take this opportunity to comment on proposed and/or continuing information collections, as...

75 FR 51843 - Proposed Extension of Information Collection Request Submitted for Public Comment; Final Rule on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-23

... DEPARTMENT OF LABOR Employee Benefits Security Administration Proposed Extension of Information... Individual Account Plans AGENCY: Employee Benefits Security Administration, Department of Labor. ACTION... opportunity to comment on proposed and continuing collections of information. This helps the Department assess...

10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... protection during non-working hours; or (2) Any steel file cabinet that has four sides and a top and bottom...

10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... protection during non-working hours; or (2) Any steel file cabinet that has four sides and a top and bottom...

10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... protection during non-working hours; or (2) Any steel file cabinet that has four sides and a top and bottom...

10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... protection during non-working hours; or (2) Any steel file cabinet that has four sides and a top and bottom...

10 CFR 95.25 - Protection of National Security Information and Restricted Data in storage.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Protection of National Security Information and Restricted Data in storage. 95.25 Section 95.25 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY... protection during non-working hours; or (2) Any steel file cabinet that has four sides and a top and bottom...

32 CFR 321.3 - Information and procedures for requesting notification.

Code of Federal Regulations, 2014 CFR

2014-07-01

... DEFENSE (CONTINUED) PRIVACY PROGRAM DEFENSE SECURITY SERVICE PRIVACY PROGRAM § 321.3 Information and... mail to the Defense Security Service, Office of FOI and Privacy, 1340 Braddock Place, Alexandria, VA... 32 National Defense 2 2014-07-01 2014-07-01 false Information and procedures for requesting...

32 CFR 321.3 - Information and procedures for requesting notification.

Code of Federal Regulations, 2013 CFR

2013-07-01

... DEFENSE (CONTINUED) PRIVACY PROGRAM DEFENSE SECURITY SERVICE PRIVACY PROGRAM § 321.3 Information and... mail to the Defense Security Service, Office of FOI and Privacy, 1340 Braddock Place, Alexandria, VA... 32 National Defense 2 2013-07-01 2013-07-01 false Information and procedures for requesting...

32 CFR 321.3 - Information and procedures for requesting notification.

Code of Federal Regulations, 2011 CFR

2011-07-01

... DEFENSE (CONTINUED) PRIVACY PROGRAM DEFENSE SECURITY SERVICE PRIVACY PROGRAM § 321.3 Information and... mail to the Defense Security Service, Office of FOI and Privacy, 1340 Braddock Place, Alexandria, VA... 32 National Defense 2 2011-07-01 2011-07-01 false Information and procedures for requesting...

32 CFR 321.3 - Information and procedures for requesting notification.

Code of Federal Regulations, 2012 CFR

2012-07-01

... DEFENSE (CONTINUED) PRIVACY PROGRAM DEFENSE SECURITY SERVICE PRIVACY PROGRAM § 321.3 Information and... mail to the Defense Security Service, Office of FOI and Privacy, 1340 Braddock Place, Alexandria, VA... 32 National Defense 2 2012-07-01 2012-07-01 false Information and procedures for requesting...

32 CFR 321.3 - Information and procedures for requesting notification.

Code of Federal Regulations, 2010 CFR

2010-07-01

... DEFENSE (CONTINUED) PRIVACY PROGRAM DEFENSE SECURITY SERVICE PRIVACY PROGRAM § 321.3 Information and... mail to the Defense Security Service, Office of FOI and Privacy, 1340 Braddock Place, Alexandria, VA... 32 National Defense 2 2010-07-01 2010-07-01 false Information and procedures for requesting...

The Evolution of the Automated Continuous Evaluation System (ACES) for Personnel Security

DTIC Science & Technology

2013-11-12

information. It applies business rules to the data, produces a report that flags issues of potential security concern, and electronically transmits...Form 86 (SF- 86) to check these data sources, verify what has been submitted, and collect more information. It applies business rules to the data...subject information. It applies business rules to analyze the data returned, produces a report that flags issues of potential security concern, and

49 CFR 1520.11 - Persons with a need to know.

Code of Federal Regulations, 2010 CFR

2010-10-01

....11 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY SECURITY RULES FOR ALL MODES OF TRANSPORTATION PROTECTION OF SENSITIVE SECURITY INFORMATION § 1520.11 Persons with a need to know. (a) In general. A person has a need to...

41 CFR 105-53.133 - Information Security Oversight Office.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false Information Security Oversight Office. 105-53.133 Section 105-53.133 Public Contracts and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES ADMINISTRATION 53-STATEMENT OF ORGANIZATION AND...

41 CFR 105-53.133 - Information Security Oversight Office.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Information Security Oversight Office. 105-53.133 Section 105-53.133 Public Contracts and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES ADMINISTRATION 53-STATEMENT OF ORGANIZATION AND...

77 FR 54559 - Proposed Information Collection; Comment Request; Offsets in Military Exports

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-05

... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment Request; Offsets in Military Exports AGENCY: Bureau of Industry and Security, Department of Commerce. ACTION: Notice. SUMMARY: The Department of Commerce, as part of its continuing effort to reduce paperwork...

DoD Information Security Program and Protection of Sensitive Compartmented Information (SCI)

DTIC Science & Technology

2016-04-21

collateral, special access program, SCI, and controlled unclassified information ( CUI ) within an overarching DoD Information Security Program...classified, safeguarded, and declassified in accordance with References (c), (d), and DoD Manual 5200.01 (Reference (i)). CUI will be identified...Information will not be classified, continue to be maintained as classified, or fail to be declassified, or be designated CUI under any circumstances in

29 CFR 2570.39 - Opportunities to submit additional information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 29 Labor 9 2010-07-01 2010-07-01 false Opportunities to submit additional information. 2570.39 Section 2570.39 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION, DEPARTMENT OF LABOR ADMINISTRATION AND ENFORCEMENT UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE...

15 CFR 758.5 - Conformity of documents and unloading of items.

Code of Federal Regulations, 2010 CFR

2010-01-01

... disposition from BIS. (ii) Contact information. U.S. Department of Commerce, Bureau of Industry and Security... Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION... documents. When a license is issued by BIS, the information entered on related export control documents (e.g...

15 CFR 784.3 - Scope and conduct of complementary access.

Code of Federal Regulations, 2011 CFR

2011-01-01

..., safety, and security regulations (e.g., regulations for protection of controlled environments within the... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS... presence of a U.S. Government Host Team. No information of direct national security significance shall be...

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

Concepts for a standard based cross-organisational information security management system in the context of a nationwide EHR.

PubMed

Mense, Alexander; Hoheiser-Pförtner, Franz; Schmid, Martin; Wahl, Harald

2013-01-01

Working with health related data necessitates appropriate levels of security and privacy. Information security, meaning ensuring confidentiality, integrity, and availability, is more organizational, than technical in nature. It includes many organizational and management measures, is based on well-defined security roles, processes, and documents, and needs permanent adaption of security policies, continuously monitoring, and measures assessment. This big challenge for any organization leads to implementation of an information security management system (ISMS). In the context of establishing a regional or national electronic health record for integrated care (ICEHR), the situation is worse. Changing the medical information exchange from on-demand peer-to-peer connections to health information networks requires all organizations participating in the EHR system to have consistent security levels and to follow the same security guidelines and rules. Also, the implementation must be monitored and audited, establishing cross-organizational information security management systems (ISMS) based on international standards. This paper evaluates requirements and defines basic concepts for an ISO 27000 series-based cross-organizational ISMS in the healthcare domain and especially for the implementation of the nationwide electronic health record in Austria (ELGA).

17 CFR 248.1 - Purpose and scope.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Purpose and scope. 248.1 Section 248.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Personal...

15 CFR 930.122 - Necessary in the interest of national security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Trade (Continued) NATIONAL OCEANIC AND ATMOSPHERIC ADMINISTRATION, DEPARTMENT OF COMMERCE OCEAN AND... Secretary for Review Related to the Objectives of the Act and National Security Interests § 930.122... proposed. Secretarial review of national security issues shall be aided by information submitted by the...

Long-distance continuous-variable quantum key distribution by controlling excess noise

NASA Astrophysics Data System (ADS)

Huang, Duan; Huang, Peng; Lin, Dakai; Zeng, Guihua

2016-01-01

Quantum cryptography founded on the laws of physics could revolutionize the way in which communication information is protected. Significant progresses in long-distance quantum key distribution based on discrete variables have led to the secure quantum communication in real-world conditions being available. However, the alternative approach implemented with continuous variables has not yet reached the secure distance beyond 100 km. Here, we overcome the previous range limitation by controlling system excess noise and report such a long distance continuous-variable quantum key distribution experiment. Our result paves the road to the large-scale secure quantum communication with continuous variables and serves as a stepping stone in the quest for quantum network.

Long-distance continuous-variable quantum key distribution by controlling excess noise.

PubMed

Huang, Duan; Huang, Peng; Lin, Dakai; Zeng, Guihua

2016-01-13

Quantum cryptography founded on the laws of physics could revolutionize the way in which communication information is protected. Significant progresses in long-distance quantum key distribution based on discrete variables have led to the secure quantum communication in real-world conditions being available. However, the alternative approach implemented with continuous variables has not yet reached the secure distance beyond 100 km. Here, we overcome the previous range limitation by controlling system excess noise and report such a long distance continuous-variable quantum key distribution experiment. Our result paves the road to the large-scale secure quantum communication with continuous variables and serves as a stepping stone in the quest for quantum network.

Long-distance continuous-variable quantum key distribution by controlling excess noise

PubMed Central

Huang, Duan; Huang, Peng; Lin, Dakai; Zeng, Guihua

2016-01-01

Quantum cryptography founded on the laws of physics could revolutionize the way in which communication information is protected. Significant progresses in long-distance quantum key distribution based on discrete variables have led to the secure quantum communication in real-world conditions being available. However, the alternative approach implemented with continuous variables has not yet reached the secure distance beyond 100 km. Here, we overcome the previous range limitation by controlling system excess noise and report such a long distance continuous-variable quantum key distribution experiment. Our result paves the road to the large-scale secure quantum communication with continuous variables and serves as a stepping stone in the quest for quantum network. PMID:26758727

77 FR 11146 - Intent To Request Renewal From OMB of One Current Public Collection of Information: Certified...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-24

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), OMB control number 1652-0053, abstracted below that we will submit to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. The collections include: (1) Applications from entities that wish to become Certified Cargo Screening Facilities (CCSF); (2) personal information to allow TSA to conduct security threat assessments on key individuals employed by the CCSFs; (3) acceptance of a standard security program or submission of a proposed modified security program; (4) information on the amount of cargo screened; and (5) recordkeeping requirements for CCSFs. TSA is seeking the renewal of the ICR for the continuation of the program in order to secure passenger aircraft carrying cargo.

Information Security Management - Part Of The Integrated Management System

NASA Astrophysics Data System (ADS)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

ERIC Educational Resources Information Center

Edwards, Keith

2015-01-01

Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Measuring Information Security: Guidelines to Build Metrics

NASA Astrophysics Data System (ADS)

von Faber, Eberhard

Measuring information security is a genuine interest of security managers. With metrics they can develop their security organization's visibility and standing within the enterprise or public authority as a whole. Organizations using information technology need to use security metrics. Despite the clear demands and advantages, security metrics are often poorly developed or ineffective parameters are collected and analysed. This paper describes best practices for the development of security metrics. First attention is drawn to motivation showing both requirements and benefits. The main body of this paper lists things which need to be observed (characteristic of metrics), things which can be measured (how measurements can be conducted) and steps for the development and implementation of metrics (procedures and planning). Analysis and communication is also key when using security metrics. Examples are also given in order to develop a better understanding. The author wants to resume, continue and develop the discussion about a topic which is or increasingly will be a critical factor of success for any security managers in larger organizations.

Keeping the Guard Up in a Down Economy: Investing in IT Security in Hard Times

ERIC Educational Resources Information Center

Voss, Brian D.; Siegel, Peter M.

2009-01-01

Considering the unprecedented budget hardships in higher education, now may not seem to be an auspicious time to be emphasizing the importance of continuing, or even perhaps increasing, investments in information security. Decisions regarding these matters are usually in the hands of the CIOs, leaving information technology (IT) leaders in…

15 CFR Supplement No. 5 to Part 742 - Checklist on Encryption and Other “Information Security” Functions

Code of Federal Regulations, 2010 CFR

2010-01-01

... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Checklist on Encryption and Other âInformation Securityâ Functions No. Supplement No. 5 to Part 742 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE...

Analysis of information security management systems at 5 domestic hospitals with more than 500 beds.

PubMed

Park, Woo-Sung; Seo, Sun-Won; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-06-01

The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS.

15 CFR 730.9 - Organization of the Bureau of Industry and Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 15 Commerce and Foreign Trade 2 2013-01-01 2013-01-01 false Organization of the Bureau of Industry... Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS GENERAL INFORMATION § 730.9 Organization of the Bureau of Industry and Security. The head of the...

15 CFR 730.9 - Organization of the Bureau of Industry and Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 15 Commerce and Foreign Trade 2 2014-01-01 2014-01-01 false Organization of the Bureau of Industry... Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS GENERAL INFORMATION § 730.9 Organization of the Bureau of Industry and Security. The head of the...

15 CFR 730.9 - Organization of the Bureau of Industry and Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 15 Commerce and Foreign Trade 2 2012-01-01 2012-01-01 false Organization of the Bureau of Industry... Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS GENERAL INFORMATION § 730.9 Organization of the Bureau of Industry and Security. The head of the...

How ISO/IEC 17799 can be used for base lining information assurance among entities using data mining for defense, homeland security, commercial, and other civilian/commercial domains

NASA Astrophysics Data System (ADS)

Perry, William G.

2006-04-01

One goal of database mining is to draw unique and valid perspectives from multiple data sources. Insights that are fashioned from closely-held data stores are likely to possess a high degree of reliability. The degree of information assurance comes into question, however, when external databases are accessed, combined and analyzed to form new perspectives. ISO/IEC 17799, Information technology-Security techniques-Code of practice for information security management, can be used to establish a higher level of information assurance among disparate entities using data mining in the defense, homeland security, commercial and other civilian/commercial domains. Organizations that meet ISO/IEC information security standards have identified and assessed risks, threats and vulnerabilities and have taken significant proactive steps to meet their unique security requirements. The ISO standards address twelve domains: risk assessment and treatment, security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management and business continuity management and compliance. Analysts can be relatively confident that if organizations are ISO 17799 compliant, a high degree of information assurance is likely to be a characteristic of the data sets being used. The reverse may be true. Extracting, fusing and drawing conclusions based upon databases with a low degree of information assurance may be wrought with all of the hazards that come from knowingly using bad data to make decisions. Using ISO/IEC 17799 as a baseline for information assurance can help mitigate these risks.

Collective attacks and unconditional security in continuous variable quantum key distribution.

PubMed

Grosshans, Frédéric

2005-01-21

We present here an information theoretic study of Gaussian collective attacks on the continuous variable key distribution protocols based on Gaussian modulation of coherent states. These attacks, overlooked in previous security studies, give a finite advantage to the eavesdropper in the experimentally relevant lossy channel, but are not powerful enough to reduce the range of the reverse reconciliation protocols. Secret key rates are given for the ideal case where Bob performs optimal collective measurements, as well as for the realistic cases where he performs homodyne or heterodyne measurements. We also apply the generic security proof of Christiandl et al. to obtain unconditionally secure rates for these protocols.

Strategy for IT Security

NASA Technical Reports Server (NTRS)

Santiago, S. Scott; Moyles, Thomas J. (Technical Monitor)

2001-01-01

This viewgraph presentation provides information on the importance of information technology (IT) security (ITS) to NASA's mission. Several points are made concerning the subject. In order for ITS to be successful, it must be supported by management. NASA, while required by law to keep the public informed of its pursuits, must take precautions due to possible IT-based incursions by computer hackers and other malignant persons. Fear is an excellent motivation for establishing and maintaining a robust ITS policy. The ways in which NASA ITS personnel continually increase security are manifold, however a great deal relies upon the active involvement of the entire NASA community.

77 FR 11145 - Intent to Request Renewal From OMB of One Current Public Collection of Information: Air Cargo...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-24

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), OMB control number 1652-0040, abstracted below that we will submit to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. This ICR involves five broad categories of affected populations: airports, passenger aircraft operators, foreign air carriers, indirect air carriers operating under a security program, and all-cargo carriers. The collections of information that make up this ICR are security programs, security threat assessments (STA), known shipper data via the Known Shipper Management System (KSMS), Air Cargo Data Management System (ACDMS), Cargo Reporting Tool for cargo screening reporting, and evidence of compliance recordkeeping. TSA seeks continued OMB approval in order to secure passenger aircraft carrying cargo as authorized in the Aviation and Transportation Security Act.

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

PubMed Central

Park, Woo-Sung; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-01-01

Objectives The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. Methods The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. Results With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. Conclusions The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS. PMID:21818429

Privacy and Security Issues Surrounding the Protection of Data Generated by Continuous Glucose Monitors.

PubMed

Britton, Katherine E; Britton-Colonnese, Jennifer D

2017-03-01

Being able to track, analyze, and use data from continuous glucose monitors (CGMs) and through platforms and apps that communicate with CGMs helps achieve better outcomes and can advance the understanding of diabetes. The risks to patients' expectation of privacy are great, and their ability to control how their information is collected, stored, and used is virtually nonexistent. Patients' physical security is also at risk if adequate cybersecurity measures are not taken. Currently, data privacy and security protections are not robust enough to address the privacy and security risks and stymies the current and future benefits of CGM and the platforms and apps that communicate with them.

Privacy and Security Issues Surrounding the Protection of Data Generated by Continuous Glucose Monitors

PubMed Central

Britton, Katherine E.; Britton-Colonnese, Jennifer D.

2017-01-01

Being able to track, analyze, and use data from continuous glucose monitors (CGMs) and through platforms and apps that communicate with CGMs helps achieve better outcomes and can advance the understanding of diabetes. The risks to patients’ expectation of privacy are great, and their ability to control how their information is collected, stored, and used is virtually nonexistent. Patients’ physical security is also at risk if adequate cybersecurity measures are not taken. Currently, data privacy and security protections are not robust enough to address the privacy and security risks and stymies the current and future benefits of CGM and the platforms and apps that communicate with them. PMID:28264188

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2010 CFR

2010-01-01

... industry affected, including pertinent information regarding companies and their plants, locations... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE NATIONAL SECURITY INDUSTRIAL BASE... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of...

20 CFR 416.625 - What information must a representative payee report to us?

Code of Federal Regulations, 2010 CFR

2010-04-01

... report to us? 416.625 Section 416.625 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL... representative payee report to us? Anytime after we select a representative payee for you, we may ask your payee to give us information showing a continuing relationship with you, a continuing responsibility for...

20 CFR 404.2025 - What information must a representative payee report to us?

Code of Federal Regulations, 2011 CFR

2011-04-01

... report to us? 404.2025 Section 404.2025 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... must a representative payee report to us? Anytime after we select a representative payee for you, we may ask your payee to give us information showing a continuing relationship with you, a continuing...

20 CFR 404.2025 - What information must a representative payee report to us?

Code of Federal Regulations, 2010 CFR

2010-04-01

... report to us? 404.2025 Section 404.2025 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... must a representative payee report to us? Anytime after we select a representative payee for you, we may ask your payee to give us information showing a continuing relationship with you, a continuing...

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

PubMed

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

PubMed Central

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

Romania and the New Cold War Security Challenges

DTIC Science & Technology

2017-06-09

social media with deep economic repercussions. The continuous changes in the Eastern Europe have a great influence on the Romanian security...environment, raising many challenges for the decision makers. This study tried to decipher this security paradigm, unfolding the Russian economic , political...and military unrest, magnified by the modern era domains such as informational, cyber and social media with deep economic repercussions. The

17 CFR 248.13 - Exception to opt out requirements for service providers and joint marketing.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Exception to opt out requirements for service providers and joint marketing. 248.13 Section 248.13 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) REGULATIONS S-P AND S-AM Regulation S-P: Privacy of Consumer Financial Information and Safeguardin...

15 CFR 718.2 - Identification of confidential business information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS... exports and imports of Schedule 1 chemicals is not subject to the confidential business information...

31 CFR 1023.540 - Voluntary information sharing among financial institutions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information Sharing Procedures To Deter Money Laundering and...

31 CFR 1023.540 - Voluntary information sharing among financial institutions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information Sharing Procedures To Deter Money Laundering and...

31 CFR 1023.540 - Voluntary information sharing among financial institutions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information Sharing Procedures To Deter Money Laundering and...

31 CFR 1023.540 - Voluntary information sharing among financial institutions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information Sharing Procedures To Deter Money Laundering and...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2011 CFR

2011-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2011-10-01 2011-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2014 CFR

2014-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2014-10-01 2014-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2012 CFR

2012-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2012-10-01 2012-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2013 CFR

2013-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2013-10-01 2013-10-01 false Information assurance...

48 CFR 239.7102-3 - Information assurance contractor training and certification.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ACQUISITION OF INFORMATION TECHNOLOGY Security and Privacy for Computer Systems 239.7102-3 Information..., certification maintenance, and continuing education or sustainment training required for the information... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false Information assurance...

75 FR 70680 - Agency Information Collection Activities: Request for Information

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-18

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Request for Information AGENCY: U.S. Customs and Border Protection, Department of Homeland... information: 1651-0023. SUMMARY: As part of its continuing effort to reduce paperwork and respondent burden...

Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks.

PubMed

Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F; Schnabel, Roman

2015-10-30

Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein-Podolsky-Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components.

Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks

PubMed Central

Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F.; Schnabel, Roman

2015-01-01

Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein–Podolsky–Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components. PMID:26514280

17 CFR 162.10-162.20 - [Reserved

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false [Reserved] 162.10-162.20 Section 162.10-162.20 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) PROTECTION OF CONSUMER INFORMATION UNDER THE FAIR CREDIT REPORTING ACT Business Affiliate Marketing Rules...

Enhancing infrastructure resilience through business continuity planning.

PubMed

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

Unconditional security of time-energy entanglement quantum key distribution using dual-basis interferometry.

PubMed

Zhang, Zheshen; Mower, Jacob; Englund, Dirk; Wong, Franco N C; Shapiro, Jeffrey H

2014-03-28

High-dimensional quantum key distribution (HDQKD) offers the possibility of high secure-key rate with high photon-information efficiency. We consider HDQKD based on the time-energy entanglement produced by spontaneous parametric down-conversion and show that it is secure against collective attacks. Its security rests upon visibility data-obtained from Franson and conjugate-Franson interferometers-that probe photon-pair frequency correlations and arrival-time correlations. From these measurements, an upper bound can be established on the eavesdropper's Holevo information by translating the Gaussian-state security analysis for continuous-variable quantum key distribution so that it applies to our protocol. We show that visibility data from just the Franson interferometer provides a weaker, but nonetheless useful, secure-key rate lower bound. To handle multiple-pair emissions, we incorporate the decoy-state approach into our protocol. Our results show that over a 200-km transmission distance in optical fiber, time-energy entanglement HDQKD could permit a 700-bit/sec secure-key rate and a photon information efficiency of 2 secure-key bits per photon coincidence in the key-generation phase using receivers with a 15% system efficiency.

78 FR 75576 - Agency Information Collection Activities: Request for Information

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-12

... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection Activities: Request for Information AGENCY: U.S. Customs and Border Protection (CBP), Department of Homeland... information: 1651-0023. SUMMARY: As part of its continuing effort to reduce paperwork and respondent burden...

77 FR 25187 - Extension of Agency Information Collection Activity Under OMB Review: Certified Cargo Screening...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-27

...This notice announces that the Transportation Security Administration (TSA) has forwarded the Information Collection Request (ICR), Office of Management and Budget (OMB) control number 1652-0053, abstracted below to OMB for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment period soliciting comments, of the following collection of information on February 24, 2012, 77 FR 11146, and TSA received no comments. The collections include: (1) Applications from entities that wish to become Certified Cargo Screening Facilities (CCSFs); (2) personal information to allow TSA to conduct security threat assessments on key individuals employed by the CCSFs; (3) implementation of a standard security program or submission of a proposed modified security program; (4) information on the amount of cargo screened; (5) recordkeeping requirements for CCSFs, and any other requests for information relating to cargo screening required to meet the Implementing Recommendations of the 9/11 Commission Act of 2007 (9/ 11 Act) and the Aviation and Transportation Security Act (ATSA) mandates. TSA is seeking the renewal of the ICR for the continuation of the program in order to secure passenger aircraft transporting cargo as required in the 9/11 Act.

15 CFR Supplement No. 2 to Part 730 - Technical Advisory Committees

Code of Federal Regulations, 2011 CFR

2011-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS GENERAL..., materials, or supplies, including technology, software, and other information, that are subject to export controls, or are being considered for such controls because of their significance to the national security...

17 CFR 160.8 - Revised privacy notices.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Revised privacy notices. 160.8 Section 160.8 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT Privacy and Opt Out...

75 FR 35841 - Proposed Extension of Information Collection Request Submitted for Public Comment; Prohibited...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-23

... DEPARTMENT OF LABOR Employee Benefits Security Administration Proposed Extension of Information... Between Individual Retirement Accounts and Authorized Purchasers of American Eagle Coins AGENCY: Employee... continuing collections of information. This helps the Department assess the impact of its information...

46 CFR 154.36 - Correspondence and vessel information: Submission.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 5 2010-10-01 2010-10-01 false Correspondence and vessel information: Submission. 154.36 Section 154.36 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK... Correspondence and vessel information: Submission. Correspondence to the Coast Guard and all vessel information...

46 CFR 154.36 - Correspondence and vessel information: Submission.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 5 2011-10-01 2011-10-01 false Correspondence and vessel information: Submission. 154.36 Section 154.36 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK... Correspondence and vessel information: Submission. Correspondence to the Coast Guard and all vessel information...

46 CFR 153.806 - Loading information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Loading information. 153.806 Section 153.806 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SHIPS CARRYING... Inspection § 153.806 Loading information. Each tankship must have a manual containing information that...

46 CFR 153.806 - Loading information.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 5 2010-10-01 2010-10-01 false Loading information. 153.806 Section 153.806 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SHIPS CARRYING... Inspection § 153.806 Loading information. Each tankship must have a manual containing information that...

Information Integrity

ERIC Educational Resources Information Center

Graves, Eric

2013-01-01

This dissertation introduces the concept of Information Integrity, which is the detection and possible correction of information manipulation by any intermediary node in a communication system. As networks continue to grow in complexity, information theoretic security has failed to keep pace. As a result many parties whom want to communicate,…

15 CFR 718.2 - Identification of confidential business information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... business information. 718.2 Section 718.2 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS CONFIDENTIAL BUSINESS INFORMATION 718.2 Identification of confidential business...

77 FR 12320 - Information Collection Request: GFIRST Conference Stakeholder Evaluation

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-29

... Communications (CS&C), National Cyber Security Division (NCSD), United States Computer Emergency Readiness Team... personal information provided. SUPPLEMENTARY INFORMATION: The purpose of DHS's premier cyber conference is to continually seek to enhance collaborative efforts between cyber constituencies, partners and...

Continuous Security and Configuration Monitoring of HPC Clusters

DOE Office of Scientific and Technical Information (OSTI.GOV)

Garcia-Lomeli, H. D.; Bertsch, A. D.; Fox, D. M.

Continuous security and configuration monitoring of information systems has been a time consuming and laborious task for system administrators at the High Performance Computing (HPC) center. Prior to this project, system administrators had to manually check the settings of thousands of nodes, which required a significant number of hours rendering the old process ineffective and inefficient. This paper explains the application of Splunk Enterprise, a software agent, and a reporting tool in the development of a user application interface to track and report on critical system updates and security compliance status of HPC Clusters. In conjunction with other configuration managementmore » systems, the reporting tool is to provide continuous situational awareness to system administrators of the compliance state of information systems. Our approach consisted of the development, testing, and deployment of an agent to collect any arbitrary information across a massively distributed computing center, and organize that information into a human-readable format. Using Splunk Enterprise, this raw data was then gathered into a central repository and indexed for search, analysis, and correlation. Following acquisition and accumulation, the reporting tool generated and presented actionable information by filtering the data according to command line parameters passed at run time. Preliminary data showed results for over six thousand nodes. Further research and expansion of this tool could lead to the development of a series of agents to gather and report critical system parameters. However, in order to make use of the flexibility and resourcefulness of the reporting tool the agent must conform to specifications set forth in this paper. This project has simplified the way system administrators gather, analyze, and report on the configuration and security state of HPC clusters, maintaining ongoing situational awareness. Rather than querying each cluster independently, compliance checking can be managed from one central location.« less

75 FR 63191 - Intent To Request Renewal From OMB of One Current Public Collection of Information: Certified...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-14

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), OMB control number 1652-0053, abstracted below that we will submit to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. The collections include: (1) Applications from entities that wish to become Certified Cargo Screening Facilities (CCSF) or operate as a TSA- approved validation firm; (2) personal information to allow TSA to conduct security threat assessments on key individuals employed by the CCSFs and validation firms; (3) implementation of a standard security program or submission of a proposed modified security program; (4) information on the amount of cargo screened; (5) recordkeeping requirements for CCSFs and validation firms; and (6) submission of validation reports to TSA. TSA is seeking the renewal of the ICR for the continuation of the program in order to secure passenger aircraft carrying cargo by the deadlines set out in the Implementing Recommendations of the 9/11 Commission Act of 2007.

Design of the national health security preparedness index.

PubMed

Uzun Jacobson, Evin; Inglesby, Tom; Khan, Ali S; Rajotte, James C; Burhans, Robert L; Slemp, Catherine C; Links, Jonathan M

2014-01-01

The importance of health security in the United States has been highlighted by recent emergencies such as the H1N1 influenza pandemic, Superstorm Sandy, and the Boston Marathon bombing. The nation's health security remains a high priority today, with federal, state, territorial, tribal, and local governments, as well as nongovernment organizations and the private sector, engaging in activities that prevent, protect, mitigate, respond to, and recover from health threats. The Association of State and Territorial Health Officials (ASTHO), through a cooperative agreement with the Centers for Disease Control and Prevention (CDC) Office of Public Health Preparedness and Response (OPHPR), led an effort to create an annual measure of health security preparedness at the national level. The collaborative released the National Health Security Preparedness Index (NHSPI(™)) in December 2013 and provided composite results for the 50 states and for the nation as a whole. The Index results represent current levels of health security preparedness in a consistent format and provide actionable information to drive decision making for continuous improvement of the nation's health security. The overall 2013 National Index result was 7.2 on the reported base-10 scale, with areas of greater strength in the domains of health surveillance, incident and information management, and countermeasure management. The strength of the Index relies on the interdependencies of the many elements in health security preparedness, making the sum greater than its parts. Moving forward, additional health security-related disciplines and measures will be included alongside continued validation efforts.

15 CFR 781.2 - Purposes of the Additional Protocol and APR.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL... and less any information to which the U.S. Government applies the national security exclusion, is... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Purposes of the Additional Protocol...

17 CFR 41.32 - Continuing obligations.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities and Exchange Commission or with a futures association registered under section 17 of the Act; (ii... amendments that relate to the trading of security futures products, including both operational rules and the... information filed pursuant to paragraph (a) of this section shall be addressed to the Secretary of the...

17 CFR 41.32 - Continuing obligations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Securities and Exchange Commission or with a futures association registered under section 17 of the Act; (ii... amendments that relate to the trading of security futures products, including both operational rules and the... information filed pursuant to paragraph (a) of this section shall be addressed to the Secretary of the...

17 CFR 41.32 - Continuing obligations.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities and Exchange Commission or with a futures association registered under section 17 of the Act; (ii... amendments that relate to the trading of security futures products, including both operational rules and the... information filed pursuant to paragraph (a) of this section shall be addressed to the Secretary of the...

45 CFR 601.2 - Classification authority.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.2 Classification authority. The... a Foundation employee develops information that appears to warrant classification because of its...

45 CFR 601.2 - Classification authority.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.2 Classification authority. The... a Foundation employee develops information that appears to warrant classification because of its...

45 CFR 601.2 - Classification authority.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.2 Classification authority. The... a Foundation employee develops information that appears to warrant classification because of its...

45 CFR 601.2 - Classification authority.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.2 Classification authority. The... a Foundation employee develops information that appears to warrant classification because of its...

45 CFR 601.2 - Classification authority.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.2 Classification authority. The... a Foundation employee develops information that appears to warrant classification because of its...

38 CFR 74.27 - How will VA store information?

Code of Federal Regulations, 2010 CFR

2010-07-01

... (CONTINUED) VETERANS SMALL BUSINESS REGULATIONS Records Management § 74.27 How will VA store information? VA... examination visits will be scanned onto portable media and fully secured in the Center for Veterans Enterprise...

Continuous-variable protocol for oblivious transfer in the noisy-storage model.

PubMed

Furrer, Fabian; Gehring, Tobias; Schaffner, Christian; Pacher, Christoph; Schnabel, Roman; Wehner, Stephanie

2018-04-13

Cryptographic protocols are the backbone of our information society. This includes two-party protocols which offer protection against distrustful players. Such protocols can be built from a basic primitive called oblivious transfer. We present and experimentally demonstrate here a quantum protocol for oblivious transfer for optical continuous-variable systems, and prove its security in the noisy-storage model. This model allows us to establish security by sending more quantum signals than an attacker can reliably store during the protocol. The security proof is based on uncertainty relations which we derive for continuous-variable systems, that differ from the ones used in quantum key distribution. We experimentally demonstrate in a proof-of-principle experiment the proposed oblivious transfer protocol for various channel losses by using entangled two-mode squeezed states measured with balanced homodyne detection. Our work enables the implementation of arbitrary two-party quantum cryptographic protocols with continuous-variable communication systems.

Secure smart grid communications and information integration based on digital watermarking in wireless sensor networks

NASA Astrophysics Data System (ADS)

Yan, Xin; Zhang, Ling; Wu, Yang; Luo, Youlong; Zhang, Xiaoxing

2017-02-01

As more and more wireless sensor nodes and networks are employed to acquire and transmit the state information of power equipment in smart grid, we are in urgent need of some viable security solutions to ensure secure smart grid communications. Conventional information security solutions, such as encryption/decryption, digital signature and so forth, are not applicable to wireless sensor networks in smart grid any longer, where bulk messages need to be exchanged continuously. The reason is that these cryptographic solutions will account for a large portion of the extremely limited resources on sensor nodes. In this article, a security solution based on digital watermarking is adopted to achieve the secure communications for wireless sensor networks in smart grid by data and entity authentications at a low cost of operation. Our solution consists of a secure framework of digital watermarking, and two digital watermarking algorithms based on alternating electric current and time window, respectively. Both watermarking algorithms are composed of watermark generation, embedding and detection. The simulation experiments are provided to verify the correctness and practicability of our watermarking algorithms. Additionally, a new cloud-based architecture for the information integration of smart grid is proposed on the basis of our security solutions.

78 FR 48138 - Proposed Information Collection; Comment Request; Report of Requests for Restrictive Trade...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-07

... countries friendly to the U.S. The information is analyzed to note changing trends and to decide upon... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment... take this opportunity to comment on proposed and/or continuing information collections, as required by...

77 FR 58564 - Agency Information Collection Activities: Declaration for Free Entry of Returned American Products

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-21

... forms of information technology; and (e) the annual cost burden to respondents or record keepers from... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... of an existing collection of information. SUMMARY: As part of its continuing effort to reduce...

77 FR 13617 - Agency Information Collection Activities: Customs Modernization Act Recordkeeping Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-07

... collection techniques or the use of other forms of information technology; and (e) the annual cost burden to... DEPARTMENT OF HOMELAND SECURITY U.S. Customs and Border Protection Agency Information Collection... existing collection of information. SUMMARY: As part of its continuing effort to reduce paperwork and...

32 CFR 700.1121 - Disclosure, publication and security of official information.

Code of Federal Regulations, 2013 CFR

2013-07-01

... information. 700.1121 Section 700.1121 National Defense Department of Defense (Continued) DEPARTMENT OF THE... information. (a) No person in the Department of the Navy shall convey or disclose by oral or written communications, publication, graphic (including photographic) or other means, any classified information except...

32 CFR 700.1121 - Disclosure, publication and security of official information.

Code of Federal Regulations, 2012 CFR

2012-07-01

... information. 700.1121 Section 700.1121 National Defense Department of Defense (Continued) DEPARTMENT OF THE... information. (a) No person in the Department of the Navy shall convey or disclose by oral or written communications, publication, graphic (including photographic) or other means, any classified information except...

32 CFR 700.1121 - Disclosure, publication and security of official information.

Code of Federal Regulations, 2011 CFR

2011-07-01

... information. 700.1121 Section 700.1121 National Defense Department of Defense (Continued) DEPARTMENT OF THE... information. (a) No person in the Department of the Navy shall convey or disclose by oral or written communications, publication, graphic (including photographic) or other means, any classified information except...

32 CFR 700.1121 - Disclosure, publication and security of official information.

Code of Federal Regulations, 2014 CFR

2014-07-01

... information. 700.1121 Section 700.1121 National Defense Department of Defense (Continued) DEPARTMENT OF THE... information. (a) No person in the Department of the Navy shall convey or disclose by oral or written communications, publication, graphic (including photographic) or other means, any classified information except...

32 CFR 700.1121 - Disclosure, publication and security of official information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... information. 700.1121 Section 700.1121 National Defense Department of Defense (Continued) DEPARTMENT OF THE... information. (a) No person in the Department of the Navy shall convey or disclose by oral or written communications, publication, graphic (including photographic) or other means, any classified information except...

E-Commerce and Security Governance in Developing Countries

NASA Astrophysics Data System (ADS)

Sanayei, Ali.; Rajabion, Lila

Security is very often mentioned as one of the preconditions for the faster growth of e-commerce. Without a secure and reliable internet, customer will continue to be reluctant to provide confidential information online, such as credit card number. Moreover, organizations of all types and sizes around the world rely heavily on technologies of electronic commerce (e-commerce) for conducting their day-to-day business transaction. Providing organizations with a secure e-commerce environment is a major issue and challenging one especially in Middle Eastern countries. Without secure e-commerce, it is almost impossible to take advantage of the opportunities offered by e-commerce technologies. E-commerce can create opportunities for small entrepreneurs in Middle Eastern countries. This requires removing infrastructure blockages in telecommunications and logistics alongside the governance of e-commerce with policies on consumer protection, security of transactions, privacy of records and intellectual property. In this paper, we will explore the legal implications of e-commerce security governance by establishing who is responsible for ensuring compliance with this discipline, demonstrating the value to be derived from information security governance, the methodology of applying information security governance, and liability for non-compliance with this discipline. Our main focus will be on analyzing the importance and implication of e-commerce security governance in developing countries.

45 CFR 601.5 - Derivative classification.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct from “original” classification is the determination that information is in substance the same as...

45 CFR 601.5 - Derivative classification.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct from “original” classification is the determination that information is in substance the same as...

45 CFR 601.5 - Derivative classification.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct from “original” classification is the determination that information is in substance the same as...

45 CFR 601.5 - Derivative classification.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct from “original” classification is the determination that information is in substance the same as...

45 CFR 601.5 - Derivative classification.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.5 Derivative classification. Distinct from “original” classification is the determination that information is in substance the same as...

49 CFR 806.3 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-10-01

... designated. One of the following classifications will be shown: (1) Top secret means information, the... expected to cause serious damage to national security. (3) Confidential means information, the unauthorized... an event which would eliminate the need for continued classification. ...

49 CFR 806.3 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... designated. One of the following classifications will be shown: (1) Top secret means information, the... expected to cause serious damage to national security. (3) Confidential means information, the unauthorized... an event which would eliminate the need for continued classification. ...

49 CFR 806.3 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... designated. One of the following classifications will be shown: (1) Top secret means information, the... expected to cause serious damage to national security. (3) Confidential means information, the unauthorized... an event which would eliminate the need for continued classification. ...

49 CFR 806.3 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... designated. One of the following classifications will be shown: (1) Top secret means information, the... expected to cause serious damage to national security. (3) Confidential means information, the unauthorized... an event which would eliminate the need for continued classification. ...

76 FR 76439 - Proposed Extension of Information Collection Requests Submitted for Public Comment: Disclosures...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-07

... DEPARTMENT OF LABOR Employee Benefits Security Administration Proposed Extension of Information Collection Requests Submitted for Public Comment: Disclosures by Insurers to General Account Policyholders... with an opportunity to comment on proposed and continuing collections of information. This helps the...

15 CFR 718.3 - Disclosure of confidential business information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Disclosure of confidential business... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS CONFIDENTIAL BUSINESS INFORMATION § 718.3 Disclosure of confidential business information. (a) General...

[A guide to good practice for information security in the handling of personal health data by health personnel in ambulatory care facilities].

PubMed

Sánchez-Henarejos, Ana; Fernández-Alemán, José Luis; Toval, Ambrosio; Hernández-Hernández, Isabel; Sánchez-García, Ana Belén; Carrillo de Gea, Juan Manuel

2014-04-01

The appearance of electronic health records has led to the need to strengthen the security of personal health data in order to ensure privacy. Despite the large number of technical security measures and recommendations that exist to protect the security of health data, there is an increase in violations of the privacy of patients' personal data in healthcare organizations, which is in many cases caused by the mistakes or oversights of healthcare professionals. In this paper, we present a guide to good practice for information security in the handling of personal health data by health personnel, drawn from recommendations, regulations and national and international standards. The material presented in this paper can be used in the security audit of health professionals, or as a part of continuing education programs in ambulatory care facilities. Copyright © 2013 Elsevier España, S.L. All rights reserved.

Security Policy and Infrastructure in the Context of a Multi-Centeric Information System Dedicated to Autism Spectrum Disorder.

PubMed

Ben Said, Mohamed; Robel, Laurence; Golse, Bernard; Jais, Jean Philippe

2017-01-01

Autism spectrum disorders (ASD) are complex neuro-developmental disorders affecting children in their early age. The diagnosis of ASD relies on multidisciplinary investigations, in psychiatry, neurology, genetics, electrophysiology, neuro-imagery, audiology and ophthalmology. In order to support clinicians, researchers and public health decision makers, we designed an information system dedicated to ASD, called TEDIS. TEDIS was designed to manage systematic, exhaustive and continuous multi-centric patient data collection via secured Internet connections. In this paper, we present the security policy and security infrastructure we developed to protect ASD' patients' clinical data and patients' privacy. We tested our system on 359 ASD patient records in a local secured intranet environment and showed that the security system is functional, with a consistent, transparent and safe encrypting-decrypting behavior. It is ready for deployment in the nine ASD expert assessment centers in the Ile de France district.

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2014 CFR

2014-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2013 CFR

2013-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2012 CFR

2012-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2012 CFR

2012-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2011 CFR

2011-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2013 CFR

2013-07-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

41 CFR 105-64.209 - What special conditions apply to accessing law enforcement and security records?

Code of Federal Regulations, 2014 CFR

2014-01-01

... and Property Management Federal Property Management Regulations System (Continued) GENERAL SERVICES... enforcement and security records are generally exempt from disclosure to individuals except when the system.... If so, the system manager will notify you of the existence of the record and disclose the information...

15 CFR 745.2 - End-Use Certificate reporting requirements under the Chemical Weapons Convention.

Code of Federal Regulations, 2010 CFR

2010-01-01

... by mail or courier delivery to the following address: Information Technology Team, Treaty Compliance Division, Bureau of Industry and Security, U.S. Department of Commerce, Room 4515, 14th Street and... Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE...

33 CFR 165.818 - Moving Security Zones, for certain vessels in Freeport Entrance Channel, Freeport, Texas.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and the risk to population or infrastructure. (d) Informational broadcasts. The Captain of the Port... Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY... the Captain of the Port Houston-Galveston Zone commencing at U.S. territorial waters through the...

78 FR 34133 - Agency Information Collection Activities; Submission for OMB Review; Comment Request; Prohibited...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-06

... for OMB Review; Comment Request; Prohibited Transaction Class Exemption 80-83, Sale of Securities to...) titled, ``Prohibited Transaction Class Exemption 80-83, Sale of Securities to Reduce Indebtedness of Party in Interest,'' to the Office of Management and Budget (OMB) for review and approval for continued...

Business continuity strategies for cyber defence: battling time and information overload.

PubMed

Streufert, John

2010-11-01

Can the same numbers and letters which are the life blood of modern business and government computer systems be harnessed to protect computers from attack against known information security risks? For the past seven years, Foreign Service officers and technicians of the US Government have sought to maintain diplomatic operations in the face of rising cyber attacks and test the hypothesis that an ounce of prevention is worth a pound of cure. As eight out of ten attacks leverage known computer security vulnerabilities or configuration setting weaknesses, a pound of cure would seem to be easy to come by. Yet modern security tools present an unusually consequential threat to business continuity - too much rather than too little information on cyber problems is presented, harking back to a phenomenon cited by social scientists in the 1960s called 'information overload'. Experience indicates that the longer the most serious cyber problems go untreated, the wider the attack surface adversaries can find. One technique used at the Department of State, called 'risk scoring', resulted in an 89 per cent overall reduction in measured risk over 12 months for the Department of State's servers and personal computers. Later refinements of risk scoring enabled technicians to correct unique security threats with unprecedented speed. This paper explores how the use of metrics, special care in presenting information to technicians and executives alike, as well as tactical use of organisational incentives can result in stronger cyber defences protecting modern organisations.

Study on the security of the authentication scheme with key recycling in QKD

NASA Astrophysics Data System (ADS)

Li, Qiong; Zhao, Qiang; Le, Dan; Niu, Xiamu

2016-09-01

In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.

Strengthening Data Confidentiality and Integrity Protection in the Context of a Multi-Centric Information System Dedicated to Autism Spectrum Disorder.

PubMed

Ben Said, Mohamed; Robel, Laurence; Golse, Bernard; Jais, Jean Philippe

2017-01-01

Autism spectrum disorders (ASD) are complex neuro-developmental disorders affecting children in early age. Diagnosis relies on multidisciplinary investigations, in psychiatry, neurology, genetics, electrophysiology, neuro-imagery, audiology, and ophthalmology. To support clinicians, researchers, and public health decision makers, we developed an information system dedicated to ASD, called TEDIS. It was designed to manage systematic, exhaustive and continuous multi-centric patient data collection via secured internet connections. TEDIS will be deployed in nine ASD expert assessment centers in Ile-DeFrance district. We present security policy and infrastructure developed in context of TEDIS to protect patient privacy and clinical information. TEDIS security policy was organized around governance, ethical and organisational chart-agreement, patients consents, controlled user access, patients' privacy protection, constrained patients' data access. Security infrastructure was enriched by further technical solutions to reinforce ASD patients' privacy protection. Solutions were tested on local secured intranet environment and showed fluid functionality with consistent, transparent and safe encrypting-decrypting results.

45 CFR 601.7 - Mandatory declassification review.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 601.7 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.7 Mandatory declassification review... identifying information to the extent possible. Whenever a request does not reasonably describe the...

45 CFR 601.6 - Downgrading and declassification.

Code of Federal Regulations, 2012 CFR

2012-10-01

... considerations permit. The National Science Foundation shall coordinate their review of classified information... 601.6 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.6 Downgrading and declassification...

45 CFR 601.7 - Mandatory declassification review.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 601.7 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.7 Mandatory declassification review... identifying information to the extent possible. Whenever a request does not reasonably describe the...

45 CFR 601.6 - Downgrading and declassification.

Code of Federal Regulations, 2011 CFR

2011-10-01

... considerations permit. The National Science Foundation shall coordinate their review of classified information... 601.6 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.6 Downgrading and declassification...

45 CFR 601.6 - Downgrading and declassification.

Code of Federal Regulations, 2014 CFR

2014-10-01

... considerations permit. The National Science Foundation shall coordinate their review of classified information... 601.6 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.6 Downgrading and declassification...

45 CFR 601.7 - Mandatory declassification review.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 601.7 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.7 Mandatory declassification review... identifying information to the extent possible. Whenever a request does not reasonably describe the...

45 CFR 601.6 - Downgrading and declassification.

Code of Federal Regulations, 2013 CFR

2013-10-01

... considerations permit. The National Science Foundation shall coordinate their review of classified information... 601.6 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.6 Downgrading and declassification...

45 CFR 601.7 - Mandatory declassification review.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 601.7 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.7 Mandatory declassification review... identifying information to the extent possible. Whenever a request does not reasonably describe the...

45 CFR 601.6 - Downgrading and declassification.

Code of Federal Regulations, 2010 CFR

2010-10-01

... considerations permit. The National Science Foundation shall coordinate their review of classified information... 601.6 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.6 Downgrading and declassification...

45 CFR 601.7 - Mandatory declassification review.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 601.7 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.7 Mandatory declassification review... identifying information to the extent possible. Whenever a request does not reasonably describe the...

32 CFR 236.6 - General provisions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 32 National Defense 2 2014-07-01 2014-07-01 false General provisions. 236.6 Section 236.6 National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) MISCELLANEOUS DEPARTMENT OF DEFENSE (DoD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE...

32 CFR 236.6 - General provisions.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 32 National Defense 2 2013-07-01 2013-07-01 false General provisions. 236.6 Section 236.6 National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) MISCELLANEOUS DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE...

32 CFR 236.6 - General provisions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 32 National Defense 2 2012-07-01 2012-07-01 false General provisions. 236.6 Section 236.6 National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) MISCELLANEOUS DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE...

46 CFR 148.71 - Information included in the dangerous cargo manifest.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 5 2013-10-01 2013-10-01 false Information included in the dangerous cargo manifest. 148.71 Section 148.71 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS... § 148.71 Information included in the dangerous cargo manifest. The dangerous cargo manifest must include...

46 CFR 148.71 - Information included in the dangerous cargo manifest.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 5 2011-10-01 2011-10-01 false Information included in the dangerous cargo manifest. 148.71 Section 148.71 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS... § 148.71 Information included in the dangerous cargo manifest. The dangerous cargo manifest must include...

46 CFR 148.71 - Information included in the dangerous cargo manifest.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Information included in the dangerous cargo manifest. 148.71 Section 148.71 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS... § 148.71 Information included in the dangerous cargo manifest. The dangerous cargo manifest must include...

46 CFR 148.71 - Information included in the dangerous cargo manifest.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 5 2014-10-01 2014-10-01 false Information included in the dangerous cargo manifest. 148.71 Section 148.71 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DANGEROUS... § 148.71 Information included in the dangerous cargo manifest. The dangerous cargo manifest must include...

46 CFR 107.309 - Crane plans and information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Crane plans and information. 107.309 Section 107.309 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.309 Crane plans and information. (a) Three copies of each of...

46 CFR 107.309 - Crane plans and information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Crane plans and information. 107.309 Section 107.309 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.309 Crane plans and information. (a) Three copies of each of...

46 CFR 107.309 - Crane plans and information.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Crane plans and information. 107.309 Section 107.309 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.309 Crane plans and information. (a) Three copies of each of...

46 CFR 107.305 - Plans and information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Plans and information. 107.305 Section 107.305 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.305 Plans and information. Each applicant for approval of plans must submit...

46 CFR 107.305 - Plans and information.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Plans and information. 107.305 Section 107.305 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.305 Plans and information. Each applicant for approval of plans must submit...

46 CFR 107.305 - Plans and information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Plans and information. 107.305 Section 107.305 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.305 Plans and information. Each applicant for approval of plans must submit...

46 CFR 107.309 - Crane plans and information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Crane plans and information. 107.309 Section 107.309 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.309 Crane plans and information. (a) Three copies of each of...

46 CFR 107.309 - Crane plans and information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Crane plans and information. 107.309 Section 107.309 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.309 Crane plans and information. (a) Three copies of each of...

46 CFR 107.305 - Plans and information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Plans and information. 107.305 Section 107.305 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) A-MOBILE OFFSHORE DRILLING UNITS INSPECTION AND CERTIFICATION Plan Approval § 107.305 Plans and information. Each applicant for approval of plans must submit...

33 CFR 157.47 - Information for master.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Information for master. 157.47 Section 157.47 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Vessel Operation § 157.47 Information for master. A master or person in charge of a new vessel shall...

33 CFR 157.47 - Information for master.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Information for master. 157.47 Section 157.47 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Vessel Operation § 157.47 Information for master. A master or person in charge of a new vessel shall...

33 CFR 157.47 - Information for master.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Information for master. 157.47 Section 157.47 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Vessel Operation § 157.47 Information for master. A master or person in charge of a new vessel shall...

33 CFR 157.47 - Information for master.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Information for master. 157.47 Section 157.47 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Vessel Operation § 157.47 Information for master. A master or person in charge of a new vessel shall...

33 CFR 157.47 - Information for master.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Information for master. 157.47 Section 157.47 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Vessel Operation § 157.47 Information for master. A master or person in charge of a new vessel shall...

78 FR 43863 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... verifying that cleared contractors mitigate and ensuring identified security vulnerabilities. This public... information in ISFD. In turn, this will allow DSS to better tailor vulnerability assessments and other..., prior to annual vulnerability assessments, so that accurate information is continually maintained in...

75 FR 6237 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-08

... additional one hour after the decision making cut off time of 5:30 p.m. to submit a CEA to the various.... The Exchange will continue to enforce the 5:30 p.m. decision making requirement, while also allowing..., processing information with respect to, and facilitating transactions in securities, to remove impediments to...

The Role of Health Care Experience and Consumer Information Efficacy in Shaping Privacy and Security Perceptions of Medical Records: National Consumer Survey Results

PubMed Central

Beckjord, Ellen; Moser, Richard P; Hughes, Penelope; Hesse, Bradford W

2015-01-01

Background Providers’ adoption of electronic health records (EHRs) is increasing and consumers have expressed concerns about the potential effects of EHRs on privacy and security. Yet, we lack a comprehensive understanding regarding factors that affect individuals’ perceptions regarding the privacy and security of their medical information. Objective The aim of this study was to describe national perceptions regarding the privacy and security of medical records and identify a comprehensive set of factors associated with these perceptions. Methods Using a nationally representative 2011-2012 survey, we reported on adults’ perceptions regarding privacy and security of medical records and sharing of health information between providers, and whether adults withheld information from a health care provider due to privacy or security concerns. We used multivariable models to examine the association between these outcomes and sociodemographic characteristics, health and health care experience, information efficacy, and technology-related variables. Results Approximately one-quarter of American adults (weighted n=235,217,323; unweighted n=3959) indicated they were very confident (n=989) and approximately half indicated they were somewhat confident (n=1597) in the privacy of their medical records; we found similar results regarding adults’ confidence in the security of medical records (very confident: n=828; somewhat confident: n=1742). In all, 12.33% (520/3904) withheld information from a health care provider and 59.06% (2100/3459) expressed concerns about the security of both faxed and electronic health information. Adjusting for other characteristics, adults who reported higher quality of care had significantly greater confidence in the privacy and security of their medical records and were less likely to withhold information from their health care provider due to privacy or security concerns. Adults with higher information efficacy had significantly greater confidence in the privacy and security of medical records and less concern about sharing of health information by both fax and electronic means. Individuals’ perceptions of whether their providers use an EHR was not associated with any privacy or security outcomes. Conclusions Although most adults are confident in the privacy and security of their medical records, many express concerns regarding sharing of information between providers; a minority report withholding information from their providers due to privacy and security concerns. Whether individuals thought their provider was using an EHR was not associated with negative privacy/security perceptions or withholding, suggesting the transition to EHRs is not associated with negative perceptions regarding the privacy and security of medical information. However, monitoring to see how this evolves will be important. Given that positive health care experiences and higher information efficacy were associated with more favorable perceptions of privacy and security, efforts should continue to encourage providers to secure medical records, provide patients with a “meaningful choice” in how their data are shared, and enable individuals to access information they need to manage their care. PMID:25843686

The role of health care experience and consumer information efficacy in shaping privacy and security perceptions of medical records: national consumer survey results.

PubMed

Patel, Vaishali; Beckjord, Ellen; Moser, Richard P; Hughes, Penelope; Hesse, Bradford W

2015-04-02

Providers' adoption of electronic health records (EHRs) is increasing and consumers have expressed concerns about the potential effects of EHRs on privacy and security. Yet, we lack a comprehensive understanding regarding factors that affect individuals' perceptions regarding the privacy and security of their medical information. The aim of this study was to describe national perceptions regarding the privacy and security of medical records and identify a comprehensive set of factors associated with these perceptions. Using a nationally representative 2011-2012 survey, we reported on adults' perceptions regarding privacy and security of medical records and sharing of health information between providers, and whether adults withheld information from a health care provider due to privacy or security concerns. We used multivariable models to examine the association between these outcomes and sociodemographic characteristics, health and health care experience, information efficacy, and technology-related variables. Approximately one-quarter of American adults (weighted n=235,217,323; unweighted n=3959) indicated they were very confident (n=989) and approximately half indicated they were somewhat confident (n=1597) in the privacy of their medical records; we found similar results regarding adults' confidence in the security of medical records (very confident: n=828; somewhat confident: n=1742). In all, 12.33% (520/3904) withheld information from a health care provider and 59.06% (2100/3459) expressed concerns about the security of both faxed and electronic health information. Adjusting for other characteristics, adults who reported higher quality of care had significantly greater confidence in the privacy and security of their medical records and were less likely to withhold information from their health care provider due to privacy or security concerns. Adults with higher information efficacy had significantly greater confidence in the privacy and security of medical records and less concern about sharing of health information by both fax and electronic means. Individuals' perceptions of whether their providers use an EHR was not associated with any privacy or security outcomes. Although most adults are confident in the privacy and security of their medical records, many express concerns regarding sharing of information between providers; a minority report withholding information from their providers due to privacy and security concerns. Whether individuals thought their provider was using an EHR was not associated with negative privacy/security perceptions or withholding, suggesting the transition to EHRs is not associated with negative perceptions regarding the privacy and security of medical information. However, monitoring to see how this evolves will be important. Given that positive health care experiences and higher information efficacy were associated with more favorable perceptions of privacy and security, efforts should continue to encourage providers to secure medical records, provide patients with a "meaningful choice" in how their data are shared, and enable individuals to access information they need to manage their care.

Institutionalizing Sustainability into the Total Army

DTIC Science & Technology

2008-03-14

unsustainable world in which we live has an impact on our national security. Today it is clear that linkages between the environment and security are powerful...U.S. national security interests…” 31 The world is in an unsustainable state as it continues to incur a vast water deficit by consuming water belonging...any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a

75 FR 9915 - Extension of Agency Information Collection Activity Under OMB Review: Certified Cargo Screening...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-04

...This notice announces that the Transportation Security Administration (TSA) has forwarded the Information Collection Request (ICR), OMB control number 1652-0053, abstracted below to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment period soliciting comments, of the following collection of information on November 16, 2009, 74 FR 58967. TSA has received no comments. The collections include: (1) Applications from entities that wish to become Certified Cargo Screening Facilities (CCSF) or operate as a TSA-approved validation firm; (2) personal information to allow TSA to conduct security threat assessments on key individuals employed by the CCSFs and validation firms; (3) implementation of a standard security program or submission of a proposed modified security program; (4) information on the amount of cargo screened; (5) recordkeeping requirements for CCSFs and validation firms; and (6) submission of validation reports to TSA. TSA is seeking the renewal of the ICR for the continuation of the program in order to secure passenger aircraft carrying cargo by the deadlines set out in the Implementing Recommendations of the 9/11 Commission Act of 2007.

[No exchange of information without technology : modern infrastructure in radiology].

PubMed

Hupperts, H; Hermann, K-G A

2014-01-01

Modern radiology cannot accomplish the daily numbers of examinations without supportive technology. Even though technology seems to be becoming increasingly more indispensable, business continuity should be ensured at any time and if necessary even with a limited technical infrastructure by business continuity management. An efficient information security management system forms the basis. The early radiology information systems were islands of information processing. A modern radiology department must be able to be modularly integrated into an informational network of a bigger organization. The secondary use of stored data for clinical decision-making support poses new challenges for the integrity of the data or systems because medical knowledge is displayed and provided in a context of treatment. In terms of imaging the creation and distribution radiology services work in a fully digital manner which is often different for radiology reports. Legally secure electronic diagnostic reports require a complex technical infrastructure; therefore, diagnostic findings still need to be filed as a paper document. The internal exchange and an improved dose management can be simplified by systems which continuously and automatically record the doses and thus provide the possibility of permanent analysis and reporting. Communication between patient and radiologist will gain ongoing importance. Intelligent use of technology will convey this to the radiologist and it will facilitate the understanding of the information by the patient.

75 FR 14659 - Proposed Collection: Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-26

... of information on respondents, including through the use of automated collection techniques or other... to take this opportunity to comment on proposed and/or continuing information collections, as... Regulations Governing Payments by the Automated Clearing House method on Account of United States Securities...

45 CFR 601.8 - Access to classified materials.

Code of Federal Regulations, 2011 CFR

2011-10-01

....8 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.8 Access to classified materials. No person may be given access to classified information unless that person has been determined to be...

45 CFR 601.8 - Access to classified materials.

Code of Federal Regulations, 2010 CFR

2010-10-01

....8 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.8 Access to classified materials. No person may be given access to classified information unless that person has been determined to be...

45 CFR 601.8 - Access to classified materials.

Code of Federal Regulations, 2013 CFR

2013-10-01

....8 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.8 Access to classified materials. No person may be given access to classified information unless that person has been determined to be...

45 CFR 601.8 - Access to classified materials.

Code of Federal Regulations, 2014 CFR

2014-10-01

....8 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.8 Access to classified materials. No person may be given access to classified information unless that person has been determined to be...

45 CFR 601.8 - Access to classified materials.

Code of Federal Regulations, 2012 CFR

2012-10-01

....8 Public Welfare Regulations Relating to Public Welfare (Continued) NATIONAL SCIENCE FOUNDATION CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION § 601.8 Access to classified materials. No person may be given access to classified information unless that person has been determined to be...

32 CFR 2103.13 - Duration of original classification.

Code of Federal Regulations, 2010 CFR

2010-07-01

... REGULATIONS TO IMPLEMENT E.O. 12065-INCLUDING PROCEDURES FOR PUBLIC ACCESS TO DOCUMENTS THAT MAY BE... pertains to communication security; (d) The information reveals vulnerability or capability data, the... the plan; (f) The information concerns specific foreign relations matters, the continued protection of...

49 CFR 1560.205 - Redress process.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... may obtain the forms and information necessary to initiate the redress process on the DHS TRIP Web... will provide the necessary forms and information to individuals through its Web site or by mail. (c...

Physical security and IT convergence: Managing the cyber-related risks.

PubMed

McCreight, Tim; Leece, Doug

The convergence of physical security devices into the corporate network is increasing, due to the perceived economic benefits and efficiencies gained from using one enterprise network. Bringing these two networks together is not without risk. Physical devices like closed circuit television cameras (CCTV), card access readers, and heating, ventilation and air conditioning controllers (HVAC) are typically not secured to the standards we expect for corporate computer networks. These devices can pose significant risks to the corporate network by creating new avenues to exploit vulnerabilities in less-than-secure implementations of physical systems. The ASIS Information Technology Security Council (ITSC) developed a white paper describing steps organisations can take to reduce the risks this convergence can pose, and presented these concepts at the 2015 ASIS/ISC2 Congress in Anaheim, California. 1 This paper expands upon the six characteristics described by ITSC, and provides business continuity planners with information on how to apply these recommendations to physical security devices that use the corporate network.

Practical secure quantum communications

NASA Astrophysics Data System (ADS)

Diamanti, Eleni

2015-05-01

We review recent advances in the field of quantum cryptography, focusing in particular on practical implementations of two central protocols for quantum network applications, namely key distribution and coin flipping. The former allows two parties to share secret messages with information-theoretic security, even in the presence of a malicious eavesdropper in the communication channel, which is impossible with classical resources alone. The latter enables two distrustful parties to agree on a random bit, again with information-theoretic security, and with a cheating probability lower than the one that can be reached in a classical scenario. Our implementations rely on continuous-variable technology for quantum key distribution and on a plug and play discrete-variable system for coin flipping, and necessitate a rigorous security analysis adapted to the experimental schemes and their imperfections. In both cases, we demonstrate the protocols with provable security over record long distances in optical fibers and assess the performance of our systems as well as their limitations. The reported advances offer a powerful toolbox for practical applications of secure communications within future quantum networks.

46 CFR 110.25-1 - Plans and information required for new construction.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Plans and information required for new construction. 110.25-1 Section 110.25-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING GENERAL PROVISIONS Plan Submittal § 110.25-1 Plans and information required for new construction...

46 CFR 110.25-1 - Plans and information required for new construction.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Plans and information required for new construction. 110.25-1 Section 110.25-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING GENERAL PROVISIONS Plan Submittal § 110.25-1 Plans and information required for new construction...

17 CFR 160.6 - Information to be included in privacy notices.

Code of Federal Regulations, 2014 CFR

2014-04-01

... privacy notices. 160.6 Section 160.6 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT Privacy and Opt Out Notices § 160.6 Information to be included in privacy notices. (a) General rule. The...

Measuring Stability and Security in Iraq

DTIC Science & Technology

2010-03-01

development, generating 27 signed investment licenses totaling $2 billion for the tourism and hospitality industries, with 13 projects under...continue to plan and execute the responsible drawdown of U.S. military forces from Iraq. By August 31, 2010, U.S. forces will have transitioned... planning and budgeting, procurement, and information technology. In summary, political, rule-of-law, economic and energy, and security trends in Iraq

78 FR 25533 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-01

... minimize the burden of the collection of information on respondents, including through the use of automated... to take this opportunity to comment on proposed and/or continuing information collections, as... Regulations Governing Payments by the Automated Clearing House Method on Account of United States Securities...

15 CFR 734.9 - Educational information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 15 Commerce and Foreign Trade 2 2014-01-01 2014-01-01 false Educational information. 734.9 Section 734.9 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS SCOPE OF THE...

15 CFR 734.9 - Educational information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Educational information. 734.9 Section 734.9 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS SCOPE OF THE...

15 CFR 734.9 - Educational information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 15 Commerce and Foreign Trade 2 2013-01-01 2013-01-01 false Educational information. 734.9 Section 734.9 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS SCOPE OF THE...

Securing services in the cloud: an investigation of the threats and the mitigations

NASA Astrophysics Data System (ADS)

Farroha, Bassam S.; Farroha, Deborah L.

2012-05-01

The stakeholder's security concerns over data in the clouds (Voice, Video and Text) are a real concern to DoD, the IC and private sector. This is primarily due to the lack of physical isolation of data when migrating to shared infrastructure platforms. The security concerns are related to privacy and regulatory compliance required in many industries (healthcare, financial, law enforcement, DoD, etc) and the corporate knowledge databases. The new paradigm depends on the service provider to ensure that the customer's information is continuously monitored and is kept available, secure, access controlled and isolated from potential adversaries.

33 CFR 133.25 - Notification of Governor's designee.

Code of Federal Regulations, 2014 CFR

2014-07-01

... SECURITY (CONTINUED) MARINE POLLUTION FINANCIAL RESPONSIBILITY AND COMPENSATION OIL SPILL LIABILITY TRUST... information required by paragraph (b) of this section must be forwarded to the Director National Pollution...

33 CFR 133.25 - Notification of Governor's designee.

Code of Federal Regulations, 2012 CFR

2012-07-01

... SECURITY (CONTINUED) MARINE POLLUTION FINANCIAL RESPONSIBILITY AND COMPENSATION OIL SPILL LIABILITY TRUST... information required by paragraph (b) of this section must be forwarded to the Director National Pollution...

33 CFR 133.25 - Notification of Governor's designee.

Code of Federal Regulations, 2013 CFR

2013-07-01

... SECURITY (CONTINUED) MARINE POLLUTION FINANCIAL RESPONSIBILITY AND COMPENSATION OIL SPILL LIABILITY TRUST... information required by paragraph (b) of this section must be forwarded to the Director National Pollution...

33 CFR 133.25 - Notification of Governor's designee.

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY (CONTINUED) MARINE POLLUTION FINANCIAL RESPONSIBILITY AND COMPENSATION OIL SPILL LIABILITY TRUST... information required by paragraph (b) of this section must be forwarded to the Director National Pollution...

33 CFR 133.25 - Notification of Governor's designee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY (CONTINUED) MARINE POLLUTION FINANCIAL RESPONSIBILITY AND COMPENSATION OIL SPILL LIABILITY TRUST... information required by paragraph (b) of this section must be forwarded to the Director National Pollution...

33 CFR 187.107 - What information must be made available to assist law enforcement officials and what information...

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false What information must be made available to assist law enforcement officials and what information may be made available? 187.107 Section 187.107 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) BOATING SAFETY VESSEL IDENTIFICATION SYSTEM...

Cyber-Informed Engineering

DOE Office of Scientific and Technical Information (OSTI.GOV)

Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2011 CFR

2011-07-01

... Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF..., Air Force Security and Policy Review Program AFI 36-2603, Air Force Board for Correction of Military... Responsibility AFI 36-2907, Unfavorable Information File (UIF) Program AFPD 37-1, Air Force Information...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2013 CFR

2013-07-01

... Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF..., Air Force Security and Policy Review Program AFI 36-2603, Air Force Board for Correction of Military... Responsibility AFI 36-2907, Unfavorable Information File (UIF) Program AFPD 37-1, Air Force Information...

75 FR 12174 - Proposed Information Collection; Comment Request; Request for Special Priorities Assistance

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-15

... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment.... ACTION: Notice. SUMMARY: The Department of Commerce, as part of its continuing effort to reduce paperwork...: Direct all written comments to Diana Hynek, Departmental Paperwork Clearance Officer, Department of...

46 CFR 154.36 - Correspondence and vessel information: Submission.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 5 2014-10-01 2014-10-01 false Correspondence and vessel information: Submission. 154.36 Section 154.36 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES General § 154.36...

46 CFR 154.36 - Correspondence and vessel information: Submission.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Correspondence and vessel information: Submission. 154.36 Section 154.36 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES General § 154.36...

46 CFR 154.36 - Correspondence and vessel information: Submission.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 5 2013-10-01 2013-10-01 false Correspondence and vessel information: Submission. 154.36 Section 154.36 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES General § 154.36...

46 CFR 170.085 - Information required before a stability test.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 7 2013-10-01 2013-10-01 false Information required before a stability test. 170.085 Section 170.085 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR ALL INSPECTED VESSELS Plan Approval § 170.085 Information required before a stability test. If a stability test is t...

Medical image security in a HIPAA mandated PACS environment.

PubMed

Cao, F; Huang, H K; Zhou, X Q

2003-01-01

Medical image security is an important issue when digital images and their pertinent patient information are transmitted across public networks. Mandates for ensuring health data security have been issued by the federal government such as Health Insurance Portability and Accountability Act (HIPAA), where healthcare institutions are obliged to take appropriate measures to ensure that patient information is only provided to people who have a professional need. Guidelines, such as digital imaging and communication in medicine (DICOM) standards that deal with security issues, continue to be published by organizing bodies in healthcare. However, there are many differences in implementation especially for an integrated system like picture archiving and communication system (PACS), and the infrastructure to deploy these security standards is often lacking. Over the past 6 years, members in the Image Processing and Informatics Laboratory, Childrens Hospital, Los Angeles/University of Southern California, have actively researched image security issues related to PACS and teleradiology. The paper summarizes our previous work and presents an approach to further research on the digital envelope (DE) concept that provides image integrity and security assurance in addition to conventional network security protection. The DE, including the digital signature (DS) of the image as well as encrypted patient information from the DICOM image header, can be embedded in the background area of the image as an invisible permanent watermark. The paper outlines the systematic development, evaluation and deployment of the DE method in a PACS environment. We have also proposed a dedicated PACS security server that will act as an image authority to check and certify the image origin and integrity upon request by a user, and meanwhile act also as a secure DICOM gateway to the outside connections and a PACS operation monitor for HIPAA supporting information. Copyright 2002 Elsevier Science Ltd.

COmmunications and Networking with QUantum operationally Secure Technology for Maritime Deployment (CONQUEST)

DTIC Science & Technology

2016-12-02

Quantum Computing , University of Waterloo, Waterloo ON, N2L 3G1, Canada (Dated: December 1, 2016) Continuous variable (CV) quantum key distribution (QKD...Networking with QUantum operationally-Secure Technology for Maritime Deployment (CONQUEST) Contract Period of Performance: 2 September 2016 – 1 September...this letter or have any other questions. Sincerely, Raytheon BBN Technologies Kathryn Carson Program Manager Quantum Information Processing

17 CFR 248.16 - Protection of Fair Credit Reporting Act.

Code of Federal Regulations, 2010 CFR

2010-04-01

... (CONTINUED) REGULATIONS S-P AND S-AM Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Personal Information Relation to Other Laws; Effective Date § 248.16 Protection of Fair Credit... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Protection of Fair Credit...

46 CFR 110.25-1 - Plans and information required for new construction.

Code of Federal Regulations, 2011 CFR

2011-10-01

....25-1 Section 110.25-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING GENERAL PROVISIONS Plan Submittal § 110.25-1 Plans and information required for new construction... available at the point of application. (b) Electrical plant load analysis including connected loads and...

46 CFR 110.25-1 - Plans and information required for new construction.

Code of Federal Regulations, 2014 CFR

2014-10-01

....25-1 Section 110.25-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING GENERAL PROVISIONS Plan Submittal § 110.25-1 Plans and information required for new construction... available at the point of application. (b) Electrical plant load analysis including connected loads and...

The Effect of Password Management Procedures on the Entropy of User Selected Passwords

ERIC Educational Resources Information Center

Enamait, John D.

2012-01-01

Maintaining the security of information contained within computer systems poses challenges for users and administrators. Attacks on information systems continue to rise. Specifically, attacks that target user authentication are increasingly popular. These attacks are based on the common perception that traditional alphanumeric passwords are weak…

33 CFR 155.245 - Damage stability information for inland oil barges.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Damage stability information for inland oil barges. 155.245 Section 155.245 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION PREVENTION REGULATIONS FOR...

33 CFR 155.245 - Damage stability information for inland oil barges.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Damage stability information for inland oil barges. 155.245 Section 155.245 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION PREVENTION REGULATIONS FOR...

33 CFR 155.240 - Damage stability information for oil tankers and offshore oil barges.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Damage stability information for oil tankers and offshore oil barges. 155.240 Section 155.240 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION...

33 CFR 155.240 - Damage stability information for oil tankers and offshore oil barges.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Damage stability information for oil tankers and offshore oil barges. 155.240 Section 155.240 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION...

15 CFR 718.3 - Disclosure of confidential business information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS... Organization for the Prohibition of Chemical Weapons (OPCW). (i) As provided by Section 404(b)(1) of the Act... notifications. Information contained in advance notifications of exports and imports of Schedule 1 chemicals is...

33 CFR 155.240 - Damage stability information for oil tankers and offshore oil barges.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Damage stability information for oil tankers and offshore oil barges. 155.240 Section 155.240 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION...

33 CFR 155.245 - Damage stability information for inland oil barges.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Damage stability information for inland oil barges. 155.245 Section 155.245 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) POLLUTION OIL OR HAZARDOUS MATERIAL POLLUTION PREVENTION REGULATIONS FOR...

32 CFR 811.2 - Release of visual information materials.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Section 811.2 National Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE SALES AND SERVICES RELEASE, DISSEMINATION, AND SALE OF VISUAL INFORMATION MATERIALS § 811.2 Release of visual... Security and Policy Review Program. (b) The Secretary of the Air Force for Legislative Liaison (SAF/LL...

15 CFR Supplement No. 2 to Part 710 - Definitions of Production

Code of Federal Regulations, 2012 CFR

2012-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) Pt. 710, Supp. 2...

15 CFR Supplement No. 2 to Part 710 - Definitions of Production

Code of Federal Regulations, 2013 CFR

2013-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) Pt. 710, Supp. 2...

[The value of using administrative data in public health research: the Continuous Working Life Sample].

PubMed

López, María Andrée; Benavides, Fernando G; Alonso, Jordi; Espallargues, Mireia; Durán, Xavier; Martínez, José Miguel

2014-01-01

The use of administrative data is common practice in public health research. The present field note describes the Continuous Working Life Sample (CWLS) and its use in health research. The CWLS is built on records generated by all contacts with the social security system (work contracts, disability, etc.), plus tax data (monetary gains, income, etc.) and census data (level of education, country of birth, etc.), but does not allow individuals to be identified. The CWLS was started in 2004 with 4% (1.1 million persons) of the total population who were either contributors to or beneficiaries of the social security system. The information on the individuals in the CWLS is updated annually and lost individuals are replaced. This continuous design allows the construction of a cohort with information on working life and financial status and evaluation of their relationship with work disability. Future connection with clinical records would enable analysis of other health-related outcomes. Copyright © 2013 SESPAS. Published by Elsevier Espana. All rights reserved.

COPERNICUS - The European Union Earth Observation Programme - State of play and way ahead

NASA Astrophysics Data System (ADS)

Koch, Astrid-Christina

2015-04-01

Copernicus is the new name of the European Earth Observation Programme, GMES (Global Monitoring for Environment and Security). Copernicus or rather its predecessor was established as an EU programme. It covers all the activities for ensuring an uninterrupted provision of accurate and reliable data and information on environmental issues and security matters to users in charge of policy making, implementation and monitoring, in the EU and its Member States. Copernicus aims at providing Europe with a continuous, independent and reliable access to observation data and information. The EU investment aims at filling the observation gaps, providing access to existing assets and developing operational services. The data policy of the Copernicus programme supports an open, full and free of charge data access that is in line with the data sharing principles of the Group for Earth Observation (GEO). Copernicus is structured in six Services: Marine, Atmosphere, Land and Climate change monitoring as well as support to Emergency and Security. Copernicus uses data from satellites and in-situ sensors such as buoys, balloons or air sensors to provide timely and reliable added-value information and forecasting to support for example, agriculture and fisheries, land use and urban planning, the fight against forest fires, disaster response, maritime transport or air pollution monitoring. The need for continuing such observations is becoming critical, considering the increasing political pressure on public authorities to take informed decisions in the field of environment, security and climate change and the need to respect international agreements. Copernicus also contributes to economic stability and growth by boosting commercial applications (the so-called downstream services) in many different sectors through a full and open access to Copernicus observation data and information products. KEY WORDS: Sentinels, big data, data access, Emergency, Marine, Atmosphere.

77 FR 28606 - Agency Information Collection Activities: Proposed Collection: Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-15

... of both competitive programs will need to complete non-competing continuation (NCC) progress reports...-year project periods. Development Grant recipients will be required to complete one NCC to secure the...

Synopsis of Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission Value

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

2008-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with the goal of improved enterprise and business risk management. Economic uncertainty, intensively collaborative work styles, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation of a balanced approach. The Cyberspace Security Econometrics System (CSES) provides a measure of reliability, security and safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder,more » CSES reflects the variance that may exist among the stakes one attaches to meeting each requirement. This paper summarizes the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural underpinnings.« less

Emotional security in the family system and psychological distress in female survivors of child sexual abuse.

PubMed

Cantón-Cortés, David; Cantón, José; Cortés, María Rosario

2016-01-01

The Emotional Security Theory (EST) was originally developed to investigate the association between high levels of interparental conflict and child maladaptative outcome. The objective of the present study was to analyze the effects of emotional security in the family system on psychological distress among a sample of young female adult survivors of child sexual abuse (CSA). The role of emotional security was investigated through the interactive effects of a number of factors including the type of abuse, the continuity of abuse, the relationship with the perpetrator and the existence of disclosure for the abuse. Participants were 167 female survivors of CSA. Information about the abuse was obtained from a self-reported questionnaire. Emotional security was assessed with the Security in the Family System (SIFS) Scale, and the Symptom Checklist-90-Revised (SCL-90-R) was used to assess psychological distress. In the total sample, insecurity (preoccupation and disengagement) was correlated with high psychological distress scores, whereas no relationship was found between security and psychological distress. The relationship between emotional insecurity and psychological distress was stronger in cases of continued abuse and non-disclosure, while the relationship between emotional security and distress was stronger in cases of extrafamilial abuse and especially isolated or several incidents and when a disclosure had been made. No interactive effect was found between any of the three emotional variables and the type of abuse committed. The results of the current study suggest that characteristics of CSA such as relationship with the perpetrator and, especially, continuity of abuse and whether or not disclosure had been made, can affect the impact of emotional security on psychological distress of CSA survivors. Copyright © 2015 Elsevier Ltd. All rights reserved.

Addressing the Need for Independence in the CSE Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Ferragut, Erik M; Sheldon, Frederick T

2011-01-01

Abstract Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. Risk assessment is the widely accepted process used to understand, quantify, and document the effects of undesirable events on organizational objectives so that risk management, continuity of operations planning, and contingency planning can be performed. One technique, the Cyberspace Security Econometrics System (CSES), is a methodology for estimating security costs to stakeholders as a function of possible risk postures. In earlier works, we presented a computationalmore » infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain, as a result of security breakdowns. Additional work has applied CSES to specific business cases. The current state-of-the-art of CSES addresses independent events. In typical usage, analysts create matrices that capture their expert opinion, and then use those matrices to quantify costs to stakeholders. This expansion generalizes CSES to the common real-world case where events may be dependent.« less

Reviews on Security Issues and Challenges in Cloud Computing

NASA Astrophysics Data System (ADS)

An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

2016-11-01

Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

Measurement-Device-Independent Quantum Key Distribution over Untrustful Metropolitan Network

NASA Astrophysics Data System (ADS)

Tang, Yan-Lin; Yin, Hua-Lei; Zhao, Qi; Liu, Hui; Sun, Xiang-Xiang; Huang, Ming-Qi; Zhang, Wei-Jun; Chen, Si-Jing; Zhang, Lu; You, Li-Xing; Wang, Zhen; Liu, Yang; Lu, Chao-Yang; Jiang, Xiao; Ma, Xiongfeng; Zhang, Qiang; Chen, Teng-Yun; Pan, Jian-Wei

2016-01-01

Quantum cryptography holds the promise to establish an information-theoretically secure global network. All field tests of metropolitan-scale quantum networks to date are based on trusted relays. The security critically relies on the accountability of the trusted relays, which will break down if the relay is dishonest or compromised. Here, we construct a measurement-device-independent quantum key distribution (MDIQKD) network in a star topology over a 200-square-kilometer metropolitan area, which is secure against untrustful relays and against all detection attacks. In the field test, our system continuously runs through one week with a secure key rate 10 times larger than previous results. Our results demonstrate that the MDIQKD network, combining the best of both worlds—security and practicality, constitutes an appealing solution to secure metropolitan communications.

Academic Information Security Researchers: Hackers or Specialists?

PubMed

Dadkhah, Mehdi; Lagzian, Mohammad; Borchardt, Glenn

2018-04-01

In this opinion piece, we present a synopsis of our findings from the last 2 years concerning cyber-attacks on web-based academia. We also present some of problems that we have faced and try to resolve any misunderstandings about our work. We are academic information security specialists, not hackers. Finally, we present a brief overview of our methods for detecting cyber fraud in an attempt to present general guidelines for researchers who would like to continue our work. We believe that our work is necessary for protecting the integrity of scholarly publishing against emerging cybercrime.

Generating unique IDs from patient identification data using security models.

PubMed

Mohammed, Emad A; Slack, Jonathan C; Naugler, Christopher T

2016-01-01

The use of electronic health records (EHRs) has continued to increase within healthcare systems in the developed and developing nations. EHRs allow for increased patient safety, grant patients easier access to their medical records, and offer a wealth of data to researchers. However, various bioethical, financial, logistical, and information security considerations must be addressed while transitioning to an EHR system. The need to encrypt private patient information for data sharing is one of the foremost challenges faced by health information technology. We describe the usage of the message digest-5 (MD5) and secure hashing algorithm (SHA) as methods for encrypting electronic medical data. In particular, we present an application of the MD5 and SHA-1 algorithms in encrypting a composite message from private patient information. The results show that the composite message can be used to create a unique one-way encrypted ID per patient record that can be used for data sharing. The described software tool can be used to share patient EMRs between practitioners without revealing patients identifiable data.

15 CFR 745.1 - Advance notification and annual report of all exports of Schedule 1 chemicals to other States...

Code of Federal Regulations, 2010 CFR

2010-01-01

... address: Information Technology Team, Treaty Compliance Division, Bureau of Industry and Security, U.S... courier delivery to the following address: Information Technology Team, Treaty Compliance Division, Bureau... Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND...

15 CFR Supplement No. 1 to Part 718 - Confidential Business Information Declared or Reported *

Code of Federal Regulations, 2011 CFR

2011-01-01

... Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS CONFIDENTIAL BUSINESS INFORMATION Pt. 718, Supp. 1 Supplement No. 1 to Part... Chemicals Forms: Certification Form NONE. Form UDOC NONE. FORMS A and B and attachments (all Schedules and...

A Lightweight Continuous Authentication Protocol for the Internet of Things.

PubMed

Chuang, Yo-Hsuan; Lo, Nai-Wei; Yang, Cheng-Ying; Tang, Ssu-Wei

2018-04-05

Modern societies are moving toward an information-oriented environment. To gather and utilize information around people's modern life, tiny devices with all kinds of sensing devices and various sizes of gateways need to be deployed and connected with each other through the Internet or proxy-based wireless sensor networks (WSNs). Within this kind of Internet of Things (IoT) environment, how to authenticate each other between two communicating devices is a fundamental security issue. As a lot of IoT devices are powered by batteries and they need to transmit sensed data periodically, it is necessary for IoT devices to adopt a lightweight authentication protocol to reduce their energy consumption when a device wants to authenticate and transmit data to its targeted peer. In this paper, a lightweight continuous authentication protocol for sensing devices and gateway devices in general IoT environments is introduced. The concept of valid authentication time period is proposed to enhance robustness of authentication between IoT devices. To construct the proposed lightweight continuous authentication protocol, token technique and dynamic features of IoT devices are adopted in order to reach the design goals: the reduction of time consumption for consecutive authentications and energy saving for authenticating devices through by reducing the computation complexity during session establishment of continuous authentication. Security analysis is conducted to evaluate security strength of the proposed protocol. In addition, performance analysis has shown the proposed protocol is a strong competitor among existing protocols for device-to-device authentication in IoT environments.

A Case Study of Information Resource Management in the Department of Defense

DTIC Science & Technology

1992-03-01

prepared to make effective decisions in a military environment. The justification for the use of information technology (IT) in support of operations...t ement No PfICt NO [ask No r 11 TITLE (Include Security Classification) A Case Study ofinformation Resourcc Management in the Departnentufl)clelse...block number) FIELD GROUP SUBGROUP Case study,Corporate Information Management, CIM. Information Hesource Munagenitnt IRM 19 ABSTRACT (continue on

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education.

PubMed

Henriksen, Eva; Burkow, Tatjana M; Johnsen, Elin; Vognild, Lars K

2013-08-09

Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient's TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO's standard for information security risk management. A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy.

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

15 CFR 783.3 - Reports containing information determined by BIS not to be required by the APR.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS CIVIL NUCLEAR FUEL CYCLE-RELATED ACTIVITIES NOT INVOLVING NUCLEAR MATERIALS...

Anonymous voting for multi-dimensional CV quantum system

NASA Astrophysics Data System (ADS)

Rong-Hua, Shi; Yi, Xiao; Jin-Jing, Shi; Ying, Guo; Moon-Ho, Lee

2016-06-01

We investigate the design of anonymous voting protocols, CV-based binary-valued ballot and CV-based multi-valued ballot with continuous variables (CV) in a multi-dimensional quantum cryptosystem to ensure the security of voting procedure and data privacy. The quantum entangled states are employed in the continuous variable quantum system to carry the voting information and assist information transmission, which takes the advantage of the GHZ-like states in terms of improving the utilization of quantum states by decreasing the number of required quantum states. It provides a potential approach to achieve the efficient quantum anonymous voting with high transmission security, especially in large-scale votes. Project supported by the National Natural Science Foundation of China (Grant Nos. 61272495, 61379153, and 61401519), the Research Fund for the Doctoral Program of Higher Education of China (Grant No. 20130162110012), and the MEST-NRF of Korea (Grant No. 2012-002521).

A security architecture for interconnecting health information systems.

PubMed

Gritzalis, Dimitris; Lambrinoudakis, Costas

2004-03-31

Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

Forecasting of Information Security Related Incidents: Amount of Spam Messages as a Case Study

NASA Astrophysics Data System (ADS)

Romanov, Anton; Okamoto, Eiji

With the increasing demand for services provided by communication networks, quality and reliability of such services as well as confidentiality of data transfer are becoming ones of the highest concerns. At the same time, because of growing hacker's activities, quality of provided content and reliability of its continuous delivery strongly depend on integrity of data transmission and availability of communication infrastructure, thus on information security of a given IT landscape. But, the amount of resources allocated to provide information security (like security staff, technical countermeasures and etc.) must be reasonable from the economic point of view. This fact, in turn, leads to the need to employ a forecasting technique in order to make planning of IT budget and short-term planning of potential bottlenecks. In this paper we present an approach to make such a forecasting for a wide class of information security related incidents (ISRI) — unambiguously detectable ISRI. This approach is based on different auto regression models which are widely used in financial time series analysis but can not be directly applied to ISRI time series due to specifics related to information security. We investigate and address this specifics by proposing rules (special conditions) of collection and storage of ISRI time series, adherence to which improves forecasting in this subject field. We present an application of our approach to one type of unambiguously detectable ISRI — amount of spam messages which, if not mitigated properly, could create additional load on communication infrastructure and consume significant amounts of network capacity. Finally we evaluate our approach by simulation and actual measurement.

Using RFID to Enhance Security in Off-Site Data Storage

PubMed Central

Lopez-Carmona, Miguel A.; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R.

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system’s benefits in terms of efficiency and failure prevention. PMID:22163638

Using RFID to enhance security in off-site data storage.

PubMed

Lopez-Carmona, Miguel A; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2010-01-01

Off-site data storage is one of the most widely used strategies in enterprises of all sizes to improve business continuity. In medium-to-large size enterprises, the off-site data storage processes are usually outsourced to specialized providers. However, outsourcing the storage of critical business information assets raises serious security considerations, some of which are usually either disregarded or incorrectly addressed by service providers. This article reviews these security considerations and presents a radio frequency identification (RFID)-based, off-site, data storage management system specifically designed to address security issues. The system relies on a set of security mechanisms or controls that are arranged in security layers or tiers to balance security requirements with usability and costs. The system has been successfully implemented, deployed and put into production. In addition, an experimental comparison with classical bar-code-based systems is provided, demonstrating the system's benefits in terms of efficiency and failure prevention.

Organizing safety: conditions for successful information assurance programs.

PubMed

Collmann, Jeff; Coleman, Johnathan; Sostrom, Kristen; Wright, Willie

2004-01-01

Organizations must continuously seek safety. When considering computerized health information systems, "safety" includes protecting the integrity, confidentiality, and availability of information assets such as patient information, key components of the technical information system, and critical personnel. "High Reliability Theory" (HRT) argues that organizations with strong leadership support, continuous training, redundant safety mechanisms, and "cultures of high reliability" can deploy and safely manage complex, risky technologies such as nuclear weapons systems or computerized health information systems. In preparation for the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the Office of the Assistant Secretary of Defense (Health Affairs), the Offices of the Surgeons General of the United States Army, Navy and Air Force, and the Telemedicine and Advanced Technology Research Center (TATRC), US Army Medical Research and Materiel Command sponsored organizational, doctrinal, and technical projects that individually and collectively promote conditions for a "culture of information assurance." These efforts include sponsoring the "P3 Working Group" (P3WG), an interdisciplinary, tri-service taskforce that reviewed all relevant Department of Defense (DoD), Miliary Health System (MHS), Army, Navy and Air Force policies for compliance with the HIPAA medical privacy and data security regulations; supporting development, training, and deployment of OCTAVE(sm), a self-directed information security risk assessment process; and sponsoring development of the Risk Information Management Resource (RIMR), a Web-enabled enterprise portal about health information assurance.

75 FR 18558 - Self-Regulatory Organizations; NYSE Arca, Inc.; Order Granting Accelerated Approval of a Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-12

.... Information regarding the market price and trading volume of the Shares will be continually available on a... trading volume information for the Shares will be published daily in the financial sections of newspapers...), name of security or financial instrument, number of shares or dollar value of financial instruments...

46 CFR 160.151-59 - Operating instructions and information for the ship's training manual.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 6 2010-10-01 2010-10-01 false Operating instructions and information for the ship's training manual. 160.151-59 Section 160.151-59 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS: SPECIFICATIONS AND APPROVAL LIFESAVING EQUIPMENT Inflatable Liferafts (SOLAS) § 160.151-59...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2010 CFR

2010-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2011 CFR

2011-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2013 CFR

2013-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2012 CFR

2012-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2014 CFR

2014-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

46 CFR 162.060-14 - Information requirements for the ballast water management system (BWMS) application.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 6 2012-10-01 2012-10-01 false Information requirements for the ballast water management system (BWMS) application. 162.060-14 Section 162.060-14 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS: SPECIFICATIONS AND APPROVAL ENGINEERING EQUIPMENT Ballast Water Management Systems §...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2012 CFR

2012-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2013 CFR

2013-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2010 CFR

2010-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2014 CFR

2014-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

33 CFR 137.80 - Commonly known or reasonably ascertainable information about the facility and the real property...

Code of Federal Regulations, 2011 CFR

2011-07-01

... Section 137.80 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... ALL APPROPRIATE INQUIRIES UNDER THE INNOCENT LAND-OWNER DEFENSE Standards and Practices § 137.80...

77 FR 3843 - Agency Information Collection (Procedures, and Security for Government Financing) Activities...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-25

...: 2900-0688. Type of Review: Extension of a currently approved collection. Abstract: Data collected under... continue contract performance if payments are reduced or suspended upon a finding of fraud. VA will use the...

77 FR 38306 - GFIRST Conference Stakeholder Evaluation

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-27

...), National Cyber Security Division (NCSD), United States Computer Emergency Readiness Team (US-CERT) will...- CERT, [email protected] . SUPPLEMENTARY INFORMATION: GFIRST is DHS's premier cyber conference and continually seeks to enhance collaborative efforts among cyber constituencies, partners, and stakeholders. The...

Flexible and Transparent User Authentication for Mobile Devices

NASA Astrophysics Data System (ADS)

Clarke, Nathan; Karatzouni, Sevasti; Furnell, Steven

The mobile device has become a ubiquitous technology that is capable of supporting an increasingly large array of services, applications and information. Given their increasing importance, it is imperative to ensure that such devices are not misused or abused. Unfortunately, a key enabling control to prevent this, user authentication, has not kept up with the advances in device technology. This paper presents the outcomes of a 2 year study that proposes the use of transparent and continuous biometric authentication of the user: providing more comprehensive identity verification; minimizing user inconvenience; and providing security throughout the period of use. A Non-Intrusive and Continuous Authentication (NICA) system is described that maintains a continuous measure of confidence in the identity of the user, removing access to sensitive services and information with low confidence levels and providing automatic access with higher confidence levels. An evaluation of the framework is undertaken from an end-user perspective via a trial involving 27 participants. Whilst the findings raise concerns over education, privacy and intrusiveness, overall 92% of users felt the system offered a more secure environment when compared to existing forms of authentication.

Towards the cyber security paradigm of ehealth: Resilience and design aspects

NASA Astrophysics Data System (ADS)

Rajamäki, Jyri; Pirinen, Rauno

2017-06-01

Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

Analysis of CSIRT/SOC Incidents and Continuous Monitoring of Threats

NASA Technical Reports Server (NTRS)

Wang, John; Ishisoko, Katsutoshi C.

2012-01-01

Security Operations Centers (SOC) contain a wealth of data which, if properly classified and tagged upfront, can yield a wealth of real-time information about your organizations IT Security posture, risks, and threats. These include answers to relevant and actionable questions such as: What are our biggest threats? Who is attacking us and what do they want? What controls are working or not working? How effective was the new technology we just implemented? What is our ROI?

Translations on Eastern Europe, Scientific Affairs, Number 563

DTIC Science & Technology

1977-12-11

Security Class (This Report) l"*ri:*.SSIFi5P 20. Security Class (This JNCLASSIFIED Pa« 21. No. of Pages 28 22. Price KORM NT1S- 35 (REV. 3...Information Science Association (at the request of the ZSM [Mini- computer System Works] MERA Research and Development Center). The software...the packaging industry will grow at an average rate of 12 percent/year and in Romania will continue to be significant ( 35 percent in 1975, 30.3

Secure Information Sharing: Part I. Shaping Industry Interaction

DTIC Science & Technology

2008-02-01

reduce costs and maximize return, continues to be a simple, core concept to competitive advantage . Defense AT&L: January-February 2008 38 New Supply...only government body to benefit . The British Ministry of Defence will also be using secure e-mail to send U.K.-restricted e-mail over the Internet...illustrates two major advantages of DSIF: First, there are no accounts for the BAE Systems users at LMCO, and there are no credentials that need to

Securing the Next Ripple in Information Security: The Defense Industrial Base (DIB)

DTIC Science & Technology

2012-06-14

Cybersecurity model for the DIB needs to be more preventative rather than responsive and a model should stress continuous improvement. In a 2012 data breach investigation...of what they do, but most become a target because of what they do (or don’t do)”, in the 2011 Data Breach Investigations Report. Therefore the...txt Verizon Risk Team (2012). Data Breach Investigations Report. Verizon Business, March 2012. http://www.verizonbusiness.com/resources

Analysis of Security Protocols for Mobile Healthcare.

PubMed

Wazid, Mohammad; Zeadally, Sherali; Das, Ashok Kumar; Odelu, Vanga

2016-11-01

Mobile Healthcare (mHealth) continues to improve because of significant improvements and the decreasing costs of Information Communication Technologies (ICTs). mHealth is a medical and public health practice, which is supported by mobile devices (for example, smartphones) and, patient monitoring devices (for example, various types of wearable sensors, etc.). An mHealth system enables healthcare experts and professionals to have ubiquitous access to a patient's health data along with providing any ongoing medical treatment at any time, any place, and from any device. It also helps the patient requiring continuous medical monitoring to stay in touch with the appropriate medical staff and healthcare experts remotely. Thus, mHealth has become a major driving force in improving the health of citizens today. First, we discuss the security requirements, issues and threats to the mHealth system. We then present a taxonomy of recently proposed security protocols for mHealth system based on features supported and possible attacks, computation cost and communication cost. Our detailed taxonomy demonstrates the strength and weaknesses of recently proposed security protocols for the mHealth system. Finally, we identify some of the challenges in the area of security protocols for mHealth systems that still need to be addressed in the future to enable cost-effective, secure and robust mHealth systems.

What is a 'secure base' when death is approaching? A study applying attachment theory to adult patients' and family members' experiences of palliative home care.

PubMed

Milberg, A; Wåhlberg, R; Jakobsson, M; Olsson, E-C; Olsson, M; Friedrichsen, M

2012-08-01

Attachment theory has received much interest lately in relation to how adults cope with stress and severe illness. The aim of this study was using the experiences of patients and family members to explore palliative home care as a 'secure base' (a central concept within the theory). Twelve patients and 14 family members were interviewed during ongoing palliative home care. The interviews were analysed with deductive qualitative content analysis. Informants expressed the relevance of sensing security during palliative home care because death and dying were threats that contributed to vulnerability. Palliative home care could foster a feeling of security and provide a secure base. This was facilitated when informants had trust in staff (e.g. due to availability and competence in providing symptom relief), felt recognised as individuals and welcomed to contact the team in times of needs. Being comfortable, informed and having an everyday life also contributed to a perception of palliative home care as a secure base. Family members stressed the importance of being relieved from responsibilities that were too heavy. The underlying meanings of experiencing palliative home care as a secure base involved gaining a sense of control and of inner peace, perceiving that despite a demanding and changed life situation, one could continue partially being oneself and having something to hope for, even if this no longer concerned cure for the ill person. Important aspects of palliative home care as providing a secure base were identified and these have implications for clinical practice. Copyright © 2011 John Wiley & Sons, Ltd.

How a central bank perceives the (visual) communication of security features on its banknotes

NASA Astrophysics Data System (ADS)

Tornare, Roland

1998-04-01

The banknotes of earlier generations were protected by two or three security features with which the general public was familiar: watermark, security thread, intaglio printing. The remaining features pleased primarily printers and central banks, with little thought being given to public perception. The philosophy adopted two decades ago was based on a certain measure of discretion. It required patience and perseverance to discover the built-in security features of the banknotes. When colour photocopiers appeared on the scene in the mid- eighties we were compelled to take precautionary measures to protect our banknotes. One such measure consisted of an information campaign to prepare ourselves for this new potential threat. At this point, we actually became fully aware of the complex design of our banknotes and how difficult it is to communicate clearly the difference between a genuine and a counterfeit banknote. This difficult experience has nevertheless been a great benefit. It badgered us continually during the initial phase of designing the banknotes and preparing the information campaign.

Surveillance data management system

NASA Astrophysics Data System (ADS)

Teague, Ralph

2002-10-01

On October 8, 2001, an Executive Order was signed creating the White House Office of Homeland Security. With its formaiton comes focused attention in setting goals and priorities for homeland security. Analysis, preparation, and implementation of strategies will hinge not only on how information is collected and analyzed, but more important, on how it is coordinated and shared. Military installations/facilities, Public safety agencies, airports, federal and local offices, public utilities, harbors, transportation and others critical areas must work either independently or as a team to ensure the safety of our citizens and visitor. In this new era of increased security, the key to interoperation is continuous information exchanged-events must be rapidly identified, reported and responded to by the appropriate agencies. For instance when a threat has been detected the security officers must be immediately alerted and must have access to the type of threat, location, movement, heading, threat size, etc to respond accordingly and the type of support required. This requires instant communications and teamwork with reliable and flexible technology.

A Lightweight Continuous Authentication Protocol for the Internet of Things

PubMed Central

Chuang, Yo-Hsuan; Yang, Cheng-Ying; Tang, Ssu-Wei

2018-01-01

Modern societies are moving toward an information-oriented environment. To gather and utilize information around people’s modern life, tiny devices with all kinds of sensing devices and various sizes of gateways need to be deployed and connected with each other through the Internet or proxy-based wireless sensor networks (WSNs). Within this kind of Internet of Things (IoT) environment, how to authenticate each other between two communicating devices is a fundamental security issue. As a lot of IoT devices are powered by batteries and they need to transmit sensed data periodically, it is necessary for IoT devices to adopt a lightweight authentication protocol to reduce their energy consumption when a device wants to authenticate and transmit data to its targeted peer. In this paper, a lightweight continuous authentication protocol for sensing devices and gateway devices in general IoT environments is introduced. The concept of valid authentication time period is proposed to enhance robustness of authentication between IoT devices. To construct the proposed lightweight continuous authentication protocol, token technique and dynamic features of IoT devices are adopted in order to reach the design goals: the reduction of time consumption for consecutive authentications and energy saving for authenticating devices through by reducing the computation complexity during session establishment of continuous authentication. Security analysis is conducted to evaluate security strength of the proposed protocol. In addition, performance analysis has shown the proposed protocol is a strong competitor among existing protocols for device-to-device authentication in IoT environments. PMID:29621168

19 CFR 181.121 - Maintenance of confidentiality.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 181.121 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY (CONTINUED) NORTH AMERICAN FREE TRADE AGREEMENT Confidentiality of Business... possession of confidential business information collected pursuant to this part shall, in accordance with...

19 CFR 181.122 - Disclosure to government authorities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Section 181.122 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY (CONTINUED) NORTH AMERICAN FREE TRADE AGREEMENT Confidentiality of Business... the disclosure of confidential business information to governmental authorities in the United States...

32 CFR 154.19 - Reinvestigation.

Code of Federal Regulations, 2011 CFR

2011-07-01

... to Sensitive Compartmented Information (SCI). Each individual having current access to SCI shall be... certain SCI duties may require very special compartmentation and other special security measures. In such... for continued SCI access. (h) Foreign nationals employed by DoD organizations overseas. Foreign...

Supplemental Nutrition Assistance Program participation is associated with an increase in household food security in a national evaluation.

PubMed

Mabli, James; Ohls, Jim

2015-02-01

The Supplemental Nutrition Assistance Program (SNAP) provides nutrition assistance benefits to low-income families in an effort to reduce hunger and improve health and well-being. Because 1 in 7 Americans participate in the program each month, policymakers need to know whether the program is meeting these objectives effectively. The objective of this study was to estimate the association between SNAP participation and household food security using recent data from the largest national survey of the food security of SNAP participants to date. The analysis used a survey of nearly 6500 households and a quasi-experimental research design that consisted of 2 sets of comparisons. Using a cross-sectional sample, we compared information collected from SNAP households within days of program entry with information collected from a contemporaneous sample of SNAP households that had participated for ∼6 mo. Next, using a longitudinal sample, we compared baseline information collected from new-entrant SNAP households with information from those same households 6 mo later. Multivariate logistic regression analysis was used to estimate associations between SNAP and household food security. SNAP participation decreased the percentage of SNAP households that were food insecure in both samples by 6-17%. SNAP participation also decreased the percentage of households experiencing severe food insecurity--designated very low food security--by 12-19%. Findings were qualitatively robust to different empirical specifications. SNAP serves a vital role in improving the health and well-being of households by increasing food security. Given recent legislation to reduce program size and limit program eligibility, this study underscores SNAP's continued importance in affecting households' well-being. Future research is needed to determine whether specific groups of households experience differential improvements in food security. © 2015 American Society for Nutrition.

Statistical security for Social Security.

PubMed

Soneji, Samir; King, Gary

2012-08-01

The financial viability of Social Security, the single largest U.S. government program, depends on accurate forecasts of the solvency of its intergenerational trust fund. We begin by detailing information necessary for replicating the Social Security Administration's (SSA's) forecasting procedures, which until now has been unavailable in the public domain. We then offer a way to improve the quality of these procedures via age- and sex-specific mortality forecasts. The most recent SSA mortality forecasts were based on the best available technology at the time, which was a combination of linear extrapolation and qualitative judgments. Unfortunately, linear extrapolation excludes known risk factors and is inconsistent with long-standing demographic patterns, such as the smoothness of age profiles. Modern statistical methods typically outperform even the best qualitative judgments in these contexts. We show how to use such methods, enabling researchers to forecast using far more information, such as the known risk factors of smoking and obesity and known demographic patterns. Including this extra information makes a substantial difference. For example, by improving only mortality forecasting methods, we predict three fewer years of net surplus, $730 billion less in Social Security Trust Funds, and program costs that are 0.66% greater for projected taxable payroll by 2031 compared with SSA projections. More important than specific numerical estimates are the advantages of transparency, replicability, reduction of uncertainty, and what may be the resulting lower vulnerability to the politicization of program forecasts. In addition, by offering with this article software and detailed replication information, we hope to marshal the efforts of the research community to include ever more informative inputs and to continue to reduce uncertainties in Social Security forecasts.

Generating unique IDs from patient identification data using security models

PubMed Central

Mohammed, Emad A.; Slack, Jonathan C.; Naugler, Christopher T.

2016-01-01

Background: The use of electronic health records (EHRs) has continued to increase within healthcare systems in the developed and developing nations. EHRs allow for increased patient safety, grant patients easier access to their medical records, and offer a wealth of data to researchers. However, various bioethical, financial, logistical, and information security considerations must be addressed while transitioning to an EHR system. The need to encrypt private patient information for data sharing is one of the foremost challenges faced by health information technology. Method: We describe the usage of the message digest-5 (MD5) and secure hashing algorithm (SHA) as methods for encrypting electronic medical data. In particular, we present an application of the MD5 and SHA-1 algorithms in encrypting a composite message from private patient information. Results: The results show that the composite message can be used to create a unique one-way encrypted ID per patient record that can be used for data sharing. Conclusion: The described software tool can be used to share patient EMRs between practitioners without revealing patients identifiable data. PMID:28163977

33 CFR 169.205 - What types of ships are required to transmit LRIT information (position reports)?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false What types of ships are required to transmit LRIT information (position reports)? 169.205 Section 169.205 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range...

Network security vulnerabilities and personal privacy issues in Healthcare Information Systems: a case study in a private hospital in Turkey.

PubMed

Namoğlu, Nihan; Ulgen, Yekta

2013-01-01

Healthcare industry has become widely dependent on information technology and internet as it moves from paper to electronic records. Healthcare Information System has to provide a high quality service to patients and a productive knowledge share between healthcare staff by means of patient data. With the internet being commonly used across hospitals, healthcare industry got its own share from cyber threats like other industries in the world. The challenge is allowing knowledge transfer to hospital staff while still ensuring compliance with security mandates. Working in collaboration with a private hospital in Turkey; this study aims to reveal the essential elements of a 21st century business continuity plan for hospitals while presenting the security vulnerabilities in the current hospital information systems and personal privacy auditing standards proposed by regulations and laws. We will survey the accreditation criteria in Turkey and counterparts in US and EU. We will also interview with medical staff in the hospital to understand the needs for personal privacy and the technical staff to perceive the technical requirements in terms of network security configuration and deployment. As hospitals are adopting electronic transactions, it should be considered a must to protect these electronic health records in terms of personal privacy aspects.

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education

PubMed Central

2013-01-01

Background Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient’s TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Methods Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO’s standard for information security risk management. Results A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Conclusions Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy. PMID:23937965

76 FR 47947 - Re-Proposal of Shelf Eligibility Conditions for Asset-Backed Securities

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-05

...We are revising and re-proposing certain rules that were initially proposed in April 2010 related to asset-backed securities in light of the provisions added by the Dodd-Frank Wall Street Reform and Consumer Protection Act and comments received on our April 2010 proposals. Specifically, we are re-proposing registrant and transaction requirements related to shelf registration of asset-backed securities and changes to exhibit filing deadlines. In addition, we are requesting additional comment on our proposal to require asset-level information about the pool assets. We continue to consider the other matters in our April 2010 proposing release.

A Hierarchical Modulation Coherent Communication Scheme for Simultaneous Four-State Continuous-Variable Quantum Key Distribution and Classical Communication

NASA Astrophysics Data System (ADS)

Yang, Can; Ma, Cheng; Hu, Linxi; He, Guangqiang

2018-06-01

We present a hierarchical modulation coherent communication protocol, which simultaneously achieves classical optical communication and continuous-variable quantum key distribution. Our hierarchical modulation scheme consists of a quadrature phase-shifting keying modulation for classical communication and a four-state discrete modulation for continuous-variable quantum key distribution. The simulation results based on practical parameters show that it is feasible to transmit both quantum information and classical information on a single carrier. We obtained a secure key rate of 10^{-3} bits/pulse to 10^{-1} bits/pulse within 40 kilometers, and in the meantime the maximum bit error rate for classical information is about 10^{-7}. Because continuous-variable quantum key distribution protocol is compatible with standard telecommunication technology, we think our hierarchical modulation scheme can be used to upgrade the digital communication systems to extend system function in the future.

46 CFR 170.010 - Equivalents.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 7 2010-10-01 2010-10-01 false Equivalents. 170.010 Section 170.010 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR..., arrangements, calculations, information, or tests required in this subchapter may be approved by the Commandant...

46 CFR 170.010 - Equivalents.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 7 2011-10-01 2011-10-01 false Equivalents. 170.010 Section 170.010 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR..., arrangements, calculations, information, or tests required in this subchapter may be approved by the Commandant...

46 CFR 170.010 - Equivalents.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 7 2014-10-01 2014-10-01 false Equivalents. 170.010 Section 170.010 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR..., arrangements, calculations, information, or tests required in this subchapter may be approved by the Commandant...

46 CFR 170.010 - Equivalents.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 7 2013-10-01 2013-10-01 false Equivalents. 170.010 Section 170.010 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR..., arrangements, calculations, information, or tests required in this subchapter may be approved by the Commandant...

46 CFR 170.010 - Equivalents.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 7 2012-10-01 2012-10-01 false Equivalents. 170.010 Section 170.010 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SUBDIVISION AND STABILITY STABILITY REQUIREMENTS FOR..., arrangements, calculations, information, or tests required in this subchapter may be approved by the Commandant...

46 CFR 62.20-3 - Plans for information.

Code of Federal Regulations, 2010 CFR

2010-10-01

...-based system hardware. (3) Safety controls. (4) Automated electric power management. (5) Automation... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Plan... Officer in Charge, Marine Inspection, for use in the evaluation of automated systems provided to replace...

32 CFR 806.5 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-07-01

... to the Director, Freedom of Information and Security Review (DFOISR), and provides guidance and instructions to MAJCOMs. Responsibilities of other Air Force elements follow. (b) SAF/GCA makes final decisions... Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF...

41 CFR 105-53.120 - Address and telephone numbers.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Management Regulations System (Continued) GENERAL SERVICES ADMINISTRATION 53-STATEMENT OF ORGANIZATION AND... Ethics and Civil Rights; Office of the Executive Secretariat; Office of Small and Disadvantaged Business Utilization; Office of Inspector General; GSA Board of Contract Appeals; Information Security Oversight Office...

41 CFR 105-53.120 - Address and telephone numbers.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Management Regulations System (Continued) GENERAL SERVICES ADMINISTRATION 53-STATEMENT OF ORGANIZATION AND... Ethics and Civil Rights; Office of the Executive Secretariat; Office of Small and Disadvantaged Business Utilization; Office of Inspector General; GSA Board of Contract Appeals; Information Security Oversight Office...

HIPAA Compliance and Training: A Perfect Storm for Professionalism Education?

PubMed

Agris, Julie L; Spandorfer, John M

2016-12-01

The HIPAA Rules continue to support and bolster the importance of protecting the privacy and security of patients' protected health information. The HIPAA training requirements are at the cornerstone of meaningful implementation and provide a ripe opportunity for critical education.

49 CFR 1280.6 - Storage of classified documents.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 9 2012-10-01 2012-10-01 false Storage of classified documents. 1280.6 Section 1280.6 Transportation Other Regulations Relating to Transportation (Continued) SURFACE TRANSPORTATION... SECURITY INFORMATION AND CLASSIFIED MATERIAL § 1280.6 Storage of classified documents. All classified...

49 CFR 1280.6 - Storage of classified documents.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 9 2011-10-01 2011-10-01 false Storage of classified documents. 1280.6 Section 1280.6 Transportation Other Regulations Relating to Transportation (Continued) SURFACE TRANSPORTATION... SECURITY INFORMATION AND CLASSIFIED MATERIAL § 1280.6 Storage of classified documents. All classified...

49 CFR 1280.6 - Storage of classified documents.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Storage of classified documents. 1280.6 Section 1280.6 Transportation Other Regulations Relating to Transportation (Continued) SURFACE TRANSPORTATION... SECURITY INFORMATION AND CLASSIFIED MATERIAL § 1280.6 Storage of classified documents. All classified...

49 CFR 1280.6 - Storage of classified documents.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Storage of classified documents. 1280.6 Section 1280.6 Transportation Other Regulations Relating to Transportation (Continued) SURFACE TRANSPORTATION... SECURITY INFORMATION AND CLASSIFIED MATERIAL § 1280.6 Storage of classified documents. All classified...

75 FR 62299 - National Cybersecurity Awareness Month, 2010

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-08

..., government efficiency, and national security. We stand at a transformational moment in history, when our technologically interconnected world presents both immense promise and potential risks. The same technology that... efforts to defend our Nation's information technology and communications infrastructure. We must continue...

32 CFR 154.61 - Security education.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 1 2011-07-01 2011-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

32 CFR 154.61 - Security education.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 32 National Defense 1 2012-07-01 2012-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

32 CFR 154.61 - Security education.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 32 National Defense 1 2013-07-01 2013-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

32 CFR 154.61 - Security education.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 32 National Defense 1 2014-07-01 2014-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

32 CFR 154.61 - Security education.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 1 2010-07-01 2010-07-01 false Security education. 154.61 Section 154.61... PERSONNEL SECURITY PROGRAM REGULATION Continuing Security Responsibilities § 154.61 Security education. (a.... Through security briefings and education, the Department of Defense continues to provide for the...

Addressing Security Challenges in Pervasive Computing Applications

DTIC Science & Technology

2010-10-10

Personalized Privacy for Location - Based Services ", Transactions on Data Privacy, 2(1), 2009. 22. Indrakshi Ray, Indrajit Ray and Sudip Chakraborty, "An...Dewri, Indrakshi Ray, Indrajit Ray and Darrell Whitley, "Query m-Invariance: Pre- venting Query Disclosures in Continuous Location - Based Services ", Proceedings...location information is used to provide better services. Often such applications need continuous location - based services (LBS) where the mobile object must

Methodology for Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2009-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. This paper proposes a Cyberspace Security Econometrics System (CSES) that provides a measure (i.e., a quantitative indication) of reliability, performance and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. Formore » a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. This paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings.« less

Coupling Functions Enable Secure Communications

NASA Astrophysics Data System (ADS)

Stankovski, Tomislav; McClintock, Peter V. E.; Stefanovska, Aneta

2014-01-01

Secure encryption is an essential feature of modern communications, but rapid progress in illicit decryption brings a continuing need for new schemes that are harder and harder to break. Inspired by the time-varying nature of the cardiorespiratory interaction, here we introduce a new class of secure communications that is highly resistant to conventional attacks. Unlike all earlier encryption procedures, this cipher makes use of the coupling functions between interacting dynamical systems. It results in an unbounded number of encryption key possibilities, allows the transmission or reception of more than one signal simultaneously, and is robust against external noise. Thus, the information signals are encrypted as the time variations of linearly independent coupling functions. Using predetermined forms of coupling function, we apply Bayesian inference on the receiver side to detect and separate the information signals while simultaneously eliminating the effect of external noise. The scheme is highly modular and is readily extendable to support different communications applications within the same general framework.

Cyberspace Security Econometrics System (CSES) - U.S. Copyright TXu 1-901-039

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G; Sheldon, Frederick T

2014-01-01

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing compliance pressures require careful consideration and adaptation. The Cyberspace Security Econometrics System (CSES) provides a measure (i.e., a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders interests in that requirement. For a given stakeholder, CSESmore » accounts for the variance that may exist among the stakes one attaches to meeting each requirement. The basis, objectives and capabilities for the CSES including inputs/outputs as well as the structural and mathematical underpinnings contained in this copyright.« less

Cyberspace Security Econometrics System (CSES)

DOE Office of Scientific and Technical Information (OSTI.GOV)

2012-07-27

Information security continues to evolve in response to disruptive changes with a persistent focus on information-centric controls and a healthy debate about balancing endpoint and network protection, with a goal of improved enterprise/business risk management. Economic uncertainty, intensively collaborative styles of work, virtualization, increased outsourcing and ongoing complance pressures require careful consideration and adaption. The CSES provides a measure (i.e. a quantitative indication) of reliability, performance, and/or safety of a system that accounts for the criticality of each requirement as a function of one or more stakeholders' interests in that requirement. For a given stakeholder, CSES accounts for the variancemore » that may exist among the stakes one attaches to meeting each requirement.« less

15 CFR Supplement No. 2 to Part 710 - Definitions of Production

Code of Federal Regulations, 2010 CFR

2010-01-01

... reaction Produced by synthesis* Formation through chemical synthesis.Processing to extract and isolate... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) Pt. 710, Supp. 2...

15 CFR 710.3 - Purposes of the Convention and CWCR.

Code of Federal Regulations, 2012 CFR

2012-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) § 710.3 Purposes of..., produce, otherwise acquire, stockpile, or retain chemical weapons, or transfer, directly or indirectly...

15 CFR 710.3 - Purposes of the Convention and CWCR.

Code of Federal Regulations, 2013 CFR

2013-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) § 710.3 Purposes of..., produce, otherwise acquire, stockpile, or retain chemical weapons, or transfer, directly or indirectly...

46 CFR 67.119 - Hailing port designation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DOCUMENTATION AND MEASUREMENT OF VESSELS... port must be a place in the United States included in the U.S. Department of Commerce's Federal Information Processing Standards Publication 55DC. (c) The hailing port must include the State, territory, or...

15 CFR 710.3 - Purposes of the Convention and CWCR.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) § 710.3 Purposes of..., produce, otherwise acquire, stockpile, or retain chemical weapons, or transfer, directly or indirectly...

46 CFR 160.047-6 - Marking.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 6 2010-10-01 2010-10-01 false Marking. 160.047-6 Section 160.047-6 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS... and Child § 160.047-6 Marking. (a) Each buoyant vest must have the following information clearly...

38 CFR 75.116 - Secretary determination.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2011-07-01 2011-07-01 false Secretary determination... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.116 Secretary determination. (a) Upon receipt of a risk analysis prepared under this subpart, the Secretary will consider the findings and other...

38 CFR 75.116 - Secretary determination.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2012-07-01 2012-07-01 false Secretary determination... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.116 Secretary determination. (a) Upon receipt of a risk analysis prepared under this subpart, the Secretary will consider the findings and other...

38 CFR 75.116 - Secretary determination.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2013-07-01 2013-07-01 false Secretary determination... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.116 Secretary determination. (a) Upon receipt of a risk analysis prepared under this subpart, the Secretary will consider the findings and other...

38 CFR 75.119 - Finality of Secretary determination.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2011-07-01 2011-07-01 false Finality of Secretary... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.119 Finality of Secretary determination. A determination made by the Secretary under this subpart will be a final agency decision. ...

38 CFR 75.116 - Secretary determination.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2014-07-01 2014-07-01 false Secretary determination... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.116 Secretary determination. (a) Upon receipt of a risk analysis prepared under this subpart, the Secretary will consider the findings and other...

38 CFR 75.119 - Finality of Secretary determination.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2014-07-01 2014-07-01 false Finality of Secretary... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.119 Finality of Secretary determination. A determination made by the Secretary under this subpart will be a final agency decision. ...

77 FR 60607 - National Cybersecurity Awareness Month, 2012

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-04

... released the Blueprint for a Secure Cyber Future--a strategic plan to protect government, the private sector, and the public against cyber threats today and tomorrow. As we continue to improve our... infrastructure, facilitating greater cyber information sharing between government and the private sector, and...

15 CFR 710.3 - Purposes of the Convention and CWCR.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION REGULATIONS (CWCR) § 710.3 Purposes of..., produce, otherwise acquire, stockpile, or retain chemical weapons, or transfer, directly or indirectly...

31 CFR 1023.530 - [Reserved

Code of Federal Regulations, 2014 CFR

2014-07-01

... 31 Money and Finance:Treasury 3 2014-07-01 2014-07-01 false [Reserved] 1023.530 Section 1023.530 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information...

31 CFR 1023.530 - [Reserved

Code of Federal Regulations, 2013 CFR

2013-07-01

... 31 Money and Finance:Treasury 3 2013-07-01 2013-07-01 false [Reserved] 1023.530 Section 1023.530 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information...

31 CFR 1023.530 - [Reserved

Code of Federal Regulations, 2012 CFR

2012-07-01

... 31 Money and Finance:Treasury 3 2012-07-01 2012-07-01 false [Reserved] 1023.530 Section 1023.530 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information...

31 CFR 1023.530 - [Reserved

Code of Federal Regulations, 2011 CFR

2011-07-01

... 31 Money and Finance:Treasury 3 2011-07-01 2011-07-01 false [Reserved] 1023.530 Section 1023.530 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) FINANCIAL CRIMES ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Information...

33 CFR 150.602 - What occupational awareness training is required?

Code of Federal Regulations, 2013 CFR

2013-07-01

... HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Safety and Health (general) § 150.602 What occupational awareness training is required? (a) Each deepwater port operator must ensure that all deepwater port personnel are provided with information and...

Negotiating Livelihoods beyond Beijing: The Burden of Women Food Vendors in the Informal Economy of Limbe, Cameroon

ERIC Educational Resources Information Center

Fonchingong, Charles C.

2005-01-01

As a response to the trappings of globalisation and the commoditisation of the sphere of production, women continue to play a crucial role in securing livelihoods by guaranteeing access to food in rural, peri-urban, and urban areas. Based on a survey of food vendors, this paper evaluates women's input through informal earnings, the coping…

15 CFR 781.4 - U.S. Government requests for information needed to satisfy the requirements of the APR or the Act.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false U.S. Government requests for information needed to satisfy the requirements of the APR or the Act. 781.4 Section 781.4 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY...

Single-photon continuous-variable quantum key distribution based on the energy-time uncertainty relation.

PubMed

Qi, Bing

2006-09-15

We propose a new quantum key distribution protocol in which information is encoded on continuous variables of a single photon. In this protocol, Alice randomly encodes her information on either the central frequency of a narrowband single-photon pulse or the time delay of a broadband single-photon pulse, while Bob randomly chooses to do either frequency measurement or time measurement. The security of this protocol rests on the energy-time uncertainty relation, which prevents Eve from simultaneously determining both frequency and time information with arbitrarily high resolution. Since no interferometer is employed in this scheme, it is more robust against various channel noises, such as polarization and phase fluctuations.

Safeguards and security research and development: Progress report, October 1994--September 1995

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rutherford, D.R.; Henriksen, P.W.

The primary goal of the Los Alamos Safeguards and Security Technology Development Program, International Safeguards, and other Safeguards and Security Programs is to continue to be the center of excellence in the field of Safeguards and Security. This annual report for 1995 describes those scientific and engineering projects that contribute to all of the aforementioned programs. The authors have presented the information in a different format from previous annual reports. Part I is devoted to Nuclear Material Measurement Systems. Part II contains projects that are specific to Integrated Safeguards Systems. Part III highlights Safeguards Systems Effectiveness Evaluations and Part IVmore » is a compilation of highlights from Information Assurance projects. Finally Part V highlights work on the projects at Los Alamos for International Safeguards. The final part of this annual report lists titles and abstracts of Los Alamos Safeguards and Security Technology Development reports, technical journal articles, and conference papers that were presented and published in 1995. This is the last annual report in this format. The authors wish to thank all of the individuals who have contributed to this annual report and made it so successful over the years.« less

Assessment of private security guards by Suicide Probability Scale and Brief Symptom Inventory.

PubMed

Dogan, Bulent; Canturk, Gurol; Canturk, Nergis; Guney, Sevgi; Özcan, Ebru

2016-01-01

The aim of the present study was to investigate the influence of suicide probability and relevant sociodemographic features and to provide information for preventing suicide in private security guards working under the stressful conditions and continuous exposure to the negative and traumatic life events. 200 private security guards and 200 personnels of Ankara University participated in the study. A sociodemographic information questionnaire, the Suicide Probability Scale (SPS) and the Brief Symptom Inventory (BSI) were used to collect the data. Gender, marital status, income, religious beliefs, experiencing a life-threatening situation, history of a suicide attempt, smoking and not having a chronic disease caused statistically significant differences in the scores for SPS between the private security guards group and the controls. Moreover there was a statistically significant positive correlation between the total scores of the subscales of SPS and the total scores of BSI. Like police officers and gendarmes, private security guards are at high risk of committing and attempting suicide because of being at stressful work settings and also suffering from secondary trauma. It is required that they should be aware of their tendency to commit suicide and have regular psychiatric screenings.

An HIT Solution for Clinical Care and Disaster Planning: How One health Center in Joplin, MO Survived a Tornado and Avoided a Health Information Disaster.

PubMed

Shin, Peter; Jacobs, Feygele

2012-01-01

Since taking office, President Obama has made substantial investments in promoting the diffusion of health information technology (IT). The objective of the national health IT program is, generally, to enable health care providers to better manage patient care through secure use and sharing of health information. Through the use of technologies including electronic health records, providers can better maintain patient care information and facilitate communication, often improving care outcomes. The recent tornado in Joplin, MO highlights the importance of health information technology in the health center context, and illustrates the importance of secure electronic health information systems as a crucial element of disaster and business continuity planning. This article examines the experience of a community health center in the aftermath of the major tornado that swept through the American Midwest in the spring of 2011, and provides insight into the planning for disaster survival and recovery as it relates to patient records and health center data.

An HIT Solution for Clinical Care and Disaster Planning: How One health Center in Joplin, MO Survived a Tornado and Avoided a Health Information Disaster

PubMed Central

Shin, Peter; Jacobs, Feygele

2012-01-01

Since taking office, President Obama has made substantial investments in promoting the diffusion of health information technology (IT). The objective of the national health IT program is, generally, to enable health care providers to better manage patient care through secure use and sharing of health information. Through the use of technologies including electronic health records, providers can better maintain patient care information and facilitate communication, often improving care outcomes. The recent tornado in Joplin, MO highlights the importance of health information technology in the health center context, and illustrates the importance of secure electronic health information systems as a crucial element of disaster and business continuity planning. This article examines the experience of a community health center in the aftermath of the major tornado that swept through the American Midwest in the spring of 2011, and provides insight into the planning for disaster survival and recovery as it relates to patient records and health center data. PMID:23569622

The Effectiveness of Health Care Information Technologies: Evaluation of Trust, Security Beliefs, and Privacy as Determinants of Health Care Outcomes

PubMed Central

2018-01-01

Background The diffusion of health information technologies (HITs) within the health care sector continues to grow. However, there is no theory explaining how success of HITs influences patient care outcomes. With the increase in data breaches, HITs’ success now hinges on the effectiveness of data protection solutions. Still, empirical research has only addressed privacy concerns, with little regard for other factors of information assurance. Objective The objective of this study was to study the effectiveness of HITs using the DeLone and McLean Information Systems Success Model (DMISSM). We examined the role of information assurance constructs (ie, the role of information security beliefs, privacy concerns, and trust in health information) as measures of HIT effectiveness. We also investigated the relationships between information assurance and three aspects of system success: attitude toward health information exchange (HIE), patient access to health records, and perceived patient care quality. Methods Using structural equation modeling, we analyzed the data from a sample of 3677 cancer patients from a public dataset. We used R software (R Project for Statistical Computing) and the Lavaan package to test the hypothesized relationships. Results Our extension of the DMISSM to health care was supported. We found that increased privacy concerns reduce the frequency of patient access to health records use, positive attitudes toward HIE, and perceptions of patient care quality. Also, belief in the effectiveness of information security increases the frequency of patient access to health records and positive attitude toward HIE. Trust in health information had a positive association with attitudes toward HIE and perceived patient care quality. Trust in health information had no direct effect on patient access to health records; however, it had an indirect relationship through privacy concerns. Conclusions Trust in health information and belief in the effectiveness of information security safeguards increases perceptions of patient care quality. Privacy concerns reduce patients’ frequency of accessing health records, patients’ positive attitudes toward HIE exchange, and overall perceived patient care quality. Health care organizations are encouraged to implement security safeguards to increase trust, the frequency of health record use, and reduce privacy concerns, consequently increasing patient care quality. PMID:29643052

Optical security features for plastic card documents

NASA Astrophysics Data System (ADS)

Hossick Schott, Joachim

1998-04-01

Print-on-demand is currently a major trend in the production of paper based documents. This fully digital production philosophy will likely have ramifications also for the secure identification document market. Here, plastic cards increasingly replace traditionally paper based security sensitive documents such as drivers licenses and passports. The information content of plastic cards can be made highly secure by using chip cards. However, printed and other optical security features will continue to play an important role, both for machine readable and visual inspection. Therefore, on-demand high resolution print technologies, laser engraving, luminescent pigments and laminated features such as holograms, kinegrams or phase gratings will have to be considered for the production of secure identification documents. Very important are also basic optical, surface and material durability properties of the laminates as well as the strength and nature of the adhesion between the layers. This presentation will address some of the specific problems encountered when optical security features such as high resolution printing and laser engraving are to be integrated in the on-demand production of secure plastic card identification documents.

NATIONAL PREPAREDNESS: Integrating New and Existing Technology and Information Sharing into an Effective Homeland Security Strategy

DTIC Science & Technology

2002-06-07

Continue to Develop and Refine Emerging Technology • Some of the emerging biometric devices, such as iris scans and facial recognition systems...such as iris scans and facial recognition systems, facial recognition systems, and speaker verification systems. (976301)

38 CFR 75.118 - Other credit protection services.

Code of Federal Regulations, 2014 CFR

2014-07-01

... harm. (c) The Secretary will take action to obtain data mining and data breach analyses services, as... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.118 Other credit protection services. (a) With... relevant credit bureau reports; (2) Data breach analysis; (3) Fraud resolution services, including writing...

38 CFR 75.118 - Other credit protection services.

Code of Federal Regulations, 2013 CFR

2013-07-01

... harm. (c) The Secretary will take action to obtain data mining and data breach analyses services, as... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.118 Other credit protection services. (a) With... relevant credit bureau reports; (2) Data breach analysis; (3) Fraud resolution services, including writing...

38 CFR 75.118 - Other credit protection services.

Code of Federal Regulations, 2012 CFR

2012-07-01

... harm. (c) The Secretary will take action to obtain data mining and data breach analyses services, as... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.118 Other credit protection services. (a) With... relevant credit bureau reports; (2) Data breach analysis; (3) Fraud resolution services, including writing...

46 CFR 160.060-8 - Marking.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 6 2010-10-01 2010-10-01 false Marking. 160.060-8 Section 160.060-8 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS..., Adult and Child § 160.060-8 Marking. (a) Each buoyant vest must have the following information clearly...

46 CFR 160.052-8 - Marking.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 6 2010-10-01 2010-10-01 false Marking. 160.052-8 Section 160.052-8 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) EQUIPMENT, CONSTRUCTION, AND MATERIALS..., Adult and Child § 160.052-8 Marking. (a) Each buoyant vest must have the following information clearly...

38 CFR 75.119 - Finality of Secretary determination.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2010-07-01 2010-07-01 false Finality of Secretary determination. 75.119 Section 75.119 Pensions, Bonuses, and Veterans' Relief DEPARTMENT OF VETERANS AFFAIRS (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.119 Finality of Secretary determination. A...

77 FR 47083 - Agency Information Collection Activities: Proposed Collection; Comment Request, The Declaration...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-07

... Disaster Assistance, Appeals, and Requests for Cost Share Adjustments AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice. SUMMARY: The Federal Emergency Management Agency, as part of its continuing... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID FEMA-2012-0020; OMB...

76 FR 64361 - Agency Information Collection Activities: Proposed Collection; Comment Request; National Flood...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-18

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2011-0029...; National Flood Insurance Program Claims Appeals Process AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice. SUMMARY: The Federal Emergency Management Agency, as part of its continuing effort to...

77 FR 21575 - Agency Information Collection Activities: Proposed Collection; Comment Request; State...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-10

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID FEMA-2012-0015; OMB... Preparedness Report AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice. SUMMARY: The Federal Emergency Management Agency, as part of its continuing effort to reduce paperwork and respondent burden...

77 FR 2304 - Agency Information Collection Activities: Proposed Collection; Comment Request, Application for...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2011-0042..., Application for Community Disaster Loan (CDL) Program AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice. SUMMARY: The Federal Emergency Management Agency, as part of its continuing effort to reduce...

78 FR 23276 - Agency Information Collection Activities; Proposed Collection; Comment Request: Community Drill...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-18

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID FEMA-2013-0012; OMB...: Community Drill Day Registration AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice. SUMMARY: The Federal Emergency Management Agency (FEMA), as part of its continuing effort to reduce paperwork...

38 CFR 75.118 - Other credit protection services.

Code of Federal Regulations, 2010 CFR

2010-07-01

... harm. (c) The Secretary will take action to obtain data mining and data breach analyses services, as... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.118 Other credit protection services. (a) With... relevant credit bureau reports; (2) Data breach analysis; (3) Fraud resolution services, including writing...

38 CFR 75.118 - Other credit protection services.

Code of Federal Regulations, 2011 CFR

2011-07-01

... harm. (c) The Secretary will take action to obtain data mining and data breach analyses services, as... (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.118 Other credit protection services. (a) With... relevant credit bureau reports; (2) Data breach analysis; (3) Fraud resolution services, including writing...

Portfolio Management

NASA Technical Reports Server (NTRS)

Duncan, Sharon L.

2011-01-01

Enterprise Business Information Services Division (EBIS) supports the Laboratory and its functions through the implementation and support of business information systems on behalf of its business community. EBIS Five Strategic Focus Areas: (1) Improve project estimating, planning and delivery capability (2) Improve maintainability and sustainability of EBIS Application Portfolio (3) Leap forward in IT Leadership (4) Comprehensive Talent Management (5) Continuous IT Security Program. Portfolio Management is a strategy in which software applications are managed as assets

Afghanistan: Post-Taliban Governance, Security, and U.S. Policy

DTIC Science & Technology

2013-10-23

for failing to comply with a collection of information if it does not display a currently valid OMB control number. 1. REPORT DATE 23 OCT 2013 2...York closed, although Taliban representative Abdul Hakim Mujahid continued to operate informally .9 In March 2001, Administration officials received a ...Resolution 2096. Resolution 2096 reiterates the expanded UNAMA mandate, while noting that UNAMA and the international community are moving to a supporting

32 CFR 806.28 - Records with special disclosure procedures.

Code of Federal Regulations, 2013 CFR

2013-07-01

....28 Section 806.28 National Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF INFORMATION ACT PROGRAM § 806.28 Records with special disclosure procedures..., Industrial Security Program Management. (e) AFI 36-2603, Air Force Board for Correction of Military Records...

32 CFR 806.28 - Records with special disclosure procedures.

Code of Federal Regulations, 2011 CFR

2011-07-01

....28 Section 806.28 National Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF INFORMATION ACT PROGRAM § 806.28 Records with special disclosure procedures..., Industrial Security Program Management. (e) AFI 36-2603, Air Force Board for Correction of Military Records...

15 CFR 730.3 - Dual use exports.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Dual use exports. 730.3 Section 730.3 Commerce and Foreign Trade Regulations Relating to Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS GENERAL INFORMATION § 730.3...

15 CFR 710.4 - Overview of scheduled chemicals and examples of affected industries.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Commerce and Foreign Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL INFORMATION AND OVERVIEW OF THE CHEMICAL WEAPONS CONVENTION... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Overview of scheduled chemicals and...

46 CFR 169.205 - Obtaining or renewing a Certificate of Inspection.

Code of Federal Regulations, 2012 CFR

2012-10-01

....205 Section 169.205 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) NAUTICAL SCHOOLS SAILING SCHOOL VESSELS Inspection and Certification Certificate of Inspection § 169.205 Obtaining or... school vessel or an application for designation, as set forth in § 169.218; and (3) Information...

46 CFR 169.205 - Obtaining or renewing a Certificate of Inspection.

Code of Federal Regulations, 2014 CFR

2014-10-01

....205 Section 169.205 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) NAUTICAL SCHOOLS SAILING SCHOOL VESSELS Inspection and Certification Certificate of Inspection § 169.205 Obtaining or... school vessel or an application for designation, as set forth in § 169.218; and (3) Information...

46 CFR 169.205 - Obtaining or renewing a Certificate of Inspection.

Code of Federal Regulations, 2013 CFR

2013-10-01

....205 Section 169.205 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) NAUTICAL SCHOOLS SAILING SCHOOL VESSELS Inspection and Certification Certificate of Inspection § 169.205 Obtaining or... school vessel or an application for designation, as set forth in § 169.218; and (3) Information...

76 FR 72220 - Incorporation of Risk Management Concepts in Regulatory Programs

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-22

... and support the adoption of improved designs or processes. \\1\\ A deterministic approach to regulation... longstanding goal to move toward more risk-informed, performance- based approaches in its regulatory programs... regulatory approach that would continue to ensure the safe and secure use of nuclear material. As part of...

75 FR 53630 - El Dorado County Resource Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-01

... Advisory Committee Act. The agenda includes: review of the draft media release informing people about... approve potential field trips; and continuing education about the Secure Rural Schools and Community Self... is open to the public. The following business will be conducted: Review of the draft media release...

32 CFR 806.28 - Records with special disclosure procedures.

Code of Federal Regulations, 2010 CFR

2010-07-01

....28 Section 806.28 National Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION AIR FORCE FREEDOM OF INFORMATION ACT PROGRAM § 806.28 Records with special disclosure procedures..., Industrial Security Program Management. (e) AFI 36-2603, Air Force Board for Correction of Military Records...

41 CFR 102-33.400 - How must we report to FAIRS?

Code of Federal Regulations, 2010 CFR

2010-07-01

... Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION PERSONAL PROPERTY 33-MANAGEMENT OF... System (fairs) § 102-33.400 How must we report to FAIRS? You must report to FAIRS electronically through a secure Web interface to the FAIRS application on the Internet. For information on becoming a FAIRS...

19 CFR 192.11 - Description of the AES.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 19 Customs Duties 2 2010-04-01 2010-04-01 false Description of the AES. 192.11 Section 192.11 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY (CONTINUED) EXPORT CONTROL Filing of Export Information Through the Automated Export System (AES...

46 CFR 184.506 - Emergency broadcast placard.

Code of Federal Regulations, 2010 CFR

2010-10-01

... broadcast instructions and information, specific to the individual vessel. [CGD 85-080, 61 FR 1002, Jan. 10... 46 Shipping 7 2010-10-01 2010-10-01 false Emergency broadcast placard. 184.506 Section 184.506 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SMALL PASSENGER VESSELS (UNDER 100 GROSS...

Extractable resources

NASA Technical Reports Server (NTRS)

1975-01-01

The use of information from space systems in the operation of extractive industries, particularly in exploration for mineral and fuel resources was reviewed. Conclusions and recommendations reported are based on the fundamental premise that survival of modern industrial society requires a continuing secure flow of resources for energy, construction and manufacturing, and for use as plant foods.

10 CFR 605.18 - National security.

Code of Federal Regulations, 2012 CFR

2012-01-01

...). However, if in the opinion of the recipient or DOE such involvement becomes expected prior to the closeout of the award, the recipient or DOE shall notify the other in writing immediately. If the recipient... disposition. If the recipient and DOE wish to continue the award, even though classified information is...

10 CFR 605.18 - National security.

Code of Federal Regulations, 2011 CFR

2011-01-01

...). However, if in the opinion of the recipient or DOE such involvement becomes expected prior to the closeout of the award, the recipient or DOE shall notify the other in writing immediately. If the recipient... disposition. If the recipient and DOE wish to continue the award, even though classified information is...

17 CFR 242.606 - Disclosure of order routing information.

Code of Federal Regulations, 2010 CFR

2010-04-01

... (CONTINUED) REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN REQUIREMENTS FOR SECURITY FUTURES... of total customer orders for the section that were non-directed orders, and the percentages of total... aspects of the broker's or dealer's relationship with each venue identified pursuant to paragraph (a)(1...

75 FR 71718 - Agency Information Collection Activities: Proposed Collection; Comment Request, OMB No. 1660-0011...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2010-0060... Collection Financial Statement AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice; 60-day... Federal Emergency Management Agency, as part of its continuing effort to reduce paperwork and respondent...

33 CFR 169.235 - What exemptions are there from reporting?

Code of Federal Regulations, 2012 CFR

2012-07-01

... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.235 What exemptions are there from reporting? A ship is exempt from this subpart if it is— (a) Fitted with an operating automatic identification system (AIS), under 33 CFR...

33 CFR 169.235 - What exemptions are there from reporting?

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.235 What exemptions are there from reporting? A ship is exempt from this subpart if it is— (a) Fitted with an operating automatic identification system (AIS), under 33 CFR...

33 CFR 169.235 - What exemptions are there from reporting?

Code of Federal Regulations, 2013 CFR

2013-07-01

... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.235 What exemptions are there from reporting? A ship is exempt from this subpart if it is— (a) Fitted with an operating automatic identification system (AIS), under 33 CFR...

33 CFR 169.235 - What exemptions are there from reporting?

Code of Federal Regulations, 2014 CFR

2014-07-01

... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.235 What exemptions are there from reporting? A ship is exempt from this subpart if it is— (a) Fitted with an operating automatic identification system (AIS), under 33 CFR...

33 CFR 148.107 - What additional information may be required?

Code of Federal Regulations, 2010 CFR

2010-07-01

... HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: GENERAL Application for a License § 148.107...), in coordination with MARAD, may determine whether compliance with the requirement is important to processing the application within the time prescribed by the Act. (3) If the requirement is important to...

The War on Terror, Intelligence Convergence, and Privacy

DTIC Science & Technology

2012-05-31

surveillance directed at domestic threats to U.S. national security.”17 Then, in reaction to Watergate and other “ scandals that involved overreaching into U.S...killing, and the propriety of the Total Information Awareness data-mining program. The list continues with what some label as scandals such as NSA

38 CFR 75.112 - Definitions and terms.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2010-07-01 2010-07-01 false Definitions and terms. 75.112 Section 75.112 Pensions, Bonuses, and Veterans' Relief DEPARTMENT OF VETERANS AFFAIRS (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.112 Definitions and terms. For purposes of this subpart: Confidentiality means preserving...

38 CFR 75.116 - Secretary determination.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2010-07-01 2010-07-01 false Secretary determination. 75.116 Section 75.116 Pensions, Bonuses, and Veterans' Relief DEPARTMENT OF VETERANS AFFAIRS (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.116 Secretary determination. (a) Upon receipt of a risk analysis prepared under this subpart, th...

Peace (of Mind) in Our Time

ERIC Educational Resources Information Center

Panettieri, Joseph C.

2007-01-01

There's no silver bullet to information security; universities must continue to keep their antivirus, anti-spyware, firewall, and patch management systems in good working order. These days, the largest target for hackers appears to be university databases. Now, universities are searching for new solutions to safeguard those systems. This article…

12 CFR 563g.16 - Delayed or continuous offering and sale of securities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Delayed or continuous offering and sale of securities. 563g.16 Section 563g.16 Banks and Banking OFFICE OF THRIFT SUPERVISION, DEPARTMENT OF THE TREASURY SECURITIES OFFERINGS § 563g.16 Delayed or continuous offering and sale of securities. Any offer or...

Adapting Digital Libraries to Continual Evolution

NASA Technical Reports Server (NTRS)

Barkstrom, Bruce R.; Finch, Melinda; Ferebee, Michelle; Mackey, Calvin

2002-01-01

In this paper, we describe five investment streams (data storage infrastructure, knowledge management, data production control, data transport and security, and personnel skill mix) that need to be balanced against short-term operating demands in order to maximize the probability of long-term viability of a digital library. Because of the rapid pace of information technology change, a digital library cannot be a static institution. Rather, it has to become a flexible organization adapted to continuous evolution of its infrastructure.

A noise immunity controlled quantum teleportation protocol

NASA Astrophysics Data System (ADS)

Li, Dong-fen; Wang, Rui-jin; Zhang, Feng-li; Baagyere, Edward; Qin, Zhen; Xiong, Hu; Zhan, Huayi

2016-11-01

With the advent of the Internet and information and communication technology, quantum teleportation has become an important field in information security and its application areas. This is because quantum teleportation has the ability to attain a timely secret information delivery and offers unconditional security. And as such, the field of quantum teleportation has become a hot research topic in recent years. However, noise has serious effect on the safety of quantum teleportation within the aspects of information fidelity, channel capacity and information transfer. Therefore, the main purpose of this paper is to address these problems of quantum teleportation. Firstly, in order to resist collective noise, we construct a decoherence-free subspace under different noise scenarios to establish a two-dimensional fidelity quantum teleportation models. And also create quantum teleportation of multiple degree of freedom, and these models ensure the accuracy and availability of the exchange of information and in multiple degree of freedom. Secondly, for easy preparation, measurement and implementation, we use super dense coding features to build an entangled quantum secret exchange channel. To improve the channel utilization and capacity, an efficient super dense coding method based on ultra-entanglement exchange is used. Thirdly, continuous variables of the controlled quantum key distribution were designed for quantum teleportation; in addition, we perform Bell-basis measurement under the collective noise and also prepare the storage technology of quantum states to achieve one-bit key by three-photon encoding to improve its security and efficiency. We use these two methods because they conceal information, resist a third party attack and can detect eavesdropping. Our proposed methods, according to the security analysis, are able to solve the problems associated with the quantum teleportation under various noise environments.

32 CFR 322.1 - Purpose and applicability.

Code of Federal Regulations, 2012 CFR

2012-07-01

... National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) PRIVACY PROGRAM NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.1 Purpose and... of Defense Privacy Program (32 CFR part 310) within the National Security Agency/Central Security...

32 CFR 322.1 - Purpose and applicability.

Code of Federal Regulations, 2014 CFR

2014-07-01

... National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) PRIVACY PROGRAM NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.1 Purpose and... of Defense Privacy Program (32 CFR part 310) within the National Security Agency/Central Security...

32 CFR 322.1 - Purpose and applicability.

Code of Federal Regulations, 2011 CFR

2011-07-01

... National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) PRIVACY PROGRAM NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.1 Purpose and... of Defense Privacy Program (32 CFR part 310) within the National Security Agency/Central Security...

32 CFR 322.1 - Purpose and applicability.

Code of Federal Regulations, 2010 CFR

2010-07-01

... National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) PRIVACY PROGRAM NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.1 Purpose and... of Defense Privacy Program (32 CFR part 310) within the National Security Agency/Central Security...

32 CFR 322.1 - Purpose and applicability.

Code of Federal Regulations, 2013 CFR

2013-07-01

... National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) PRIVACY PROGRAM NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.1 Purpose and... of Defense Privacy Program (32 CFR part 310) within the National Security Agency/Central Security...

Report to the Congressional Defense Committees: Status of the Department of Defense’s Business Transformation Efforts

DTIC Science & Technology

2008-03-15

information insures timely payment of entitlements and foregoes receipt of mutually exclusive payments. This depth of information supplies visibility and...reporting capability, and integration with authoritative data sources such as FPDS- NG, CCR, and contractor companies to improve data quality and reduce...manual entry requirements in Q2 FY09. • Continue to implement in theater, focusing on contingency contracts for private security companies and

The Cyber Security Crisis

ScienceCinema

Spafford, Eugene

2018-05-11

Despite considerable activity and attention, the overall state of information security continues to get worse. Attacks are increasing, fraud and theft are rising, and losses may exceed $100 billion per year worldwide. Many factors contribute to this, including misplaced incentives for industry, a lack of attention by government, ineffective law enforcement, and an uninformed image of who the perpetrators really are. As a result, many of the intended attempts at solutions are of limited (if any) overall effectiveness. This presentation will illustrate some key aspects of the cyber security problem and its magnitude, as well as provide some insight into causes and enabling factors. The talk will conclude with some observations on how the computing community can help improve the situation, as well as some suggestions for 'cyber self-defense.'

Privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks.

PubMed

Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Li, Wenmin

2014-01-01

With the continuing growth of wireless sensor networks in pervasive medical care, people pay more and more attention to privacy in medical monitoring, diagnosis, treatment, and patient care. On one hand, we expect the public health institutions to provide us with better service. On the other hand, we would not like to leak our personal health information to them. In order to balance this contradiction, in this paper we design a privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks so that patients can privately diagnose themselves by inputting a health card into a self-helped medical diagnosis ATM to obtain a diagnostic report just like drawing money from a bank ATM without revealing patients' health information and doctors' diagnostic skill. It makes secure self-helped disease diagnosis feasible and greatly benefits patients as well as relieving the heavy pressure of public health institutions.

Privacy-Preserving Self-Helped Medical Diagnosis Scheme Based on Secure Two-Party Computation in Wireless Sensor Networks

PubMed Central

Wen, Qiaoyan; Zhang, Yudong; Li, Wenmin

2014-01-01

With the continuing growth of wireless sensor networks in pervasive medical care, people pay more and more attention to privacy in medical monitoring, diagnosis, treatment, and patient care. On one hand, we expect the public health institutions to provide us with better service. On the other hand, we would not like to leak our personal health information to them. In order to balance this contradiction, in this paper we design a privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks so that patients can privately diagnose themselves by inputting a health card into a self-helped medical diagnosis ATM to obtain a diagnostic report just like drawing money from a bank ATM without revealing patients' health information and doctors' diagnostic skill. It makes secure self-helped disease diagnosis feasible and greatly benefits patients as well as relieving the heavy pressure of public health institutions. PMID:25126107

26 CFR 1.475(c)-2 - Definitions-security.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 26 Internal Revenue 6 2013-04-01 2013-04-01 false Definitions-security. 1.475(c)-2 Section 1.475(c... (CONTINUED) INCOME TAXES (CONTINUED) Inventories § 1.475(c)-2 Definitions—security. (a) Items that are not securities. The following items are not securities within the meaning of section 475(c)(2) with respect to a...

26 CFR 1.475(c)-2 - Definitions-security.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 26 Internal Revenue 6 2014-04-01 2014-04-01 false Definitions-security. 1.475(c)-2 Section 1.475(c... (CONTINUED) INCOME TAXES (CONTINUED) Inventories § 1.475(c)-2 Definitions—security. (a) Items that are not securities. The following items are not securities within the meaning of section 475(c)(2) with respect to a...

26 CFR 1.475(c)-2 - Definitions-security.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 26 Internal Revenue 6 2012-04-01 2012-04-01 false Definitions-security. 1.475(c)-2 Section 1.475(c... (CONTINUED) INCOME TAXES (CONTINUED) Inventories § 1.475(c)-2 Definitions—security. (a) Items that are not securities. The following items are not securities within the meaning of section 475(c)(2) with respect to a...

26 CFR 1.475(c)-2 - Definitions-security.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 26 Internal Revenue 6 2011-04-01 2011-04-01 false Definitions-security. 1.475(c)-2 Section 1.475(c... (CONTINUED) INCOME TAXES (CONTINUED) Inventories § 1.475(c)-2 Definitions—security. (a) Items that are not securities. The following items are not securities within the meaning of section 475(c)(2) with respect to a...

Managing medical and insurance information through a smart-card-based information system.

PubMed

Lambrinoudakis, C; Gritzalis, S

2000-08-01

The continuously increased mobility of patients and doctors, in conjunction with the existence of medical groups consisting of private doctors, general practitioners, hospitals, medical centers, and insurance companies, pose significant difficulties on the management of patients' medical data. Inevitably this affects the quality of the health care services provided. The evolving smart card technology can be utilized for the implementation of a secure portable electronic medical record, carried by the patient herself/himself. In addition to the medical data, insurance information can be stored in the smart card thus facilitating the creation of an "intelligent system" supporting the efficient management of patient's data. In this paper we present the main architectural and functional characteristics of such a system. We also highlight how the security features offered by smart cards can be exploited in order to ensure confidentiality and integrity of the medical data stored in the patient cards.

32 CFR 228.6 - Security inspection.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 32 National Defense 2 2014-07-01 2014-07-01 false Security inspection. 228.6 Section 228.6 National Defense Department of Defense (Continued) OFFICE OF THE SECRETARY OF DEFENSE (CONTINUED) MISCELLANEOUS SECURITY PROTECTIVE FORCE § 228.6 Security inspection. Any personal property, including but not...

Quantum communication with coherent states of light

NASA Astrophysics Data System (ADS)

Khan, Imran; Elser, Dominique; Dirmeier, Thomas; Marquardt, Christoph; Leuchs, Gerd

2017-06-01

Quantum communication offers long-term security especially, but not only, relevant to government and industrial users. It is worth noting that, for the first time in the history of cryptographic encoding, we are currently in the situation that secure communication can be based on the fundamental laws of physics (information theoretical security) rather than on algorithmic security relying on the complexity of algorithms, which is periodically endangered as standard computer technology advances. On a fundamental level, the security of quantum key distribution (QKD) relies on the non-orthogonality of the quantum states used. So even coherent states are well suited for this task, the quantum states that largely describe the light generated by laser systems. Depending on whether one uses detectors resolving single or multiple photon states or detectors measuring the field quadratures, one speaks of, respectively, a discrete- or a continuous-variable description. Continuous-variable QKD with coherent states uses a technology that is very similar to the one employed in classical coherent communication systems, the backbone of today's Internet connections. Here, we review recent developments in this field in two connected regimes: (i) improving QKD equipment by implementing front-end telecom devices and (ii) research into satellite QKD for bridging long distances by building upon existing optical satellite links. This article is part of the themed issue 'Quantum technology for the 21st century'.

Quantum communication with coherent states of light.

PubMed

Khan, Imran; Elser, Dominique; Dirmeier, Thomas; Marquardt, Christoph; Leuchs, Gerd

2017-08-06

Quantum communication offers long-term security especially, but not only, relevant to government and industrial users. It is worth noting that, for the first time in the history of cryptographic encoding, we are currently in the situation that secure communication can be based on the fundamental laws of physics (information theoretical security) rather than on algorithmic security relying on the complexity of algorithms, which is periodically endangered as standard computer technology advances. On a fundamental level, the security of quantum key distribution (QKD) relies on the non-orthogonality of the quantum states used. So even coherent states are well suited for this task, the quantum states that largely describe the light generated by laser systems. Depending on whether one uses detectors resolving single or multiple photon states or detectors measuring the field quadratures, one speaks of, respectively, a discrete- or a continuous-variable description. Continuous-variable QKD with coherent states uses a technology that is very similar to the one employed in classical coherent communication systems, the backbone of today's Internet connections. Here, we review recent developments in this field in two connected regimes: (i) improving QKD equipment by implementing front-end telecom devices and (ii) research into satellite QKD for bridging long distances by building upon existing optical satellite links.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

12 CFR Appendix F to Part 225 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2013 CFR

2013-01-01

... arrangements in place to control risks. C. Manage and Control Risk. Each bank holding company shall: 1. Design... GOVERNORS OF THE FEDERAL RESERVE SYSTEM (CONTINUED) BANK HOLDING COMPANIES AND CHANGE IN BANK CONTROL.... Assess Risk C. Manage and Control Risk D. Oversee Service Provider Arrangements E. Adjust the Program F...

17 CFR 49.9 - Duties of registered swap data repositories.

Code of Federal Regulations, 2014 CFR

2014-04-01

... privacy of any and all swap data and any other related information that the swap data repository receives... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Duties of registered swap data... (CONTINUED) SWAP DATA REPOSITORIES § 49.9 Duties of registered swap data repositories. (a) Duties. To be...

77 FR 14574 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-12

... consisting of twelve consecutive complete month data sets of the documents and related indexing information....\\11\\ The MSRB proposes to charge $10,000 for any twelve consecutive complete month data set for the... data set for the Continuing Disclosure Historical Data Product.\\12\\ In general, no smaller data sets...

33 CFR 169.215 - How must a ship transmit position reports?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false How must a ship transmit position... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.215 How must a ship transmit position reports? A ship must transmit...

33 CFR 169.215 - How must a ship transmit position reports?

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false How must a ship transmit position... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.215 How must a ship transmit position reports? A ship must transmit...

33 CFR 169.215 - How must a ship transmit position reports?

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false How must a ship transmit position... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range Identification and Tracking Information § 169.215 How must a ship transmit position reports? A ship must transmit...

17 CFR 160.5 - Annual privacy notice to customers required.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Annual privacy notice to... COMMISSION (CONTINUED) PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT Privacy and Opt Out Notices § 160.5 Annual privacy notice to customers required. (a)(1) General rule. You...

17 CFR 160.4 - Initial privacy notice to consumers required.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Initial privacy notice to... COMMISSION (CONTINUED) PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT Privacy and Opt Out Notices § 160.4 Initial privacy notice to consumers required. (a) Initial notice...

17 CFR 160.2 - Model privacy form and examples.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Model privacy form and... (CONTINUED) PRIVACY OF CONSUMER FINANCIAL INFORMATION UNDER TITLE V OF THE GRAMM-LEACH-BLILEY ACT § 160.2 Model privacy form and examples. (a) Model privacy form. Use of the model privacy form in appendix A of...

75 FR 29592 - Self-Regulatory Organizations; The NASDAQ Stock Market LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... Corporate Governance Requirements May 19, 2010. Pursuant to Section 19(b)(1) of the Securities Exchange Act... companies to provide notification to Nasdaq of any noncompliance with the corporate governance requirements... Regulatory Authority. A Company may be denied continued listing if it fails to provide such information...

3 CFR 8875 - Proclamation 8875 of October 1, 2012. National Cybersecurity Awareness Month, 2012

Code of Federal Regulations, 2013 CFR

2013-01-01

... November 2011, we released the Blueprint for a Secure Cyber Future—a strategic plan to protect government, the private sector, and the public against cyber threats today and tomorrow. As we continue to improve... our critical infrastructure, facilitating greater cyber information sharing between government and the...

38 CFR 75.114 - Accelerated response.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 38 Pensions, Bonuses, and Veterans' Relief 2 2010-07-01 2010-07-01 false Accelerated response. 75.114 Section 75.114 Pensions, Bonuses, and Veterans' Relief DEPARTMENT OF VETERANS AFFAIRS (CONTINUED) INFORMATION SECURITY MATTERS Data Breaches § 75.114 Accelerated response. (a) The Secretary, in the exercise of his or her discretion, may provide...

Mobile Device Security: Perspectives of Future Healthcare Workers

PubMed Central

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients’ protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students’ perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants’ perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority. PMID:28566992

Mobile Device Security: Perspectives of Future Healthcare Workers.

PubMed

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients' protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students' perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants' perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority.

Continuous variable quantum cryptography: beating the 3 dB loss limit.

PubMed

Silberhorn, Ch; Ralph, T C; Lütkenhaus, N; Leuchs, G

2002-10-14

We demonstrate that secure quantum key distribution systems based on continuous variable implementations can operate beyond the apparent 3 dB loss limit that is implied by the beam splitting attack. The loss limit was established for standard minimum uncertainty states such as coherent states. We show that, by an appropriate postselection mechanism, we can enter a region where Eve's knowledge on Alice's key falls behind the information shared between Alice and Bob, even in the presence of substantial losses.

Practices in security and confidentiality of HIV/AIDS patients' information: A national survey among staff at HIV outpatient clinics in Vietnam.

PubMed

Khac Hai, Nguyen; Lawpoolsri, Saranath; Jittamala, Podjanee; Thi Thu Huong, Phan; Kaewkungwal, Jaranit

2017-01-01

Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs) in Vietnam. A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique. In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44-9.67); staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39-11.32) and moderate knowledge levels (OR: 5.10; 95%CI: 2.36-11.00); and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices) and moderate perception levels (OR: 5.67; 95%CI: 2.93-10.95). Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29-3.65). Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate healthcare clinics (HIV-OPC) into units integrated into general hospitals/healthcare facilities. The findings of this study highlight topics that could be used for improving management and operation of information system and revising guidelines and regulations on protection measures/strategies for data security and confidentiality of HIV/AIDS patients by Vietnam health authorities or other countries facing similar situations. Secure infrastructure and secure measures for data access and use are very important, worthwhile investments. The provision of continuous training and active enforcement and monitoring of the practices of healthcare personnel might lead to an improved understanding and acknowledegement of the importance of national policies/guidelines regarding HIV-related patient information.

The Effectiveness of Health Care Information Technologies: Evaluation of Trust, Security Beliefs, and Privacy as Determinants of Health Care Outcomes.

PubMed

Kisekka, Victoria; Giboney, Justin Scott

2018-04-11

The diffusion of health information technologies (HITs) within the health care sector continues to grow. However, there is no theory explaining how success of HITs influences patient care outcomes. With the increase in data breaches, HITs' success now hinges on the effectiveness of data protection solutions. Still, empirical research has only addressed privacy concerns, with little regard for other factors of information assurance. The objective of this study was to study the effectiveness of HITs using the DeLone and McLean Information Systems Success Model (DMISSM). We examined the role of information assurance constructs (ie, the role of information security beliefs, privacy concerns, and trust in health information) as measures of HIT effectiveness. We also investigated the relationships between information assurance and three aspects of system success: attitude toward health information exchange (HIE), patient access to health records, and perceived patient care quality. Using structural equation modeling, we analyzed the data from a sample of 3677 cancer patients from a public dataset. We used R software (R Project for Statistical Computing) and the Lavaan package to test the hypothesized relationships. Our extension of the DMISSM to health care was supported. We found that increased privacy concerns reduce the frequency of patient access to health records use, positive attitudes toward HIE, and perceptions of patient care quality. Also, belief in the effectiveness of information security increases the frequency of patient access to health records and positive attitude toward HIE. Trust in health information had a positive association with attitudes toward HIE and perceived patient care quality. Trust in health information had no direct effect on patient access to health records; however, it had an indirect relationship through privacy concerns. Trust in health information and belief in the effectiveness of information security safeguards increases perceptions of patient care quality. Privacy concerns reduce patients' frequency of accessing health records, patients' positive attitudes toward HIE exchange, and overall perceived patient care quality. Health care organizations are encouraged to implement security safeguards to increase trust, the frequency of health record use, and reduce privacy concerns, consequently increasing patient care quality. ©Victoria Kisekka, Justin Scott Giboney. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 11.04.2018.

Collaborating toward improving food security in Nunavut.

PubMed

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut.

Collaborating toward improving food security in Nunavut

PubMed Central

Wakegijig, Jennifer; Osborne, Geraldine; Statham, Sara; Issaluk, Michelle Doucette

2013-01-01

Background Community members, Aboriginal organizations, public servants and academics have long been describing a desperate situation of food insecurity in the Eastern Canadian Arctic. Objective The Nunavut Food Security Coalition, a partnership of Inuit Organizations and the Government of Nunavut, is collaborating to develop a territorial food security strategy to address pervasive food insecurity in the context of poverty reduction. Design The Nunavut Food Security Coalition has carried out this work using a community consultation model. The research was collected through community visits, stakeholder consultation and member checking at the Nunavut Food Security Symposium. Results In this paper, we describe a continuous course of action, based on community engagement and collective action, that has led to sustained political interest in and public mobilization around the issue of food insecurity in Nunavut. Conclusions The process described in this article is a unique collaboration between multiple organizations that has led to the development of a sustainable partnership that will inform policy development while representing the voice of Nunavummiut. PMID:23984307

Personal privacy, information assurance, and the threat posed by malware techology

NASA Astrophysics Data System (ADS)

Stytz, Martin R.; Banks, Sheila B.

2006-04-01

In spite of our best efforts to secure the cyber world, the threats posed to personal privacy by attacks upon networks and software continue unabated. While there are many reasons for this state of affairs, clearly one of the reasons for continued vulnerabilities in software is the inability to assess their security properties and test their security systems while they are in development. A second reason for this growing threat to personal privacy is the growing sophistication and maliciousness of malware coupled with the increasing difficulty of detecting malware. The pervasive threat posed by malware coupled with the difficulties faced when trying to detect its presence or an attempted intrusion make addressing the malware threat one of the most pressing issues that must be solved in order to insure personal privacy to users of the internet. In this paper, we will discuss the threat posed by malware, the types of malware found in the wild (outside of computer laboratories), and current techniques that are available for from a successful malware penetration. The paper includes a discussion of anti-malware tools and suggestions for future anti-malware efforts.

A Quantitative Study on the Relationship of Information Security Policy Awareness, Enforcement, and Maintenance to Information Security Program Effectiveness

ERIC Educational Resources Information Center

Francois, Michael T.

2016-01-01

Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

The Shaping of Managers' Security Objectives through Information Security Awareness Training

ERIC Educational Resources Information Center

Harris, Mark A.

2010-01-01

Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

20 CFR 416.990 - When and how often we will conduct a continuing disability review.

Code of Federal Regulations, 2010 CFR

2010-04-01

... continuing disability review. 416.990 Section 416.990 Employees' Benefits SOCIAL SECURITY ADMINISTRATION...(a) of the Social Security Act if you receive benefits based on disability or § 416.986 of this... and have received social security benefits as well as supplemental security income payments. (b) When...

The Continuing Evolution of Effective IT Security Practices

ERIC Educational Resources Information Center

Voloudakis, John

2006-01-01

In the past three years, higher education institutions have made a number of moves to secure their critical systems and protect their users, resulting in a marked change in the techniques used to combat security threats. Today, continued progress may depend on the development of an enterprise IT security program. (Contains 10 notes.)

20 CFR 416.990 - When and how often we will conduct a continuing disability review.

Code of Federal Regulations, 2012 CFR

2012-04-01

... continuing disability review. 416.990 Section 416.990 Employees' Benefits SOCIAL SECURITY ADMINISTRATION...(a) of the Social Security Act if you receive benefits based on disability or § 416.986 of this... and have received social security benefits as well as supplemental security income payments. (b) When...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

Quantum key distribution with hacking countermeasures and long term field trial.

PubMed

Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

2017-05-16

Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

A layered trust information security architecture.

PubMed

de Oliveira Albuquerque, Robson; Villalba, Luis Javier García; Orozco, Ana Lucila Sandoval; Buiati, Fábio; Kim, Tai-Hoon

2014-12-01

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed.

32 CFR 2700.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 6 2011-07-01 2011-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be chaired...

77 FR 12623 - National Industrial Security Program Policy Advisory Committee (NISPPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-01

... NATIONAL ARCHIVES AND RECORDS ADMINISTRATION Information Security Oversight Office National... Information Security Oversight Office no later than Friday, March 16, 2012. The Information Security Oversight... FURTHER INFORMATION CONTACT: David O. Best, Senior Program Analyst, The Information Security Oversight...

32 CFR 2700.51 - Information Security Oversight Committee.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 6 2010-07-01 2010-07-01 false Information Security Oversight Committee. 2700... MICRONESIAN STATUS NEGOTIATIONS SECURITY INFORMATION REGULATIONS Implementation and Review § 2700.51 Information Security Oversight Committee. The OMSN Information Security Oversight Committee shall be chaired...

75 FR 49943 - New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-16

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review: Pipeline System Operator Security Information AGENCY: Transportation... INFORMATION CONTACT: Joanna Johnson, Office of Information Technology, TSA-11, Transportation Security...

National Marrow Donor Program

DTIC Science & Technology

2008-08-05

Research in HLA Typing, Hematopoietic Stem Cell Transplantation and Clinical Studies to Improve Outcomes 16. SECURITY CLASSIFICATION OF: 19a. NAME...new action item was added to Workflow Management screen for the SCTOD ( Stem Cell Therapeutic Outcomes Data) Data Form. The information will be passed...Improvement Amendment NRP National Response Plan CME Continuing Medical Education NST Non-myeloablative Allogeneic Stem Cell Transplantation COG