48 CFR 339.7101 - Policy.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7101 Policy. HHS is responsible for implementing an information security program to ensure that its information systems and... information contained in those systems. Each system's level of security shall protect the integrity...

Secure, Autonomous, Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Paulsen, Phillip E.; Miller, Eric M.; Sage, Steen P.

2013-01-01

This report describes a Secure, Autonomous, and Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations. It includes a description of current improvements to existing Virtual Mission Operations Center technology being used by US Department of Defense and originally developed under NASA funding. The report also highlights a technology demonstration performed in partnership with the United States Geological Service for Earth Resources Observation and Science using DigitalGlobe(Registered TradeMark) satellites to obtain space-based sensor data.

Updating energy security and environmental policy: Energy security theories revisited.

PubMed

Proskuryakova, L

2018-06-18

The energy security theories are based on the premises of sufficient and reliable supply of fossil fuels at affordable prices in centralized supply systems. Policy-makers and company chief executives develop energy security strategies based on the energy security theories and definitions that dominate in the research and policy discourse. It is therefore of utmost importance that scientists revisit these theories in line with the latest changes in the energy industry: the rapid advancement of renewables and smart grid, decentralization of energy systems, new environmental and climate challenges. The study examines the classic energy security concepts (neorealism, neoliberalism, constructivism and international political economy) and assesses if energy technology changes are taken into consideration. This is done through integrative literature review, comparative analysis, identification of 'international relations' and 'energy' research discourse with the use of big data, and case studies of Germany, China, and Russia. The paper offers suggestions for revision of energy security concepts through integration of future technology considerations. Copyright © 2018 Elsevier Ltd. All rights reserved.

Exploring Factors Influencing Self-Efficacy in Information Security an Empirical Analysis by Integrating Multiple Theoretical Perspectives in the Context of Using Protective Information Technologies

ERIC Educational Resources Information Center

Reddy, Dinesh Sampangirama

2017-01-01

Cybersecurity threats confront the United States on a daily basis, making them one of the major national security challenges. One approach to meeting these challenges is to improve user cybersecurity behavior. End user security behavior hinges on end user acceptance and use of the protective information technologies such as anti-virus and…

A Layered Trust Information Security Architecture

PubMed Central

de Oliveira Albuquerque, Robson; García Villalba, Luis Javier; Sandoval Orozco, Ana Lucila; Buiati, Fábio; Kim, Tai-Hoon

2014-01-01

Information can be considered the most important asset of any modern organization. Securing this information involves preserving confidentially, integrity and availability, the well-known CIA triad. In addition, information security is a risk management job; the task is to manage the inherent risks of information disclosure. Current information security platforms do not deal with the different facets of information technology. This paper presents a layered trust information security architecture (TISA) and its creation was motivated by the need to consider information and security from different points of view in order to protect it. This paper also extends and discusses security information extensions as a way of helping the CIA triad. Furthermore, this paper suggests information representation and treatment elements, operations and support components that can be integrated to show the various risk sources when dealing with both information and security. An overview of how information is represented and treated nowadays in the technological environment is shown, and the reason why it is so difficult to guarantee security in all aspects of the information pathway is discussed. PMID:25470490

OSD CALS Architecture Master Plan Study. Concept Paper. Security. Volume 38

DOT National Transportation Integrated Search

1989-07-01

Developing and executing a well-thought-out security policy is critical to the success of CALS. Without appropriate security measures, the integration of technology, organizations, functions, and data envisioned as Phase II CALS can not occur. Theref...

The Department of Homeland Security Intelligence Enterprise: Operational Overview and Oversight Challenges for Congress

DTIC Science & Technology

2009-05-27

technology network architecture to connect various DHS elements and promote information sharing.17 • Establish a DHS State, Local, and Regional...A Strategic Plan; training, and the implementation of a comprehensive information systems architecture .65 As part of its integration...information technology network architecture was submitted to Congress last year. See DHS I&A, Homeland Security Information Technology Network

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

Securing health sensing using integrated circuit metric.

PubMed

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-10-20

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware "fingerprints". The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

Securing Health Sensing Using Integrated Circuit Metric

PubMed Central

Tahir, Ruhma; Tahir, Hasan; McDonald-Maier, Klaus

2015-01-01

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner. PMID:26492250

Computer Network Security- The Challenges of Securing a Computer Network

NASA Technical Reports Server (NTRS)

Scotti, Vincent, Jr.

2011-01-01

This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

77 FR 58980 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-25

... technology security, --Cybersecurity Updates from Director of Cybersecurity, White House, --Presentation on... communications across federal agencies with the National Cybersecurity and Communications Integration Center...

STIDP: A U.S. Department of Homeland Security program for countering explosives attacks at large public events and mass transit facilities

NASA Astrophysics Data System (ADS)

Knudson, Christa K.; Kemp, Michael C.; Lombardo, Nicholas J.

2009-05-01

The U.S. Department of Homeland Security's Standoff Technology Integration and Demonstration Program is designed to accelerate the development and integration of technologies, concepts of operations, and training to defeat explosives attacks at large public events and mass transit facilities. The program will address threats posed by suicide bombers, vehicle-borne improvised explosive devices, and leave-behind bombs. The program is focused on developing and testing explosives countermeasure architectures using commercial off-the-shelf and near-commercial standoff and remotely operated detection technologies in prototypic operational environments. An important part of the program is the integration of multiple technologies and systems to protect against a wider range of threats, improve countermeasure performance, increase the distance from the venue at which screening is conducted, and reduce staffing requirements. The program will routinely conduct tests in public venues involving successively more advanced technology, higher levels of system integration, and more complex scenarios. This paper describes the initial field test of an integrated countermeasure system that included infrared, millimeter-wave, and video analytics technologies for detecting person-borne improvised explosive devices at a public arena. The test results are being used to develop a concept for the next generation of integrated countermeasures, to refine technical and operational requirements for architectures and technologies, and engage industry and academia in solution development.

Novel technology for enhanced security and trust in communication networks

NASA Astrophysics Data System (ADS)

Milovanov, Alexander; Bukshpun, Leonid; Pradhan, Ranjit; Jannson, Tomasz

2011-06-01

A novel technology that significantly enhances security and trust in wireless and wired communication networks has been developed. It is based on integration of a novel encryption mechanism and novel data packet structure with enhanced security tools. This novel data packet structure results in an unprecedented level of security and trust, while at the same time reducing power consumption and computing/communication overhead in networks. As a result, networks are provided with protection against intrusion, exploitation, and cyber attacks and posses self-building, self-awareness, self-configuring, self-healing, and self-protecting intelligence.

Test and Demonstration Assets of New Mexico

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

This document was developed by the Arrowhead Center of New Mexico State University as part of the National Security Preparedness Project (NSPP), funded by a DOE/NNSA grant. The NSPP has three primary components: business incubation, workforce development, and technology demonstration and validation. The document contains a survey of test and demonstration assets in New Mexico available for external users such as small businesses with security technologies under development. Demonstration and validation of national security technologies created by incubator sources, as well as other sources, are critical phases of technology development. The NSPP will support the utilization of an integrated demonstrationmore » and validation environment.« less

Strategies for online test security.

PubMed

Hart, Leigh; Morgan, Lesley

2009-01-01

As online courses continue to increase, maintaining academic integrity in student evaluation is a challenge. The authors review several strategies, with varying degrees of cost and technology, to improve test security in the online classroom.

Sandia National Laboratories: Integrated Military Systems

Science.gov Websites

Programs Nuclear Weapons About Nuclear Weapons Safety & Security Weapons Science & Technology Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers Audit Sandia's Economic Impact Licensing & Technology Transfer Browse Technology Portfolios

Computer network security for the radiology enterprise.

PubMed

Eng, J

2001-08-01

As computer networks become an integral part of the radiology practice, it is appropriate to raise concerns regarding their security. The purpose of this article is to present an overview of computer network security risks and preventive strategies as they pertain to the radiology enterprise. A number of technologies are available that provide strong deterrence against attacks on networks and networked computer systems in the radiology enterprise. While effective, these technologies must be supplemented with vigilant user and system management.

Understanding the Adoption Process of National Security Technology: An Integration of Diffusion of Innovations and Volitional Behavior Theories.

PubMed

Iles, Irina A; Egnoto, Michael J; Fisher Liu, Brooke; Ackerman, Gary; Roberts, Holly; Smith, Daniel

2017-11-01

After the 9/11 terrorist attacks, the U.S. government initiated several national security technology adoption programs. The American public, however, has been skeptical about these initiatives and adoption of national security technologies has been mandated, rather than voluntary. We propose and test a voluntary behavioral intention formation model for the adoption of one type of new security technology: portable radiation detectors. Portable radiation detectors are an efficient way of detecting radiological and nuclear threats and could potentially prevent loss of life and damage to individuals' health. However, their functioning requires that a critical mass of individuals use them on a daily basis. We combine the explanatory advantages of diffusion of innovation with the predictive power of two volitional behavior frameworks: the theory of reasoned action and the health belief model. A large sample survey (N = 1,482) investigated the influence of factors identified in previous diffusion of innovation research on portable radiation detector adoption intention. Results indicated that nonfinancial incentives, as opposed to financial incentives, should be emphasized in persuasive communications aimed at fostering adoption. The research provides a new integration of diffusion of innovation elements with determinants of volitional behavior from persuasion literature, and offers recommendations on effective communication about new security technologies to motivate public adoption and enhance national safety. © 2017 Society for Risk Analysis.

Advances in Protection.

ERIC Educational Resources Information Center

Szczerba, Peter

2000-01-01

Explains how integrating information technology can extend the capabilities of school security systems far beyond traditional card access. Use of biometric identification technologies and digitized event recording are explored. (GR)

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

78 FR 2953 - National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-15

...-01] National Cybersecurity Center of Excellence (NCCoE) Secure Exchange of Electronic Health... the National Cybersecurity Center of Excellence (NCCoE) in the Secure Exchange of Electronic Health... accelerating the widespread adoption of integrated cybersecurity tools and technologies. The NCCoE will bring...

Vulnerability mitigation : technology assessment and deployment

DOT National Transportation Integrated Search

2003-01-01

Because of the new terrorist threats since the September 11, 2001 attacks, rapid development, prototyping, and deployment of systems has been necessary. A well integrated physical security system that combines state of the art security and informatio...

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2007-01-01

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

Fully integrated automated security surveillance system: managing a changing world through managed technology and product applications

NASA Astrophysics Data System (ADS)

Francisco, Glen; Brown, Todd

2012-06-01

Integrated security systems are essential to pre-empting criminal assaults. Nearly 500,000 sites have been identified (source: US DHS) as critical infrastructure sites that would suffer severe damage if a security breach should occur. One major breach in any of 123 U.S. facilities, identified as "most critical", threatens more than 1,000,000 people. The vulnerabilities of critical infrastructure are expected to continue and even heighten over the coming years.

Using Information Technologies in Professional Training of Future Security Specialists in the USA, Great Britain, Poland and Israel

ERIC Educational Resources Information Center

Kyslenko, Dmytro

2017-01-01

The paper discusses the use of information technologies in professional training of future security specialists in the United States, Great Britain, Poland and Israel. The probable use of computer-based techniques being available within the integrated Web-sites have been systematized. It has been suggested that the presented scheme may be of great…

Firewall systems: the next generation

NASA Astrophysics Data System (ADS)

McGhie, Lynda L.

1996-01-01

To be competitive in today's globally connected marketplace, a company must ensure that their internal network security methodologies and supporting policies are current and reflect an overall understanding of today's technology and its resultant threats. Further, an integrated approach to information security should ensure that new ways of sharing information and doing business are accommodated; such as electronic commerce, high speed public broadband network services, and the federally sponsored National Information Infrastructure. There are many challenges, and success is determined by the establishment of a solid and firm baseline security architecture that accommodate today's external connectivity requirements, provides transitional solutions that integrate with evolving and dynamic technologies, and ultimately acknowledges both the strategic and tactical goals of an evolving network security architecture and firewall system. This paper explores the evolution of external network connectivity requirements, the associated challenges and the subsequent development and evolution of firewall security systems. It makes the assumption that a firewall is a set of integrated and interoperable components, coming together to form a `SYSTEM' and must be designed, implement and managed as such. A progressive firewall model will be utilized to illustrates the evolution of firewall systems from earlier models utilizing separate physical networks, to today's multi-component firewall systems enabling secure heterogeneous and multi-protocol interfaces.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL ismore » tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.« less

Increasing the resilience and security of the United States' power infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-worldmore » conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.« less

2017 Joint Annual NDIA/AIA Industrial Security Committee Fall Conference

DTIC Science & Technology

2017-11-15

beyond credit data to offer the insights that government professionals need to make informed decisions and ensure citizen safety, manage compliance...business that provides information technology and professional services. We specialize in managing business processes and systems integration for both... Information Security System ISFD Industrial Security Facilities Database OBMS ODAA Business Management System STEPP Security, Training, Education and

A Multi-Pronged Plan

ERIC Educational Resources Information Center

Starkman, Neal

2007-01-01

As schools adopt new and varied technologies to protect the campus community, the need to look at security tools in terms of a comprehensive, layered, and integrated strategy, becomes clear. This article discusses how schools are using these security tools.

Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol.

PubMed

He, Debiao; Kumar, Neeraj; Chilamkurti, Naveen; Lee, Jong-Hyouk

2014-10-01

The radio frequency identification (RFID) technology has been widely adopted and being deployed as a dominant identification technology in a health care domain such as medical information authentication, patient tracking, blood transfusion medicine, etc. With more and more stringent security and privacy requirements to RFID based authentication schemes, elliptic curve cryptography (ECC) based RFID authentication schemes have been proposed to meet the requirements. However, many recently published ECC based RFID authentication schemes have serious security weaknesses. In this paper, we propose a new ECC based RFID authentication integrated with an ID verifier transfer protocol that overcomes the weaknesses of the existing schemes. A comprehensive security analysis has been conducted to show strong security properties that are provided from the proposed authentication scheme. Moreover, the performance of the proposed authentication scheme is analyzed in terms of computational cost, communicational cost, and storage requirement.

Sustainable integrated farming system: A solution for national food security and sovereignty

NASA Astrophysics Data System (ADS)

Ansar, M.; Fathurrahman

2018-05-01

This paper provides a comprehensive review of literature related to food security. The world food crisis is a threat to all countries, including Indonesia. The problem of food security in Indonesia is still happening, particularly, aspects of production and increasingly unbalanced food availability. Due to the increasing rate of population growth, land functional shift, degradation of land resources and water, as well as environmental pollution and climate change. Food production has not been able to meet the needs of the population continuously. Therefore, the food policy paradigm applied in Indonesia must change from food security to food independence. Thus, Indonesia is not dependent on other countries. Food diversification is one of the best policies to be implemented in achieving food independence and anticipating the food crisis. Food diversification utilizes land optimally by developing an integrated farming system. The integrated farming system is an efficient and environmentally agricultural system. It is able to utilize sustainable agriculture development, followed by the development of participatory technology (Participatory Technology Development) which refers to the local wisdom of the community.

Integrated Energy Solutions Research | Integrated Energy Solutions | NREL

Science.gov Websites

that spans the height and width of the wall they are facing. Decision Science and Informatics Enabling decision makers with rigorous, technology-neutral, data-backed decision support to maximize the impact of security in energy systems through analysis, decision support, advanced energy technology development, and

Security and health research databases: the stakeholders and questions to be addressed.

PubMed

Stewart, Sara

2006-01-01

Health research database security issues abound. Issues include subject confidentiality, data ownership, data integrity and data accessibility. There are also various stakeholders in database security. Each of these stakeholders has a different set of concerns and responsibilities when dealing with security issues. There is an obvious need for training in security issues, so that these issues may be addressed and health research will move on without added obstacles based on misunderstanding security methods and technologies.

DOE DISS/ET pilot system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Strait, R.S.; Wagner, E.E.

1994-07-01

The US Department of Energy (DOE) Office of Safeguards and Security initiated the DOE Integrated Security System / Electronic Transfer (DISS/ET) for the purpose of reducing the time required to process security clearance requests. DISS/ET will be an integrated system using electronic commerce technologies for the collection and processing of personnel security clearance data, and its transfer between DOE local security clearance offices, DOE Operations Offices, and the Office of Personnel Management. The system will use electronic forms to collect clearance applicant data. The forms data will be combined with electronic fingerprint images and packaged in a secure encrypted electronicmore » mail envelope for transmission across the Internet. Information provided by the applicant will be authenticated using digital signatures. All processing will be done electronically.« less

Importance of biometrics to addressing vulnerabilities of the U.S. infrastructure

NASA Astrophysics Data System (ADS)

Arndt, Craig M.; Hall, Nathaniel A.

2004-08-01

Human identification technologies are important threat countermeasures in minimizing select infrastructure vulnerabilities. Properly targeted countermeasures should be selected and integrated into an overall security solution based on disciplined analysis and modeling. Available data on infrastructure value, threat intelligence, and system vulnerabilities are carefully organized, analyzed and modeled. Prior to design and deployment of an effective countermeasure; the proper role and appropriateness of technology in addressing the overall set of vulnerabilities is established. Deployment of biometrics systems, as with other countermeasures, introduces potentially heightened vulnerabilities into the system. Heightened vulnerabilities may arise from both the newly introduced system complexities and an unfocused understanding of the set of vulnerabilities impacted by the new countermeasure. The countermeasure's own inherent vulnerabilities and those introduced by the system's integration with the existing system are analyzed and modeled to determine the overall vulnerability impact. The United States infrastructure is composed of government and private assets. The infrastructure is valued by their potential impact on several components: human physical safety, physical/information replacement/repair cost, potential contribution to future loss (criticality in weapons production), direct productivity output, national macro-economic output/productivity, and information integrity. These components must be considered in determining the overall impact of an infrastructure security breach. Cost/benefit analysis is then incorporated in the security technology deployment decision process. Overall security risks based on system vulnerabilities and threat intelligence determines areas of potential benefit. Biometric countermeasures are often considered when additional security at intended points of entry would minimize vulnerabilities.

Identification of needs and requirements defined by services subordinated to the Minister of the Interior and Administration in key technology and user interfaces to develop a concept of the Video Signals Integrator (VSI) system

NASA Astrophysics Data System (ADS)

Bukowiecka, Danuta; Tyburska, Agata; Struniawski, Jarosław; Jastrzebski, Pawel; Jewartowski, Blazej; Pozniak, Krzysztof; Kasprowicz, Grzegorz; Pastuszak, Grzegorz; Trochimiuk, Maciej; Abramowski, Andrzej; Gaska, Michal; Frasunek, Przemysław; Nalbach-Moszynska, Małgorzata; Brawata, Sebastian; Bubak, Iwona; Gloza, Małgorzata

2016-09-01

Preventing and eliminating the risks of terrorist attacks or natural disasters as well as an increase in the security of mass events and critical infrastructure requires the application of modern technologies. Therefore there is a proposal to construct a tool that integrates video signals transmitted by devices that are a part of video monitoring systems functioning in Poland. The article presents selected results of research conducted by the Police Academy in Szczytno under the implemented project for national defense and security on "Video Signals Integrator" Acronym - VSI. Project Leader: Warsaw University of Technology. The consortium: Police Academy in Szczytno, Atende Software Ltd., VORTEX Ltd. No. DOBBio7/ 01/02/2015 funded by the National Centre for Research and Development.

Trends in Education.

ERIC Educational Resources Information Center

School Planning & Management, 2002

2002-01-01

Several architects, planners, administrators, and contractors answer questions about trends related to school construction, interior design, business, security, and technology. Trends concern funding issues, specialized designs, planning for safety, technological integration, and equity in services. (EV)

Integrated quantum key distribution sender unit for daily-life implementations

NASA Astrophysics Data System (ADS)

Mélen, Gwenaelle; Vogl, Tobias; Rau, Markus; Corrielli, Giacomo; Crespi, Andrea; Osellame, Roberto; Weinfurter, Harald

2016-03-01

Unlike currently implemented encryption schemes, Quantum Key Distribution provides a secure way of generating and distributing a key among two parties. Although a multitude of research platforms has been developed, the integration of QKD units within classical communication systems remains a tremendous challenge. The recently achieved maturity of integrated photonic technologies could be exploited to create miniature QKD add-ons that could extend the primary function of various existing systems such as mobile devices or optical stations. In this work we report on an integrated optics module enabling secure short-distance communication for, e.g., quantum access schemes. Using BB84-like protocols, Alice's mobile low-cost device can exchange secure key and information everywhere within a trusted node network. The new optics platform (35×20×8mm) compatible with current smartphone's technology generates NIR faint polarised laser pulses with 100MHz repetition rate. Fully automated beam tracking and live basis-alignment on Bob's side ensure user-friendly operation with a quantum link efficiency as high as 50% stable over a few seconds.

Integration of the SSPM and STAGE with the MPACT Virtual Facility Distributed Test Bed.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cipiti, Benjamin B.; Shoman, Nathan

The Material Protection Accounting and Control Technologies (MPACT) program within DOE NE is working toward a 2020 milestone to demonstrate a Virtual Facility Distributed Test Bed. The goal of the Virtual Test Bed is to link all MPACT modeling tools, technology development, and experimental work to create a Safeguards and Security by Design capability for fuel cycle facilities. The Separation and Safeguards Performance Model (SSPM) forms the core safeguards analysis tool, and the Scenario Toolkit and Generation Environment (STAGE) code forms the core physical security tool. These models are used to design and analyze safeguards and security systems and generatemore » performance metrics. Work over the past year has focused on how these models will integrate with the other capabilities in the MPACT program and specific model changes to enable more streamlined integration in the future. This report describes the model changes and plans for how the models will be used more collaboratively. The Virtual Facility is not designed to integrate all capabilities into one master code, but rather to maintain stand-alone capabilities that communicate results between codes more effectively.« less

Using digital watermarking to enhance security in wireless medical image transmission.

PubMed

Giakoumaki, Aggeliki; Perakis, Konstantinos; Banitsas, Konstantinos; Giokas, Konstantinos; Tachakra, Sapal; Koutsouris, Dimitris

2010-04-01

During the last few years, wireless networks have been increasingly used both inside hospitals and in patients' homes to transmit medical information. In general, wireless networks suffer from decreased security. However, digital watermarking can be used to secure medical information. In this study, we focused on combining wireless transmission and digital watermarking technologies to better secure the transmission of medical images within and outside the hospital. We utilized an integrated system comprising the wireless network and the digital watermarking module to conduct a series of tests. The test results were evaluated by medical consultants. They concluded that the images suffered no visible quality degradation and maintained their diagnostic integrity. The proposed integrated system presented reasonable stability, and its performance was comparable to that of a fixed network. This system can enhance security during the transmission of medical images through a wireless channel.

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

NASA Astrophysics Data System (ADS)

Green, Mary W.

1997-01-01

As problems of violence and crime become more prevalent in our schools, more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense US social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti- graffiti methods, and duress alarms can all be effective, given they are used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more tot he general 'order maintenance' of the facility than could be achieved by separate measures not integrated or related.

Fighting Fire with Fire.

ERIC Educational Resources Information Center

Spoor, Dana L.

1996-01-01

School districts are integrating security and life-safety systems into school buildings to protect students and property. This proactive approach includes sprinkler systems, fire alarms, and security systems that monitor door movement. Some school districts that are incorporating the latest life-safety technology are in Missouri, Ohio, California,…

Secure Web-based Ground System User Interfaces over the Open Internet

NASA Technical Reports Server (NTRS)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

Model based verification of the Secure Socket Layer (SSL) Protocol for NASA systems

NASA Technical Reports Server (NTRS)

Powell, John D.; Gilliam, David

2004-01-01

The National Aeronautics and Space Administration (NASA) has tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information theft, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach' offers formal verification of information technology (IT), through the creation of a Software Security Assessment Instrument (SSAI), to address software security risks.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Educational Infrastructure Using Virtualization Technologies: Experience at Kaunas University of Technology

ERIC Educational Resources Information Center

Miseviciene, Regina; Ambraziene, Danute; Tuminauskas, Raimundas; Pažereckas, Nerijus

2012-01-01

Many factors influence education nowadays. Educational institutions are faced with budget cuttings, outdated IT, data security management and the willingness to integrate remote learning at home. Virtualization technologies provide innovative solutions to the problems. The paper presents an original educational infrastructure using virtualization…

Bayesian performance metrics and small system integration in recent homeland security and defense applications

NASA Astrophysics Data System (ADS)

Jannson, Tomasz; Kostrzewski, Andrew; Patton, Edward; Pradhan, Ranjit; Shih, Min-Yi; Walter, Kevin; Savant, Gajendra; Shie, Rick; Forrester, Thomas

2010-04-01

In this paper, Bayesian inference is applied to performance metrics definition of the important class of recent Homeland Security and defense systems called binary sensors, including both (internal) system performance and (external) CONOPS. The medical analogy is used to define the PPV (Positive Predictive Value), the basic Bayesian metrics parameter of the binary sensors. Also, Small System Integration (SSI) is discussed in the context of recent Homeland Security and defense applications, emphasizing a highly multi-technological approach, within the broad range of clusters ("nexus") of electronics, optics, X-ray physics, γ-ray physics, and other disciplines.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System.more » Selected papers were processed separately for inclusion in the Energy Science and Technology Database.« less

Integrating Safety with Science,Technology and Innovation at Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rich, Bethany M

2012-04-02

The mission of Los Alamos National Laboratory (LANL) is to develop and apply science, technology and engineering solutions to ensure the safety, security, and reliability of the U.S. nuclear deterrent; reduce global threats; and solve emerging national security challenges. The most important responsibility is to direct and conduct efforts to meet the mission with an emphasis on safety, security, and quality. In this article, LANL Environmental, Safety, and Health (ESH) trainers discuss how their application and use of a kinetic learning module (learn by doing) with a unique fall arrest system is helping to address one the most common industrialmore » safety challenges: slips and falls. A unique integration of Human Performance Improvement (HPI), Behavior Based Safety (BBS) and elements of the Voluntary Protection Program (VPP) combined with an interactive simulator experience is being used to address slip and fall events at Los Alamos.« less

Integrity mechanism for eHealth tele-monitoring system in smart home environment.

PubMed

Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

2009-01-01

During the past few years, a lot of effort has been invested in research and development of eHealth tele-monitoring systems that will provide many benefits for healthcare delivery from the healthcare provider to the patient's home. However, there is a plethora of security requirements in eHealth tele-monitoring systems. Data integrity of the transferred medical data is one of the most important security requirements that should be satisfied in these systems, since medical information is extremely sensitive information, and even sometimes life threatening information. In this paper, we present a data integrity mechanism for eHealth tele-monitoring system that operates in a smart home environment. Agent technology is applied to achieve data integrity with the use of cryptographic smart cards. Furthermore, the overall security infrastructure and its various components are described.

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Green, M.W.

As problems of violence and crime become more prevalent in our schools (or at least the perception of their prevalence), more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense U.S. social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti-graffiti methods, and duress alarms can all be effective, given they aremore » used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems (`big picture`) approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more to the general `order maintenance` of the facility than could be achieved by separate measures not integrated or related.« less

Security engineering: systems engineering of security through the adaptation and application of risk management

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

Quantum technology and cryptology for information security

NASA Astrophysics Data System (ADS)

Naqvi, Syed; Riguidel, Michel

2007-04-01

Cryptology and information security are set to play a more prominent role in the near future. In this regard, quantum communication and cryptography offer new opportunities to tackle ICT security. Quantum Information Processing and Communication (QIPC) is a scientific field where new conceptual foundations and techniques are being developed. They promise to play an important role in the future of information Security. It is therefore essential to have a cross-fertilizing development between quantum technology and cryptology in order to address the security challenges of the emerging quantum era. In this article, we discuss the impact of quantum technology on the current as well as future crypto-techniques. We then analyse the assumptions on which quantum computers may operate. Then we present our vision for the distribution of security attributes using a novel form of trust based on Heisenberg's uncertainty; and, building highly secure quantum networks based on the clear transmission of single photons and/or bundles of photons able to withstand unauthorized reading as a result of secure protocols based on the observations of quantum mechanics. We argue how quantum cryptographic systems need to be developed that can take advantage of the laws of physics to provide long-term security based on solid assumptions. This requires a structured integration effort to deploy quantum technologies within the existing security infrastructure. Finally, we conclude that classical cryptographic techniques need to be redesigned and upgraded in view of the growing threat of cryptanalytic attacks posed by quantum information processing devices leading to the development of post-quantum cryptography.

Safety and Security Interface Technology Initiative

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dr. Michael A. Lehto; Kevin J. Carroll; Dr. Robert Lowrie

Safety and Security Interface Technology Initiative Mr. Kevin J. Carroll Dr. Robert Lowrie, Dr. Micheal Lehto BWXT Y12 NSC Oak Ridge, TN 37831 865-576-2289/865-241-2772 carrollkj@y12.doe.gov Work Objective. Earlier this year, the Energy Facility Contractors Group (EFCOG) was asked to assist in developing options related to acceleration deployment of new security-related technologies to assist meeting design base threat (DBT) needs while also addressing the requirements of 10 CFR 830. NNSA NA-70, one of the working group participants, designated this effort the Safety and Security Interface Technology Initiative (SSIT). Relationship to Workshop Theme. “Supporting Excellence in Operations Through Safety Analysis,” (workshop theme)more » includes security and safety personnel working together to ensure effective and efficient operations. One of the specific workshop elements listed in the call for papers is “Safeguards/Security Integration with Safety.” This paper speaks directly to this theme. Description of Work. The EFCOG Safety Analysis Working Group (SAWG) and the EFCOG Security Working Group formed a core team to develop an integrated process involving both safety basis and security needs allowing achievement of the DBT objectives while ensuring safety is appropriately considered. This effort garnered significant interest, starting with a two day breakout session of 30 experts at the 2006 Safety Basis Workshop. A core team was formed, and a series of meetings were held to develop that process, including safety and security professionals, both contractor and federal personnel. A pilot exercise held at Idaho National Laboratory (INL) in mid-July 2006 was conducted as a feasibility of concept review. Work Results. The SSIT efforts resulted in a topical report transmitted from EFCOG to DOE/NNSA in August 2006. Elements of the report included: Drivers and Endstate, Control Selections Alternative Analysis Process, Terminology Crosswalk, Safety Basis/Security Documentation Integration, Configuration Control, and development of a shared ‘tool box’ of information/successes. Specific Benefits. The expectation or end state resulting from the topical report and associated implementation plan includes: (1) A recommended process for handling the documentation of the security and safety disciplines, including an appropriate change control process and participation by all stakeholders. (2) A means to package security systems with sufficient information to help expedite the flow of that system through the process. In addition, a means to share successes among sites, to include information and safety basis to the extent such information is transportable. (3) Identification of key security systems and associated essential security elements being installed and an arrangement for the sites installing these systems to host an appropriate team to review a specific system and determine what information is exportable. (4) Identification of the security systems’ essential elements and appropriate controls required for testing of these essential elements in the facility. (5) The ability to help refine and improve an agreed to control set at the manufacture stage.« less

Homeland security and virtual reality: building a Strategic Adaptive Response System (STARS).

PubMed

Swift, Christopher; Rosen, Joseph M; Boezer, Gordon; Lanier, Jaron; Henderson, Joseph V; Liu, Alan; Merrell, Ronald C; Nguyen, Sinh; Demas, Alex; Grigg, Elliot B; McKnight, Matthew F; Chang, Janelle; Koop, C Everett

2005-01-01

The advent of the Global War on Terrorism (GWOT) underscored the need to improve the U.S. disaster response paradigm. Existing systems involve numerous agencies spread across disparate functional and geographic jurisdictions. The current architecture remains vulnerable to sophisticated terrorist strikes. To address these vulnerabilities, we must continuously adapt and improve our Homeland Security architecture. Virtual Reality (VR) technologies will help model those changes and integrate technologies. This paper provides a broad overview of the strategic threats, together with a detailed examination of how specific VR technologies could be used to ensure successful disaster responses.

Proceedings of the Sixth Integrated Communications, Navigation and Surveillance (ICNS) Conference & Workshop 2006

NASA Technical Reports Server (NTRS)

Ponchak, Denise (Compiler)

2006-01-01

The Integrated Communications, Navigation and Surveillance (ICNS) Technologies Conference and Workshop provides a forum for government, industry, and academic communities performing research and technology development for advanced digital communications, navigation, and surveillance security systems and associated applications supporting the national and global air transportation systems. The event s goals are to understand current efforts and recent results in near- and far-term research and technology demonstration; identify integrated digital communications, navigation and surveillance research requirements necessary for a safe, high-capacity, advanced air transportation system; foster collaboration and coordination among all stakeholders; and discuss critical issues and develop recommendations to achieve the future integrated CNS vision for the national and global air transportation system.

Proceedings of the Fourth Integrated Communications, Navigation, and Surveillance (ICNS) Conference and Workshop

NASA Technical Reports Server (NTRS)

Fujikawa, Gene (Compiler)

2004-01-01

The Integrated Communications, Navigational and Surveillance (ICNS) Technologies Conference and Workshop provides a forum for Government, industry, and academic communities performing research and technology development for advanced digital communications, navigation, and surveillance security systems and associated applications supporting the national and global air transportation systems. The event's goals are to understand current efforts and recent results in near-and far-term research and technology demonstration; identify integrated digital communications, navigation and surveillance research requirements necessary for a safe, high-capacity, advanced air transportation system; foster collaboration and coordination among all stakeholders; and discuss critical issues and develop recommendations to achieve the future integrated CNS vision for the national and global air transportation system.

Image-based electronic patient records for secured collaborative medical applications.

PubMed

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

The Integration of It Governance, Information Security Leadership and Strategic Alignment in Healthcare: A Correlational Study

ERIC Educational Resources Information Center

Taft, Tiffany H.

2017-01-01

This dissertation is a study of the relationship between Information Technology Governance (ITG), information security leadership, and strategic alignment within a healthcare organization. Strong organizational leadership and adherence to the process are vital to the formulation and management of performance and implementation of key directives.…

Professional Development: Catalyst for Change?

ERIC Educational Resources Information Center

Niederhauser, Dale; Wessling, Sarah

2011-01-01

Difficulty securing adequate professional development (PD) has long been a barrier to the effective implementation of educational technology. Concerns about the dearth of PD for helping teachers integrate technology into their instructional practices raised nearly 25 years ago appear to still hold true despite repeated calls for increased…

A New Approach To Secure Federated Information Bases Using Agent Technology.

ERIC Educational Resources Information Center

Weippi, Edgar; Klug, Ludwig; Essmayr, Wolfgang

2003-01-01

Discusses database agents which can be used to establish federated information bases by integrating heterogeneous databases. Highlights include characteristics of federated information bases, including incompatible database management systems, schemata, and frequently changing context; software agent technology; Java agents; system architecture;…

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

PubMed Central

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

2015-01-01

Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff. PMID:26618034

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

PubMed

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

2015-10-01

Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

High-Performance Secure Database Access Technologies for HEP Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysismore » capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure authorization is pushed into the database engine will eliminate inefficient data transfer bottlenecks. Furthermore, traditionally separated database and security layers provide an extra vulnerability, leaving a weak clear-text password authorization as the only protection on the database core systems. Due to the legacy limitations of the systems’ security models, the allowed passwords often can not even comply with the DOE password guideline requirements. We see an opportunity for the tight integration of the secure authorization layer with the database server engine resulting in both improved performance and improved security. Phase I has focused on the development of a proof-of-concept prototype using Argonne National Laboratory’s (ANL) Argonne Tandem-Linac Accelerator System (ATLAS) project as a test scenario. By developing a grid-security enabled version of the ATLAS project’s current relation database solution, MySQL, PIOCON Technologies aims to offer a more efficient solution to secure database access.« less

Solar Energy Technologies Office Fact Sheet

DOE Office of Scientific and Technical Information (OSTI.GOV)

Solar Energy Technologies Office

The U.S. Department of Energy Solar Energy Technologies Office (SETO) supports early-stage research and development to improve the affordability, reliability, and performance of solar technologies on the grid. The office invests in innovative research efforts that securely integrate more solar energy into the grid, enhance the use and storage of solar energy, and lower solar electricity costs.

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System.

PubMed

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-12-15

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients' personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack.

New colored optical security elements using Rolic's LPP/LCP technology: devices for first- to third-level inspection

NASA Astrophysics Data System (ADS)

Moia, Franco

2002-04-01

With linear photo-polymerization (LPP) ROLIC has invented a photo-patternable technology enabling to align not only conventional liquid crystals but also liquid crystals polymers (LCP). ROLIC's optical security device technology derives from its LPP/LCP technology. LPP/LCP security devices are created by structured photo-alignment of an LPP layer through phot-masks, thus generating a high resolution, photo-patterned aligning layer which carries the aligning information of the image to be created. The subsequent LCP layer transforms the aligning information into an optical phase image with low and/or very high information content, such as invisible photographic pictures. The building block capability of the LPP/LCP technology allows the manufacturing of cholesteric and non-cholesteric LPP/LCP devices which cover 1st and/or 2nd level applications. Apart from black/white security devices colored information zones can be integrated. Moreover, we have developed an LPP/LCP security device which covers all three- 1st, 2nd and 3rd- inspection levels in one and the same authentication device: besides a color shift by tilting the device (1st level) and the detection of normally hidden information by use of a simple sheet polarizer (2nd level) the new device contains encrypted hidden information which can be visualized only by superimposing an LPP/LCP inspection tool (key) for decryption (3rd level). This optical key is also based on the LPP/LCP technology and is itself a 3rd level security device.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

2015-01-01

NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

Relevance of Clean Coal Technology for India’s Energy Security: A Policy Perspective

NASA Astrophysics Data System (ADS)

Garg, Amit; Tiwari, Vineet; Vishwanathan, Saritha

2017-07-01

Climate change mitigation regimes are expected to impose constraints on the future use of fossil fuels in order to reduce greenhouse gas (GHG) emissions. In 2015, 41% of total final energy consumption and 64% of power generation in India came from coal. Although almost a sixth of the total coal based thermal power generation is now super critical pulverized coal technology, the average CO2 emissions from the Indian power sector are 0.82 kg-CO2/kWh, mainly driven by coal. India has large domestic coal reserves which give it adequate energy security. There is a need to find options that allow the continued use of coal while considering the need for GHG mitigation. This paper explores options of linking GHG emission mitigation and energy security from 2000 to 2050 using the AIM/Enduse model under Business-as-Usual scenario. Our simulation analysis suggests that advanced clean coal technologies options could provide promising solutions for reducing CO2 emissions by improving energy efficiencies. This paper concludes that integrating climate change security and energy security for India is possible with a large scale deployment of advanced coal combustion technologies in Indian energy systems along with other measures.

Creation of security engineering programs by the Southwest Surety Institute

NASA Astrophysics Data System (ADS)

Romero, Van D.; Rogers, Bradley; Winfree, Tim; Walsh, Dan; Garcia, Mary Lynn

1998-12-01

The Southwest Surety Institute includes Arizona State University (ASU), Louisiana State University (LSU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL). The universities currently offer a full spectrum of post-secondary programs in security system design and evaluation, including an undergraduate minor, a graduate program, and continuing education programs. The programs are based on the methodology developed at Sandia National Laboratories over the past 25 years to protect critical nuclear assets. The programs combine basic concepts and principles from business, criminal justice, and technology to create an integrated performance-based approach to security system design and analysis. Existing university capabilities in criminal justice (NMSU), explosives testing and technology (NM Tech and LSU), and engineering technology (ASU) are leveraged to provide unique science-based programs that will emphasize the use of performance measures and computer analysis tools to prove the effectiveness of proposed systems in the design phase. Facility managers may then balance increased protection against the cost of implementation and risk mitigation, thereby enabling effective business decisions. Applications expected to benefit from these programs include corrections, law enforcement, counter-terrorism, critical infrastructure protection, financial and medical care fraud, industrial security, and border security.

NATIONAL PREPAREDNESS: Integrating New and Existing Technology and Information Sharing into an Effective Homeland Security Strategy

DTIC Science & Technology

2002-06-07

Continue to Develop and Refine Emerging Technology • Some of the emerging biometric devices, such as iris scans and facial recognition systems...such as iris scans and facial recognition systems, facial recognition systems, and speaker verification systems. (976301)

Critical Issues of Web-Enabled Technologies in Modern Organizations.

ERIC Educational Resources Information Center

Khosrow-Pour, Mehdi; Herman, Nancy

2001-01-01

Discusses results of a Delphi study that explored issues related to the utilization and management of Web-enabled technologies by modern organizations. Topics include bandwidth restrictions; security; data integrity; inadequate search facilities; system incompatibilities; failure to adhere to standards; email; use of metadata; privacy and…

Secure medical digital libraries.

PubMed

Papadakis, I; Chrissikopoulos, V; Polemi, D

2001-12-01

In this paper, a secure medical digital library is presented. It is based on the CORBA specifications for distributed systems. The described approach relies on a three-tier architecture. Interaction between the medical digital library and its users is achieved through a Web server. The choice of employing Web technology for the dissemination of medical data has many advantages compared to older approaches, but also poses extra requirements that need to be fulfilled. Thus, special attention is paid to the distinguished nature of such medical data, whose integrity and confidentiality should be preserved at all costs. This is achieved through the employment of Trusted Third Parties (TTP) technology for the support of the required security services. Additionally, the proposed digital library employs smartcards for the management of the various security tokens that are used from the above services.

Supportability in Aircraft Systems through Technology and Acquisition Strategy Applications.

DTIC Science & Technology

1987-09-01

structures is their corrosion resistance. These integral structures are water impregnable. Also, the absence of rivet and fastener hole eliminates the...REPCRT SECURITY CLASS,F,CAT ON lb RESTR;CTIVE MARK.NGSU",CLAS S I7 F 15E Za. SECURITY CLASSiFICAT;ON AUTHORITY 3 DISTRiBUTiQN/ AVAILABILIT ’ OF REPORT

Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Paulsen, Phillip E.

2004-01-01

The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and mitigation of potential equipment malfunctions. As an additional benefit, team advancements were incorporated into open standards, ensuring technology transfer. Low-cost, commercial products incorporating the new technology are already available. Furthermore, these products are fully interoperable with legacy network technology equipment currently being used throughout the world.

An open, interoperable, and scalable prehospital information technology network architecture.

PubMed

Landman, Adam B; Rokos, Ivan C; Burns, Kevin; Van Gelder, Carin M; Fisher, Roger M; Dunford, James V; Cone, David C; Bogucki, Sandy

2011-01-01

Some of the most intractable challenges in prehospital medicine include response time optimization, inefficiencies at the emergency medical services (EMS)-emergency department (ED) interface, and the ability to correlate field interventions with patient outcomes. Information technology (IT) can address these and other concerns by ensuring that system and patient information is received when and where it is needed, is fully integrated with prior and subsequent patient information, and is securely archived. Some EMS agencies have begun adopting information technologies, such as wireless transmission of 12-lead electrocardiograms, but few agencies have developed a comprehensive plan for management of their prehospital information and integration with other electronic medical records. This perspective article highlights the challenges and limitations of integrating IT elements without a strategic plan, and proposes an open, interoperable, and scalable prehospital information technology (PHIT) architecture. The two core components of this PHIT architecture are 1) routers with broadband network connectivity to share data between ambulance devices and EMS system information services and 2) an electronic patient care report to organize and archive all electronic prehospital data. To successfully implement this comprehensive PHIT architecture, data and technology requirements must be based on best available evidence, and the system must adhere to health data standards as well as privacy and security regulations. Recent federal legislation prioritizing health information technology may position federal agencies to help design and fund PHIT architectures.

Security technology: the shaping of research strategy--a holistic approach (Invited Paper)

NASA Astrophysics Data System (ADS)

Fisher, Neil

2005-05-01

Since the terrible events of 11 Sep 2001 the response to security vulnerabilities has been to throw "Guns, Gates and Guards" at the problem. Three years later and it is clear that, although this may have had a short-term effect, it is unsustainable and unaffordable in the long term. The war on terrorism is going to be fought for a very long time. Defending against terrorism and enhancing the resilience and robustness of society and its processes now requires constant vigilance. Only technology can provide that vigilance at an efficiency that can provide certainty of detection and fast response. A technology led approach, integrating with people and their processes calls for innovation and a new generation of technology that fuses the physical world with the logical world. This approach is measurable in terms of capability and investment, in the way that the previous Newtonian security approach of cause and effect is not. This paper will address this new security environment and the different approach that R&D has to take to ensure that life and Democracy thrive and terrorism is defeated.

Research on mobile electronic commerce security technology based on WPKI

NASA Astrophysics Data System (ADS)

Zhang, Bo

2013-07-01

Through the in-depth study on the existing mobile e-commerce and WAP protocols, this paper presents a security solution of e-commerce system based on WPKI, and describes its implementation process and specific implementation details. This solution uniformly distributes the key used by the various participating entities , to fully ensure the confidentiality, authentication, fairness and integrity of mobile e-commerce payments, therefore has some pract ical value for improving the security of e-commerce system.

Secure Data Aggregation with Fully Homomorphic Encryption in Large-Scale Wireless Sensor Networks.

PubMed

Li, Xing; Chen, Dexin; Li, Chunyan; Wang, Liangmin

2015-07-03

With the rapid development of wireless communication technology, sensor technology, information acquisition and processing technology, sensor networks will finally have a deep influence on all aspects of people's lives. The battery resources of sensor nodes should be managed efficiently in order to prolong network lifetime in large-scale wireless sensor networks (LWSNs). Data aggregation represents an important method to remove redundancy as well as unnecessary data transmission and hence cut down the energy used in communication. As sensor nodes are deployed in hostile environments, the security of the sensitive information such as confidentiality and integrity should be considered. This paper proposes Fully homomorphic Encryption based Secure data Aggregation (FESA) in LWSNs which can protect end-to-end data confidentiality and support arbitrary aggregation operations over encrypted data. In addition, by utilizing message authentication codes (MACs), this scheme can also verify data integrity during data aggregation and forwarding processes so that false data can be detected as early as possible. Although the FHE increase the computation overhead due to its large public key size, simulation results show that it is implementable in LWSNs and performs well. Compared with other protocols, the transmitted data and network overhead are reduced in our scheme.

Dealing with problem number one--budget cuts: can you do more with less?

PubMed

2001-09-01

To cope with current budget restraints and cutbacks, hospital security departments are increasingly integrating their manpower with technology in the form of access control, CCTV cameras, and alarm systems to supplement their services as well as becoming more dependent on computerized information technology systems and IT departments to track hospital activities and incidents. Security directors contacted for this report also emphasize that they are doing more with less by providing value-added services both to expand activities and to demonstrate the importance of their departments to top management.

Improving the security of international ISO container traffic by centralizing the archival of inspection results

NASA Astrophysics Data System (ADS)

Chalmers, Alex

2004-09-01

To increase the security and throughput of ISO traffic through international terminals more technology must be applied to the problem. A transnational central archive of inspection records is discussed that can be accessed by national agencies as ISO containers approach their borders. The intent is to improve the throughput and security of the cargo inspection process. A review of currently available digital media archiving technologies is presented and their possible application to the tracking of international ISO container shipments. Specific image formats employed by current x-ray inspection systems are discussed. Sample x-ray data from systems in use today are shown that could be entered into such a system. Data from other inspection technologies are shown to be easily integrated, as well as the creation of database records suitable for interfacing with other computer systems. Overall system performance requirements are discussed in terms of security, response time and capacity. Suggestions for pilot projects based on existing border inspection processes are made also.

Joint force protection advanced security system (JFPASS) "the future of force protection: integrate and automate"

NASA Astrophysics Data System (ADS)

Lama, Carlos E.; Fagan, Joe E.

2009-09-01

The United States Department of Defense (DoD) defines 'force protection' as "preventive measures taken to mitigate hostile actions against DoD personnel (to include family members), resources, facilities, and critical information." Advanced technologies enable significant improvements in automating and distributing situation awareness, optimizing operator time, and improving sustainability, which enhance protection and lower costs. The JFPASS Joint Capability Technology Demonstration (JCTD) demonstrates a force protection environment that combines physical security and Chemical, Biological, Radiological, Nuclear, and Explosive (CBRNE) defense through the application of integrated command and control and data fusion. The JFPASS JCTD provides a layered approach to force protection by integrating traditional sensors used in physical security, such as video cameras, battlefield surveillance radars, unmanned and unattended ground sensors. The optimization of human participation and automation of processes is achieved by employment of unmanned ground vehicles, along with remotely operated lethal and less-than-lethal weapon systems. These capabilities are integrated via a tailorable, user-defined common operational picture display through a data fusion engine operating in the background. The combined systems automate the screening of alarms, manage the information displays, and provide assessment and response measures. The data fusion engine links disparate sensors and systems, and applies tailored logic to focus the assessment of events. It enables timely responses by providing the user with automated and semi-automated decision support tools. The JFPASS JCTD uses standard communication/data exchange protocols, which allow the system to incorporate future sensor technologies or communication networks, while maintaining the ability to communicate with legacy or existing systems.

Software Assurance Curriculum Project Volume 2: Undergraduate Course Outlines

DTIC Science & Technology

2010-08-01

Contents Acknowledgments iii Abstract v 1 An Undergraduate Curriculum Focus on Software Assurance 1 2 Computer Science I 7 3 Computer Science II...confidence that can be integrated into traditional software development and acquisition process models . Thus, in addition to a technology focus...testing throughout the software development life cycle ( SDLC ) AP Security and complexity—system development challenges: security failures

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System

PubMed Central

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-01-01

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients’ personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack. PMID:29244776

An RFID-based luggage and passenger tracking system for airport security control applications

NASA Astrophysics Data System (ADS)

Vastianos, George E.; Kyriazanos, Dimitris M.; Kountouriotis, Vassilios I.; Thomopoulos, Stelios C. A.

2014-06-01

Market analysis studies of recent years have shown a steady and significant increase in the usage of RFID technology. Key factors for this growth were the decreased costs of passive RFIDs and their improved performance compared to the other identification technologies. Besides the benefits of RFID technologies into the supply chains, warehousing, traditional inventory and asset management applications, RFID has proven itself worth exploiting on experimental, as well as on commercial level in other sectors, such as healthcare, transport and security. In security sector, airport security is one of the biggest challenges. Airports are extremely busy public places and thus prime targets for terrorism, with aircraft, passengers, crew and airport infrastructure all subject to terrorist attacks. Inside this labyrinth of security challenges, the long range detection capability of the UHF passive RFID technology can be turned into a very important tracking tool that may outperform all the limitations of the barcode tracking inside the current airport security control chain. The Integrated Systems Lab of NCSR Demokritos has developed an RFID based Luggage and Passenger tracking system within the TASS (FP7-SEC-2010-241905) EU research project. This paper describes application scenarios of the system categorized according to the structured nature of the environment, the system architecture and presents evaluation results extracted from measurements with a group of different massive production GEN2 UHF RFID tags that are widely available in the world market.

Very large scale heterogeneous integration (VLSHI) and wafer-level vacuum packaging for infrared bolometer focal plane arrays

NASA Astrophysics Data System (ADS)

Forsberg, Fredrik; Roxhed, Niclas; Fischer, Andreas C.; Samel, Björn; Ericsson, Per; Hoivik, Nils; Lapadatu, Adriana; Bring, Martin; Kittilsland, Gjermund; Stemme, Göran; Niklaus, Frank

2013-09-01

Imaging in the long wavelength infrared (LWIR) range from 8 to 14 μm is an extremely useful tool for non-contact measurement and imaging of temperature in many industrial, automotive and security applications. However, the cost of the infrared (IR) imaging components has to be significantly reduced to make IR imaging a viable technology for many cost-sensitive applications. This paper demonstrates new and improved fabrication and packaging technologies for next-generation IR imaging detectors based on uncooled IR bolometer focal plane arrays. The proposed technologies include very large scale heterogeneous integration for combining high-performance, SiGe quantum-well bolometers with electronic integrated read-out circuits and CMOS compatible wafer-level vacuum packing. The fabrication and characterization of bolometers with a pitch of 25 μm × 25 μm that are arranged on read-out-wafers in arrays with 320 × 240 pixels are presented. The bolometers contain a multi-layer quantum well SiGe thermistor with a temperature coefficient of resistance of -3.0%/K. The proposed CMOS compatible wafer-level vacuum packaging technology uses Cu-Sn solid-liquid interdiffusion (SLID) bonding. The presented technologies are suitable for implementation in cost-efficient fabless business models with the potential to bring about the cost reduction needed to enable low-cost IR imaging products for industrial, security and automotive applications.

Newer Technologies for School Security. ERIC Digest Number 145.

ERIC Educational Resources Information Center

Schneider, Tod

This digest describes several technologies that can be used to control access to, and improve surveillance of, school grounds. Access can be controlled by using "smart" cards to control keyed entries. Many schools have problems with multiple copies of keys, and these card systems are integrated with computer software that allows for…

Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abbott, Shannon

In recent years, insider threat programs have become an important aspect of nuclear security, and nuclear security training courses. However, many nuclear security insider threat programs fail to address the insider threat attack and monitoring potential that exists on information technology (IT) systems. This failure is critical because of the importance of information technology and networks in today’s world. IT systems offer an opportunity to perpetrate dangerous insider attacks, but they also present an opportunity to monitor for them and prevent them. This paper suggests a number of best practices for monitoring and preventing insider attacks on IT systems, andmore » proposes the development of a new IT insider threat tabletop that can be used to help train nuclear security practitioners on how best to implement IT insider threat prevention best practices. The development of IT insider threat best practices and a practical tabletop exercise will allow nuclear security practitioners to improve nuclear security trainings as it integrates a critical part of insider threat prevention into the broader nuclear security system.« less

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

PubMed

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

PubMed Central

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

Security surveillance challenges and proven thermal imaging capabilities in real-world applications

NASA Astrophysics Data System (ADS)

Francisco, Glen L.; Roberts, Sharon

2004-09-01

Uncooled thermal imaging was first introduced to the public in early 1980's by Raytheon (legacy Texas Instruments Defense Segment Electronics Group) as a solution for military applications. Since the introduction of this technology, Raytheon has remained the leader in this market as well as introduced commercial versions of thermal imaging products specifically designed for security, law enforcement, fire fighting, automotive and industrial uses. Today, low cost thermal imaging for commercial use in security applications is a reality. Organizations of all types have begun to understand the advantages of using thermal imaging as a means to solve common surveillance problems where other popular technologies fall short. Thermal imaging has proven to be a successful solution for common security needs such as: ¸ vision at night where lighting is undesired and 24x7 surveillance is needed ¸ surveillance over waterways, lakes and ports where water and lighting options are impractical ¸ surveillance through challenging weather conditions where other technologies will be challenged by atmospheric particulates ¸ low maintenance requirements due to remote or difficult locations ¸ low cost over life of product Thermal imaging is now a common addition to the integrated security package. Companies are relying on thermal imaging for specific applications where no other technology can perform.

The Role of Healthcare Technology Management in Facilitating Medical Device Cybersecurity.

PubMed

Busdicker, Mike; Upendra, Priyanka

2017-09-02

This article discusses the role of healthcare technology management (HTM) in medical device cybersecurity and outlines concepts that are applicable to HTM professionals at a healthcare delivery organization or at an integrated delivery network, regardless of size. It provides direction for HTM professionals who are unfamiliar with the security aspects of managing healthcare technologies but are familiar with standards from The Joint Commission (TJC). It provides a useful set of recommendations, including relevant references for incorporating good security practices into HTM practice. Recommendations for policies, procedures, and processes referencing TJC standards are easily applicable to HTM departments with limited resources and to those with no resource concerns. The authors outline processes from their organization as well as best practices learned through information sharing at AAMI, National Health Information Sharing and Analysis Center (NH-ISAC), and Medical Device Innovation, Safety, and Security Consortium (MDISS) conferences and workshops.

Network and data security design for telemedicine applications.

PubMed

Makris, L; Argiriou, N; Strintzis, M G

1997-01-01

The maturing of telecommunication technologies has ushered in a whole new era of applications and services in the health care environment. Teleworking, teleconsultation, mutlimedia conferencing and medical data distribution are rapidly becoming commonplace in clinical practice. As a result, a set of problems arises, concerning data confidentiality and integrity. Public computer networks, such as the emerging ISDN technology, are vulnerable to eavesdropping. Therefore it is important for telemedicine applications to employ end-to-end encryption mechanisms securing the data channel from unauthorized access of modification. We propose a network access and encryption system that is both economical and easily implemented for integration in developing or existing applications, using well-known and thoroughly tested encryption algorithms. Public-key cryptography is used for session-key exchange, while symmetric algorithms are used for bulk encryption. Mechanisms for session-key generation and exchange are also provided.

RIPE integrity primitives, part 2 (RACE Integrity Primitives Evaluation)

NASA Astrophysics Data System (ADS)

Denboer, B.; Boly, J. P.; Bosselaers, A.; Brandt, J.; Chaum, D.; Damgaard, I.; Dichtl, M.; Fumy, W.; Vanderham, M.; Jansen, C. J. A.

1993-04-01

A manual intended for those seeking to secure information systems by applying modern cryptography is presented. It represents the successful attainment of goals by RIPE (RACE (Research and development of Advanced Communications technology in Europe) Integrity Primitives Evaluation). The recommended portfolio of integrity primitives, which is the main product of the project, forms the heart of the manual. By integrity, is meant the kinds of security that can be achieved through cryptography, apart from keeping messages secret. Thus included are ways to ensure that stored or communicated data is not illicitly modified, that parties exchanging messages are actually present, and that 'signed' electronic messages can be recognized as authentic by anyone. Of particular concern to the project were the high speed requirements of broadband communication. The project also aimed for completeness in its recommendations. As a result, the portfolio contains primitives, that is building blocks, that can meet most of today's perceived needs for integrity.

RIPE integrity primitives, part 1 (RACE Integrity Primitives Evaluation)

NASA Astrophysics Data System (ADS)

Denboer, B.; Boly, J. P.; Bosselaers, A.; Brandt, J.; Chaum, D.; Damgaard, I.; Dichtl, M.; Fumy, W.; Vanderham, M.; Jansen, C. J. A.

1993-04-01

A manual intended for those seeking to secure information systems by applying modern cryptography is presented. It represents the successful attainment of goals by RIPE (RACE (Research and development of Advanced Communication technology in Europe) Integrity Primitives Evaluation). The recommended portfolio of integrity primitives, which is the main product of the project, forms the heart of the manual. By integrity, is meant the kinds of security that can be achieved through cryptography, apart from keeping messages secret. Thus included are ways to ensure that stored or communicated data is not illicitly modified, that parties exchanging messages are actually present, and that 'signed' electronic messages can be recognized as authentic by anyone. Of particular concern to the project were the high speed requirements of broadband communication. The project also aimed for completeness in its recommendations. As a result, the portfolio contains primitives, that is building blocks, that can meet most of today's perceived needs for integrity.

Information security of Smart Factories

NASA Astrophysics Data System (ADS)

Iureva, R. A.; Andreev, Y. S.; Iuvshin, A. M.; Timko, A. S.

2018-05-01

In several years, technologies and systems based on the Internet of things (IoT) will be widely used in all smart factories. When processing a huge array of unstructured data, their filtration and adequate interpretation are a priority for enterprises. In this context, the correct representation of information in a user-friendly form acquires special importance, for which the market today presents advanced analytical platforms designed to collect, store and analyze data on technological processes and events in real time. The main idea of the paper is the statement of the information security problem in IoT and integrity of processed information.

Long-term energy security in a national scale using LEAP. Application to de-carbonization scenarios in Andorra

NASA Astrophysics Data System (ADS)

Travesset-Baro, Oriol; Jover, Eric; Rosas-Casals, Marti

2016-04-01

This paper analyses the long-term energy security in a national scale using Long-range Energy Alternatives Planning System (LEAP) modelling tool. It builds the LEAP Andorra model, which forecasts energy demand and supply for the Principality of Andorra by 2050. It has a general bottom-up structure, where energy demand is driven by the technological composition of the sectors of the economy. The technological model is combined with a top-down econometric model to take into account macroeconomic trends. The model presented in this paper provides an initial estimate of energy demand in Andorra segregated into all sectors (residential, transport, secondary, tertiary and public administration) and charts a baseline scenario based on historical trends. Additional scenarios representing different policy strategies are built to explore the country's potential energy savings and the feasibility to achieve the Intended Nationally Determined Contribution (INDC) submitted in April 2015 to UN. In this climatic agreement Andorra intends to reduce net greenhouse gas emissions (GHG) by 37% as compared to a business-as-usual scenario by 2030. In addition, current and future energy security is analysed in this paper under baseline and de-carbonization scenarios. Energy security issues are assessed in LEAP with an integrated vision, going beyond the classic perspective of security of supply, and being closer to the sustainability's integrative vision. Results of scenarios show the benefits of climate policies in terms of national energy security and the difficulties for Andorra to achieving the de-carbonization target by 2030.

Public key infrastructure for DOE security research

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aiken, R.; Foster, I.; Johnston, W.E.

This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-keymore » infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.« less

Design of Xen Hybrid Multiple Police Model

NASA Astrophysics Data System (ADS)

Sun, Lei; Lin, Renhao; Zhu, Xianwei

2017-10-01

Virtualization Technology has attracted more and more attention. As a popular open-source virtualization tools, XEN is used more and more frequently. Xsm, XEN security model, has also been widespread concern. The safety status classification has not been established in the XSM, and it uses the virtual machine as a managed object to make Dom0 a unique administrative domain that does not meet the minimum privilege. According to these questions, we design a Hybrid multiple police model named SV_HMPMD that organically integrates multiple single security policy models include DTE,RBAC,BLP. It can fullfill the requirement of confidentiality and integrity for security model and use different particle size to different domain. In order to improve BLP’s practicability, the model introduce multi-level security labels. In order to divide the privilege in detail, we combine DTE with RBAC. In order to oversize privilege, we limit the privilege of domain0.

A review of integration strategies for solid oxide fuel cells

NASA Astrophysics Data System (ADS)

Zhang, Xiongwen; Chan, S. H.; Li, Guojun; Ho, H. K.; Li, Jun; Feng, Zhenping

Due to increasing oil and gas demand, the depletion of fossil resources, serious global warming, efficient energy systems and new energy conversion processes are urgently needed. Fuel cells and hybrid systems have emerged as advanced thermodynamic systems with great promise in achieving high energy/power efficiency with reduced environmental loads. In particular, due to the synergistic effect of using integrated solid oxide fuel cell (SOFC) and classical thermodynamic cycle technologies, the efficiency of the integrated system can be significantly improved. This paper reviews different concepts/strategies for SOFC-based integration systems, which are timely transformational energy-related technologies available to overcome the threats posed by climate change and energy security.

Long-Term Preservation and Advanced Access Services to Archived Data: The Approach of a System Integrator

NASA Astrophysics Data System (ADS)

Petitjean, Gilles; de Hauteclocque, Bertrand

2004-06-01

EADS Defence and Security Systems (EADS DS SA) have developed an expertise as integrator of archive management systems for both their commercial and defence customers (ESA, CNES, EC, EUMETSAT, French MOD, US DOD, etc.), especially in Earth Observation and in Meteorology fields.The concern of valuable data owners is both their long-term preservation but also the integration of the archive in their information system with in particular an efficient access to archived data for their user community. The system integrator answers to this requirement by a methodology combining understanding of user needs, exhaustive knowledge of the existing solutions both for hardware and software elements and development and integration ability. The system integrator completes the facility development by support activities.The long-term preservation of archived data obviously involves a pertinent selection of storage media and archive library. This selection relies on storage technology survey but the selection criteria depend on the analysis of the user needs. The system integrator will recommend the best compromise for implementing an archive management facility, thanks to its knowledge and its independence of storage market and through the analysis of the user requirements. He will provide a solution, which is able to evolve to take advantage of the storage technology progress.But preserving the data for long-term is not only a question of storage technology. Some functions are required to secure the archive management system against contingency situation: multiple data set copies using operational procedures, active quality control of the archived data, migration policy optimising the cost of ownership.

Secure data aggregation in heterogeneous and disparate networks using stand off server architecture

NASA Astrophysics Data System (ADS)

Vimalathithan, S.; Sudarsan, S. D.; Seker, R.; Lenin, R. B.; Ramaswamy, S.

2009-04-01

The emerging global reach of technology presents myriad challenges and intricacies as Information Technology teams aim to provide anywhere, anytime and anyone access, for service providers and customers alike. The world is fraught with stifling inequalities, both from an economic as well as socio-political perspective. The net result has been large capability gaps between various organizational locations that need to work together, which has raised new challenges for information security teams. Similar issues arise, when mergers and acquisitions among and between organizations take place. While integrating remote business locations with mainstream operations, one or more of the issues including the lack of application level support, computational capabilities, communication limitations, and legal requirements cause a serious impediment thereby complicating integration while not violating the organizations' security requirements. Often resorted techniques like IPSec, tunneling, secure socket layer, etc. may not be always techno-economically feasible. This paper addresses such security issues by introducing an intermediate server between corporate central server and remote sites, called stand-off-server. We present techniques such as break-before-make connection, break connection after transfer, multiple virtual machine instances with different operating systems using the concept of a stand-off-server. Our experiments show that the proposed solution provides sufficient isolation for the central server/site from attacks arising out of weak communication and/or computing links and is simple to implement.

After globalization future security in a technology rich world

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gilmartin, T J

Over the course of the year 2000, five one-day workshops were conducted by the Center for Global Security Research at the Lawrence Livermore National Laboratory on threats that might come against the US and its allies in the 2015 to 2020 timeframe due to the global availability of advanced technology. These workshops focused on threats that are enabled by nuclear, missile, and space technology; military technology; information technology; bio technology; and geo systems technology. In December, an Integration Workshop and Senior Review before national leaders and experts were held. The participants and reviewers were invited from the DOE National Laboratories,more » the DOD Services, OSD, DTRA, and DARPA, the DOS, NASA, Congressional technical staff, the intelligence community, universities and university study centers, think tanks, consultants on national security issues, and private industry. For each workshop the process of analysis involved identification and prioritization of the participants' perceived most severe threat scenarios (worst nightmares), discussion of the technologies which enabled those threats, and ranking of the technologies' threat potentials. We were not concerned in this exercise with defining responses, although our assessment of each threat's severity included consideration of the ease or difficulty with which it might be countered. At the concluding Integration Workshop and Senior Panel Review, we brought the various workshops' participants together, added senior participant/reviewers with broad experience and responsibility, and discussed the workshop findings to determine what is most certain, and uncertain, and what might be needed to resolve our uncertainties. This document reports the consensus and important variations of both the reviewers and the participants. In all, 45 threats over a wide range of lethality and probability of occurrence were identified. Over 60 enabling technologies were also discussed. These are each described in greater detail in the following pages, after overarching considerations are discussed. Here we present the major conclusions of this project, which each include consideration of several threats and their enabling technologies.« less

Secure method for biometric-based recognition with integrated cryptographic functions.

PubMed

Chiou, Shin-Yan

2013-01-01

Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied.

Secure Data Aggregation with Fully Homomorphic Encryption in Large-Scale Wireless Sensor Networks

PubMed Central

Li, Xing; Chen, Dexin; Li, Chunyan; Wang, Liangmin

2015-01-01

With the rapid development of wireless communication technology, sensor technology, information acquisition and processing technology, sensor networks will finally have a deep influence on all aspects of people’s lives. The battery resources of sensor nodes should be managed efficiently in order to prolong network lifetime in large-scale wireless sensor networks (LWSNs). Data aggregation represents an important method to remove redundancy as well as unnecessary data transmission and hence cut down the energy used in communication. As sensor nodes are deployed in hostile environments, the security of the sensitive information such as confidentiality and integrity should be considered. This paper proposes Fully homomorphic Encryption based Secure data Aggregation (FESA) in LWSNs which can protect end-to-end data confidentiality and support arbitrary aggregation operations over encrypted data. In addition, by utilizing message authentication codes (MACs), this scheme can also verify data integrity during data aggregation and forwarding processes so that false data can be detected as early as possible. Although the FHE increase the computation overhead due to its large public key size, simulation results show that it is implementable in LWSNs and performs well. Compared with other protocols, the transmitted data and network overhead are reduced in our scheme. PMID:26151208

Aviation Security: A Case for Risk-Based Passenger Screening

DTIC Science & Technology

2011-12-01

5 3. Threat Uncertainty ..............................................................................7 4. Increased Risk and Cost ...Airport Checkpoints .....................................131 ix 2. Technology Integration and Implementation Costs .....................131 3...Background Investigations and Sustaining Program Costs ........133 D. AREAS FOR FUTURE RESEARCH

Kentucky commercial vehicle safety applications evaluation : technical report.

DOT National Transportation Integrated Search

2008-01-31

An advanced-technology Integrated Safety and Security Enforcement System (ISSES), now deployed at three commercial vehicle inspection sites along interstate highways in Kentucky, was evaluated from the point of view of system performance, potential e...

Tecnologias mas nuevas para la seguridad escolar (Newer Technologies for School Security). ERIC Digest.

ERIC Educational Resources Information Center

Schneider, Tod

This digest in Spanish describes several technologies that can be used to control access to, and improve surveillance of, school grounds. Access can be controlled by using "smart" cards to control keyed entries. Many schools have problems with multiple copies of keys, and these card systems are integrated with computer software that…

Emerging Technologies for Software-Reliant Systems

DTIC Science & Technology

2011-02-24

needs • Loose coupling • Global distribution of hardware, software and people • Horizontal integration and convergence • Virtualization...Webinar– February 2011 © 2011 Carnegie Mellon University Global Distribution of Hardware, Software and People Globalization is an essential part of...University Required Software Engineering Emphasis Due to Emerging Technologies (2) Defensive Programming • Security • Auto-adaptation • Globalization

Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.

PubMed

Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F

2018-06-05

Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

The appropriate and effective use of security technologies in U.S. schools : a guide for schools and law enforcement agencies.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Green, Mary Wilson

The purpose of this report is to provide school administrators with the ability to determine their security system requirements, so they can make informed decisions when working with vendors and others to improve their security posture. This is accomplished by (1) explaining a systems-based approach to defining the objectives and needs of the system, and (2), providing information on the ability of common components (sensors, cameras, metal detectors, etc) to achieve those objectives, in an effectively integrated system.

The ISACA Business Model for Information Security: An Integrative and Innovative Approach

NASA Astrophysics Data System (ADS)

von Roessing, Rolf

In recent years, information security management has matured into a professional discipline that covers both technical and managerial aspects in an organisational environment. Information security is increasingly dependent on business-driven parameters and interfaces to a variety of organisational units and departments. In contrast, common security models and frameworks have remained largely technical. A review of extant models ranging from [LaBe73] to more recent models shows that technical aspects are covered in great detail, while the managerial aspects of security are often neglected.Likewise, the business view on organisational security is frequently at odds with the demands of information security personnel or information technology management. In practice, senior and executive level management remain comparatively distant from technical requirements. As a result, information security is generally regarded as a cost factor rather than a benefit to the organisation.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Forslund, D.W.; Cook, J.L.

One of the most powerful tools available for telemedicine is a multimedia medical record accessible over a wide area and simultaneously editable by multiple physicians. The ability to do this through an intuitive interface linking multiple distributed data repositories while maintaining full data integrity is a fundamental enabling technology in healthcare. The authors discuss the role of distributed object technology using Java and CORBA in providing this capability including an example of such a system (TeleMed) which can be accessed through the World Wide Web. Issues of security, scalability, data integrity, and usability are emphasized.

The role of CORBA in enabling telemedicine

DOE Office of Scientific and Technical Information (OSTI.GOV)

Forslund, D.W.

1997-07-01

One of the most powerful tools available for telemedicine is a multimedia medical record accessible over a wide area and simultaneously editable by multiple physicians. The ability to do this through an intuitive interface linking multiple distributed data repositories while maintaining full data integrity is a fundamental enabling technology in healthcare. The author discusses the role of distributed object technology using CORBA in providing this capability including an example of such a system (TeleMed) which can be accessed through the World Wide Web. Issues of security, scalability, data integrity, and useability are emphasized.

Gait recognition based on integral outline

NASA Astrophysics Data System (ADS)

Ming, Guan; Fang, Lv

2017-02-01

Biometric identification technology replaces traditional security technology, which has become a trend, and gait recognition also has become a hot spot of research because its feature is difficult to imitate and theft. This paper presents a gait recognition system based on integral outline of human body. The system has three important aspects: the preprocessing of gait image, feature extraction and classification. Finally, using a method of polling to evaluate the performance of the system, and summarizing the problems existing in the gait recognition and the direction of development in the future.

A Community-Based Approach to Leading the Nation in Smart Energy Use

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

2013-12-31

Project Objectives The AEP Ohio gridSMART® Demonstration Project (Project) achieved the following objectives: • Built a secure, interoperable, and integrated smart grid infrastructure in northeast central Ohio that demonstrated the ability to maximize distribution system efficiency and reliability and consumer use of demand response programs that reduced energy consumption, peak demand, and fossil fuel emissions. • Actively attracted, educated, enlisted, and retained consumers in innovative business models that provided tools and information reducing consumption and peak demand. • Provided the U.S. Department of Energy (DOE) information to evaluate technologies and preferred smart grid business models to be extended nationally. Projectmore » Description Ohio Power Company (the surviving company of a merger with Columbus Southern Power Company), doing business as AEP Ohio (AEP Ohio), took a community-based approach and incorporated a full suite of advanced smart grid technologies for 110,000 consumers in an area selected for its concentration and diversity of distribution infrastructure and consumers. It was organized and aligned around: • Technology, implementation, and operations • Consumer and stakeholder acceptance • Data management and benefit assessment Combined, these functional areas served as the foundation of the Project to integrate commercially available products, innovative technologies, and new consumer products and services within a secure two-way communication network between the utility and consumers. The Project included Advanced Metering Infrastructure (AMI), Distribution Management System (DMS), Distribution Automation Circuit Reconfiguration (DACR), Volt VAR Optimization (VVO), and Consumer Programs (CP). These technologies were combined with two-way consumer communication and information sharing, demand response, dynamic pricing, and consumer products, such as plug-in electric vehicles and smart appliances. In addition, the Project incorporated comprehensive cyber security capabilities, interoperability, and a data assessment that, with grid simulation capabilities, made the demonstration results an adaptable, integrated solution for AEP Ohio and the nation.« less

Research on application information system integration platform in medicine manufacturing enterprise.

PubMed

Deng, Wu; Zhao, Huimin; Zou, Li; Li, Yuanyuan; Li, Zhengguang

2012-08-01

Computer and information technology popularizes in the medicine manufacturing enterprise for its potentials in working efficiency and service quality. In allusion to the explosive data and information of application system in current medicine manufacturing enterprise, we desire to propose a novel application information system integration platform in medicine manufacturing enterprise, which based on a combination of RFID technology and SOA, to implement information sharing and alternation. This method exploits the application integration platform across service interface layer to invoke the RFID middleware. The loose coupling in integration solution is realized by Web services. The key techniques in RFID event components and expanded role-based security access mechanism are studied in detail. Finally, a case study is implemented and tested to evidence our understanding on application system integration platform in medicine manufacturing enterprise.

Material Protection, Accounting, and Control Technologies (MPACT) Advanced Integration Roadmap

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miller, Mike; Cipiti, Ben; Demuth, Scott Francis

2017-01-30

The development of sustainable advanced nuclear fuel cycles is a long-term goal of the Office of Nuclear Energy’s (DOE-NE) Fuel Cycle Technologies program. The Material Protection, Accounting, and Control Technologies (MPACT) campaign is supporting research and development (R&D) of advanced instrumentation, analysis tools, and integration methodologies to meet this goal (Miller, 2015). This advanced R&D is intended to facilitate safeguards and security by design of fuel cycle facilities. The lab-scale demonstration of a virtual facility, distributed test bed, that connects the individual tools being developed at National Laboratories and university research establishments, is a key program milestone for 2020. Thesemore » tools will consist of instrumentation and devices as well as computer software for modeling, simulation and integration.« less

Material Protection, Accounting, and Control Technologies (MPACT) Advanced Integration Roadmap

DOE Office of Scientific and Technical Information (OSTI.GOV)

Durkee, Joe W.; Cipiti, Ben; Demuth, Scott Francis

The development of sustainable advanced nuclear fuel cycles is a long-term goal of the Office of Nuclear Energy’s (DOE-NE) Fuel Cycle Technologies program. The Material Protection, Accounting, and Control Technologies (MPACT) campaign is supporting research and development (R&D) of advanced instrumentation, analysis tools, and integration methodologies to meet this goal (Miller, 2015). This advanced R&D is intended to facilitate safeguards and security by design of fuel cycle facilities. The lab-scale demonstration of a virtual facility, distributed test bed, that connects the individual tools being developed at National Laboratories and university research establishments, is a key program milestone for 2020. Thesemore » tools will consist of instrumentation and devices as well as computer software for modeling, simulation and integration.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Tsai, H. C.; Chen, K.; Liu, Y. Y.

The US Department of Energy (DOE) [Environmental Management (EM), Office of Packaging and Transportation (EM-45)] Packaging Certification Program (PCP) has developed a radiofrequency identification (RFID) tracking and monitoring system for the management of nuclear materials packages during storage and transportation. The system, developed by the PCP team at Argonne National Laboratory, involves hardware modification, application software development, secured database and web server development, and irradiation experiments. In April 2008, Argonne tested key features of the RFID tracking and monitoring system in a weeklong, 1700 mile (2736 km) demonstration employing 14 empty type B fissile material drums of three designs (modelsmore » 9975, 9977 and ES-3100) that have been certified for shipment by the DOE and the US Nuclear Regulatory Commission. The demonstration successfully integrated global positioning system (GPS) technology for vehicle tracking, satellite/cellular (general packet radio service, or GPRS) technologies for wireless communication, and active RFID tags with multiple sensors (seal integrity, shock, temperature, humidity and battery status) on drums. In addition, the demonstration integrated geographic information system (GIS) technology with automatic alarm notifications of incidents and generated buffer zone reports for emergency response and management of staged incidents. The demonstration was sponsored by EM and the US National Nuclear Security Administration, with the participation of Argonne, Savannah River and Oak Ridge National Laboratories. Over 50 authorised stakeholders across the country observed the demonstration via secured Internet access. The DOE PCP and national laboratories are working on several RFID system implementation projects at selected DOE sites, as well as continuing device and systems development and widening applications beyond DOE sites and possibly beyond nuclear materials to include other radioactive materials.« less

Integrating Information Assurance and Security into IT Education: A Look at the Model Curriculum and Emerging Practice

ERIC Educational Resources Information Center

Dark, Melissa Jane; Ekstrom, Joseph J.; Lunt, Barry M.

2006-01-01

In December 2001 a meeting of interested parties from fifteen four-year IT programs from the US along with representatives from IEEE, ACM, and ABET (CITC-1) began work on the formalization of Information Technology as an accredited academic discipline. The effort has evolved into SIGITE, the ACM SIG for Information Technology Education. During…

Spring 2006. Industry Study. Information Technology Industry

DTIC Science & Technology

2006-01-01

unclassified c . THIS PAGE unclassified Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18 i Information Technology 2006 ABSTRACT...integration of processors, coprocessors, memory, storage, etc. into a user-programmable final product. C . Software (Apple, Oracle): These firms...able to support the U.S. national security interests. C . Manufacturing: The personal computer manufacturing industry has also changed considerably

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

The Evolution of Middle Schools.

ERIC Educational Resources Information Center

George, Paul S.

2001-01-01

Over the past 30 years, Florida's 500 middle schools have become more sizeable, racially segregated, and security conscious. Other features include interdisciplinary team organization, warring curricula, block schedules, integrated technology, inclusion, ability grouping, corporate practices, and female and minority principals committed to…

New Advanced Technologies to Provide Decentralised and Secure Access to Medical Records: Case Studies in Oncology

PubMed Central

Quantin, Catherine; Coatrieux, Gouenou; Allaert, François André; Fassa, Maniane; Bourquard, Karima; Boire, Jean-Yves; de Vlieger, Paul; Maigne, Lydia; Breton, Vincent

2009-01-01

The main problem for health professionals and patients in accessing information is that this information is very often distributed over many medical records and locations. This problem is particularly acute in cancerology because patients may be treated for many years and undergo a variety of examinations. Recent advances in technology make it feasible to gain access to medical records anywhere and anytime, allowing the physician or the patient to gather information from an “ephemeral electronic patient record”. However, this easy access to data is accompanied by the requirement for improved security (confidentiality, traceability, integrity, ...) and this issue needs to be addressed. In this paper we propose and discuss a decentralised approach based on recent advances in information sharing and protection: Grid technologies and watermarking methodologies. The potential impact of these technologies for oncology is illustrated by the examples of two experimental cases: a cancer surveillance network and a radiotherapy treatment plan. It is expected that the proposed approach will constitute the basis of a future secure “google-like” access to medical records. PMID:19718446

The need for integration of drought monitoring tools for proactive food security management in sub-Saharan Africa

USGS Publications Warehouse

Tadesse, T.; Haile, M.; Senay, G.; Wardlow, B.D.; Knutson, C.L.

2008-01-01

Reducing the impact of drought and famine remains a challenge in sub-Saharan Africa despite ongoing drought relief assistance in recent decades. This is because drought and famine are primarily addressed through a crisis management approach when a disaster occurs, rather than stressing preparedness and risk management. Moreover, drought planning and food security efforts have been hampered by a lack of integrated drought monitoring tools, inadequate early warning systems (EWS), and insufficient information flow within and between levels of government in many sub-Saharan countries. The integration of existing drought monitoring tools for sub-Saharan Africa is essential for improving food security systems to reduce the impacts of drought and famine on society in this region. A proactive approach emphasizing integration requires the collective use of multiple tools, which can be used to detect trends in food availability and provide early indicators at local, national, and regional scales on the likely occurrence of food crises. In addition, improving the ability to monitor and disseminate critical drought-related information using available modern technologies (e.g., satellites, computers, and modern communication techniques) may help trigger timely and appropriate preventive responses and, ultimately, contribute to food security and sustainable development in sub-Saharan Africa. ?? 2008 United Nations.

Weird Project: E-Health Service Improvement Using WiMAX

NASA Astrophysics Data System (ADS)

Cimmino, Antonio; Casali, Fulvio; Mambretti, Cinzia

Today the major obstacle to massive deployment of telemedicine applications are the security issues related to the exchange of real time information between different elements that are not at fixed locations. WiMAX, the new standard for wireless communications, is one of the most promising technologies for broadband access in a fixed and mobile environment and it is expected to overcome the above mentioned obstacle. The FP6-WEIRD [1] (WiMax Extension to Isolated Remote Data networks) project has: analysed how this technology can guarantee secure real time data transmission between mobile elements, built some successful demonstrations and paved the way to future commercial applications. This paper in particular describes: main promising e-health applications that WiMax would enable; the technological highlights and the main challenges that WiMax has to face in e-health applications such as accounting, privacy, security, data integrity; the way in which the WEIRD project 0 has studied the wireless access to medical communities and equipment in remote or impervious areas. 0 0; some envisaged implementations.

Current Capabilities at SNL for the Integration of Small Modular Reactors onto Smart Microgrids Using Sandia's Smart Microgrid Technology High Performance Computing and Advanced Manufacturing.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rodriguez, Salvador B.

Smart grids are a crucial component for enabling the nation’s future energy needs, as part of a modernization effort led by the Department of Energy. Smart grids and smart microgrids are being considered in niche applications, and as part of a comprehensive energy strategy to help manage the nation’s growing energy demands, for critical infrastructures, military installations, small rural communities, and large populations with limited water supplies. As part of a far-reaching strategic initiative, Sandia National Laboratories (SNL) presents herein a unique, three-pronged approach to integrate small modular reactors (SMRs) into microgrids, with the goal of providing economically-competitive, reliable, andmore » secure energy to meet the nation’s needs. SNL’s triad methodology involves an innovative blend of smart microgrid technology, high performance computing (HPC), and advanced manufacturing (AM). In this report, Sandia’s current capabilities in those areas are summarized, as well as paths forward that will enable DOE to achieve its energy goals. In the area of smart grid/microgrid technology, Sandia’s current computational capabilities can model the entire grid, including temporal aspects and cyber security issues. Our tools include system development, integration, testing and evaluation, monitoring, and sustainment.« less

An Intrusion Detection System for the Protection of Railway Assets Using Fiber Bragg Grating Sensors

PubMed Central

Catalano, Angelo; Bruno, Francesco Antonio; Pisco, Marco; Cutolo, Antonello; Cusano, Andrea

2014-01-01

We demonstrate the ability of Fiber Bragg Gratings (FBGs) sensors to protect large areas from unauthorized activities in railway scenarios such as stations or tunnels. We report on the technological strategy adopted to protect a specific depot, representative of a common scenario for security applications in the railway environment. One of the concerns in the protection of a railway area centers on the presence of rail-tracks, which cannot be obstructed with physical barriers. We propose an integrated optical fiber system composed of FBG strain sensors that can detect human intrusion for protection of the perimeter combined with FBG accelerometer sensors for protection of rail-track access. Several trials were carried out in indoor and outdoor environments. The results demonstrate that FBG strain sensors bonded under a ribbed rubber mat enable the detection of intruder break-in via the pressure induced on the mat, whereas the FBG accelerometers installed under the rails enable the detection of intruders walking close to the railroad tracks via the acoustic surface waves generated by footsteps. Based on a single enabling technology, this integrated system represents a valuable intrusion detection system for railway security and could be integrated with other sensing functionalities in the railway field using fiber optic technology. PMID:25268920

STIDP: A US Department of Homeland Security program for countering explosives attacks at large public events and mass transit facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Knudson, Christa K.; Kemp, Michael C.; Lombardo, Nicholas J.

The Department of Homeland Security’s Standoff Technology Integration and Demonstration Program is designed to accelerate the development and integration of technologies, concepts of operations, and training to prevent explosives attacks at large public events and mass transit facilities. The program will address threats posed by suicide bombers, vehicle-borne improvised explosive devices, and leave-behind bombs. The program is focused on developing and testing explosives countermeasure architectures using commercial off-the-shelf and near-commercial standoff and remotely operated detection technologies in prototypic operational environments. An important part of the program is the integration of multiple technologies and systems to protect against a wider rangemore » of threats, improve countermeasure performance, increase the distance from the venue at which screening is conducted, and reduce staffing requirements. The program will routinely conduct tests in public venues involving successively more advanced technology, higher levels of system integration, and more complex scenarios. This paper describes the initial field test of an integrated countermeasure system that included infrared, millimeter-wave, and video analytics technologies for detecting person-borne improvised explosive devices at a public arena. The test results are being used to develop a concept for the next generation of integrated countermeasures, to refine technical and operational requirements for architectures and technologies, and engage industry and academia in solution development.« less

Watermarking protocols for authentication and ownership protection based on timestamps and holograms

NASA Astrophysics Data System (ADS)

Dittmann, Jana; Steinebach, Martin; Croce Ferri, Lucilla

2002-04-01

Digital watermarking has become an accepted technology for enabling multimedia protection schemes. One problem here is the security of these schemes. Without a suitable framework, watermarks can be replaced and manipulated. We discuss different protocols providing security against rightful ownership attacks and other fraud attempts. We compare the characteristics of existing protocols for different media like direct embedding or seed based and required attributes of the watermarking technology like robustness or payload. We introduce two new media independent protocol schemes for rightful ownership authentication. With the first scheme we ensure security of digital watermarks used for ownership protection with a combination of two watermarks: first watermark of the copyright holder and a second watermark from a Trusted Third Party (TTP). It is based on hologram embedding and the watermark consists of e.g. a company logo. As an example we use digital images and specify the properties of the embedded additional security information. We identify components necessary for the security protocol like timestamp, PKI and cryptographic algorithms. The second scheme is used for authentication. It is designed for invertible watermarking applications which require high data integrity. We combine digital signature schemes and digital watermarking to provide a public verifiable integrity. The original data can only be reproduced with a secret key. Both approaches provide solutions for copyright and authentication watermarking and are introduced for image data but can be easily adopted for video and audio data as well.

A Fast lattice-based polynomial digital signature system for m-commerce

NASA Astrophysics Data System (ADS)

Wei, Xinzhou; Leung, Lin; Anshel, Michael

2003-01-01

The privacy and data integrity are not guaranteed in current wireless communications due to the security hole inside the Wireless Application Protocol (WAP) version 1.2 gateway. One of the remedies is to provide an end-to-end security in m-commerce by applying application level security on top of current WAP1.2. The traditional security technologies like RSA and ECC applied on enterprise's server are not practical for wireless devices because wireless devices have relatively weak computation power and limited memory compared with server. In this paper, we developed a lattice based polynomial digital signature system based on NTRU's Polynomial Authentication and Signature Scheme (PASS), which enabled the feasibility of applying high-level security on both server and wireless device sides.

Secure Method for Biometric-Based Recognition with Integrated Cryptographic Functions

PubMed Central

Chiou, Shin-Yan

2013-01-01

Biometric systems refer to biometric technologies which can be used to achieve authentication. Unlike cryptography-based technologies, the ratio for certification in biometric systems needs not to achieve 100% accuracy. However, biometric data can only be directly compared through proximal access to the scanning device and cannot be combined with cryptographic techniques. Moreover, repeated use, improper storage, or transmission leaks may compromise security. Prior studies have attempted to combine cryptography and biometrics, but these methods require the synchronization of internal systems and are vulnerable to power analysis attacks, fault-based cryptanalysis, and replay attacks. This paper presents a new secure cryptographic authentication method using biometric features. The proposed system combines the advantages of biometric identification and cryptographic techniques. By adding a subsystem to existing biometric recognition systems, we can simultaneously achieve the security of cryptographic technology and the error tolerance of biometric recognition. This method can be used for biometric data encryption, signatures, and other types of cryptographic computation. The method offers a high degree of security with protection against power analysis attacks, fault-based cryptanalysis, and replay attacks. Moreover, it can be used to improve the confidentiality of biological data storage and biodata identification processes. Remote biometric authentication can also be safely applied. PMID:23762851

On the security of consumer wearable devices in the Internet of Things.

PubMed

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

On the security of consumer wearable devices in the Internet of Things

PubMed Central

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands. PMID:29668756

Network Speech Systems Technology Program

NASA Astrophysics Data System (ADS)

Weinstein, C. J.

1980-09-01

This report documents work performed during FY 1980 on the DCA-sponsored Network Speech Systems Technology Program. The areas of work reported are: (1) communication systems studies in Demand-Assignment Multiple Access (DAMA), voice/data integration, and adaptive routing, in support of the evolving Defense Communications System (DCS) and Defense Switched Network (DSN); (2) a satellite/terrestrial integration design study including the functional design of voice and data interfaces to interconnect terrestrial and satellite network subsystems; and (3) voice-conferencing efforts dealing with support of the Secure Voice and Graphics Conferencing (SVGC) Test and Evaluation Program. Progress in definition and planning of experiments for the Experimental Integrated Switched Network (EISN) is detailed separately in an FY 80 Experiment Plan Supplement.

Report Central: quality reporting tool in an electronic health record.

PubMed

Jung, Eunice; Li, Qi; Mangalampalli, Anil; Greim, Julie; Eskin, Michael S; Housman, Dan; Isikoff, Jeremy; Abend, Aaron H; Middleton, Blackford; Einbinder, Jonathan S

2006-01-01

Quality reporting tools, integrated with ambulatory electronic health records, can help clinicians and administrators understand performance, manage populations, and improve quality. Report Central is a secure web report delivery tool built on Crystal Reports XItrade mark and ASP.NET technologies. Pilot evaluation of Report Central indicates that clinicians prefer a quality reporting tool that is integrated with our home-grown EHR to support clinical workflow.

"The More We Can Try to Open Them Up, the Better It Will Be for Their Integration": Integration and the Coercive Assimilation of Muslim Youth

ERIC Educational Resources Information Center

Jaffe-Walter, Reva

2017-01-01

Capitalizing on national anxieties, right wing populist leaders promise to enforce national borders with new constellations of policies that regulate and exclude Muslim bodies. Using the theoretical tool of "technologies of concern" (Jaffe-Walter, 2016), this essay critiques how state security discourses operate through public schools.…

Globus | Informatics Technology for Cancer Research (ITCR)

Cancer.gov

Globus software services provide secure cancer research data transfer, synchronization, and sharing in distributed environments at large scale. These services can be integrated into applications and research data gateways, leveraging Globus identity management, single sign-on, search, and authorization capabilities. Globus Genomics integrates Globus with the Galaxy genomics workflow engine and Amazon Web Services to enable cancer genomics analysis that can elastically scale compute resources with demand.

Digital watermarking in telemedicine applications--towards enhanced data security and accessibility.

PubMed

Giakoumaki, Aggeliki L; Perakis, Konstantinos; Tagaris, Anastassios; Koutsouris, Dimitris

2006-01-01

Implementing telemedical solutions has become a trend amongst the various research teams at an international level. Yet, contemporary information access and distribution technologies raise critical issues that urgently need to be addressed, especially those related to security. The paper suggests the use of watermarking in telemedical applications in order to enhance security of the transmitted sensitive medical data, familiarizes the users with a telemedical system and a watermarking module that have already been developed, and proposes an architecture that will enable the integration of the two systems, taking into account a variety of use cases and application scenarios.

A computer science approach to managing security in health care.

PubMed

Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

2002-09-01

The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

Private quantum computation: an introduction to blind quantum computing and related protocols

NASA Astrophysics Data System (ADS)

Fitzsimons, Joseph F.

2017-06-01

Quantum technologies hold the promise of not only faster algorithmic processing of data, via quantum computation, but also of more secure communications, in the form of quantum cryptography. In recent years, a number of protocols have emerged which seek to marry these concepts for the purpose of securing computation rather than communication. These protocols address the task of securely delegating quantum computation to an untrusted device while maintaining the privacy, and in some instances the integrity, of the computation. We present a review of the progress to date in this emerging area.

Plant genetics, sustainable agriculture and global food security.

PubMed

Ronald, Pamela

2011-05-01

The United States and the world face serious societal challenges in the areas of food, environment, energy, and health. Historically, advances in plant genetics have provided new knowledge and technologies needed to address these challenges. Plant genetics remains a key component of global food security, peace, and prosperity for the foreseeable future. Millions of lives depend upon the extent to which crop genetic improvement can keep pace with the growing global population, changing climate, and shrinking environmental resources. While there is still much to be learned about the biology of plant-environment interactions, the fundamental technologies of plant genetic improvement, including crop genetic engineering, are in place, and are expected to play crucial roles in meeting the chronic demands of global food security. However, genetically improved seed is only part of the solution. Such seed must be integrated into ecologically based farming systems and evaluated in light of their environmental, economic, and social impacts-the three pillars of sustainable agriculture. In this review, I describe some lessons learned, over the last decade, of how genetically engineered crops have been integrated into agricultural practices around the world and discuss their current and future contribution to sustainable agricultural systems.

A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

PubMed

Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

2011-10-01

In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

Security and Policy for Group Collaboration

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ian Foster; Carl Kesselman

2006-07-31

“Security and Policy for Group Collaboration” was a Collaboratory Middleware research project aimed at providing the fundamental security and policy infrastructure required to support the creation and operation of distributed, computationally enabled collaborations. The project developed infrastructure that exploits innovative new techniques to address challenging issues of scale, dynamics, distribution, and role. To reduce greatly the cost of adding new members to a collaboration, we developed and evaluated new techniques for creating and managing credentials based on public key certificates, including support for online certificate generation, online certificate repositories, and support for multiple certificate authorities. To facilitate the integration ofmore » new resources into a collaboration, we improved significantly the integration of local security environments. To make it easy to create and change the role and associated privileges of both resources and participants of collaboration, we developed community wide authorization services that provide distributed, scalable means for specifying policy. These services make it possible for the delegation of capability from the community to a specific user, class of user or resource. Finally, we instantiated our research results into a framework that makes it useable to a wide range of collaborative tools. The resulting mechanisms and software have been widely adopted within DOE projects and in many other scientific projects. The widespread adoption of our Globus Toolkit technology has provided, and continues to provide, a natural dissemination and technology transfer vehicle for our results.« less

Network Computing Infrastructure to Share Tools and Data in Global Nuclear Energy Partnership

NASA Astrophysics Data System (ADS)

Kim, Guehee; Suzuki, Yoshio; Teshima, Naoya

CCSE/JAEA (Center for Computational Science and e-Systems/Japan Atomic Energy Agency) integrated a prototype system of a network computing infrastructure for sharing tools and data to support the U.S. and Japan collaboration in GNEP (Global Nuclear Energy Partnership). We focused on three technical issues to apply our information process infrastructure, which are accessibility, security, and usability. In designing the prototype system, we integrated and improved both network and Web technologies. For the accessibility issue, we adopted SSL-VPN (Security Socket Layer-Virtual Private Network) technology for the access beyond firewalls. For the security issue, we developed an authentication gateway based on the PKI (Public Key Infrastructure) authentication mechanism to strengthen the security. Also, we set fine access control policy to shared tools and data and used shared key based encryption method to protect tools and data against leakage to third parties. For the usability issue, we chose Web browsers as user interface and developed Web application to provide functions to support sharing tools and data. By using WebDAV (Web-based Distributed Authoring and Versioning) function, users can manipulate shared tools and data through the Windows-like folder environment. We implemented the prototype system in Grid infrastructure for atomic energy research: AEGIS (Atomic Energy Grid Infrastructure) developed by CCSE/JAEA. The prototype system was applied for the trial use in the first period of GNEP.

Development of SPIES (Space Intelligent Eyeing System) for smart vehicle tracing and tracking

NASA Astrophysics Data System (ADS)

Abdullah, Suzanah; Ariffin Osoman, Muhammad; Guan Liyong, Chua; Zulfadhli Mohd Noor, Mohd; Mohamed, Ikhwan

2016-06-01

SPIES or Space-based Intelligent Eyeing System is an intelligent technology which can be utilized for various applications such as gathering spatial information of features on Earth, tracking system for the movement of an object, tracing system to trace the history information, monitoring driving behavior, security and alarm system as an observer in real time and many more. SPIES as will be developed and supplied modularly will encourage the usage based on needs and affordability of users. SPIES are a complete system with camera, GSM, GPS/GNSS and G-Sensor modules with intelligent function and capabilities. Mainly the camera is used to capture pictures and video and sometimes with audio of an event. Its usage is not limited to normal use for nostalgic purpose but can be used as a reference for security and material of evidence when an undesirable event such as crime occurs. When integrated with space based technology of the Global Navigational Satellite System (GNSS), photos and videos can be recorded together with positioning information. A product of the integration of these technologies when integrated with Information, Communication and Technology (ICT) and Geographic Information System (GIS) will produce innovation in the form of information gathering methods in still picture or video with positioning information that can be conveyed in real time via the web to display location on the map hence creating an intelligent eyeing system based on space technology. The importance of providing global positioning information is a challenge but overcome by SPIES even in areas without GNSS signal reception for the purpose of continuous tracking and tracing capability

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

AGU President's Message: Obama Administration's Commitment to Scientific Integrity

NASA Astrophysics Data System (ADS)

McPhaden, Michael J.

2011-01-01

In March 2009, President Barack Obama issued a memorandum on the subject of scientific integrity in which he stated emphatically, 'Science and the scientific process must inform and guide decisions of my Administration on a wide range of issues, including improvement of public health, protection of the environment, increased efficiency in the use of energy and other resources, mitigation of the threat of climate change, and protection of national security.” The president charged John Holdren, director of the Office of Science and Technology Policy (OSTP), with developing specific recommendations “for ensuring the highest level of integrity in all aspects of the executive branch's involvement with scientific and technological processes.” On Friday, 17 December, OSTP released federal department and agency guidelines for implementing the administration’s policies on scientific integrity.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Onyeji, Ijeoma; Bazilian, Morgan; Bronk, Chris

Both the number and security implications of sophisticated cyber attacks on companies providing critical energy infrastructures are increasing. As power networks and, to a certain extent, oil and gas infrastructure both upstream and downstream, are becoming increasingly integrated with information communication technology systems, they are growing more susceptible to cyber attacks.

47 CFR 213.1 - Background and purpose.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Telecommunication OFFICE OF SCIENCE AND TECHNOLOGY POLICY AND NATIONAL SECURITY COUNCIL GOVERNMENT AND PUBLIC... standards, procedures, policies, and regulations that together, constitute this single integrated precedence..., policies, and regulations which are within the cognizance of the NSC. No significance should be attached to...

47 CFR 213.1 - Background and purpose.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Telecommunication OFFICE OF SCIENCE AND TECHNOLOGY POLICY AND NATIONAL SECURITY COUNCIL GOVERNMENT AND PUBLIC... standards, procedures, policies, and regulations that together, constitute this single integrated precedence..., policies, and regulations which are within the cognizance of the NSC. No significance should be attached to...

47 CFR 213.1 - Background and purpose.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Telecommunication OFFICE OF SCIENCE AND TECHNOLOGY POLICY AND NATIONAL SECURITY COUNCIL GOVERNMENT AND PUBLIC... standards, procedures, policies, and regulations that together, constitute this single integrated precedence..., policies, and regulations which are within the cognizance of the NSC. No significance should be attached to...

47 CFR 213.1 - Background and purpose.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Telecommunication OFFICE OF SCIENCE AND TECHNOLOGY POLICY AND NATIONAL SECURITY COUNCIL GOVERNMENT AND PUBLIC... standards, procedures, policies, and regulations that together, constitute this single integrated precedence..., policies, and regulations which are within the cognizance of the NSC. No significance should be attached to...

47 CFR 213.1 - Background and purpose.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Telecommunication OFFICE OF SCIENCE AND TECHNOLOGY POLICY AND NATIONAL SECURITY COUNCIL GOVERNMENT AND PUBLIC... standards, procedures, policies, and regulations that together, constitute this single integrated precedence..., policies, and regulations which are within the cognizance of the NSC. No significance should be attached to...

Network Security via Biometric Recognition of Patterns of Gene Expression

NASA Technical Reports Server (NTRS)

Shaw, Harry C.

2016-01-01

Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

2015-01-01

NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hansen, Timothy M.; Kadavil, Rahul; Palmintier, Bryan

The 21st century electric power grid is transforming with an unprecedented increase in demand and increase in new technologies. In the United States Energy Independence and Security Act of 2007, Title XIII sets the tenets for modernizing the electricity grid through what is known as the 'Smart Grid Initiative.' This initiative calls for increased design, deployment, and integration of distributed energy resources, smart technologies and appliances, and advanced storage devices. The deployment of these new technologies requires rethinking and re-engineering the traditional boundaries between different electric power system domains.

mHealth data security: the need for HIPAA-compliant standardization.

PubMed

Luxton, David D; Kayl, Robert A; Mishkind, Matthew C

2012-05-01

The rise in the use of mobile devices, such as smartphones, tablet personal computers, and wireless medical devices, as well as the wireless networks that enable their use, has raised new concerns for data security and integrity. Standardized Health Insurance Portability and Accountability Act of 1996 (HIPAA)-compliant electronic data security that will allow ubiquitous use of mobile health technologies is needed. The lack of standardized data security to assure privacy, to allow interoperability, and to maximize the full capabilities of mobile devices presents a significant barrier to care. The purpose of this article is to provide an overview of the issue and to encourage discussion of this important topic. Current security needs, standards, limitations, and recommendations for how to address this barrier to care are discussed.

A secure EHR system based on hybrid clouds.

PubMed

Chen, Yu-Yi; Lu, Jun-Chao; Jan, Jinn-Ke

2012-10-01

Consequently, application services rendering remote medical services and electronic health record (EHR) have become a hot topic and stimulating increased interest in studying this subject in recent years. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. Sharing EHR information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. With the widespread use of EHR, building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructures for facilitating EHR sharing and EHR integration. In this paper, we propose an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.

The Survey on Near Field Communication.

PubMed

Coskun, Vedat; Ozdenizci, Busra; Ok, Kerem

2015-06-05

Near Field Communication (NFC) is an emerging short-range wireless communication technology that offers great and varied promise in services such as payment, ticketing, gaming, crowd sourcing, voting, navigation, and many others. NFC technology enables the integration of services from a wide range of applications into one single smartphone. NFC technology has emerged recently, and consequently not much academic data are available yet, although the number of academic research studies carried out in the past two years has already surpassed the total number of the prior works combined. This paper presents the concept of NFC technology in a holistic approach from different perspectives, including hardware improvement and optimization, communication essentials and standards, applications, secure elements, privacy and security, usability analysis, and ecosystem and business issues. Further research opportunities in terms of the academic and business points of view are also explored and discussed at the end of each section. This comprehensive survey will be a valuable guide for researchers and academicians, as well as for business in the NFC technology and ecosystem.

The Survey on Near Field Communication

PubMed Central

Coskun, Vedat; Ozdenizci, Busra; Ok, Kerem

2015-01-01

Near Field Communication (NFC) is an emerging short-range wireless communication technology that offers great and varied promise in services such as payment, ticketing, gaming, crowd sourcing, voting, navigation, and many others. NFC technology enables the integration of services from a wide range of applications into one single smartphone. NFC technology has emerged recently, and consequently not much academic data are available yet, although the number of academic research studies carried out in the past two years has already surpassed the total number of the prior works combined. This paper presents the concept of NFC technology in a holistic approach from different perspectives, including hardware improvement and optimization, communication essentials and standards, applications, secure elements, privacy and security, usability analysis, and ecosystem and business issues. Further research opportunities in terms of the academic and business points of view are also explored and discussed at the end of each section. This comprehensive survey will be a valuable guide for researchers and academicians, as well as for business in the NFC technology and ecosystem. PMID:26057043

Security Attacks and Solutions in Electronic Health (E-health) Systems.

PubMed

Zeadally, Sherali; Isaac, Jesús Téllez; Baig, Zubair

2016-12-01

For centuries, healthcare has been a basic service provided by many governments to their citizens. Over the past few decades, we have witnessed a significant transformation in the quality of healthcare services provided by healthcare organizations and professionals. Recent advances have led to the emergence of Electronic Health (E-health), largely made possible by the massive deployment and adoption of information and communication technologies (ICTs). However, cybercriminals and attackers are exploiting vulnerabilities associated primarily with ICTs, causing data breaches of patients' confidential digital health information records. Here, we review recent security attacks reported for E-healthcare and discuss the solutions proposed to mitigate them. We also identify security challenges that must be addressed by E-health system designers and implementers in the future, to respond to threats that could arise as E-health systems become integrated with technologies such as cloud computing, the Internet of Things, and smart cities.

Report Central: Quality Reporting Tool in an Electronic Health Record

PubMed Central

Jung, Eunice; Li, Qi; Mangalampalli, Anil; Greim, Julie; Eskin, Michael S.; Housman, Dan; Isikoff, Jeremy; Abend, Aaron H.; Middleton, Blackford; Einbinder, Jonathan S.

2006-01-01

Quality reporting tools, integrated with ambulatory electronic health records, can help clinicians and administrators understand performance, manage populations, and improve quality. Report Central is a secure web report delivery tool built on Crystal Reports XI™ and ASP.NET technologies. Pilot evaluation of Report Central indicates that clinicians prefer a quality reporting tool that is integrated with our home-grown EHR to support clinical workflow. PMID:17238590

Nanotechnology Propellant Health Monitoring Sensors; Success Through Multi-Stakeholder Interests

DTIC Science & Technology

2014-11-01

Passive AgeAlert sensors integrate well with passive (no battery!) RFID technology: • RFID reader provides rf energy to read tag providing tag...be added • Reader access to secure server means real time updates Propellant aging sensor Shock sensor Passive RFID tag RFID reader Polymer Aging...Aging Concepts, Inc., Distribution A: Approved for Public Release; Distribution Unlimited Integration of AgeAlert Sensors and Passive RFID 12

Integrated fingerprinting in secure digital cinema projection

NASA Astrophysics Data System (ADS)

Delannay, Damien; Delaigle, Jean-Francois; Macq, Benoit M. M.; Quisquater, Jean-Jacques; Mas Ribes, Joan M.; Boucqueau, Jean M.; Nivart, Jean-Francois

2001-12-01

This paper describes the functional model of a combined conditional access and fingerprinting copyright (-or projectionright) protection system in a digital cinema framework. In the cinema industry, a large part of early movie piracy comes from copies made in the theater itself with a camera. The evolution towards digital cinema broadcast enables watermark based fingerprinting protection systems. Besides an appropriate fingerprinting technology, a number of well defined security/cryptographic tools are integrated in order to guaranty the integrity of the whole system. The requirements are two-fold: On one side, we must ensure that the media content is only accessible at exhibition time (under specific authorization obtained after an ad-hoc film rental agreement) and contains the related exhibition fingerprint. At the other end, we must prove our ability to retrieve the fingerprint information from an illegal copy of the media.

MOD control center automated information systems security evolution

NASA Technical Reports Server (NTRS)

Owen, Rich

1991-01-01

The role of the technology infusion process in future Control Center Automated Information Systems (AIS) is highlighted. The following subject areas are presented in the form of the viewgraphs: goals, background, threat, MOD's AISS program, TQM, SDLC integration, payback, future challenges, and bottom line.

3S (Safeguards, Security, Safety) based pyroprocessing facility safety evaluation plan

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ku, J.H.; Choung, W.M.; You, G.S.

The big advantage of pyroprocessing for the management of spent fuels against the conventional reprocessing technologies lies in its proliferation resistance since the pure plutonium cannot be separated from the spent fuel. The extracted materials can be directly used as metal fuel in a fast reactor, and pyroprocessing reduces drastically the volume and heat load of the spent fuel. KAERI has implemented the SBD (Safeguards-By-Design) concept in nuclear fuel cycle facilities. The goal of SBD is to integrate international safeguards into the entire facility design process since the very beginning of the design phase. This paper presents a safety evaluationmore » plan using a conceptual design of a reference pyroprocessing facility, in which 3S (Safeguards, Security, Safety)-By-Design (3SBD) concept is integrated from early conceptual design phase. The purpose of this paper is to establish an advanced pyroprocessing hot cell facility design concept based on 3SBD for the successful realization of pyroprocessing technology with enhanced safety and proliferation resistance.« less

Data Management Working Group report

NASA Technical Reports Server (NTRS)

Filardo, Edward J.; Smith, David B.

1986-01-01

The current flight qualification program lags technology insertion by 6 to 10 years. The objective is to develop an integrated software engineering and development environment assisted by an expert system technology. An operating system needs to be developed which is portable to the on-board computers of the year 2000. The use of ADA verses a High-Order Language; fault tolerance; fiber optics networks; communication protocols; and security are also examined and outlined.

Technologies for Networked Enabled Operations

NASA Technical Reports Server (NTRS)

Glass, B.; Levine, J.

2005-01-01

Current point-to-point data links will not scale to support future integration of surveillance, security, and globally-distributed air traffic data, and already hinders efficiency and capacity. While the FAA and industry focus on a transition to initial system-wide information management (SWIM) capabilities, this paper describes a set of initial studies of NAS network-enabled operations technology gaps targeted for maturity in later SWIM spirals (201 5-2020 timeframe).

[No exchange of information without technology : modern infrastructure in radiology].

PubMed

Hupperts, H; Hermann, K-G A

2014-01-01

Modern radiology cannot accomplish the daily numbers of examinations without supportive technology. Even though technology seems to be becoming increasingly more indispensable, business continuity should be ensured at any time and if necessary even with a limited technical infrastructure by business continuity management. An efficient information security management system forms the basis. The early radiology information systems were islands of information processing. A modern radiology department must be able to be modularly integrated into an informational network of a bigger organization. The secondary use of stored data for clinical decision-making support poses new challenges for the integrity of the data or systems because medical knowledge is displayed and provided in a context of treatment. In terms of imaging the creation and distribution radiology services work in a fully digital manner which is often different for radiology reports. Legally secure electronic diagnostic reports require a complex technical infrastructure; therefore, diagnostic findings still need to be filed as a paper document. The internal exchange and an improved dose management can be simplified by systems which continuously and automatically record the doses and thus provide the possibility of permanent analysis and reporting. Communication between patient and radiologist will gain ongoing importance. Intelligent use of technology will convey this to the radiologist and it will facilitate the understanding of the information by the patient.

The role of technology in reducing health care costs. Phase II and phase III.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cilke, John F.; Parks, Raymond C.; Funkhouser, Donald Ray

2004-04-01

In Phase I of this project, reported in SAND97-1922, Sandia National Laboratories applied a systems approach to identifying innovative biomedical technologies with the potential to reduce U.S. health care delivery costs while maintaining care quality. The effort provided roadmaps for the development and integration of technology to meet perceived care delivery requirements and an economic analysis model for development of care pathway costs for two conditions: coronary artery disease (CAD) and benign prostatic hypertrophy (BPH). Phases II and III of this project, which are presented in this report, were directed at detailing the parameters of telemedicine that influence care deliverymore » costs and quality. These results were used to identify and field test the communication, interoperability, and security capabilities needed for cost-effective, secure, and reliable health care via telemedicine.« less

Utilization of Integrated Assessment Modeling for determining geologic CO2 storage security

NASA Astrophysics Data System (ADS)

Pawar, R.

2017-12-01

Geologic storage of carbon dioxide (CO2) has been extensively studied as a potential technology to mitigate atmospheric concentration of CO2. Multiple international research & development efforts, large-scale demonstration and commercial projects are helping advance the technology. One of the critical areas of active investigation is prediction of long-term CO2 storage security and risks. A quantitative methodology for predicting a storage site's long-term performance is critical for making key decisions necessary for successful deployment of commercial scale projects where projects will require quantitative assessments of potential long-term liabilities. These predictions are challenging given that they require simulating CO2 and in-situ fluid movements as well as interactions through the primary storage reservoir, potential leakage pathways (such as wellbores, faults, etc.) and shallow resources such as groundwater aquifers. They need to take into account the inherent variability and uncertainties at geologic sites. This talk will provide an overview of an approach based on integrated assessment modeling (IAM) to predict long-term performance of a geologic storage site including, storage reservoir, potential leakage pathways and shallow groundwater aquifers. The approach utilizes reduced order models (ROMs) to capture the complex physical/chemical interactions resulting due to CO2 movement and interactions but are computationally extremely efficient. Applicability of the approach will be demonstrated through examples that are focused on key storage security questions such as what is the probability of leakage of CO2 from a storage reservoir? how does storage security vary for different geologic environments and operational conditions? how site parameter variability and uncertainties affect storage security, etc.

A Collection of Technical Studies Completed for the Computer-Aided Acquisition and Logistic Support (CALS) Program Fiscal Year 1988. Volume 1. Text, Security and Data Management

DTIC Science & Technology

1991-03-01

management methodologies claim to be "expert systems" with security intelligence built into them to I derive a body of both facts and speculative data ... Data Administration considerations . III -21 IV. ARTIFICIAL INTELLIGENCE . .. .. .. . .. IV - 1 A. Description of Technologies . . . . . .. IV - 1 1...as intelligent gateways, wide area networks, and distributed databases for the distribution of logistics products. The integrity of CALS data and the

Nuclear Terrorism - Dimensions, Options, and Perspectives in Moldova

NASA Astrophysics Data System (ADS)

Vaseashta, Ashok; Susmann, P.; Braman, Eric W.; Enaki, Nicolae A.

Securing nuclear materials, controlling contraband and preventing proliferation is an international priority to resolve using technology, diplomacy, strategic alliances, and if necessary, targeted military exercises. Nuclear security consists of complementary programs involving international legal and regulatory structure, intelligence and law enforcement agencies, border and customs forces, point and stand-off radiation detectors, personal protection equipment, preparedness for emergency and disaster, and consequence management teams. The strategic goal of UNSCR 1540 and the GICNT is to prevent nuclear materials from finding their way into the hands of our adversaries. This multi-jurisdictional and multi-agency effort demands tremendous coordination, technology assessment, policy development and guidance from several sectors. The overall goal envisions creating a secured environment that controls and protects nuclear materials while maintaining the free flow of commerce and individual liberty on international basis. Integral to such efforts are technologies to sense/detect nuclear material, provide advance information of nuclear smuggling routes, and other advanced means to control nuclear contraband and prevent proliferation. We provide an overview of GICNT and several initiatives supporting such efforts. An overview is provided of technological advances in support of point and stand-off detection and receiving advance information of nuclear material movement from perspectives of the Republic of Moldova.

The Information Technology Infrastructure for the Translational Genomics Core and the Partners Biobank at Partners Personalized Medicine

PubMed Central

Boutin, Natalie; Holzbach, Ana; Mahanta, Lisa; Aldama, Jackie; Cerretani, Xander; Embree, Kevin; Leon, Irene; Rathi, Neeta; Vickers, Matilde

2016-01-01

The Biobank and Translational Genomics core at Partners Personalized Medicine requires robust software and hardware. This Information Technology (IT) infrastructure enables the storage and transfer of large amounts of data, drives efficiencies in the laboratory, maintains data integrity from the time of consent to the time that genomic data is distributed for research, and enables the management of complex genetic data. Here, we describe the functional components of the research IT infrastructure at Partners Personalized Medicine and how they integrate with existing clinical and research systems, review some of the ways in which this IT infrastructure maintains data integrity and security, and discuss some of the challenges inherent to building and maintaining such infrastructure. PMID:26805892

Integration of hybrid wireless networks in cloud services oriented enterprise information systems

NASA Astrophysics Data System (ADS)

Li, Shancang; Xu, Lida; Wang, Xinheng; Wang, Jue

2012-05-01

This article presents a hybrid wireless network integration scheme in cloud services-based enterprise information systems (EISs). With the emerging hybrid wireless networks and cloud computing technologies, it is necessary to develop a scheme that can seamlessly integrate these new technologies into existing EISs. By combining the hybrid wireless networks and computing in EIS, a new framework is proposed, which includes frontend layer, middle layer and backend layers connected to IP EISs. Based on a collaborative architecture, cloud services management framework and process diagram are presented. As a key feature, the proposed approach integrates access control functionalities within the hybrid framework that provide users with filtered views on available cloud services based on cloud service access requirements and user security credentials. In future work, we will implement the proposed framework over SwanMesh platform by integrating the UPnP standard into an enterprise information system.

Practical Pocket PC Application w/Biometric Security

NASA Technical Reports Server (NTRS)

Logan, Julian

2004-01-01

I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

Considerations for developing technologies for an integrated person-borne IED countermeasure architecture

NASA Astrophysics Data System (ADS)

Lombardo, Nicholas J.; Knudson, Christa K.; Rutz, Frederick C.; Pattison, Kerrie J.; Stratton, Rex C.; Wiborg, James C.

2010-04-01

Developing an integrated person-borne improvised explosive device (IED) countermeasure to protect unstructured crowds at large public venues is the goal of the Standoff Technology Integration and Demonstration Program (STIDP), sponsored in part by the U.S. Department of Homeland Security (DHS). The architecture being developed includes countermeasure technologies deployed as a layered defense and enabling technologies for operating the countermeasures as an integrated system. In the architecture, early recognition of potentially higher-risk individuals is crucial. Sensors must be able to detect, with high accuracy, explosives' threat signatures in varying environmental conditions, from a variety of approaches and with dense crowds and limited dwell time. Command-and-control technologies are needed to automate sensor operation, reduce staffing requirements, improve situational awareness, and automate/facilitate operator decisions. STIDP is developing technical and operational requirements for standoff and remotely operated sensors and is working with federal agencies and foreign governments to implement these requirements into their research and development programs. STIDP also is developing requirements for a software platform to rapidly integrate and control various sensors; acquire, analyze, and record their data; and present the data in an operationally relevant manner. Requirements also are being developed for spatial analysis, tracking and assessing threats with available screening resources, and data fusion for operator decision-making.

Integrating security in multiple, remote, and diverse facilities: how major health systems are meeting today's and tomorrow's technological and organizational challenges.

PubMed

1996-11-01

As the trend to mergers and diversification of healthcare facilities grows, so too does the challenge to security directors to effectively and efficiently protect not only acute care, emergency, and outpatient facilities, but physician office buildings, parking garages, long-term-care units, medical schools, technical service units, and even health clubs. Besides the different security and communications problems posed by each type of facility, the problem of distance between facilities and their geographic location must also be met. In this report, we'll update you on the approaches being taken by security and planning executives at three leading health systems and how they are dealing with current and future problems.

Resilient and Robust High Performance Computing Platforms for Scientific Computing Integrity

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jin, Yier

As technology advances, computer systems are subject to increasingly sophisticated cyber-attacks that compromise both their security and integrity. High performance computing platforms used in commercial and scientific applications involving sensitive, or even classified data, are frequently targeted by powerful adversaries. This situation is made worse by a lack of fundamental security solutions that both perform efficiently and are effective at preventing threats. Current security solutions fail to address the threat landscape and ensure the integrity of sensitive data. As challenges rise, both private and public sectors will require robust technologies to protect its computing infrastructure. The research outcomes from thismore » project try to address all these challenges. For example, we present LAZARUS, a novel technique to harden kernel Address Space Layout Randomization (KASLR) against paging-based side-channel attacks. In particular, our scheme allows for fine-grained protection of the virtual memory mappings that implement the randomization. We demonstrate the effectiveness of our approach by hardening a recent Linux kernel with LAZARUS, mitigating all of the previously presented side-channel attacks on KASLR. Our extensive evaluation shows that LAZARUS incurs only 0.943% overhead for standard benchmarks, and is therefore highly practical. We also introduced HA2lloc, a hardware-assisted allocator that is capable of leveraging an extended memory management unit to detect memory errors in the heap. We also perform testing using HA2lloc in a simulation environment and find that the approach is capable of preventing common memory vulnerabilities.« less

R AND D 100 EARLYBIRD AWARD ENTRY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dugan, J; Debbie Chapman, D

2007-01-30

The Smart Latch{trademark} is an electronically enhanced door lockset device for industrial and consumer applications, which uses existing neural network technology to analyze the sequence, timing, and acoustic signatures associated with lockset functions and provides immediate indication of failure to correctly lock and latch. It essentially ''listens'' to and learns the sequences and acoustic signatures associated with lockset function and latching. When triggered by specific door activity the Smart Latch{trademark} begins analyzing sequences, frequencies and other parameters. With a satisfactory outcome the device provides positive feedback (e.g. visual and/or audible) and returns to a ''sleep'' state awaiting the next activity.more » If any part of the normal door operation, including latching and length of time, are incorrect various alarm signals can be generated. With electronics and 5+ year battery integrated, the device is simple to install and transparent to the user. Because the device uses proven voice recognition algorithms, it could meet or exceed the performance of the human ear in detecting the unique and complex acoustic signature associated with a properly operating and secured door. Unlike existing technologies, such as limit switches, it is not easily spoofed or defeated and has a high level of immunity to interference. The Smart Latch{trademark} technology can be integrated into existing lockset and door hardware designs, including both low price consumer products and high end electronic/cipher locks. The concept and design are based on a simple security industry adage: ''It isn't locked if it isn't latched''. Even the most elaborate and robust security barriers are of little use if the locking and latching mechanisms are not properly functioning and engaged. Smart Latch{trademark} provides automatic verification of the first and most important step in facility security: Close and properly latch doors and barriers. It is a compelling product for households with children, elderly, or high traffic areas such as an office where a properly closed and latched door is essential for security and safety. In an age of ever increasing security concerns and limited human resources, Smart Latch{trademark} can be a significant addition to the $20 billion plus industrial and consumer lockset market. The Smart Latch{trademark} is unique because: (1) as an inexpensive, battery powered, stand-alone device or as integrated into any standard consumer lock set, the device uses neural network technology to analyze the acoustic signatures associated with normal door operation and generates an alert if a door is not latched correctly and within a set amount of time. (2) It is not easily spoofed or defeated. (3) Installation, setup, and use are simple.« less

Practice improvement, part II: update on patient communication technologies.

PubMed

Roett, Michelle A; Coleman, Mary Thoesen

2013-11-01

Patient portals (ie, secure web-based services for patient health record access) and secure messaging to health care professionals are gaining popularity slowly. Advantages of web portals include timely communication and instruction, access to appointments and other services, and high patient satisfaction. Limitations include inappropriate use, security considerations, organizational costs, and exclusion of patients who are uncomfortable with or unable to use computers. Attention to the organization's strategic plan and office policies, patient and staff expectations, workflow and communication integration, training, marketing, and enrollment can facilitate optimal use of this technology. Other communication technologies that can enhance patient care include automated voice or text reminders and brief electronic communications. Social media provide another method of patient outreach, but privacy and access are concerns. Incorporating telehealthcare (health care provided via telephone or Internet), providing health coaching, and using interactive health communication applications can improve patient knowledge and clinical outcomes and provide social support. Written permission from the American Academy of Family Physicians is required for reproduction of this material in whole or in part in any form or medium.

National Security Science and Technology Initiative: Air Cargo Screening, Final Report for CRADA Number NFE-07-01081

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bingham, Philip; Bush, John; Bowerman, Biays

The non-intrusive inspection (NII) of consolidated air cargo carried on commercial passenger aircraft continues to be a technically challenging, high-priority requirement of the Department of Homeland Security’s Science and Technology Directorate (DHS S&T), the Transportation Security Agency and the Federal Aviation Administration. The goal of deploying a screening system that can reliably and cost-effectively detect explosive threats in consolidated cargo without adversely affecting the flow of commerce will require significant technical advances that will take years to develop. To address this critical National Security need, the Battelle Memorial Institute (Battelle), under a Cooperative Research and Development Agreement (CRADA) with fourmore » of its associated US Department of Energy (DOE) National Laboratories (Oak Ridge, Pacific Northwest, Idaho, and Brookhaven), conducted a research and development initiative focused on identifying, evaluating, and integrating technologies for screening consolidated air cargo for the presence of explosive threats. Battelle invested $8.5M of internal research and development funds during fiscal years 2007 through 2009.« less

MAC layer security issues in wireless mesh networks

NASA Astrophysics Data System (ADS)

Reddy, K. Ganesh; Thilagam, P. Santhi

2016-03-01

Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

A review of existing and emerging digital technologies to combat the global trade in fake medicines.

PubMed

Mackey, Tim K; Nayyar, Gaurvika

2017-05-01

The globalization of the pharmaceutical supply chain has introduced new challenges, chief among them, fighting the international criminal trade in fake medicines. As the manufacture, supply, and distribution of drugs becomes more complex, so does the need for innovative technology-based solutions to protect patients globally. Areas covered: We conducted a multidisciplinary review of the science/health, information technology, computer science, and general academic literature with the aim of identifying cutting-edge existing and emerging 'digital' solutions to combat fake medicines. Our review identified five distinct categories of technology including mobile, radio frequency identification, advanced computational methods, online verification, and blockchain technology. Expert opinion: Digital fake medicine solutions are unifying platforms that integrate different types of anti-counterfeiting technologies as complementary solutions, improve information sharing and data collection, and are designed to overcome existing barriers of adoption and implementation. Investment in this next generation technology is essential to ensure the future security and integrity of the global drug supply chain.

Safeguards and security research and development: Progress report, October 1994--September 1995

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rutherford, D.R.; Henriksen, P.W.

The primary goal of the Los Alamos Safeguards and Security Technology Development Program, International Safeguards, and other Safeguards and Security Programs is to continue to be the center of excellence in the field of Safeguards and Security. This annual report for 1995 describes those scientific and engineering projects that contribute to all of the aforementioned programs. The authors have presented the information in a different format from previous annual reports. Part I is devoted to Nuclear Material Measurement Systems. Part II contains projects that are specific to Integrated Safeguards Systems. Part III highlights Safeguards Systems Effectiveness Evaluations and Part IVmore » is a compilation of highlights from Information Assurance projects. Finally Part V highlights work on the projects at Los Alamos for International Safeguards. The final part of this annual report lists titles and abstracts of Los Alamos Safeguards and Security Technology Development reports, technical journal articles, and conference papers that were presented and published in 1995. This is the last annual report in this format. The authors wish to thank all of the individuals who have contributed to this annual report and made it so successful over the years.« less

Foundry Technologies Focused on Environmental and Ecological Applications

NASA Astrophysics Data System (ADS)

Roizin, Ya.; Lisiansky, M.; Pikhay, E.

Solutions allowing fabrication of remote control systems with integrated sensors (motes) were introduced as a part of CMOS foundry production platform and verified on silicon. The integrated features include sensors employing principles previously verified in the development of ultra-low power consuming non-volatile memories (C-Flash, MRAM) and components allowing low-power energy harvesting (low voltage rectifiers, high -voltage solar cells). The developed systems are discussed with emphasis on their environmental and security applications.

Proceedings of the Fifth Integrated Communications, Navigation, and Surveillance (ICNS) Conference and Workshop

NASA Technical Reports Server (NTRS)

Fujikawa, Gene (Compiler)

2005-01-01

Contents includes papers on the following: JPDO: Inter-Agency Cooperation for the Next Generation ATS; R&T Programs; Integrated CNS Systems and Architectures; Datalink Communication Systems; Navigation, System Demonstrations and Operations; Safety and Security Initiatives Impacting CNS; Global Communications Initiatives; Airborne Internet; Avionics for System-Level Enhancements; SWIM (System Wide Information Management); Weather Products and Data Dissemination Technologies; Airsapce Communication Networks; Surveillance Systems; Workshop Breakouts Sessions and ; ICNS Conference Information.

Security in Full-Force

NASA Technical Reports Server (NTRS)

2002-01-01

When fully developed for NASA, Vanguard Enforcer(TM) software-which emulates the activities of highly technical security system programmers, auditors, and administrators-was among the first intrusion detection programs to restrict human errors from affecting security, and to ensure the integrity of a computer's operating systems, as well as the protection of mission critical resources. Vanguard Enforcer was delivered in 1991 to Johnson Space Center and has been protecting systems and critical data there ever since. In August of 1999, NASA granted Vanguard exclusive rights to commercialize the Enforcer system for the private sector. In return, Vanguard continues to supply NASA with ongoing research, development, and support of Enforcer. The Vanguard Enforcer 4.2 is one of several surveillance technologies that make up the Vanguard Security Solutions line of products. Using a mainframe environment, Enforcer 4.2 achieves previously unattainable levels of automated security management.

The Design Process of Physical Security as Applied to a U.S. Border Port of Entry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wagner, G.G.

1999-02-22

This paper details the application of a standard physical security system design process to a US Border Port of Entry (PoE) for vehicle entry/exit. The physical security design methodology is described as well as the physical security similarities to facilities currently at a US Border PoE for vehicles. The physical security design process description includes the various elements that make up the methodologies well as the considerations that must be taken into account when dealing with system integration of those elements. The distinctions between preventing unlawful entry/exit of illegal contraband and personnel are described. The potential to enhance the functionsmore » of drug/contraband detection in the Pre-Primary Inspection area through the application of emerging technologies are also addressed.« less

High-Surety Telemedicine in a Distributed, 'Plug-andPlan' Environment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Craft, Richard L.; Funkhouser, Donald R.; Gallagher, Linda K.

1999-05-17

Commercial telemedicine systems are increasingly functional, incorporating video-conferencing capabilities, diagnostic peripherals, medication reminders, and patient education services. However, these systems (1) rarely utilize information architectures which allow them to be easily integrated with existing health information networks and (2) do not always protect patient confidentiality with adequate security mechanisms. Using object-oriented methods and software wrappers, we illustrate the transformation of an existing stand-alone telemedicine system into `plug-and-play' components that function in a distributed medical information environment. We show, through the use of open standards and published component interfaces, that commercial telemedicine offerings which were once incompatible with electronic patient recordmore » systems can now share relevant data with clinical information repositories while at the same time hiding the proprietary implementations of the respective systems. Additionally, we illustrate how leading-edge technology can secure this distributed telemedicine environment, maintaining patient confidentiality and the integrity of the associated electronic medical data. Information surety technology also encourages the development of telemedicine systems that have both read and write access to electronic medical records containing patient-identifiable information. The win-win approach to telemedicine information system development preserves investments in legacy software and hardware while promoting security and interoperability in a distributed environment.« less

Center for Integration of Medicine and Innovative Technology. Addendum

DTIC Science & Technology

2009-10-01

development in biomaterials , endoscopic tools, energy delivery, medical imaging, and other novel technologies. 15. SUBJECT TERMS None provided. 16. SECURITY...below. Issues of Concern We have identified a suitable colla borator to conclude the second an d final phase of this project, namely Dr. Gary...patent application will depend on the results of the second phase of t he project, as well as the ex isting int ellectual property on SEE-fitted

Implementation of the Web-based laboratory

NASA Astrophysics Data System (ADS)

Ying, Liu; Li, Xunbo

2005-12-01

With the rapid developments of Internet technologies, remote access and control via Internet is becoming a reality. A realization of the web-based laboratory (the W-LAB) was presented. The main target of the W-LAB was to allow users to easily access and conduct experiments via the Internet. While realizing the remote communication, a system, which adopted the double client-server architecture, was introduced. It ensures the system better security and higher functionality. The experimental environment implemented in the W-Lab was integrated by both virtual lab and remote lab. The embedded technology in the W-LAB system as an economical and efficient way to build the distributed infrastructural network was introduced. Furthermore, by introducing the user authentication mechanism in the system, it effectively secures the remote communication.

Access control and confidentiality in radiology

NASA Astrophysics Data System (ADS)

Noumeir, Rita; Chafik, Adil

2005-04-01

A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

SocialRAD: an infrastructure for a secure, cooperative, asynchronous teleradiology system.

PubMed

Figueiredo, João Filho Matos; Motta, Gustavo Henrique Matos Bezerra

2013-01-01

The popularity of teleradiology services has enabled a major advance in the provision of health services to areas with difficult geographical access. However, this potential has also brought with it a number of challenges: the large volume of data, characteristic of imaging tests, and security requirements designed to ensure confidentiality and integrity. Moreover, there is also a number of ethical questions involving the dominant model on the market, whereby this service is outsourced to private companies, and is not directly undertaken by professional radiologists. Therefore, the present paper proposes a cooperative model of teleradiology, where health professionals interact directly with the hospitals providing patient care. This has involved the integration of a wide range of technologies, such as the interconnection models Peer-to-Peer, Cloud Computing, Dynamic DNS, RESTful Web Services, as well as security and interoperability standards, with the aim of promoting a secure, collaborative asynchronous environment. The developed model is currently being used on an experimental basis, providing teleradiology support to cities in the north-eastern hinterland of Brazil, and is fulfilling all expectations.

Los Alamos National Lab: National Security Science

Science.gov Websites

SKIP TO PAGE CONTENT Los Alamos National Laboratory Delivering science and technology to protect Permit for Storm Water Public Reading Room Environment Home News Los Alamos National Lab: National deposition operations for the Center for Integrated Nanotechnologies at Los Alamos. Innovation drives his

Minimizing Security Vulnerabilities in High-Tech Classrooms

ERIC Educational Resources Information Center

Ozkan, Betul C.; Gunay, Vedat

2004-01-01

Emerging technologies are quickly becoming part of daily learning and teaching endeavors in academia. Due to the access to certain high-tech tools educators must learn how to integrate these tools in educational settings. However, many also encounter problems and weaknesses in the same high-tech environment that uses and delivers information…

Integrated homeland security system with passive thermal imaging and advanced video analytics

NASA Astrophysics Data System (ADS)

Francisco, Glen; Tillman, Jennifer; Hanna, Keith; Heubusch, Jeff; Ayers, Robert

2007-04-01

A complete detection, management, and control security system is absolutely essential to preempting criminal and terrorist assaults on key assets and critical infrastructure. According to Tom Ridge, former Secretary of the US Department of Homeland Security, "Voluntary efforts alone are not sufficient to provide the level of assurance Americans deserve and they must take steps to improve security." Further, it is expected that Congress will mandate private sector investment of over $20 billion in infrastructure protection between 2007 and 2015, which is incremental to funds currently being allocated to key sites by the department of Homeland Security. Nearly 500,000 individual sites have been identified by the US Department of Homeland Security as critical infrastructure sites that would suffer severe and extensive damage if a security breach should occur. In fact, one major breach in any of 7,000 critical infrastructure facilities threatens more than 10,000 people. And one major breach in any of 123 facilities-identified as "most critical" among the 500,000-threatens more than 1,000,000 people. Current visible, nightvision or near infrared imaging technology alone has limited foul-weather viewing capability, poor nighttime performance, and limited nighttime range. And many systems today yield excessive false alarms, are managed by fatigued operators, are unable to manage the voluminous data captured, or lack the ability to pinpoint where an intrusion occurred. In our 2006 paper, "Critical Infrastructure Security Confidence Through Automated Thermal Imaging", we showed how a highly effective security solution can be developed by integrating what are now available "next-generation technologies" which include: Thermal imaging for the highly effective detection of intruders in the dark of night and in challenging weather conditions at the sensor imaging level - we refer to this as the passive thermal sensor level detection building block Automated software detection for creating initial alerts - we refer to this as software level detection, the next level building block Immersive 3D visual assessment for situational awareness and to manage the reaction process - we refer to this as automated intelligent situational awareness, a third building block Wide area command and control capabilities to allow control from a remote location - we refer to this as the management and process control building block integrating together the lower level building elements. In addition, this paper describes three live installations of complete, total systems that incorporate visible and thermal cameras as well as advanced video analytics. Discussion of both system elements and design is extensive.

Terahertz Real-Time Imaging Uncooled Arrays Based on Antenna-Coupled Bolometers or FET Developed at CEA-Leti

NASA Astrophysics Data System (ADS)

Simoens, François; Meilhan, Jérôme; Nicolas, Jean-Alain

2015-10-01

Sensitive and large-format terahertz focal plane arrays (FPAs) integrated in compact and hand-held cameras that deliver real-time terahertz (THz) imaging are required for many application fields, such as non-destructive testing (NDT), security, quality control of food, and agricultural products industry. Two technologies of uncooled THz arrays that are being studied at CEA-Leti, i.e., bolometer and complementary metal oxide semiconductor (CMOS) field effect transistors (FET), are able to meet these requirements. This paper reminds the followed technological approaches and focuses on the latest modeling and performance analysis. The capabilities of application of these arrays to NDT and security are then demonstrated with experimental tests. In particular, high technological maturity of the THz bolometer camera is illustrated with fast scanning of large field of view of opaque scenes achieved in a complete body scanner prototype.

Examining the Multi-level Fit between Work and Technology in a Secure Messaging Implementation.

PubMed

Ozkaynak, Mustafa; Johnson, Sharon; Shimada, Stephanie; Petrakis, Beth Ann; Tulu, Bengisu; Archambeault, Cliona; Fix, Gemmae; Schwartz, Erin; Woods, Susan

2014-01-01

Secure messaging (SM) allows patients to communicate with their providers for non-urgent health issues. Like other health information technologies, the design and implementation of SM should account for workflow to avoid suboptimal outcomes. SM may present unique workflow challenges because patients add a layer of complexity, as they are also direct users of the system. This study explores SM implementation at two Veterans Health Administration facilities. We interviewed twenty-nine members of eight primary care teams using semi-structured interviews. Questions addressed staff opinions about the integration of SM with daily practice, and team members' attitudes and experiences with SM. We describe the clinical workflow for SM, examining complexity and variability. We identified eight workflow issues directly related to efficiency and patient satisfaction, based on an exploration of the technology fit with multilevel factors. These findings inform organizational interventions that will accommodate SM implementation and lead to more patient-centered care.

Sandia National Laboratories proof-of-concept robotic security vehicle

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harrington, J.J.; Jones, D.P.; Klarer, P.R.

1989-01-01

Several years ago Sandia National Laboratories developed a prototype interior robot that could navigate autonomously inside a large complex building to air and test interior intrusion detection systems. Recently the Department of Energy Office of Safeguards and Security has supported the development of a vehicle that will perform limited security functions autonomously in a structured exterior environment. The goal of the first phase of this project was to demonstrate the feasibility of an exterior robotic vehicle for security applications by using converted interior robot technology, if applicable. An existing teleoperational test bed vehicle with remote driving controls was modified andmore » integrated with a newly developed command driving station and navigation system hardware and software to form the Robotic Security Vehicle (RSV) system. The RSV, also called the Sandia Mobile Autonomous Navigator (SANDMAN), has been successfully used to demonstrate that teleoperated security vehicles which can perform limited autonomous functions are viable and have the potential to decrease security manpower requirements and improve system capabilities. 2 refs., 3 figs.« less

Security Considerations for E-Mental Health Interventions

PubMed Central

Bennett, Anthony James; Griffiths, Kathleen Margaret

2010-01-01

Security considerations are an often overlooked and underfunded aspect of the development, delivery, and evaluation of e-mental health interventions although they are crucial to the overall success of any eHealth project. The credibility and reliability of eHealth scientific research and the service delivery of eHealth interventions rely on a high standard of data security. This paper describes some of the key methodological, technical, and procedural issues that need to be considered to ensure that eHealth research and intervention delivery meet adequate security standards. The paper concludes by summarizing broad strategies for addressing the major security risks associated with eHealth interventions. These include involving information technology (IT) developers in all stages of the intervention process including its development, evaluation, and ongoing delivery; establishing a wide-ranging discourse about relevant security issues; and familiarizing researchers and providers with the security measures that must be instituted in order to protect the integrity of eHealth interventions. PMID:21169173

The informatics capability maturity of integrated primary care centres in Australia.

PubMed

Liaw, Siaw-Teng; Kearns, Rachael; Taggart, Jane; Frank, Oliver; Lane, Riki; Tam, Michael; Dennis, Sarah; Walker, Christine; Russell, Grant; Harris, Mark

2017-09-01

Integrated primary care requires systems and service integration along with financial incentives to promote downward substitution to a single entry point to care. Integrated Primary Care Centres (IPCCs) aim to improve integration by co-location of health services. The Informatics Capability Maturity (ICM) describes how well health organisations collect, manage and share information; manage eHealth technology, implementation, change, data quality and governance; and use "intelligence" to improve care. Describe associations of ICM with systems and service integration in IPCCs. Mixed methods evaluation of IPCCs in metropolitan and rural Australia: an enhanced general practice, four GP Super Clinics, a "HealthOne" (private-public partnership) and a Community Health Centre. Data collection methods included self-assessed ICM, document review, interviews, observations in practice and assessment of electronic health record data. Data was analysed and compared across IPCCs. The IPCCs demonstrated a range of funding models, ownership, leadership, organisation and ICM. Digital tools were used with varying effectiveness to collect, use and share data. Connectivity was problematic, requiring "work-arounds" to communicate and share information. The lack of technical, data and software interoperability standards, clinical coding and secure messaging were barriers to data collection, integration and sharing. Strong leadership and governance was important for successful implementation of robust and secure eHealth systems. Patient engagement with eHealth tools was suboptimal. ICM is positively associated with integration of data, systems and care. Improved ICM requires a health workforce with eHealth competencies; technical, semantic and software standards; adequate privacy and security; and good governance and leadership. Copyright © 2017 Elsevier B.V. All rights reserved.

Integrated situational awareness for cyber attack detection, analysis, and mitigation

NASA Astrophysics Data System (ADS)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

The Future of Mobile Information and Communication Technology in Austere Environments: A Command and Control Technology Integration Perspective

DTIC Science & Technology

2013-03-01

within the Global information Grid ( GiG ) (AFDD6-0, 2011). JP 1-02 describes the GiG : 10 The GIG is the globally interconnected, end-to-end set of...to warfighters, policy makers, and support personnel. The GIG includes all owned and leased communications and computing systems and services...software (including applications), data, security services, and other 19 associated services necessary to achieve information superiority. The GIG

Energy System Integration Facility Secure Data Center | Energy Systems

Science.gov Websites

Integration Facility | NREL Energy System Integration Facility Secure Data Center Energy System Integration Facility Secure Data Center The Energy Systems Integration Facility's Secure Data Center provides

SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly

NASA Astrophysics Data System (ADS)

Ricci, R.; Chollet, G.; Crispino, M. V.; Jassim, S.; Koreman, J.; Olivar-Dimas, M.; Garcia-Salicetti, S.; Soria-Rodriguez, P.

2006-05-01

This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

The Feasibility of Wearables in an Enterprise Environment and Their Impact on IT Security

NASA Technical Reports Server (NTRS)

Scotti, Vincent, Jr.

2015-01-01

This paper is intended to explore the usability and feasibility of wearables in an enterprise environment and their impact on IT Security. In this day and age, with the advent of the Internet of Things, we must explore all the new technology emerging from the minds of the new inventors. This means exploring the use of wearables in regards to their benefits, limitations, and the new challenges they pose to securing computer networks in the Federal environment. We will explore the design of the wearables, the interfaces needed to connect them, and what it will take to connect personal devices in the Federal enterprise network environment. We will provide an overview of the wearable design, concerns of ensuring the confidentiality, integrity, and availability of information and the challenges faced by those doing so. We will also review the implications and limitations of the policies governing wearable technology and the physical efforts to enforce them.

What Happens When the Supply Chain Breaks? Implications for the Army Supply Chain Under Attack

DTIC Science & Technology

2003-05-22

Supply Chain Integration office with Secretariat level leadership to facilitate DoD Component implementation of supply chain management practices...rather than cyber attack. Tim Belcher, Chief Technology Officer for Riptech, a computer security firm said “It was always assumed that a small group of

The Design and Realization of Net Testing System on Campus Network

ERIC Educational Resources Information Center

Ren, Zhanying; Liu, Shijie

2005-01-01

According to the requirement of modern teaching theory and technology, based on software engineering, database theory, the technique of net information security and system integration, a net testing system on local network was designed and realized. The system benefits for dividing of testing & teaching and settles the problems of random…

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Optical security features for plastic card documents

NASA Astrophysics Data System (ADS)

Hossick Schott, Joachim

1998-04-01

Print-on-demand is currently a major trend in the production of paper based documents. This fully digital production philosophy will likely have ramifications also for the secure identification document market. Here, plastic cards increasingly replace traditionally paper based security sensitive documents such as drivers licenses and passports. The information content of plastic cards can be made highly secure by using chip cards. However, printed and other optical security features will continue to play an important role, both for machine readable and visual inspection. Therefore, on-demand high resolution print technologies, laser engraving, luminescent pigments and laminated features such as holograms, kinegrams or phase gratings will have to be considered for the production of secure identification documents. Very important are also basic optical, surface and material durability properties of the laminates as well as the strength and nature of the adhesion between the layers. This presentation will address some of the specific problems encountered when optical security features such as high resolution printing and laser engraving are to be integrated in the on-demand production of secure plastic card identification documents.

Software Security Practices: Integrating Security into the SDLC

DTIC Science & Technology

2011-05-01

Software Security Practices Integrating Security into the SDLC Robert A. Martin HS SEDI is a trademark of the U.S. Department of Homeland Security...2011 to 00-00-2011 4. TITLE AND SUBTITLE Software Security Practices Integrating Security into the SDLC 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c...SEDI FFRDC is managed and operated by The MITRE Corporation for DHS. 4 y y w SDLC Integrating Security into a typical software development lifecycle

Water security - Nation state and international security implications

USGS Publications Warehouse

Tindall, James A.; Andrew A. Campbell,

2009-01-01

A terrorist attack such as poisoning and sabotage of the national water supply and water-quality infrastructure of the continental United States or any country, could disrupt the delivery of vital human services, threaten both public health and the environment, potentially cause mass casualties and pose grave public concern for homeland security. Most significantly, an attack on water resources would weaken social cohesion and trust in government. A threat to continuity of services is a potential threat to continuity of government since both are necessary for continuity of operations. Water infrastructure is difficult to protect, as it extends over vast areas across the U.S. and for which ownership is overwhelmingly nonfederal (approximately 85 percent). Since the 9111 attacks, federal dam operators and water and wastewater utilities have established counter measures. Similar measures have been taken in countries around the world. These include enhanced physical security, improved coordination between corporate ownership, Department of Homeland Security, and local law enforcement, and research into risk assessment and vulnerability analysis to ensure greater system safety. A key issue is the proportionate additional resources directed at public and private sector specific priorities. Agencies that have the scientific and technological ability to leverage resources, exploit integrated science approaches, focus on interdisciplinary practices, utilize informatics expertise and employ a wide use of evolving technologies should play a key role in water security and related issues.

Building integrated business environments: analysing open-source ESB

NASA Astrophysics Data System (ADS)

Martínez-Carreras, M. A.; García Jimenez, F. J.; Gómez Skarmeta, A. F.

2015-05-01

Integration and interoperability are two concepts that have gained significant prominence in the business field, providing tools which enable enterprise application integration (EAI). In this sense, enterprise service bus (ESB) has played a crucial role as the underpinning technology for creating integrated environments in which companies may connect all their legacy-applications. However, the potential of these technologies remains unknown and some important features are not used to develop suitable business environments. The aim of this paper is to describe and detail the elements for building the next generation of integrated business environments (IBE) and to analyse the features of ESBs as the core of this infrastructure. For this purpose, we evaluate how well-known open-source ESB products fulfil these needs. Moreover, we introduce a scenario in which the collaborative system 'Alfresco' is integrated in the business infrastructure. Finally, we provide a comparison of the different open-source ESBs available for IBE requirements. According to this study, Fuse ESB provides the best results, considering features such as support for a wide variety of standards and specifications, documentation and implementation, security, advanced business trends, ease of integration and performance.

[Advanced information technologies for financial services industry]. Final report

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

The project scope is to develop an advanced user interface utilizing speech and/or handwriting recognition technology that will improve the accuracy and speed of recording transactions in the dynamic environment of a foreign exchange (FX) trading floor. The project`s desired result is to improve the base technology for trader`s workstations on FX trading floors. Improved workstation effectiveness will allow vast amounts of complex information and events to be presented and analyzed, thus increasing the volume of money and other assets to be exchanged at an accelerated rate. The project scope is to develop and demonstrate technologies that advance interbank checkmore » imaging and paper check truncation. The following describes the tasks to be completed: (1) Identify the economics value case, the legal and regulatory issues, the business practices that are affected, and the effects upon settlement. (2) Familiarization with existing imaging technology. Develop requirements for image quality, security, and interoperability. Adapt existing technologies to meet requirements. (3) Define requirements for the imaging laboratory and design its architecture. Integrate and test technology from task 2 with equipment in the laboratory. (4) Develop and/or integrate and test remaining components; includes security, storage, and communications. (5) Build a prototype system and test in a laboratory. Install and run in two or more banks. Develop documentation. Conduct training. The project`s desired result is to enable a proof-of-concept trial in which multiple banks will exchange check images, exhibiting operating conditions which a check experiences as it travels through the payments/clearing system. The trial should demonstrate the adequacy of digital check images instead of paper checks.« less

Renewable Hydrogen-Economically Viable: Integration into the U.S. Transportation Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kurtz, Jennifer; Peters, Mike; Muratori, Matteo

The U.S. transportation sector is expected to meet numerous goals in differing applications. These goals address security, safety, fuel source, emissions reductions, advanced mobility models, and improvements in quality and accessibility. Solutions to meeting these goals include a variety of alternative-fuel technologies, including batteries, fuel cells, synthetic fuels, and biofuels, as well as modifying how current transportation systems are used and integrating new systems, such as storing renewable energy. Overall, there are many combinations of problems, objectives, and solutions.

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

NASA Astrophysics Data System (ADS)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

Solar Thermal Utility-Scale Joint Venture Program (USJVP) Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

MANCINI,THOMAS R.

2001-04-01

Several years ago Sandia National Laboratories developed a prototype interior robot [1] that could navigate autonomously inside a large complex building to aid and test interior intrusion detection systems. Recently the Department of Energy Office of Safeguards and Security has supported the development of a vehicle that will perform limited security functions autonomously in a structured exterior environment. The goal of the first phase of this project was to demonstrate the feasibility of an exterior robotic vehicle for security applications by using converted interior robot technology, if applicable. An existing teleoperational test bed vehicle with remote driving controls was modifiedmore » and integrated with a newly developed command driving station and navigation system hardware and software to form the Robotic Security Vehicle (RSV) system. The RSV, also called the Sandia Mobile Autonomous Navigator (SANDMAN), has been successfully used to demonstrate that teleoperated security vehicles which can perform limited autonomous functions are viable and have the potential to decrease security manpower requirements and improve system capabilities.« less

Development of building security integration system using sensors, microcontroller and GPS (Global Positioning System) based android smartphone

NASA Astrophysics Data System (ADS)

Sihombing, P.; Siregar, Y. M.; Tarigan, J. T.; Jaya, I.; Turnip, A.

2018-03-01

Security system is one of the common problems to protect an environment such as personal house or a warehouse. There are numerous methods and technologies that can be used as part of a security system. In this paper, we present a security system that offers a better efficiency. The purpose of this study is to build a system that can monitor home security at any time in particular fire and theft. Through sensors, the system will be able to provide warning information of hazard conditions via LCD monitor, sound, and alarm. This information will be sent automatically to the home owner’s smartphone as well as to the corresponding to the security agency. Thus the prevention of theft and fire hazards can be immediately anticipated by the police and firefighters. The system will also notify the position of the coordinates of the location of the building (the house) by a link to the Google map in order to make it easier to get the location quickly.

Operations Research / Operations Analysis Orientation Course Curriculum for NATO Nations (Programme d’initiation a la recherche / l’analyse operationnelle pour les pays de l’OTAN)

DTIC Science & Technology

2014-09-01

The NATO Science and Technology Organization Science & Technology (S& T ) in the NATO context is defined as the selective and rigorous...generation and application of state-of-the-art, validated knowledge for defence and security purposes. S& T activities embrace scientific research...engineering, operational research and analysis, synthesis, integration and validation of knowledge derived through the scientific method. In NATO, S& T is

Manufacturing the Future: Federal Priorities for Manufacturing Research and Development. Report of the Interagency Working Group on Manufacturing R&D, Committee on Technology, National Science and Technology Council

DTIC Science & Technology

2008-03-01

and virtual elimination of vehicular emissions of pollutants and greenhouse gases. Low- cost, high-volume manufacturing processes and development...intended to help achieve energy security and virtually eliminate vehicular emissions of pollutants and greenhouse gases. This goal is being pursued...the coolant system, for example, and the humidification system must be integrated with the air blower. Construction of the power plant is usually

Advanced ion trap structures with integrated tools for qubit manipulation

NASA Astrophysics Data System (ADS)

Sterk, J. D.; Benito, F.; Clark, C. R.; Haltli, R.; Highstrete, C.; Nordquist, C. D.; Scott, S.; Stevens, J. E.; Tabakov, B. P.; Tigges, C. P.; Moehring, D. L.; Stick, D.; Blain, M. G.

2012-06-01

We survey the ion trap fabrication technologies available at Sandia National Laboratories. These include four metal layers, precision backside etching, and low profile wirebonds. We demonstrate loading of ions in a variety of ion traps that utilize these technologies. Additionally, we present progress towards integration of on-board filtering with trench capacitors, photon collection via an optical cavity, and integrated microwave electrodes for localized hyperfine qubit control and magnetic field gradient quantum gates. [4pt] This work was supported by Sandia's Laboratory Directed Research and Development (LDRD) Program and the Intelligence Advanced Research Projects Activity (IARPA). Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the US Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000.

MEMS and MOEMS for national security applications

NASA Astrophysics Data System (ADS)

Scott, Marion W.

2003-01-01

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

A smart grid simulation testbed using Matlab/Simulink

NASA Astrophysics Data System (ADS)

Mallapuram, Sriharsha; Moulema, Paul; Yu, Wei

2014-06-01

The smart grid is the integration of computing and communication technologies into a power grid with a goal of enabling real time control, and a reliable, secure, and efficient energy system [1]. With the increased interest of the research community and stakeholders towards the smart grid, a number of solutions and algorithms have been developed and proposed to address issues related to smart grid operations and functions. Those technologies and solutions need to be tested and validated before implementation using software simulators. In this paper, we developed a general smart grid simulation model in the MATLAB/Simulink environment, which integrates renewable energy resources, energy storage technology, load monitoring and control capability. To demonstrate and validate the effectiveness of our simulation model, we created simulation scenarios and performed simulations using a real-world data set provided by the Pecan Street Research Institute.

Challenges of Information Technology Security in the NASA Environment

NASA Technical Reports Server (NTRS)

Santiago, S. S.

2000-01-01

A brief description of the NASA organization and how the CIO responsibilities are integrated into that organization followed by an introduction of the NASA ITS Program goals and objectives. An overview of the four major enterprises' cultures and how those cultures tie back to the Enterprises' missions. A description of the ITS challenges that exist stemming from the competing NASA Enterprises' requirements and how they have formed the basis of the NASA ITS Program. A talk will focus on policies and procedures and the technology being incorporated into the NASA infrastructure and how that technology ties back to the policies and procedures.

Deployment of ERP Systems at Automotive Industries, Security Inspection (Case Study: IRAN KHODRO Automotive Company)

NASA Astrophysics Data System (ADS)

Ali, Hatamirad; Hasan, Mehrjerdi

Automotive industry and car production process is one of the most complex and large-scale production processes. Today, information technology (IT) and ERP systems incorporates a large portion of production processes. Without any integrated systems such as ERP, the production and supply chain processes will be tangled. The ERP systems, that are last generation of MRP systems, make produce and sale processes of these industries easier and this is the major factor of development of these industries anyhow. Today many of large-scale companies are developing and deploying the ERP systems. The ERP systems facilitate many of organization processes and make organization to increase efficiency. The security is a very important part of the ERP strategy at the organization, Security at the ERP systems, because of integrity and extensive, is more important of local and legacy systems. Disregarding of this point can play a giant role at success or failure of this kind of systems. The IRANKHODRO is the biggest automotive factory in the Middle East with an annual production over 600.000 cars. This paper presents ERP security deployment experience at the "IRANKHODRO Company". Recently, by launching ERP systems, it moved a big step toward more developments.

Highly integrated optical phased arrays: photonic integrated circuits for optical beam shaping and beam steering

NASA Astrophysics Data System (ADS)

Heck, Martijn J. R.

2017-01-01

Technologies for efficient generation and fast scanning of narrow free-space laser beams find major applications in three-dimensional (3D) imaging and mapping, like Lidar for remote sensing and navigation, and secure free-space optical communications. The ultimate goal for such a system is to reduce its size, weight, and power consumption, so that it can be mounted on, e.g. drones and autonomous cars. Moreover, beam scanning should ideally be done at video frame rates, something that is beyond the capabilities of current opto-mechanical systems. Photonic integrated circuit (PIC) technology holds the promise of achieving low-cost, compact, robust and energy-efficient complex optical systems. PICs integrate, for example, lasers, modulators, detectors, and filters on a single piece of semiconductor, typically silicon or indium phosphide, much like electronic integrated circuits. This technology is maturing fast, driven by high-bandwidth communications applications, and mature fabrication facilities. State-of-the-art commercial PICs integrate hundreds of elements, and the integration of thousands of elements has been shown in the laboratory. Over the last few years, there has been a considerable research effort to integrate beam steering systems on a PIC, and various beam steering demonstrators based on optical phased arrays have been realized. Arrays of up to thousands of coherent emitters, including their phase and amplitude control, have been integrated, and various applications have been explored. In this review paper, I will present an overview of the state of the art of this technology and its opportunities, illustrated by recent breakthroughs.

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 4 2011-10-01 2011-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 4 2014-10-01 2014-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 4 2012-10-01 2012-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

48 CFR 552.239-70 - Information Technology Security Plan and Security Authorization.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 4 2013-10-01 2013-10-01 false Information Technology... Text of Provisions and Clauses 552.239-70 Information Technology Security Plan and Security Authorization. As prescribed in 539.7002(a), insert the following provision: Information Technology Security...

Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research

NASA Astrophysics Data System (ADS)

Johnsen, Stig; Skramstad, Torbjorn; Hagen, Janne

This paper discusses the results of a questionnaire-based survey used to assess the safety, security and resilience of information and communications technology (ICT) and supervisory control and data acquisition (SCADA) systems used in the Norwegian oil and gas industry. The survey identifies several challenges, including the involvement of professionals with different backgrounds and expertise, lack of common risk perceptions, inadequate testing and integration of ICT and SCADA systems, poor information sharing related to undesirable incidents and lack of resilience in the design of technical systems. Action research is proposed as a process for addressing these challenges in a systematic manner and helping enhance the safety, security and resilience of ICT and SCADA systems used in oil and gas operations.

Ethics in Public Health Research

PubMed Central

Myers, Julie; Frieden, Thomas R.; Bherwani, Kamal M.; Henning, Kelly J.

2008-01-01

Public health agencies increasingly use electronic means to acquire, use, maintain, and store personal health information. Electronic data formats can improve performance of core public health functions, but potentially threaten privacy because they can be easily duplicated and transmitted to unauthorized people. Although such security breaches do occur, electronic data can be better secured than paper records, because authentication, authorization, auditing, and accountability can be facilitated. Public health professionals should collaborate with law and information technology colleagues to assess possible threats, implement updated policies, train staff, and develop preventive engineering measures to protect information. Tightened physical and electronic controls can prevent misuse of data, minimize the risk of security breaches, and help maintain the reputation and integrity of public health agencies. PMID:18382010

Underground Test Area Fiscal Year 2013 Annual Quality Assurance Report Nevada National Security Site, Nevada, Revision 0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krenzien, Susan; Marutzky, Sam

This report is required by the Underground Test Area (UGTA) Quality Assurance Plan (QAP) and identifies the UGTA quality assurance (QA) activities for fiscal year (FY) 2013. All UGTA organizations—U.S. Department of Energy (DOE), National Nuclear Security Administration Nevada Field Office (NNSA/NFO); Desert Research Institute (DRI); Lawrence Livermore National Laboratory (LLNL); Los Alamos National Laboratory (LANL); Navarro-Intera, LLC (N-I); National Security Technologies, LLC (NSTec); and the U.S. Geological Survey (USGS)—conducted QA activities in FY 2013. The activities included conducting assessments, identifying findings and completing corrective actions, evaluating laboratory performance, and publishing documents. In addition, integrated UGTA required reading and correctivemore » action tracking was instituted.« less

Secure and Resilient Functional Modeling for Navy Cyber-Physical Systems

DTIC Science & Technology

2017-05-24

Functional Modeling Compiler (SCCT) FM Compiler and Key Performance Indicators (KPI) May 2018 Pending. Model Management Backbone (SCCT) MMB Demonstration...implement the agent- based distributed runtime. - KPIs for single/multicore controllers and temporal/spatial domains. - Integration of the model management ...Distributed Runtime (UCI) Not started. Model Management Backbone (SCCT) Not started. Siemens Corporation Corporate Technology Unrestricted

Space station needs, attributes, and architectural options study. Volume 1: Missions and requirements

NASA Technical Reports Server (NTRS)

1983-01-01

Science and applications, NOAA environmental observation, commercial resource observations, commercial space processing, commercial communications, national security, technology development, and GEO servicing are addressed. Approach to time phasing of mission requirements, system sizing summary, time-phased user mission payload support, space station facility requirements, and integrated time-phased system requirements are also addressed.

Information Acquisition, Analysis and Integration

DTIC Science & Technology

2016-08-03

of sensing and processing, theory, applications, signal processing, image and video processing, machine learning , technology transfer. 16. SECURITY... learning . 5. Solved elegantly old problems like image and video debluring, intro- ducing new revolutionary approaches. 1 DISTRIBUTION A: Distribution...Polatkan, G. Sapiro, D. Blei, D. B. Dunson, and L. Carin, “ Deep learning with hierarchical convolution factor analysis,” IEEE 6 DISTRIBUTION A

Real World Project: Integrating the Classroom, External Business Partnerships and Professional Organizations

ERIC Educational Resources Information Center

Grant, Donna M.; Malloy, Alisha D.; Murphy, Marianne C.; Foreman, Jovanna; Robinson, Rowena A.

2010-01-01

A college degree is not what it used to be in respect to securing future employment. Constantly changing technologies in a struggling economy make it necessary for organizations to carefully balance recruitment staffing, particularly with regards to new hires. Organizations want to know that each new hire can add value immediately. In order to add…

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

To meet the U.S. Navy's energy goals, the National Renewable Energy Laboratory (NREL) and the Naval Facilities Engineering Command (NAVFAC) spent two years collaborating on demonstrations that tested market-ready energy efficiency measures, renewable energy generation, and energy systems integration. One such technology - an energy management system - was identified as a promising method for reducing energy use and costs, and can contribute to increasing energy security.

Civilian First Responder Decontamination Equipment Characteristics Survey Results

DTIC Science & Technology

2010-01-01

EQUIPMENT CHARACTERISTICS SURVEY RESULTS Scott Kooistra Shawn Bowen John Walther PROGRAM INTEGRATION DIRECTORATE Michael B. DeZearn ENGINEERING...COVERED (From - To) Mar 2007-Feb 2008 4. TITLE AND SUBTITLE Civilian First Responder Decontamination Equipment Characteristics Survey Results 5a...Department of Homeland Security/National Institute of Standards and Technology (DHS/NIST) Standards Development Team to develop a survey to

[Exploration of Recent Mobile Technologies Applied in Nursing Education].

PubMed

Wu, Ting-Ting; Lu, Yi-Chen; Chang, Lei

2017-12-01

The development of science and technology has fundamentally changed people's lives and the way that medical systems function. Increasingly, mobile technologies are being introduced and integrated into classroom teaching and clinical applications, resulting in healthcare providers introducing innovative applications into health education. These applications enhance the clinical, education, and research expertise of medical staffs and nurses, while improving quality of care and providing new experiences for patients. In order to understand the current situation and trends in nursing education, the present study adopted literature analysis to explore the influence and effect of mobile technologies that have been introduced into nursing education from the school and clinical environments. The results found that students hold positive attitudes toward introducing these technologies into their curricula. Although these technologies may increase the work efficiency of nurses in the workplace, questions remain user perceptions and professional expression. Therefore, securing patient agreement and healthcare system approval were major turning points in the introduction of mobile technologies into nursing education. In the future, adapting mobile technologies for use in teaching materials and courses may be further developed. Moreover, empirical studies may be used in future research in order to facilitate the increasingly successful integration of relevant technologies into nursing education.

Distributed Energy Systems: Security Implications of the Grid of the Future

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stamber, Kevin L.; Kelic, Andjelka; Taylor, Robert A.

2017-01-01

Distributed Energy Resources (DER) are being added to the nation's electric grid, and as penetration of these resources increases, they have the potential to displace or offset large-scale, capital-intensive, centralized generation. Integration of DER into operation of the traditional electric grid requires automated operational control and communication of DER elements, from system measurement to control hardware and software, in conjunction with a utility's existing automated and human-directed control of other portions of the system. Implementation of DER technologies suggests a number of gaps from both a security and a policy perspective. This page intentionally left blank.

Using software security analysis to verify the secure socket layer (SSL) protocol

NASA Technical Reports Server (NTRS)

Powell, John D.

2004-01-01

nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

Sharing Health Big Data for Research - A Design by Use Cases: The INSHARE Platform Approach.

PubMed

Bouzillé, Guillaume; Westerlynck, Richard; Defossez, Gautier; Bouslimi, Dalel; Bayat, Sahar; Riou, Christine; Busnel, Yann; Le Guillou, Clara; Cauvin, Jean-Michel; Jacquelinet, Christian; Pladys, Patrick; Oger, Emmanuel; Stindel, Eric; Ingrand, Pierre; Coatrieux, Gouenou; Cuggia, Marc

2017-01-01

Sharing and exploiting Health Big Data (HBD) allow tackling challenges: data protection/governance taking into account legal, ethical, and deontological aspects enables trust, transparent and win-win relationship between researchers, citizens, and data providers. Lack of interoperability: compartmentalized and syntactically/semantica heterogeneous data. INSHARE project using experimental proof of concept explores how recent technologies overcome such issues. Using 6 data providers, platform is designed via 3 steps to: (1) analyze use cases, needs, and requirements; (2) define data sharing governance, secure access to platform; and (3) define platform specifications. Three use cases - from 5 studies and 11 data sources - were analyzed for platform design. Governance derived from SCANNER model was adapted to data sharing. Platform architecture integrates: data repository and hosting, semantic integration services, data processing, aggregate computing, data quality and integrity monitoring, Id linking, multisource query builder, visualization and data export services, data governance, study management service and security including data watermarking.

Economics and Environmental Compatibility of Fusion Reactors —Its Analysis and Coming Issues— 4.Economic Effect of Fusion in Energy Market 4.2Various Externalities of Energy Systems and the Integrated Evaluation

NASA Astrophysics Data System (ADS)

Ito, Keishiro

The primacy of a nuclear fusion reactor in a competitive energy market remarkably depends on to what extent the reactor contributes to reduce the externalities of energy. The reduction effects are classified into two effects, which have quite dissimilar characteristics. One is an effect of environmental dimensions. The other is related to energy security. In this study I took up the results of EC's Extern Eproject studies as are presentative example of the former effect. Concerning the latter effect, I clarified the fundamental characteristics of externalities related to energy security and the conceptual framework for the purpose of evaluation. In the socio-economical evaluation of research into and development investments in nuclear fusions reactors, the public will require the development of integrated evaluation systems to support the cost-effect analysis of how well the reduction effects of externalities have been integrated with the effects of technological innovation, learning, spillover, etc.

Climate change, water security and the need for integrated policy development: the case of on-farm infrastructure investment in the Australian irrigation sector

NASA Astrophysics Data System (ADS)

Maraseni, T. N.; Mushtaq, S.; Reardon-Smith, K.

2012-09-01

The Australian Government is currently addressing the challenge of increasing water scarcity through significant on-farm infrastructure investment to facilitate the adoption of new water-efficient pressurized irrigation systems. However, it is highly likely that conversion to these systems will increase on-farm energy consumption and greenhouse gas (GHG) emissions, suggesting potential conflicts in terms of mitigation and adaptation policies. This study explored the trade-offs associated with the adoption of more water efficient but energy-intensive irrigation technologies by developing an integrated assessment framework. Integrated analysis of five case studies revealed trade-offs between water security and environmental security when conversion to pressurized irrigation systems was evaluated in terms of fuel and energy-related emissions, except in cases where older hand-shift sprinkler irrigation systems were replaced. These results suggest that priority should be given, in implementing on-farm infrastructure investment policy, to replacing inefficient and energy-intensive sprinkler irrigation systems such as hand-shift and roll-line. The results indicated that associated changes in the use of agricultural machinery and agrochemicals may also be important. The findings of this study support the use of an integrated approach to avoid possible conflicts in designing national climate change mitigation and adaptation policies, both of which are being developed in Australia.

The Idea to Promote the Development of E-Government in the Civil Aviation System

NASA Astrophysics Data System (ADS)

Renliang, Jiang

E-government has a significant impact on the organizational structure, working mechanism, operating methods and behavior patterns of the civil aviation administration department.The purpose of this research is to find some countermeasures propelling the electronization, network and office automation of the civil aviation system.The method used in the study was field and literature research.The studies showed that government departments in the civil aviation system could promote the development of e-government further by promoting open administration and implementing democratic and scientific decision-making, strengthening the popularization of information technology and information technology training on civil servants, paying attention to the integration and sharing of information resources, formulating a standard e-government system for the civil aviation system, developing the legal security system for the e-government and strengthening the network security.

On detection and visualization techniques for cyber security situation awareness

NASA Astrophysics Data System (ADS)

Yu, Wei; Wei, Shixiao; Shen, Dan; Blowers, Misty; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe; Zhang, Hanlin; Lu, Chao

2013-05-01

Networking technologies are exponentially increasing to meet worldwide communication requirements. The rapid growth of network technologies and perversity of communications pose serious security issues. In this paper, we aim to developing an integrated network defense system with situation awareness capabilities to present the useful information for human analysts. In particular, we implement a prototypical system that includes both the distributed passive and active network sensors and traffic visualization features, such as 1D, 2D and 3D based network traffic displays. To effectively detect attacks, we also implement algorithms to transform real-world data of IP addresses into images and study the pattern of attacks and use both the discrete wavelet transform (DWT) based scheme and the statistical based scheme to detect attacks. Through an extensive simulation study, our data validate the effectiveness of our implemented defense system.

A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety.

PubMed

Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Li, Fagen

2016-01-01

Patient medication safety is an important issue in patient medication systems. In order to prevent medication errors, integrating Radio Frequency Identification (RFID) technology into automated patient medication systems is required in hospitals. Based on RFID technology, such systems can provide medical evidence for patients' prescriptions and medicine doses, etc. Due to the mutual authentication between the medication server and the tag, RFID authentication scheme is the best choice for automated patient medication systems. In this paper, we present a RFID mutual authentication scheme based on elliptic curve cryptography (ECC) to enhance patient medication safety. Our scheme can achieve security requirements and overcome various attacks existing in other schemes. In addition, our scheme has better performance in terms of computational cost and communication overhead. Therefore, the proposed scheme is well suitable for patient medication systems.

76 FR 78009 - Information Collection; Implementation of Information Technology Security Provision

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-15

...] Information Collection; Implementation of Information Technology Security Provision AGENCY: General Services... collection requirement regarding Implementation of Information Technology Security Provision. Public comments... Information Collection 3090- 0294, Implementation of Information Technology Security Provision, by any of the...

Integrating information technologies as tools for surgical research.

PubMed

Schell, Scott R

2005-10-01

Surgical research is dependent upon information technologies. Selection of the computer, operating system, and software tool that best support the surgical investigator's needs requires careful planning before research commences. This manuscript presents a brief tutorial on how surgical investigators can best select these information technologies, with comparisons and recommendations between existing systems, software, and solutions. Privacy concerns, based upon HIPAA and other regulations, now require careful proactive attention to avoid legal penalties, civil litigation, and financial loss. Security issues are included as part of the discussions related to selection and application of information technology. This material was derived from a segment of the Association for Academic Surgery's Fundamentals of Surgical Research course.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jacobs, R

The Physics and Advanced Technologies (PAT) Directorate was created in July 2000 by Bruce Tarter, Director of Lawrence Livermore National Laboratory (LLNL). The Director called for the new organization to execute and support programs that apply cutting-edge physics and advanced technology to develop integrated solutions to problems in national security, fusion energy, information science, health care, and other national grand challenges. When I was appointed a year later as the PAT Directorate's first Associate Director, I initiated a strategic planning project to develop a vision, mission, and long-term goals for the Directorate. We adopted the goal of becoming a leadermore » in frontier physics and technology for twenty-first-century national security missions: Stockpile Stewardship, homeland security, energy independence, and the exploration of space. Our mission is to: (1) Help ensure the scientific excellence and vitality of the major LLNL programs through its leadership role in performing basic and applied multidisciplinary research and development with programmatic impact, and by recruiting and retaining science and technology leaders; (2) Create future opportunities and directions for LLNL and its major programs by growing new program areas and cutting-edge capabilities that are synergistic with, and supportive of, its national security mission; (3) Provide a direct conduit to the academic and high-tech industrial sectors for LLNL and its national security programs, through which the Laboratory gains access to frontier science and technology, and can impact the science and technology communities; (4) Leverage unique Laboratory capabilities, to advance the state universe. This inaugural PAT Annual Report begins a series that will chronicle our progress towards fulfilling this mission. I believe the report demonstrates that the PAT Directorate has a strong base of capabilities and accomplishments on which to build in meeting its goals. Some of the highlights include: (1) Leadership of the Laboratory's Physical Data Research Program that provides fundamental physics information for the Stockpile Stewardship Program. (2) Development of the handheld Microbead Immunoassay Dipstick System that will allow relatively untrained first-responders to run sophisticated onsite diagnostics for pathogens, including those associated with biowarfare agents, by using a simple, one-step measurement. (3) Major advances in target design for inertial fusion energy research using both laser and ion-beam drivers. (4) Development of the Advanced Technology Kill Vehicle concept for use as a high-performance interceptor in a broad range of missile defense programs. Over the course of the past decade, the Laboratory has seen its major program evolve from weapons research, development, and testing, to Stockpile Stewardship. Today, the country's national security priorities are changing rapidly: nuclear security is becoming a broader set of missions, and the Laboratory is being asked to contribute to a range of new mission areas from countering bioterrorism to ensuring information security. As we embark on the twenty-first century, the new PAT Directorate is poised to help lead the Laboratory's response to the country's changing national security needs.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

DOE-EERE's Bioenergy Technologies Office (BETO) works to accelerate the development of a sustainable, cost-competitive, advanced biofuel industry that can strengthen U.S. energy security, environmental quality, and economic vitality, through research, development, and demonstration projects in partnership with industry, academia, and national laboratory partners. BETO’s Advanced Algal Systems Program (also called the Algae Program) has a long-term applied research and development (R&D) strategy to increase the yields and lower the costs of algal biofuels. The team works with partners to develop new technologies, to integrate technologies at commercially relevant scales, and to conduct crosscutting analyses to better understand the potential andmore » challenges of the algal biofuels industry. Research has indicated that this industry is capable of producing billions of gallons of renewable diesel, gasoline, and jet fuels annually. R&D activities are integrated with BETO’s longstanding effort to accelerate the commercialization of lignocellulosic biofuels.« less

Photonic sensor applications in transportation security

NASA Astrophysics Data System (ADS)

Krohn, David A.

2007-09-01

There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically address transportation security, photonic sensors fall into two categories: fixed point monitoring and mobile tracking. In fixed point monitoring, the sensors monitor bridge and tunnel structural health and environment problems such as toxic gases in a tunnel. Mobile tracking sensors are being designed to track cargo such as shipboard cargo containers and trucks. Mobile tracking sensor systems have multifunctional sensor requirements including intrusion (tampering), biochemical, radiation and explosives detection. This paper will review the state of the art of photonic sensor technologies and their ability to meet the challenges of transportation security.

A SOPC-BASED Evaluation of AES for 2.4 GHz Wireless Network

NASA Astrophysics Data System (ADS)

Ken, Cai; Xiaoying, Liang

In modern systems, data security is needed more than ever before and many cryptographic algorithms are utilized for security services. Wireless Sensor Networks (WSN) is an example of such technologies. In this paper an innovative SOPC-based approach for the security services evaluation in WSN is proposed that addresses the issues of scalability, flexible performance, and silicon efficiency for the hardware acceleration of encryption system. The design includes a Nios II processor together with custom designed modules for the Advanced Encryption Standard (AES) which has become the default choice for various security services in numerous applications. The objective of this mechanism is to present an efficient hardware realization of AES using very high speed integrated circuit hardware description language (Verilog HDL) and expand the usability for various applications. As compared to traditional customize processor design, the mechanism provides a very broad range of cost/performance points.

78 FR 7334 - Port Authority Access to Facility Vulnerability Assessments and the Integration of Security Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-01

... to Facility Vulnerability Assessments and the Integration of Security Systems AGENCY: Coast Guard...-sharing measures. Security System Integration Alternatives Require each MTSA-regulated facility owner or... other forms of security system integration. Information Requested 1. We request comments on the...

Smart photonic networks and computer security for image data

NASA Astrophysics Data System (ADS)

Campello, Jorge; Gill, John T.; Morf, Martin; Flynn, Michael J.

1998-02-01

Work reported here is part of a larger project on 'Smart Photonic Networks and Computer Security for Image Data', studying the interactions of coding and security, switching architecture simulations, and basic technologies. Coding and security: coding methods that are appropriate for data security in data fusion networks were investigated. These networks have several characteristics that distinguish them form other currently employed networks, such as Ethernet LANs or the Internet. The most significant characteristics are very high maximum data rates; predominance of image data; narrowcasting - transmission of data form one source to a designated set of receivers; data fusion - combining related data from several sources; simple sensor nodes with limited buffering. These characteristics affect both the lower level network design and the higher level coding methods.Data security encompasses privacy, integrity, reliability, and availability. Privacy, integrity, and reliability can be provided through encryption and coding for error detection and correction. Availability is primarily a network issue; network nodes must be protected against failure or routed around in the case of failure. One of the more promising techniques is the use of 'secret sharing'. We consider this method as a special case of our new space-time code diversity based algorithms for secure communication. These algorithms enable us to exploit parallelism and scalable multiplexing schemes to build photonic network architectures. A number of very high-speed switching and routing architectures and their relationships with very high performance processor architectures were studied. Indications are that routers for very high speed photonic networks can be designed using the very robust and distributed TCP/IP protocol, if suitable processor architecture support is available.

Constructing RBAC Based Security Model in u-Healthcare Service Platform

PubMed Central

Shin, Moon Sun; Jeon, Heung Seok; Ju, Yong Wan; Lee, Bum Ju; Jeong, Seon-Phil

2015-01-01

In today's era of aging society, people want to handle personal health care by themselves in everyday life. In particular, the evolution of medical and IT convergence technology and mobile smart devices has made it possible for people to gather information on their health status anytime and anywhere easily using biometric information acquisition devices. Healthcare information systems can contribute to the improvement of the nation's healthcare quality and the reduction of related cost. However, there are no perfect security models or mechanisms for healthcare service applications, and privacy information can therefore be leaked. In this paper, we examine security requirements related to privacy protection in u-healthcare service and propose an extended RBAC based security model. We propose and design u-healthcare service integration platform (u-HCSIP) applying RBAC security model. The proposed u-HCSIP performs four main functions: storing and exchanging personal health records (PHR), recommending meals and exercise, buying/selling private health information or experience, and managing personal health data using smart devices. PMID:25695104

Constructing RBAC based security model in u-healthcare service platform.

PubMed

Shin, Moon Sun; Jeon, Heung Seok; Ju, Yong Wan; Lee, Bum Ju; Jeong, Seon-Phil

2015-01-01

In today's era of aging society, people want to handle personal health care by themselves in everyday life. In particular, the evolution of medical and IT convergence technology and mobile smart devices has made it possible for people to gather information on their health status anytime and anywhere easily using biometric information acquisition devices. Healthcare information systems can contribute to the improvement of the nation's healthcare quality and the reduction of related cost. However, there are no perfect security models or mechanisms for healthcare service applications, and privacy information can therefore be leaked. In this paper, we examine security requirements related to privacy protection in u-healthcare service and propose an extended RBAC based security model. We propose and design u-healthcare service integration platform (u-HCSIP) applying RBAC security model. The proposed u-HCSIP performs four main functions: storing and exchanging personal health records (PHR), recommending meals and exercise, buying/selling private health information or experience, and managing personal health data using smart devices.

Cyber security challenges in Smart Cities: Safety, security and privacy.

PubMed

Elmaghraby, Adel S; Losavio, Michael M

2014-07-01

The world is experiencing an evolution of Smart Cities. These emerge from innovations in information technology that, while they create new economic and social opportunities, pose challenges to our security and expectations of privacy. Humans are already interconnected via smart phones and gadgets. Smart energy meters, security devices and smart appliances are being used in many cities. Homes, cars, public venues and other social systems are now on their path to the full connectivity known as the "Internet of Things." Standards are evolving for all of these potentially connected systems. They will lead to unprecedented improvements in the quality of life. To benefit from them, city infrastructures and services are changing with new interconnected systems for monitoring, control and automation. Intelligent transportation, public and private, will access a web of interconnected data from GPS location to weather and traffic updates. Integrated systems will aid public safety, emergency responders and in disaster recovery. We examine two important and entangled challenges: security and privacy. Security includes illegal access to information and attacks causing physical disruptions in service availability. As digital citizens are more and more instrumented with data available about their location and activities, privacy seems to disappear. Privacy protecting systems that gather data and trigger emergency response when needed are technological challenges that go hand-in-hand with the continuous security challenges. Their implementation is essential for a Smart City in which we would wish to live. We also present a model representing the interactions between person, servers and things. Those are the major element in the Smart City and their interactions are what we need to protect.

Integrated web-based viewing and secure remote access to a clinical data repository and diverse clinical systems.

PubMed

Duncan, R G; Saperia, D; Dulbandzhyan, R; Shabot, M M; Polaschek, J X; Jones, D T

2001-01-01

The advent of the World-Wide-Web protocols and client-server technology has made it easy to build low-cost, user-friendly, platform-independent graphical user interfaces to health information systems and to integrate the presentation of data from multiple systems. The authors describe a Web interface for a clinical data repository (CDR) that was moved from concept to production status in less than six months using a rapid prototyping approach, multi-disciplinary development team, and off-the-shelf hardware and software. The system has since been expanded to provide an integrated display of clinical data from nearly 20 disparate information systems.

Efficient security mechanisms for mHealth applications using wireless body sensor networks.

PubMed

Sahoo, Prasan Kumar

2012-01-01

Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme.

Efficient Security Mechanisms for mHealth Applications Using Wireless Body Sensor Networks

PubMed Central

Sahoo, Prasan Kumar

2012-01-01

Recent technological advances in wireless communications and physiological sensing allow miniature, lightweight, ultra-low power, intelligent monitoring devices, which can be integrated into a Wireless Body Sensor Network (WBSN) for health monitoring. Physiological signals of humans such as heartbeats, temperature and pulse can be monitored from a distant location using tiny biomedical wireless sensors. Hence, it is highly essential to combine the ubiquitous computing with mobile health technology using wireless sensors and smart phones to monitor the well-being of chronic patients such as cardiac, Parkinson and epilepsy patients. Since physiological data of a patient are highly sensitive, maintaining its confidentiality is highly essential. Hence, security is a vital research issue in mobile health (mHealth) applications, especially if a patient has an embarrassing disease. In this paper a three tier security architecture for the mHealth application is proposed, in which light weight data confidentiality and authentication protocols are proposed to maintain the privacy of a patient. Moreover, considering the energy and hardware constraints of the wireless body sensors, low complexity data confidential and authentication schemes are designed. Performance evaluation of the proposed architecture shows that they can satisfy the energy and hardware limitations of the sensors and still can maintain the secure fabrics of the wireless body sensor networks. Besides, the proposed schemes can outperform in terms of energy consumption, memory usage and computation time over standard key establishment security scheme. PMID:23112734

Communication and computing technology in biocontainment laboratories using the NEIDL as a model.

PubMed

McCall, John; Hardcastle, Kath

2014-07-01

The National Emerging Infectious Diseases Laboratories (NEIDL), Boston University, is a globally unique biocontainment research facility housing biosafety level 2 (BSL-2), BSL-3, and BSL-4 laboratories. Located in the BioSquare area at the University's Medical Campus, it is part of a national network of secure facilities constructed to study infectious diseases of major public health concern. The NEIDL allows for basic, translational, and clinical phases of research to be carried out in a single facility with the overall goal of accelerating understanding, treatment, and prevention of infectious diseases. The NEIDL will also act as a center of excellence providing training and education in all aspects of biocontainment research. Within every detail of NEIDL operations is a primary emphasis on safety and security. The ultramodern NEIDL has required a new approach to communications technology solutions in order to ensure safety and security and meet the needs of investigators working in this complex building. This article discusses the implementation of secure wireless networks and private cloud computing to promote operational efficiency, biosecurity, and biosafety with additional energy-saving advantages. The utilization of a dedicated data center, virtualized servers, virtualized desktop integration, multichannel secure wireless networks, and a NEIDL-dedicated Voice over Internet Protocol (VoIP) network are all discussed. © 2014 Federation of European Microbiological Societies. Published by John Wiley & Sons Ltd. All rights reserved.

Integration of a mobile-integrated therapy with electronic health records: lessons learned.

PubMed

Peeples, Malinda M; Iyer, Anand K; Cohen, Joshua L

2013-05-01

Responses to the chronic disease epidemic have predominantly been standardized in their approach to date. Barriers to better health outcomes remain, and effective management requires patient-specific data and disease state knowledge be presented in methods that foster clinical decision-making and patient self-management. Mobile technology provides a new platform for data collection and patient-provider communication. The mobile device represents a personalized platform that is available to the patient on a 24/7 basis. Mobile-integrated therapy (MIT) is the convergence of mobile technology, clinical and behavioral science, and scientifically validated clinical outcomes. In this article, we highlight the lessons learned from functional integration of a Food and Drug Administration-cleared type 2 diabetes MIT into the electronic health record (EHR) of a multiphysician practice within a large, urban, academic medical center. In-depth interviews were conducted with integration stakeholder groups: mobile and EHR software and information technology teams, clinical end users, project managers, and business analysts. Interviews were summarized and categorized into lessons learned using the Architecture for Integrated Mobility® framework. Findings from the diverse stakeholder group of a MIT-EHR integration project indicate that user workflow, software system persistence, environment configuration, device connectivity and security, organizational processes, and data exchange heuristics are key issues that must be addressed. Mobile-integrated therapy that integrates patient self-management data with medical record data provides the opportunity to understand the potential benefits of bidirectional data sharing and reporting that are most valuable in advancing better health and better care in a cost-effective way that is scalable for all chronic diseases. © 2013 Diabetes Technology Society.

Learning across Disciplines: A Collective Case Study of Two University Programs That Integrate the Arts with STEM

ERIC Educational Resources Information Center

Ghanbari, Sheena

2015-01-01

There has been some debate and research that suggests the arts are well-suited to be combined with science, technology, engineering, and math disciplines making the STEM acronym STEAM. STEM education is an educational and political priority in the United States and is valued as a means of strengthening national security and ensuring global…

Development of an Innovative Interactive Virtual Classroom System for K-12 Education Using Google App Engine

ERIC Educational Resources Information Center

Mumba, Frackson; Zhu, Mengxia

2013-01-01

This paper presents a Simulation-based interactive Virtual ClassRoom web system (SVCR: www.vclasie.com) powered by the state-of-the-art cloud computing technology from Google SVCR integrates popular free open-source math, science and engineering simulations and provides functions such as secure user access control and management of courses,…

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

As part of the U.S. Navy's overall energy strategy, the National Renewable Energy Laboratory (NREL) partnered with the Naval Facilities Engineering Command (NAVFAC) to demonstrate market-ready energy efficiency measures, renewable energy generation, and energy systems integration. One such technology - retrofitting rooftop air-conditioning units with an advanced rooftop control system - was identified as a promising source for reducing energy use and costs, and can contribute to increasing energy security.

Understanding and Managing Causality of Change in Socio-Technical Systems II

DTIC Science & Technology

2011-01-25

SUBJECT TERMS Cognition , Human Effectiveness, Information Science 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT Same as Report (SAR) 18...at large taking into account the cognitive interaction between humans and technology. 8 Hussein Abbass Professor Abbass leads the...Network Centric Operations Future Air Traffic Management Systems Cognitive Engineering including Human-Computer Integration In all of the

Picosecond imaging of signal propagation in integrated circuits

NASA Astrophysics Data System (ADS)

Frohmann, Sven; Dietz, Enrico; Dittrich, Helmar; Hübers, Heinz-Wilhelm

2017-04-01

Optical analysis of integrated circuits (IC) is a powerful tool for analyzing security functions that are implemented in an IC. We present a photon emission microscope for picosecond imaging of hot carrier luminescence in ICs in the near-infrared spectral range from 900 to 1700 nm. It allows for a semi-invasive signal tracking in fully operational ICs on the gate or transistor level with a timing precision of approximately 6 ps. The capabilities of the microscope are demonstrated by imaging the operation of two ICs made by 180 and 60 nm process technology.

Moving forward in plant food safety and security through NanoBioSensors: Adopt or adapt biomedical technologies?

PubMed

Sharma, Tarun K; Ramanathan, Rajesh; Rakwal, Randeep; Agrawal, Ganesh K; Bansal, Vipul

2015-05-01

Plant-based foods are integral part of our day-to-day diet. Increasing world population has put forth an ever increasing demand for plant-based foods, and food security remains a major concern. Similarly, biological, chemical, and physical threats to our food and increasing regulatory demands to control the presence of foreign species in food products have made food safety a growing issue. Nanotechnology has already established its roots in diverse disciplines. However, the food industry is yet to harness the full potential of the unique capabilities offered by this next-generation technology. While there might be safety concerns in regards to integration of nanoproducts with our food products, an aspect of nanotechnology that can make remarkable contribution to different elements of the food chain is the use of nanobiosensors and diagnostic platforms for monitoring food traceability, quality, safety, and nutritional value. This brings us to an important question that whether existing diagnostic platforms that have already been well developed for biomedical and clinical application are suitable for food industry or whether the demands of the food industry are altogether different that may not allow adoption/adaptation of the existing technology. This review is an effort to raise this important "uncomfortable" yet "timely" question. © 2015 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

78 FR 17219 - Homeland Security Science and Technology Advisory Committee Meeting Cancellation

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-20

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0014] Homeland Security Science and...: Notice of Cancellation of the Federal Advisory Committee Meeting for Homeland Security Science and Technology Advisory Committee (HSSTAC). SUMMARY: The meeting of the Homeland Security Science and Technology...

Research on offense and defense technology for iOS kernel security mechanism

NASA Astrophysics Data System (ADS)

Chu, Sijun; Wu, Hao

2018-04-01

iOS is a strong and widely used mobile device system. It's annual profits make up about 90% of the total profits of all mobile phone brands. Though it is famous for its security, there have been many attacks on the iOS operating system, such as the Trident apt attack in 2016. So it is important to research the iOS security mechanism and understand its weaknesses and put forward targeted protection and security check framework. By studying these attacks and previous jailbreak tools, we can see that an attacker could only run a ROP code and gain kernel read and write permissions based on the ROP after exploiting kernel and user layer vulnerabilities. However, the iOS operating system is still protected by the code signing mechanism, the sandbox mechanism, and the not-writable mechanism of the system's disk area. This is far from the steady, long-lasting control that attackers expect. Before iOS 9, breaking these security mechanisms was usually done by modifying the kernel's important data structures and security mechanism code logic. However, after iOS 9, the kernel integrity protection mechanism was added to the 64-bit operating system and none of the previous methods were adapted to the new versions of iOS [1]. But this does not mean that attackers can not break through. Therefore, based on the analysis of the vulnerability of KPP security mechanism, this paper implements two possible breakthrough methods for kernel security mechanism for iOS9 and iOS10. Meanwhile, we propose a defense method based on kernel integrity detection and sensitive API call detection to defense breakthrough method mentioned above. And we make experiments to prove that this method can prevent and detect attack attempts or invaders effectively and timely.

Web Service Execution and Monitoring in Integrated Applications in Support of Business Communities

NASA Astrophysics Data System (ADS)

Chiriacescu, Rares M.; SzóKe, Alexandru; Portase, Sorin; Florea, Monica

Emerging technology is one of the key factors that drive the business world to faster adaptation, reaction and shorter communication path. Building upon such technologies, business communities emerge, geared toward high flexibility in their offerings and collaboration: business-to-customer and business-to-business collaborations. Adapting to the market requirements, companies must address several technical challenges that arise from the main requirements of the system they have to introduce: a high degree of flexibility, heterogeneous system collaboration and security of the transferred data.

Security in perspective; luxury or must?

PubMed

Bakker, A

1998-03-01

In this paper, security in health information systems is put into perspective. The further penetration of information technology into health care is discussed and it is concluded that information systems have already become a vital component, not only for the logistics of the health care institution but also for the rendering of care and cure. Health care depends heavily on adequate data, so availability and integrity are equally important. In view of the sensitive nature of many patient data, the importance of confidentiality was recognised long before computers were invented. For widespread use of IT in health care it is of vital importance that computers can be trusted in respect of confidentiality. This paper emphasises the need to pay attention to security and suggests a responsible approach with implementation of both technical and organisational measures.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

Advanced software integration: The case for ITV facilities

NASA Technical Reports Server (NTRS)

Garman, John R.

1990-01-01

The array of technologies and methodologies involved in the development and integration of avionics software has moved almost as rapidly as computer technology itself. Future avionics systems involve major advances and risks in the following areas: (1) Complexity; (2) Connectivity; (3) Security; (4) Duration; and (5) Software engineering. From an architectural standpoint, the systems will be much more distributed, involve session-based user interfaces, and have the layered architectures typified in the layers of abstraction concepts popular in networking. Typified in the NASA Space Station Freedom will be the highly distributed nature of software development itself. Systems composed of independent components developed in parallel must be bound by rigid standards and interfaces, the clean requirements and specifications. Avionics software provides a challenge in that it can not be flight tested until the first time it literally flies. It is the binding of requirements for such an integration environment into the advances and risks of future avionics systems that form the basis of the presented concept and the basic Integration, Test, and Verification concept within the development and integration life cycle of Space Station Mission and Avionics systems.

Reviews on Security Issues and Challenges in Cloud Computing

NASA Astrophysics Data System (ADS)

An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

2016-11-01

Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

NASA Information Technology Implementation Plan

NASA Technical Reports Server (NTRS)

2000-01-01

NASA's Information Technology (IT) resources and IT support continue to be a growing and integral part of all NASA missions. Furthermore, the growing IT support requirements are becoming more complex and diverse. The following are a few examples of the growing complexity and diversity of NASA's IT environment. NASA is conducting basic IT research in the Intelligent Synthesis Environment (ISE) and Intelligent Systems (IS) Initiatives. IT security, infrastructure protection, and privacy of data are requiring more and more management attention and an increasing share of the NASA IT budget. Outsourcing of IT support is becoming a key element of NASA's IT strategy as exemplified by Outsourcing Desktop Initiative for NASA (ODIN) and the outsourcing of NASA Integrated Services Network (NISN) support. Finally, technology refresh is helping to provide improved support at lower cost. Recently the NASA Automated Data Processing (ADP) Consolidation Center (NACC) upgraded its bipolar technology computer systems with Complementary Metal Oxide Semiconductor (CMOS) technology systems. This NACC upgrade substantially reduced the hardware maintenance and software licensing costs, significantly increased system speed and capacity, and reduced customer processing costs by 11 percent.

78 FR 56263 - HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] HydroGen Corp., QueryObject Systems Corp., Security Intelligence Technologies, Inc., Skins, Inc., SLM Holdings, Inc., Spring Creek Healthcare Systems... securities of Security Intelligence Technologies, Inc. because it has not filed any periodic reports since...

The research of network database security technology based on web service

NASA Astrophysics Data System (ADS)

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Magee, Thoman

The Consolidated Edison, Inc., of New York (Con Edison) Secure Interoperable Open Smart Grid Demonstration Project (SGDP), sponsored by the United States (US) Department of Energy (DOE), demonstrated that the reliability, efficiency, and flexibility of the grid can be improved through a combination of enhanced monitoring and control capabilities using systems and resources that interoperate within a secure services framework. The project demonstrated the capability to shift, balance, and reduce load where and when needed in response to system contingencies or emergencies by leveraging controllable field assets. The range of field assets includes curtailable customer loads, distributed generation (DG), batterymore » storage, electric vehicle (EV) charging stations, building management systems (BMS), home area networks (HANs), high-voltage monitoring, and advanced metering infrastructure (AMI). The SGDP enables the seamless integration and control of these field assets through a common, cyber-secure, interoperable control platform, which integrates a number of existing legacy control and data systems, as well as new smart grid (SG) systems and applications. By integrating advanced technologies for monitoring and control, the SGDP helps target and reduce peak load growth, improves the reliability and efficiency of Con Edison’s grid, and increases the ability to accommodate the growing use of distributed resources. Con Edison is dedicated to lowering costs, improving reliability and customer service, and reducing its impact on the environment for its customers. These objectives also align with the policy objectives of New York State as a whole. To help meet these objectives, Con Edison’s long-term vision for the distribution grid relies on the successful integration and control of a growing penetration of distributed resources, including demand response (DR) resources, battery storage units, and DG. For example, Con Edison is expecting significant long-term growth of DG. The SGDP enables the efficient, flexible integration of these disparate resources and lays the architectural foundations for future scalability. Con Edison assembled an SGDP team of more than 16 different project partners, including technology vendors, and participating organizations, and the Con Edison team provided overall guidance and project management. Project team members are listed in Table 1-1.« less

Towards Trustable Digital Evidence with PKIDEV: PKI Based Digital Evidence Verification Model

NASA Astrophysics Data System (ADS)

Uzunay, Yusuf; Incebacak, Davut; Bicakci, Kemal

How to Capture and Preserve Digital Evidence Securely? For the investigation and prosecution of criminal activities that involve computers, digital evidence collected in the crime scene has a vital importance. On one side, it is a very challenging task for forensics professionals to collect them without any loss or damage. On the other, there is the second problem of providing the integrity and authenticity in order to achieve legal acceptance in a court of law. By conceiving digital evidence simply as one instance of digital data, it is evident that modern cryptography offers elegant solutions for this second problem. However, to our knowledge, there is not any previous work proposing a systematic model having a holistic view to address all the related security problems in this particular case of digital evidence verification. In this paper, we present PKIDEV (Public Key Infrastructure based Digital Evidence Verification model) as an integrated solution to provide security for the process of capturing and preserving digital evidence. PKIDEV employs, inter alia, cryptographic techniques like digital signatures and secure time-stamping as well as latest technologies such as GPS and EDGE. In our study, we also identify the problems public-key cryptography brings when it is applied to the verification of digital evidence.

"It's Like a Cyber-Security Blanket": The Utility of Remote Activity Monitoring in Family Dementia Care.

PubMed

Mitchell, Lauren L; Peterson, Colleen M; Rud, Shaina R; Jutkowitz, Eric; Sarkinen, Andrielle; Trost, Sierra; Porta, Carolyn M; Finlay, Jessica M; Gaugler, Joseph E

2018-03-01

Technologies have emerged that aim to help older persons with Alzheimer's disease and related dementias (ADRDs) remain at home while also supporting their caregiving family members. However, the usefulness of these innovations, particularly in home-based care contexts, remains underexplored. The current study evaluated the acceptability and utility of an in-home remote activity monitoring (RAM) system for 30 family caregivers of persons with ADRD via quantitative survey data collected over a 6-month period and qualitative survey and interview data collected for up to 18 months. A parallel convergent mixed methods design was employed. The integrated qualitative and quantitative data suggested that RAM technology offered ongoing monitoring and provided caregivers with a sense of security. Considerable customization was needed so that RAM was most appropriate for persons with ADRD. The findings have important clinical implications when considering how RAM can supplement, or potentially substitute for, ADRD family care.

Biophotonic ring resonator for ultrasensitive detection of DMMP as a simulant for organophosphorus agents.

PubMed

Bonnot, Karine; Cuesta-Soto, Francisco; Rodrigo, Manuel; Varriale, Antonio; Sanchez, Nuria; D'Auria, Sabato; Spitzer, Denis; Lopez-Royo, Francisco

2014-05-20

Combining photonic integrated circuits with a biologically based sensing approach has the ability to provide a new generation of portable and low-cost sensor devices with a high specificity and sensitivity for a number of applications in environmental monitoring, defense, and homeland security. We report herein on the specific biosensing under continuous air flow of DMMP, which is commonly used as a simulant and a precursor for the synthesis of Sarin. The proposed technology is based on the selective recognition of the targeted DMMP molecule by specifically modified proteins immobilized on photonic structures. The response of the biophotonic structures shows a high stability and accuracy over 3 months, allowing for the detection in diluted air of DMMP at concentration as low as 35 μg/m(3) (6.8 ppb) in less than 15 min. The performance of the developed technology satisfies most current homeland and military security requirements.

A Trustworthy Key Generation Prototype Based on DDR3 PUF for Wireless Sensor Networks

PubMed Central

Liu, Wenchao; Zhang, Zhenhua; Li, Miaoxin; Liu, Zhenglin

2014-01-01

Secret key leakage in wireless sensor networks (WSNs) is a high security risk especially when sensor nodes are deployed in hostile environment and physically accessible to attackers. With nowadays semi/fully-invasive attack techniques attackers can directly derive the cryptographic key from non-volatile memory (NVM) storage. Physically Unclonable Function (PUF) is a promising technology to resist node capture attacks, and it also provides a low cost and tamper-resistant key provisioning solution. In this paper, we designed a PUF based on double-data-rate SDRAM Type 3 (DDR3) memory by exploring its memory decay characteristics. We also described a prototype of 128-bit key generation based on DDR3 PUF with integrated fuzzy extractor. Due to the wide adoption of DDR3 memory in WSN, our proposed DDR3 PUF technology with high security levels and no required hardware changes is suitable for a wide range of WSN applications. PMID:24984058

Privacy and Security in Multi-User Health Kiosks

PubMed Central

TAKYI, HAROLD; WATZLAF, VALERIE; MATTHEWS, JUDITH TABOLT; ZHOU, LEMING; DEALMEIDA, DILHARI

2017-01-01

Enforcement of the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) has gotten stricter and penalties have become more severe in response to a significant increase in computer-related information breaches in recent years. With health information said to be worth twice as much as other forms of information on the underground market, making preservation of privacy and security an integral part of health technology development, rather than an afterthought, not only mitigates risks but also helps to ensure HIPAA and HITECH compliance. This paper provides a guide, based on the Office for Civil Rights (OCR) audit protocol, for creating and maintaining an audit checklist for multi-user health kiosks. Implementation of selected audit elements for a multi-user health kiosk designed for use by community-residing older adults illustrates how the guide can be applied. PMID:28814990

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Marine data security based on blockchain technology

NASA Astrophysics Data System (ADS)

Yang, Zhao; Xie, Weiwei; Huang, Lei; Wei, Zhiqiang

2018-03-01

With the development of marine observation technology and network technology, the volume of marine data growing rapidly. This brings new challenges for data storage and transmission. How to protect data security of marine big data has become an urgent problem. The traditional information security methods’ characteristic is centralization. These technologies cannot provide whole process protection, e.g., data storage, data management and application of data. The blockchain technology is a novel technology, which can keep the data security and reliability by using decentralized methodology. It has aroused wide interest in the financial field. In this paper, we describe the concept, characteristics and key technologies of blockchain technology and introduce it into the field of marine data security.

78 FR 41954 - TA-W-82,634, Prudential Global Business Technology Solutions Central Security Services Dresher...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-12

... Business Technology Solutions Central Security Services Iselin, New Jersey; TA-W-82,634B, Prudential Global Business Technology Solutions Central Security Services Plymouth, Minnesota; TA- W-82,634C, Prudential Global Business Technology Solutions Central Security Services Scottsdale, Arizona; TA-W-82,634D...

Use of IPsec by Manned Space Missions

NASA Technical Reports Server (NTRS)

Pajevski, Michael J.

2009-01-01

NASA's Constellation Program is developing its next generation manned space systems for missions to the International Space Station (ISS) and the Moon. The Program is embarking on a path towards standards based Internet Protocol (IP) networking for space systems communication. The IP based communications will be paired with industry standard security mechanisms such as Internet Protocol Security (IPsec) to ensure the integrity of information exchanges and prevent unauthorized release of sensitive information in-transit. IPsec has been tested in simulations on the ground and on at least one Earth orbiting satellite, but the technology is still unproven in manned space mission situations and significant obstacles remain.

Integrating Top-down and Bottom-up Cybersecurity Guidance using XML

PubMed Central

Lubell, Joshua

2016-01-01

This paper describes a markup-based approach for synthesizing disparate information sources and discusses a software implementation of the approach. The implementation makes it easier for people to use two complementary, but differently structured, guidance specifications together: the (top-down) Cybersecurity Framework and the (bottom-up) National Institute of Standards and Technology Special Publication 800-53 security control catalog. An example scenario demonstrates how the software implementation can help a security professional select the appropriate safeguards for restricting unauthorized access to an Industrial Control System. The implementation and example show the benefits of this approach and suggest its potential application to disciplines other than cybersecurity. PMID:27795810

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

ADVANCED SEISMIC BASE ISOLATION METHODS FOR MODULAR REACTORS

DOE Office of Scientific and Technical Information (OSTI.GOV)

E. Blanford; E. Keldrauk; M. Laufer

2010-09-20

Advanced technologies for structural design and construction have the potential for major impact not only on nuclear power plant construction time and cost, but also on the design process and on the safety, security and reliability of next generation of nuclear power plants. In future Generation IV (Gen IV) reactors, structural and seismic design should be much more closely integrated with the design of nuclear and industrial safety systems, physical security systems, and international safeguards systems. Overall reliability will be increased, through the use of replaceable and modular equipment, and through design to facilitate on-line monitoring, in-service inspection, maintenance, replacement,more » and decommissioning. Economics will also receive high design priority, through integrated engineering efforts to optimize building arrangements to minimize building heights and footprints. Finally, the licensing approach will be transformed by becoming increasingly performance based and technology neutral, using best-estimate simulation methods with uncertainty and margin quantification. In this context, two structural engineering technologies, seismic base isolation and modular steel-plate/concrete composite structural walls, are investigated. These technologies have major potential to (1) enable standardized reactor designs to be deployed across a wider range of sites, (2) reduce the impact of uncertainties related to site-specific seismic conditions, and (3) alleviate reactor equipment qualification requirements. For Gen IV reactors the potential for deliberate crashes of large aircraft must also be considered in design. This report concludes that base-isolated structures should be decoupled from the reactor external event exclusion system. As an example, a scoping analysis is performed for a rectangular, decoupled external event shell designed as a grillage. This report also reviews modular construction technology, particularly steel-plate/concrete construction using factory prefabricated structural modules, for application to external event shell and base isolated structures.« less

Ageing-in-place with the use of ambient intelligence technology: perspectives of older users.

PubMed

van Hoof, J; Kort, H S M; Rutten, P G S; Duijnstee, M S H

2011-05-01

Ambient intelligence technologies are a means to support ageing-in-place by monitoring clients in the home. In this study, monitoring is applied for the purpose of raising an alarm in an emergency situation, and thereby, providing an increased sense of safety and security. Apart from these technological solutions, there are numerous environmental interventions in the home environment that can support people to age-in-place. The aim of this study was to investigate the needs and motives, related to ageing-in-place, of the respondents receiving ambient intelligence technologies, and to investigate whether, and how, these technologies contributed to aspects of ageing-in-place. This paper presents the results of a qualitative study comprised of interviews and observations of technology and environmental interventions in the home environment among 18 community-dwelling older adults with a complex demand for care. These respondents had a prototype of the Unattended Autonomous Surveillance system, an example of ambient intelligence technology, installed in their homes as a means to age-in-place. The UAS-system offers a large range of functionalities, including mobility monitoring, voice response, fire detection, as well as wandering detection and prevention, which can be installed in different configurations. The respondents had various motives to use ambient intelligence technologies to support ageing-in-place. The most prominent reason was to improve the sense of safety and security, in particular, in case of fall incidents, when people were afraid not to be able to use their existing emergency response systems. The ambient intelligence technologies were initially seen as a welcome addition to strategies already adopted by the respondents, including a variety of home modifications and assistive devices. The systems tested increased the sense of safety and security and helped to postpone institutionalisation. Respondents came up with a set of specifications in terms of the operation and the design of the technology. False alarms were also regarded as a sign that the ambient intelligence technology is functioning. Moreover, a good integration of the new technologies in the provision of health care is indispensable, and installation should be done in an acceptable and unobtrusive manner. Ambient intelligence technologies can contribute to an increased safety and security at home. The technologies alone offer no all encompassing solution as home care and additional environmental interventions are still needed to support ageing-in-place. Results of the study are used to further improve the ambient intelligence technologies and their implementation. 2011 Elsevier Ireland Ltd. All rights reserved.

A Lightweight Protocol for Secure Video Streaming

PubMed Central

Morkevicius, Nerijus; Bagdonas, Kazimieras

2018-01-01

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

A Lightweight Protocol for Secure Video Streaming.

PubMed

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

32 CFR 2400.42 - Security Officer.

Code of Federal Regulations, 2011 CFR

2011-07-01

... National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.42 Security...

32 CFR 2400.42 - Security Officer.

Code of Federal Regulations, 2010 CFR

2010-07-01

... National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.42 Security...

32 CFR 2400.42 - Security Officer.

Code of Federal Regulations, 2014 CFR

2014-07-01

... National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.42 Security...

32 CFR 2400.42 - Security Officer.

Code of Federal Regulations, 2013 CFR

2013-07-01

... National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.42 Security...

32 CFR 2400.42 - Security Officer.

Code of Federal Regulations, 2012 CFR

2012-07-01

... National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.42 Security...

75 FR 18516 - Homeland Security Science and Technology Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-12

... Technology Advisory Committee AGENCY: Science and Technology Directorate, DHS. ACTION: Committee Management; notice of closed Federal Advisory Committee meeting SUMMARY: The Homeland Security Science and Technology.... DATES: The Homeland Security Science and Technology Advisory Committee will meet April 20, 2010 from 8...

Space Communications and Navigation (SCaN) Integrated Network Architecture Definition Document (ADD). Volume 1; Executive Summary; Revision 1

NASA Technical Reports Server (NTRS)

Younes, Badri A.; Schier, James S.

2010-01-01

The SCaN Program has defined an integrated network architecture that fully meets the Administrator s mandate to the Program, and will result in a NASA infrastructure capable of providing the needed and enabling communications services to future space missions. The integrated network architecture will increase SCaN operational efficiency and interoperability through standardization, commonality and technology infusion. It will enable NASA missions requiring advanced communication and tracking capabilities such as: a. Optical communication b. Antenna arraying c. Lunar and Mars Relays d. Integrated network management (service management and network control) and integrated service execution e. Enhanced tracking for navigation f. Space internetworking with DTN and IP g. End-to-end security h. Enhanced security services Moreover, the SCaN Program has created an Integrated Network Roadmap that depicts an orchestrated and coherent evolution path toward the target architecture, encompassing all aspects that concern network assets (i.e., operations and maintenance, sustaining engineering, upgrade efforts, and major development). This roadmap identifies major NASA ADPs, and shows dependencies and drivers among the various planned undertakings and timelines. The roadmap is scalable to accommodate timely adjustments in response to Agency needs, goals, objectives and funding. Future challenges to implementing this architecture include balancing user mission needs, technology development, and the availability of funding within NASA s priorities. Strategies for addressing these challenges are to: define a flexible architecture, update the architecture periodically, use ADPs to evaluate options and determine when to make decisions, and to engage the stakeholders in these evaluations. In addition, the SCaN Program will evaluate and respond to mission need dates for technical and operational capabilities to be provided by the SCaN integrated network. In that regard, the architecture defined in this ADD is scalable to accommodate programmatic and technical changes.

Using Zigbee to integrate medical devices.

PubMed

Frehill, Paul; Chambers, Desmond; Rotariu, Cosmin

2007-01-01

Wirelessly enabling Medical Devices such as Vital Signs Monitors, Ventilators and Infusion Pumps allows central data collection. This paper discusses how data from these types of devices can be integrated into hospital systems using wireless sensor networking technology. By integrating devices you are protecting investment and opening up the possibility of networking with similar devices. In this context we present how Zigbee meets our requirements for bandwidth, power, security and mobility. We have examined the data throughputs for various medical devices, the requirement of data frequency, security of patient data and the logistics of moving patients while connected to devices. The paper describes a new tested architecture that allows this data to be seamlessly integrated into a User Interface or Healthcare Information System (HIS). The design supports the dynamic addition of new medical devices to the system that were previously unsupported by the system. To achieve this, the hardware design is kept generic and the software interface for different types of medical devices is well defined. These devices can also share the wireless resources with other types of sensors being developed in conjunction on this project such as wireless ECG (Electrocardiogram) and Pulse-Oximetry sensors.

Technology Against Terrorism: Structuring Security

DTIC Science & Technology

1992-01-01

outbreak of non is global in scope and, unfortunately, continues hostilities in January 1991, the number of interna- to demand attention and protective...against non -combatants, ranging from attacks on clinics by foes of abortion to mass murder by sophisticated international terrorist groups (e.g., attacks...findings were reached The fourth chapter discusses strategies for design - that involved first, the overall Federal funding of ing integrated systems

Primer to Design Safe School Projects in Case of Terrorist Attacks and School Shootings. Buildings and Infrastructure Protection Series. FEMA-428/BIPS-07/January 2012. Edition 2

ERIC Educational Resources Information Center

Chipley, Michael; Lyon, Wesley; Smilowitz, Robert; Williams, Pax; Arnold, Christopher; Blewett, William; Hazen, Lee; Krimgold, Fred

2012-01-01

This publication, part of the new Building and Infrastructure Protection Series (BIPS) published by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) Infrastructure Protection and Disaster Management Division (IDD), serves to advance high performance and integrated design for buildings and infrastructure. This…

Networking and Information Technology Research and Development. Supplement to the President’s Budget for FY 2002

DTIC Science & Technology

2001-07-01

Web-based applications to improve health data systems and quality of care; innovative strategies for data collection in clinical settings; approaches...research to increase interoperability and integration of software in distributed systems ; protocols and tools for data annotation and management; and...Generation National Defense and National Security Systems .......................... 27 Improved Health Care Systems for All Citizens

If it walks like a duck: nanosensor threat assessment

NASA Astrophysics Data System (ADS)

Chachis, George C.

2003-09-01

A convergence of technologies is making deployment of unattended ground nanosensors operationally feasible in terms of energy, communications for both arbitrated and self-organizing distributed, collective behaviors. A number of nano communications technologies are already making network-centric systems possible for MicroElectrical Mechanical (MEM) sensor devices today. Similar technologies may make NanoElectrical Mechanical (NEM) sensor devices operationally feasible a few years from now. Just as organizational behaviors of large numbers of nanodevices can derive strategies from social insects and other group-oriented animals, bio-inspired heuristics for threat assessment provide a conceptual approach for successful integration of nanosensors into unattended smart sensor networks. Biological models such as the organization of social insects or the dynamics of immune systems show promise as biologically-inspired paradigms for protecting nanosensor networks for security scene analysis and battlespace awareness. The paradox of nanosensors is that the smaller the device is the more useful it is but the smaller it is the more vulnerable it is to a variety of threats. In other words simpler means networked nanosensors are more likely to fall prey to a wide-range of attacks including jamming, spoofing, Janisserian recruitment, Pied-Piper distraction, as well as typical attacks computer network security. Thus, unattended sensor technologies call for network architectures that include security and countermeasures to provide reliable scene analysis or battlespace awareness information. Such network centric architectures may well draw upon a variety of bio-inspired approaches to safeguard, validate and make sense of large quantities of information.

Mobile agent application and integration in electronic anamnesis system.

PubMed

Liu, Chia-Hui; Chung, Yu-Fang; Chen, Tzer-Shyong; Wang, Sheng-De

2012-06-01

Electronic anamnesis is to transform ordinary paper trails to digitally formatted health records, which include the patient's general information, health status, and follow-ups on chronic diseases. Its main purpose is to let the records could be stored for a longer period of time and could be shared easily across departments and hospitals. Which means hospital management could use less resource on maintaining ever-growing database and reduce redundancy, so less money would be spent for managing the health records. In the foreseeable future, building up a comprehensive and integrated medical information system is a must, because it is critical to hospital resource integration and quality improvement. If mobile agent technology is adopted in the electronic anamnesis system, it would help the hospitals to make the medical practices more efficiently and conveniently. Nonetheless, most of the hospitals today are still using paper-based health records to manage the medical information. The reason why the institutions continue using traditional practices to manage the records is because there is no well-trusted and reliable electronic anamnesis system existing and accepted by both institutions and patients. The threat of privacy invasion is one of the biggest concerns when the topic of electronic anamnesis is brought up, because the security threats drag us back from using such a system. So, the medical service quality is difficult to be improved substantially. In this case, we have come up a theory to remove such security threats and make electronic anamnesis more appealing for use. Our theory is to integrate the mobile agent technology with the backbone of electronic anamnesis to construct a hierarchical access control system to retrieve the corresponding information based upon the permission classes. The system would create a classification for permission among the users inside the medical institution. Under this framework, permission control center would distribute an access key to each user, so they would only allow using the key to access information correspondingly. In order to verify the reliability of the proposed system framework, we have also conducted a security analysis to list all the possible security threats that may harm the system and to prove the system is reliable and safe. If the system is adopted, the doctors would be able to quickly access the information while performing medical examinations. Hence, the efficiency and quality of healthcare service would be greatly improved.

Uncovering patterns of technology use in consumer health informatics

PubMed Central

Hung, Man; Conrad, Jillian; Hon, Shirley D.; Cheng, Christine; Franklin, Jeremy D.; Tang, Philip

2014-01-01

Internet usage and accessibility has grown at a staggering rate, influencing technology use for healthcare purposes. The amount of health information technology (Health IT) available through the Internet is immeasurable and growing daily. Health IT is now seen as a fundamental aspect of patient care as it stimulates patient engagement and encourages personal health management. It is increasingly important to understand consumer health IT patterns including who is using specific technologies, how technologies are accessed, factors associated with use, and perceived benefits. To fully uncover consumer patterns it is imperative to recognize common barriers and which groups they disproportionately affect. Finally, exploring future demand and predictions will expose significant opportunities for health IT. The most frequently used health information technologies by consumers are gathering information online, mobile health (mHealth) technologies, and personal health records (PHRs). Gathering health information online is the favored pathway for healthcare consumers as it is used by more consumers and more frequently than any other technology. In regard to mHealth technologies, minority Americans, compared with White Americans utilize social media, mobile Internet, and mobile applications more frequently. Consumers believe PHRs are the most beneficial health IT. PHR usage is increasing rapidly due to PHR integration with provider health systems and health insurance plans. Key issues that have to be explicitly addressed in health IT are privacy and security concerns, health literacy, unawareness, and usability. Privacy and security concerns are rated the number one reason for the slow rate of health IT adoption. PMID:24904713

Cyber security challenges in Smart Cities: Safety, security and privacy

PubMed Central

Elmaghraby, Adel S.; Losavio, Michael M.

2014-01-01

The world is experiencing an evolution of Smart Cities. These emerge from innovations in information technology that, while they create new economic and social opportunities, pose challenges to our security and expectations of privacy. Humans are already interconnected via smart phones and gadgets. Smart energy meters, security devices and smart appliances are being used in many cities. Homes, cars, public venues and other social systems are now on their path to the full connectivity known as the “Internet of Things.” Standards are evolving for all of these potentially connected systems. They will lead to unprecedented improvements in the quality of life. To benefit from them, city infrastructures and services are changing with new interconnected systems for monitoring, control and automation. Intelligent transportation, public and private, will access a web of interconnected data from GPS location to weather and traffic updates. Integrated systems will aid public safety, emergency responders and in disaster recovery. We examine two important and entangled challenges: security and privacy. Security includes illegal access to information and attacks causing physical disruptions in service availability. As digital citizens are more and more instrumented with data available about their location and activities, privacy seems to disappear. Privacy protecting systems that gather data and trigger emergency response when needed are technological challenges that go hand-in-hand with the continuous security challenges. Their implementation is essential for a Smart City in which we would wish to live. We also present a model representing the interactions between person, servers and things. Those are the major element in the Smart City and their interactions are what we need to protect. PMID:25685517

Where Is Current Research on Blockchain Technology?—A Systematic Review

PubMed Central

Yli-Huumo, Jesse; Ko, Deokyoon; Park, Sooyong; Smolander, Kari

2016-01-01

Blockchain is a decentralized transaction and data management technology developed first for Bitcoin cryptocurrency. The interest in Blockchain technology has been increasing since the idea was coined in 2008. The reason for the interest in Blockchain is its central attributes that provide security, anonymity and data integrity without any third party organization in control of the transactions, and therefore it creates interesting research areas, especially from the perspective of technical challenges and limitations. In this research, we have conducted a systematic mapping study with the goal of collecting all relevant research on Blockchain technology. Our objective is to understand the current research topics, challenges and future directions regarding Blockchain technology from the technical perspective. We have extracted 41 primary papers from scientific databases. The results show that focus in over 80% of the papers is on Bitcoin system and less than 20% deals with other Blockchain applications including e.g. smart contracts and licensing. The majority of research is focusing on revealing and improving limitations of Blockchain from privacy and security perspectives, but many of the proposed solutions lack concrete evaluation on their effectiveness. Many other Blockchain scalability related challenges including throughput and latency have been left unstudied. On the basis of this study, recommendations on future research directions are provided for researchers. PMID:27695049

Where Is Current Research on Blockchain Technology?-A Systematic Review.

PubMed

Yli-Huumo, Jesse; Ko, Deokyoon; Choi, Sujin; Park, Sooyong; Smolander, Kari

2016-01-01

Blockchain is a decentralized transaction and data management technology developed first for Bitcoin cryptocurrency. The interest in Blockchain technology has been increasing since the idea was coined in 2008. The reason for the interest in Blockchain is its central attributes that provide security, anonymity and data integrity without any third party organization in control of the transactions, and therefore it creates interesting research areas, especially from the perspective of technical challenges and limitations. In this research, we have conducted a systematic mapping study with the goal of collecting all relevant research on Blockchain technology. Our objective is to understand the current research topics, challenges and future directions regarding Blockchain technology from the technical perspective. We have extracted 41 primary papers from scientific databases. The results show that focus in over 80% of the papers is on Bitcoin system and less than 20% deals with other Blockchain applications including e.g. smart contracts and licensing. The majority of research is focusing on revealing and improving limitations of Blockchain from privacy and security perspectives, but many of the proposed solutions lack concrete evaluation on their effectiveness. Many other Blockchain scalability related challenges including throughput and latency have been left unstudied. On the basis of this study, recommendations on future research directions are provided for researchers.

Enhancing infrastructure resilience through business continuity planning.

PubMed

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

Global renewable energy-based electricity generation and smart grid system for energy security.

PubMed

Islam, M A; Hasanuzzaman, M; Rahim, N A; Nahar, A; Hosenuzzaman, M

2014-01-01

Energy is an indispensable factor for the economic growth and development of a country. Energy consumption is rapidly increasing worldwide. To fulfill this energy demand, alternative energy sources and efficient utilization are being explored. Various sources of renewable energy and their efficient utilization are comprehensively reviewed and presented in this paper. Also the trend in research and development for the technological advancement of energy utilization and smart grid system for future energy security is presented. Results show that renewable energy resources are becoming more prevalent as more electricity generation becomes necessary and could provide half of the total energy demands by 2050. To satisfy the future energy demand, the smart grid system can be used as an efficient system for energy security. The smart grid also delivers significant environmental benefits by conservation and renewable generation integration.

Security protection of DICOM medical images using dual-layer reversible watermarking with tamper detection capability.

PubMed

Tan, Chun Kiat; Ng, Jason Changwei; Xu, Xiaotian; Poh, Chueh Loo; Guan, Yong Liang; Sheah, Kenneth

2011-06-01

Teleradiology applications and universal availability of patient records using web-based technology are rapidly gaining importance. Consequently, digital medical image security has become an important issue when images and their pertinent patient information are transmitted across public networks, such as the Internet. Health mandates such as the Health Insurance Portability and Accountability Act require healthcare providers to adhere to security measures in order to protect sensitive patient information. This paper presents a fully reversible, dual-layer watermarking scheme with tamper detection capability for medical images. The scheme utilizes concepts of public-key cryptography and reversible data-hiding technique. The scheme was tested using medical images in DICOM format. The results show that the scheme is able to ensure image authenticity and integrity, and to locate tampered regions in the images.

Cyber-Physical System Security of Smart Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dagle, Jeffery E.

2012-01-31

Abstract—This panel presentation will provide perspectives of cyber-physical system security of smart grids. As smart grid technologies are deployed, the interconnected nature of these systems is becoming more prevalent and more complex, and the cyber component of this cyber-physical system is increasing in importance. Studying system behavior in the face of failures (e.g., cyber attacks) allows a characterization of the systems’ response to failure scenarios, loss of communications, and other changes in system environment (such as the need for emergent updates and rapid reconfiguration). The impact of such failures on the availability of the system can be assessed and mitigationmore » strategies considered. Scenarios associated with confidentiality, integrity, and availability are considered. The cyber security implications associated with the American Recovery and Reinvestment Act of 2009 in the United States are discussed.« less

Global Renewable Energy-Based Electricity Generation and Smart Grid System for Energy Security

PubMed Central

Islam, M. A.; Hasanuzzaman, M.; Rahim, N. A.; Nahar, A.; Hosenuzzaman, M.

2014-01-01

Energy is an indispensable factor for the economic growth and development of a country. Energy consumption is rapidly increasing worldwide. To fulfill this energy demand, alternative energy sources and efficient utilization are being explored. Various sources of renewable energy and their efficient utilization are comprehensively reviewed and presented in this paper. Also the trend in research and development for the technological advancement of energy utilization and smart grid system for future energy security is presented. Results show that renewable energy resources are becoming more prevalent as more electricity generation becomes necessary and could provide half of the total energy demands by 2050. To satisfy the future energy demand, the smart grid system can be used as an efficient system for energy security. The smart grid also delivers significant environmental benefits by conservation and renewable generation integration. PMID:25243201

76 FR 34886 - General Services Administration Acquisition Regulation; Implementation of Information Technology...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-15

... Acquisition Regulation; Implementation of Information Technology Security Provision AGENCY: Office of... information technology (IT) supplies, services and systems with security requirements. DATES: Effective Date... effective date that include information technology (IT) supplies, services and systems with security...

76 FR 4079 - Information Technology (IT) Security

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-24

... Technology (IT) Security AGENCY: National Aeronautics and Space Administration. ACTION: Final rule. SUMMARY: NASA is revising the NASA FAR Supplement (NFS) to update requirements related to Information Technology... Security clause. However, due to the critical importance of protecting the Agency's Information Technology...

Use of computational modeling combined with advanced visualization to develop strategies for the design of crop ideotypes to address food security

DOE PAGES

Christensen, A. J.; Srinivasan, V.; Hart, J. C.; ...

2018-03-17

Sustainable crop production is a contributing factor to current and future food security. Innovative technologies are needed to design strategies that will achieve higher crop yields on less land and with fewer resources. Computational modeling coupled with advanced scientific visualization enables researchers to explore and interact with complex agriculture, nutrition, and climate data to predict how crops will respond to untested environments. These virtual observations and predictions can direct the development of crop ideotypes designed to meet future yield and nutritional demands. This review surveys modeling strategies for the development of crop ideotypes and scientific visualization technologies that have ledmore » to discoveries in “big data” analysis. Combined modeling and visualization approaches have been used to realistically simulate crops and to guide selection that immediately enhances crop quantity and quality under challenging environmental conditions. Lastly, this survey of current and developing technologies indicates that integrative modeling and advanced scientific visualization may help overcome challenges in agriculture and nutrition data as large-scale and multidimensional data become available in these fields.« less

Use of computational modeling combined with advanced visualization to develop strategies for the design of crop ideotypes to address food security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Christensen, A. J.; Srinivasan, V.; Hart, J. C.

Sustainable crop production is a contributing factor to current and future food security. Innovative technologies are needed to design strategies that will achieve higher crop yields on less land and with fewer resources. Computational modeling coupled with advanced scientific visualization enables researchers to explore and interact with complex agriculture, nutrition, and climate data to predict how crops will respond to untested environments. These virtual observations and predictions can direct the development of crop ideotypes designed to meet future yield and nutritional demands. This review surveys modeling strategies for the development of crop ideotypes and scientific visualization technologies that have ledmore » to discoveries in “big data” analysis. Combined modeling and visualization approaches have been used to realistically simulate crops and to guide selection that immediately enhances crop quantity and quality under challenging environmental conditions. Lastly, this survey of current and developing technologies indicates that integrative modeling and advanced scientific visualization may help overcome challenges in agriculture and nutrition data as large-scale and multidimensional data become available in these fields.« less

Optical/digital identification/verification system based on digital watermarking technology

NASA Astrophysics Data System (ADS)

Herrigel, Alexander; Voloshynovskiy, Sviatoslav V.; Hrytskiv, Zenon D.

2000-06-01

This paper presents a new approach for the secure integrity verification of driver licenses, passports or other analogue identification documents. The system embeds (detects) the reference number of the identification document with the DCT watermark technology in (from) the owner photo of the identification document holder. During verification the reference number is extracted and compared with the reference number printed in the identification document. The approach combines optical and digital image processing techniques. The detection system must be able to scan an analogue driver license or passport, convert the image of this document into a digital representation and then apply the watermark verification algorithm to check the payload of the embedded watermark. If the payload of the watermark is identical with the printed visual reference number of the issuer, the verification was successful and the passport or driver license has not been modified. This approach constitutes a new class of application for the watermark technology, which was originally targeted for the copyright protection of digital multimedia data. The presented approach substantially increases the security of the analogue identification documents applied in many European countries.

Use of computational modeling combined with advanced visualization to develop strategies for the design of crop ideotypes to address food security.

PubMed

Christensen, A J; Srinivasan, Venkatraman; Hart, John C; Marshall-Colon, Amy

2018-05-01

Sustainable crop production is a contributing factor to current and future food security. Innovative technologies are needed to design strategies that will achieve higher crop yields on less land and with fewer resources. Computational modeling coupled with advanced scientific visualization enables researchers to explore and interact with complex agriculture, nutrition, and climate data to predict how crops will respond to untested environments. These virtual observations and predictions can direct the development of crop ideotypes designed to meet future yield and nutritional demands. This review surveys modeling strategies for the development of crop ideotypes and scientific visualization technologies that have led to discoveries in "big data" analysis. Combined modeling and visualization approaches have been used to realistically simulate crops and to guide selection that immediately enhances crop quantity and quality under challenging environmental conditions. This survey of current and developing technologies indicates that integrative modeling and advanced scientific visualization may help overcome challenges in agriculture and nutrition data as large-scale and multidimensional data become available in these fields.

Ultra-high bandwidth quantum secured data transmission

PubMed Central

Dynes, James F.; Tam, Winci W-S.; Plews, Alan; Fröhlich, Bernd; Sharpe, Andrew W.; Lucamarini, Marco; Yuan, Zhiliang; Radig, Christian; Straw, Andrew; Edwards, Tim; Shields, Andrew J.

2016-01-01

Quantum key distribution (QKD) provides an attractive means for securing communications in optical fibre networks. However, deployment of the technology has been hampered by the frequent need for dedicated dark fibres to segregate the very weak quantum signals from conventional traffic. Up until now the coexistence of QKD with data has been limited to bandwidths that are orders of magnitude below those commonly employed in fibre optic communication networks. Using an optimised wavelength divisional multiplexing scheme, we transport QKD and the prevalent 100 Gb/s data format in the forward direction over the same fibre for the first time. We show a full quantum encryption system operating with a bandwidth of 200 Gb/s over a 100 km fibre. Exploring the ultimate limits of the technology by experimental measurements of the Raman noise, we demonstrate it is feasible to combine QKD with 10 Tb/s of data over a 50 km link. These results suggest it will be possible to integrate QKD and other quantum photonic technologies into high bandwidth data communication infrastructures, thereby allowing their widespread deployment. PMID:27734921

Ultra-high bandwidth quantum secured data transmission

NASA Astrophysics Data System (ADS)

Dynes, James F.; Tam, Winci W.-S.; Plews, Alan; Fröhlich, Bernd; Sharpe, Andrew W.; Lucamarini, Marco; Yuan, Zhiliang; Radig, Christian; Straw, Andrew; Edwards, Tim; Shields, Andrew J.

2016-10-01

Quantum key distribution (QKD) provides an attractive means for securing communications in optical fibre networks. However, deployment of the technology has been hampered by the frequent need for dedicated dark fibres to segregate the very weak quantum signals from conventional traffic. Up until now the coexistence of QKD with data has been limited to bandwidths that are orders of magnitude below those commonly employed in fibre optic communication networks. Using an optimised wavelength divisional multiplexing scheme, we transport QKD and the prevalent 100 Gb/s data format in the forward direction over the same fibre for the first time. We show a full quantum encryption system operating with a bandwidth of 200 Gb/s over a 100 km fibre. Exploring the ultimate limits of the technology by experimental measurements of the Raman noise, we demonstrate it is feasible to combine QKD with 10 Tb/s of data over a 50 km link. These results suggest it will be possible to integrate QKD and other quantum photonic technologies into high bandwidth data communication infrastructures, thereby allowing their widespread deployment.

Use of computational modeling combined with advanced visualization to develop strategies for the design of crop ideotypes to address food security

PubMed Central

Christensen, A J; Srinivasan, Venkatraman; Hart, John C; Marshall-Colon, Amy

2018-01-01

Abstract Sustainable crop production is a contributing factor to current and future food security. Innovative technologies are needed to design strategies that will achieve higher crop yields on less land and with fewer resources. Computational modeling coupled with advanced scientific visualization enables researchers to explore and interact with complex agriculture, nutrition, and climate data to predict how crops will respond to untested environments. These virtual observations and predictions can direct the development of crop ideotypes designed to meet future yield and nutritional demands. This review surveys modeling strategies for the development of crop ideotypes and scientific visualization technologies that have led to discoveries in “big data” analysis. Combined modeling and visualization approaches have been used to realistically simulate crops and to guide selection that immediately enhances crop quantity and quality under challenging environmental conditions. This survey of current and developing technologies indicates that integrative modeling and advanced scientific visualization may help overcome challenges in agriculture and nutrition data as large-scale and multidimensional data become available in these fields. PMID:29562368

Location-assured, multifactor authentication on smartphones via LTE communication

NASA Astrophysics Data System (ADS)

Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

2013-05-01

With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

Technology-Enabled Crime, Policing and Security

ERIC Educational Resources Information Center

McQuade, Sam

2006-01-01

Crime, policing and security are enabled by and co-evolve with technologies that make them possible. As criminals compete with security and policing officials for technological advantage perpetually complex crime, policing and security results in relatively confusing and therefore unmanageable threats to society. New, adaptive and ordinary crimes…

INL Control System Situational Awareness Technology Final Report 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon Rueff; Bryce Wheeler; Todd Vollmer

The Situational Awareness project is a comprehensive undertaking of Idaho National Laboratory (INL) in an effort to produce technologies capable of defending the country’s energy sector infrastructure from cyber attack. INL has addressed this challenge through research and development of an interoperable suite of tools that safeguard critical energy sector infrastructure. The technologies in this project include the Sophia Tool, Mesh Mapper (MM) Tool, Intelligent Cyber Sensor (ICS) Tool, and Data Fusion Tool (DFT). Each is designed to function effectively on its own, or they can be integrated in a variety of customized configurations based on the end user’s riskmore » profile and security needs.« less

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott F

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is amore » fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the UNFSF. The framework for integration of safeguards and security into the UNFSF will include 1) identification of applicable regulatory requirements, 2) selection of a common system that share dual safeguard and security functions, 3) development of functional design criteria and design requirements for the selected system, 4) identification and integration of the dual safeguards and security design requirements, and 5) assessment of the integration and potential benefit.« less

A Systematic Review of Research Studies Examining Telehealth Privacy and Security Practices used by Healthcare Providers.

PubMed

Watzlaf, Valerie J M; Zhou, Leming; Dealmeida, Dilhari R; Hartman, Linda M

2017-01-01

The objective of this systematic review was to systematically review papers in the United States that examine current practices in privacy and security when telehealth technologies are used by healthcare providers. A literature search was conducted using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocols (PRISMA-P). PubMed, CINAHL and INSPEC from 2003 - 2016 were searched and returned 25,404 papers (after duplications were removed). Inclusion and exclusion criteria were strictly followed to examine title, abstract, and full text for 21 published papers which reported on privacy and security practices used by healthcare providers using telehealth. Data on confidentiality, integrity, privacy, informed consent, access control, availability, retention, encryption, and authentication were all searched and retrieved from the papers examined. Papers were selected by two independent reviewers, first per inclusion/exclusion criteria and, where there was disagreement, a third reviewer was consulted. The percentage of agreement and Cohen's kappa was 99.04% and 0.7331 respectively. The papers reviewed ranged from 2004 to 2016 and included several types of telehealth specialties. Sixty-seven percent were policy type studies, and 14 percent were survey/interview studies. There were no randomized controlled trials. Based upon the results, we conclude that it is necessary to have more studies with specific information about the use of privacy and security practices when using telehealth technologies as well as studies that examine patient and provider preferences on how data is kept private and secure during and after telehealth sessions.

14 CFR 1274.937 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2012 CFR

2012-01-01

... information technology resources. 1274.937 Section 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

14 CFR 1274.937 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2013 CFR

2013-01-01

... information technology resources. 1274.937 Section 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

14 CFR 1274.937 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2011 CFR

2011-01-01

... information technology resources. 1274.937 Section 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

14 CFR 1274.937 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2010 CFR

2010-01-01

... information technology resources. 1274.937 Section 1274.937 Aeronautics and Space NATIONAL AERONAUTICS AND... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

Electro-textile garments for power and data distribution

NASA Astrophysics Data System (ADS)

Slade, Jeremiah R.; Winterhalter, Carole

2015-05-01

U.S. troops are increasingly being equipped with various electronic assets including flexible displays, computers, and communications systems. While these systems can significantly enhance operational capabilities, forming reliable connections between them poses a number of challenges in terms of comfort, weight, ergonomics, and operational security. IST has addressed these challenges by developing the technologies needed to integrate large-scale cross-seam electrical functionality into virtually any textile product, including the various garments and vests that comprise the warfighter's ensemble. Using this technology IST is able to develop textile products that do not simply support or accommodate a network but are the network.

Space division multiplexing chip-to-chip quantum key distribution.

PubMed

Bacco, Davide; Ding, Yunhong; Dalgaard, Kjeld; Rottwitt, Karsten; Oxenløwe, Leif Katsuo

2017-09-29

Quantum cryptography is set to become a key technology for future secure communications. However, to get maximum benefit in communication networks, transmission links will need to be shared among several quantum keys for several independent users. Such links will enable switching in quantum network nodes of the quantum keys to their respective destinations. In this paper we present an experimental demonstration of a photonic integrated silicon chip quantum key distribution protocols based on space division multiplexing (SDM), through multicore fiber technology. Parallel and independent quantum keys are obtained, which are useful in crypto-systems and future quantum network.

Wisconsin’s Environmental Public Health Tracking Network: Information Systems Design for Childhood Cancer Surveillance

PubMed Central

Hanrahan, Lawrence P.; Anderson, Henry A.; Busby, Brian; Bekkedal, Marni; Sieger, Thomas; Stephenson, Laura; Knobeloch, Lynda; Werner, Mark; Imm, Pamela; Olson, Joseph

2004-01-01

In this article we describe the development of an information system for environmental childhood cancer surveillance. The Wisconsin Cancer Registry annually receives more than 25,000 incident case reports. Approximately 269 cases per year involve children. Over time, there has been considerable community interest in understanding the role the environment plays as a cause of these cancer cases. Wisconsin’s Public Health Information Network (WI-PHIN) is a robust web portal integrating both Health Alert Network and National Electronic Disease Surveillance System components. WI-PHIN is the information technology platform for all public health surveillance programs. Functions include the secure, automated exchange of cancer case data between public health–based and hospital-based cancer registrars; web-based supplemental data entry for environmental exposure confirmation and hypothesis testing; automated data analysis, visualization, and exposure–outcome record linkage; directories of public health and clinical personnel for role-based access control of sensitive surveillance information; public health information dissemination and alerting; and information technology security and critical infrastructure protection. For hypothesis generation, cancer case data are sent electronically to WI-PHIN and populate the integrated data repository. Environmental data are linked and the exposure–disease relationships are explored using statistical tools for ecologic exposure risk assessment. For hypothesis testing, case–control interviews collect exposure histories, including parental employment and residential histories. This information technology approach can thus serve as the basis for building a comprehensive system to assess environmental cancer etiology. PMID:15471739

Cybersecurity and Optimization in Smart “Autonomous” Buildings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mylrea, Michael E.; Gourisetti, Sri Nikhil Gup

Significant resources have been invested in making buildings “smart” by digitizing, networking and automating key systems and operations. Smart autonomous buildings create new energy efficiency, economic and environmental opportunities. But as buildings become increasingly networked to the Internet, they can also become more vulnerable to various cyber threats. Automated and Internet-connected buildings systems, equipment, controls, and sensors can significantly increase cyber and physical vulnerabilities that threaten the confidentiality, integrity, and availability of critical systems in organizations. Securing smart autonomous buildings presents a national security and economic challenge to the nation. Ignoring this challenge threatens business continuity and the availability ofmore » critical infrastructures that are enabled by smart buildings. In this chapter, the authors address challenges and explore new opportunities in securing smart buildings that are enhanced by machine learning, cognitive sensing, artificial intelligence (AI) and smart-energy technologies. The chapter begins by identifying cyber-threats and challenges to smart autonomous buildings. Then it provides recommendations on how AI enabled solutions can help smart buildings and facilities better protect, detect and respond to cyber-physical threats and vulnerabilities. Next, the chapter will provide case studies that examine how combining AI with innovative smart-energy technologies can increase both cybersecurity and energy efficiency savings in buildings. The chapter will conclude by proposing recommendations for future cybersecurity and energy optimization research for examining AI enabled smart-energy technology.« less

48 CFR 1352.239-72 - Security requirements for information technology resources.

Code of Federal Regulations, 2011 CFR

2011-10-01

... information technology resources. 1352.239-72 Section 1352.239-72 Federal Acquisition Regulations System... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources...

48 CFR 1352.239-72 - Security requirements for information technology resources.

Code of Federal Regulations, 2013 CFR

2013-10-01

... information technology resources. 1352.239-72 Section 1352.239-72 Federal Acquisition Regulations System... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources...

48 CFR 1352.239-72 - Security requirements for information technology resources.

Code of Federal Regulations, 2012 CFR

2012-10-01

... information technology resources. 1352.239-72 Section 1352.239-72 Federal Acquisition Regulations System... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources...

48 CFR 1352.239-72 - Security requirements for information technology resources.

Code of Federal Regulations, 2014 CFR

2014-10-01

... information technology resources. 1352.239-72 Section 1352.239-72 Federal Acquisition Regulations System... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources...

48 CFR 1352.239-72 - Security requirements for information technology resources.

Code of Federal Regulations, 2010 CFR

2010-10-01

... information technology resources. 1352.239-72 Section 1352.239-72 Federal Acquisition Regulations System... Clauses 1352.239-72 Security requirements for information technology resources. As prescribed in 48 CFR 1339.270(b), insert the following clause: Security Requirements for Information Technology Resources...

A novel integrated assessment methodology of urban water reuse.

PubMed

Listowski, A; Ngo, H H; Guo, W S; Vigneswaran, S

2011-01-01

Wastewater is no longer considered a waste product and water reuse needs to play a stronger part in securing urban water supply. Although treatment technologies for water reclamation have significantly improved the question that deserves further analysis is, how selection of a particular wastewater treatment technology relates to performance and sustainability? The proposed assessment model integrates; (i) technology, characterised by selected quantity and quality performance parameters; (ii) productivity, efficiency and reliability criteria; (iii) quantitative performance indicators; (iv) development of evaluation model. The challenges related to hierarchy and selections of performance indicators have been resolved through the case study analysis. The goal of this study is to validate a new assessment methodology in relation to performance of the microfiltration (MF) technology, a key element of the treatment process. Specific performance data and measurements were obtained at specific Control and Data Acquisition Points (CP) to satisfy the input-output inventory in relation to water resources, products, material flows, energy requirements, chemicals use, etc. Performance assessment process contains analysis and necessary linking across important parametric functions leading to reliable outcomes and results.

Securing Information Technology in Healthcare

PubMed Central

Anthony, Denise; Campbell, Andrew T.; Candon, Thomas; Gettinger, Andrew; Kotz, David; Marsch, Lisa A.; Molina-Markham, Andrés; Page, Karen; Smith, Sean W.; Gunter, Carl A.; Johnson, M. Eric

2014-01-01

Dartmouth College’s Institute for Security, Technology, and Society conducted three workshops on securing information technology in healthcare, attended by a diverse range of experts in the field. This article summarizes the three workshops. PMID:25379030

Envisioning Urban Farming for Food Security during the Climate Change Era. Vertical Farm within Highly Urbanized Areas

NASA Astrophysics Data System (ADS)

Januszkiewicz, Krystyna; Jarmusz, Małgorzata

2017-10-01

Global climate change constitutes a serious threat to global security including food production in the following decades. This paper is focused on a new possibility and advisability of creating a systemic solution to resolve the problem of food security in highly-urbanized areas. The first part of the paper deal with historical development vertical farms ideas and defines the main environmental and spatial constrains also it indicates that vertical farms are going to be part of the future horticultural production. The second part presents results of the research program undertaken at West Pomeranian University of Technology in Szczecin by authors. The program goes on to attempt to solve the problem through architectural design. This study highlights an integrating large-scale horticultural production directly into the cities, where the most of the food consumption takes place. In conclusions emphasizes, that the design will force architects, engineers and urban planners to completely revise and redefine contemporary design process and understanding of the idea-fix of sustainable design. To successfully migrate food production from extensive rural areas to dense environment of city centres, a new holistic approach, integrating knowledge and advances of multiple fields of science, have to develop.

Intelligent Control in Automation Based on Wireless Traffic Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kurt Derr; Milos Manic

2007-09-01

Wireless technology is a central component of many factory automation infrastructures in both the commercial and government sectors, providing connectivity among various components in industrial realms (distributed sensors, machines, mobile process controllers). However wireless technologies provide more threats to computer security than wired environments. The advantageous features of Bluetooth technology resulted in Bluetooth units shipments climbing to five million per week at the end of 2005 [1, 2]. This is why the real-time interpretation and understanding of Bluetooth traffic behavior is critical in both maintaining the integrity of computer systems and increasing the efficient use of this technology in controlmore » type applications. Although neuro-fuzzy approaches have been applied to wireless 802.11 behavior analysis in the past, a significantly different Bluetooth protocol framework has not been extensively explored using this technology. This paper presents a new neurofuzzy traffic analysis algorithm of this still new territory of Bluetooth traffic. Further enhancements of this algorithm are presented along with the comparison against the traditional, numerical approach. Through test examples, interesting Bluetooth traffic behavior characteristics were captured, and the comparative elegance of this computationally inexpensive approach was demonstrated. This analysis can be used to provide directions for future development and use of this prevailing technology in various control type applications, as well as making the use of it more secure.« less

Intelligent Control in Automation Based on Wireless Traffic Analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kurt Derr; Milos Manic

Wireless technology is a central component of many factory automation infrastructures in both the commercial and government sectors, providing connectivity among various components in industrial realms (distributed sensors, machines, mobile process controllers). However wireless technologies provide more threats to computer security than wired environments. The advantageous features of Bluetooth technology resulted in Bluetooth units shipments climbing to five million per week at the end of 2005 [1, 2]. This is why the real-time interpretation and understanding of Bluetooth traffic behavior is critical in both maintaining the integrity of computer systems and increasing the efficient use of this technology in controlmore » type applications. Although neuro-fuzzy approaches have been applied to wireless 802.11 behavior analysis in the past, a significantly different Bluetooth protocol framework has not been extensively explored using this technology. This paper presents a new neurofuzzy traffic analysis algorithm of this still new territory of Bluetooth traffic. Further enhancements of this algorithm are presented along with the comparison against the traditional, numerical approach. Through test examples, interesting Bluetooth traffic behavior characteristics were captured, and the comparative elegance of this computationally inexpensive approach was demonstrated. This analysis can be used to provide directions for future development and use of this prevailing technology in various control type applications, as well as making the use of it more secure.« less

A review of security of electronic health records.

PubMed

Win, Khin Than

The objective of this study is to answer the research question, "Are current information security technologies adequate for electronic health records (EHRs)?" In order to achieve this, the following matters have been addressed in this article: (i) What is information security in the context of EHRs? (ii) Why is information security important for EHRs? and (iii) What are the current technologies for information security available to EHRs? It is concluded that current EHR security technologies are inadequate and urgently require improvement. Further study regarding information security of EHRs is indicated.

Using semantic technologies and the OSU ontology for modelling context and activities in multi-sensory surveillance systems

NASA Astrophysics Data System (ADS)

Gómez A, Héctor F.; Martínez-Tomás, Rafael; Arias Tapia, Susana A.; Rincón Zamorano, Mariano

2014-04-01

Automatic systems that monitor human behaviour for detecting security problems are a challenge today. Previously, our group defined the Horus framework, which is a modular architecture for the integration of multi-sensor monitoring stages. In this work, structure and technologies required for high-level semantic stages of Horus are proposed, and the associated methodological principles established with the aim of recognising specific behaviours and situations. Our methodology distinguishes three semantic levels of events: low level (compromised with sensors), medium level (compromised with context), and high level (target behaviours). The ontology for surveillance and ubiquitous computing has been used to integrate ontologies from specific domains and together with semantic technologies have facilitated the modelling and implementation of scenes and situations by reusing components. A home context and a supermarket context were modelled following this approach, where three suspicious activities were monitored via different virtual sensors. The experiments demonstrate that our proposals facilitate the rapid prototyping of this kind of systems.

Integrated Forensics Approach to Fingerprint PCB Sources in Sediments using Rapid Sediment Characterization (RSC) and Advanced Chemical Fingerprinting (ACF). (Environmental Security Technology Certification Program)

DTIC Science & Technology

2012-06-01

23 5 TEST DESIGN ... research project, ORD will continue to focus on only the PCB inventory in the test zone and selected areas of the river as further defined in subsequent...1,000 500 50 25 5 TEST DESIGN This section of the report provides the detailed description of the experimental design and testing

CrossTalk: The Journal of Defense Software Engineering. Volume 23, Number 2, March/April 2010

DTIC Science & Technology

2010-04-01

SDLC phase. 4. Developing secure software depends on understanding the operational con- text in which it will be used. This con- text includes... its development . BSI leverages the Common Weakness Enumeration (CWE) and the Common Attack Pattern Enumeration and Classification (CAPEC) efforts. To...system integrators providing sys- tems (both IT and warfighting) to the Concept Refinement Technology Development System Development and

Secure Integration of Radio Frequency Identification (RFID) Technology into a Supply Chain

DTIC Science & Technology

2005-09-01

serves as the rough equivalent of a license plate on an automobile . Figure 1 (below) illustrates the typical construction of an RFID tag. An antenna...writable passive tags (RW) Reprogrammable Class 3 Semi-active tags Reprogrammable Class 4 Active tags Reprogrammable Class 5 Readers... Reprogrammable Table 1. EPC Tag Classes[3]. Table 2 summarizes the advantages, disadvantages and applications of each type of tag. Tag Type Advantages

Simplified Daylight Spectrum Approximation by Blending Two Light Emitting Diode Sources

DTIC Science & Technology

2012-03-01

Iota Epsilon (SIE). Michael E. Miller, PhD is an Assistant Professor of Human Systems Integration at the Air Force Institute of Technology. His...USA. Dr Grimaila’s research interests include mission assurance, network management 49 and security , quantum information warfare, and systems...Engineers (SAME) and Sigma Iota Epsilon (SIE). John Colombi, Ph.D. is an Assistant Professor of Systems Engineering at the Air Force Institute of

Management of the Defense Technology Security Administration Year 2000 Program

DTIC Science & Technology

1998-11-03

caller is fully protected Acronyms DTSA Defense Technology Security Administration Y2K Year 2000 INSPECTOR GENERAL DEPARTMENT OF DEFENSE 400 ARMY NAVY...accordance with the DoD Management Plan Defense Technology Security Administration. The Defense Technology Security Administration ( DTSA ) was established...in 1985 as a field activity of the Office of the Secretary of Defense By establishing DTSA , the DoD role in export controls was centralized and

Security controls in an integrated Biobank to protect privacy in data sharing: rationale and study design.

PubMed

Takai-Igarashi, Takako; Kinoshita, Kengo; Nagasaki, Masao; Ogishima, Soichi; Nakamura, Naoki; Nagase, Sachiko; Nagaie, Satoshi; Saito, Tomo; Nagami, Fuji; Minegishi, Naoko; Suzuki, Yoichi; Suzuki, Kichiya; Hashizume, Hiroaki; Kuriyama, Shinichi; Hozawa, Atsushi; Yaegashi, Nobuo; Kure, Shigeo; Tamiya, Gen; Kawaguchi, Yoshio; Tanaka, Hiroshi; Yamamoto, Masayuki

2017-07-06

With the goal of realizing genome-based personalized healthcare, we have developed a biobank that integrates personal health, genome, and omics data along with biospecimens donated by volunteers of 150,000. Such a large-scale of data integration involves obvious risks of privacy violation. The research use of personal genome and health information is a topic of global discussion with regard to the protection of privacy while promoting scientific advancement. The present paper reports on our plans, current attempts, and accomplishments in addressing security problems involved in data sharing to ensure donor privacy while promoting scientific advancement. Biospecimens and data have been collected in prospective cohort studies with the comprehensive agreement. The sample size of 150,000 participants was required for multiple researches including genome-wide screening of gene by environment interactions, haplotype phasing, and parametric linkage analysis. We established the T ohoku M edical M egabank (TMM) data sharing policy: a privacy protection rule that requires physical, personnel, and technological safeguards against privacy violation regarding the use and sharing of data. The proposed policy refers to that of NCBI and that of the Sanger Institute. The proposed policy classifies shared data according to the strength of re-identification risks. Local committees organized by TMM evaluate re-identification risk and assign a security category to a dataset. Every dataset is stored in an assigned segment of a supercomputer in accordance with its security category. A security manager should be designated to handle all security problems at individual data use locations. The proposed policy requires closed networks and IP-VPN remote connections. The mission of the biobank is to distribute biological resources most productively. This mission motivated us to collect biospecimens and health data and simultaneously analyze genome/omics data in-house. The biobank also has the mission of improving the quality and quantity of the contents of the biobank. This motivated us to request users to share the results of their research as feedback to the biobank. The TMM data sharing policy has tackled every security problem originating with the missions. We believe our current implementation to be the best way to protect privacy in data sharing.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Aderholdt, Ferrol; Caldwell, Blake A; Hicks, Susan Elaine

The purpose of this report is to clarify the challenges associated with storage for secure enclaves. The major focus areas for the report are: - review of relevant parallel filesystem technologies to identify assets and gaps; - review of filesystem isolation/protection mechanisms, to include native filesystem capabilities and auxiliary/layered techniques; - definition of storage architectures that can be used for customizable compute enclaves (i.e., clarification of use-cases that must be supported for shared storage scenarios); - investigate vendor products related to secure storage. This study provides technical details on the storage and filesystem used for HPC with particular attention onmore » elements that contribute to creating secure storage. We outline the pieces for a a shared storage architecture that balances protection and performance by leveraging the isolation capabilities available in filesystems and virtualization technologies to maintain the integrity of the data. Key Points: There are a few existing and in-progress protection features in Lustre related to secure storage, which are discussed in (Chapter 3.1). These include authentication capabilities like GSSAPI/Kerberos and the in-progress work for GSSAPI/Host-keys. The GPFS filesystem provides native support for encryption, which is not directly available in Lustre. Additionally, GPFS includes authentication/authorization mechanisms for inter-cluster sharing of filesystems (Chapter 3.2). The limitations of key importance for secure storage/filesystems are: (i) restricting sub-tree mounts for parallel filesystem (which is not directly supported in Lustre or GPFS), and (ii) segregation of hosts on the storage network and practical complications with dynamic additions to the storage network, e.g., LNET. A challenge for VM based use cases will be to provide efficient IO forwarding of the parallel filessytem from the host to the guest (VM). There are promising options like para-virtualized filesystems to help with this issue, which are a particular instances of the more general challenge of efficient host/guest IO that is the focus of interfaces like virtio. A collection of bridging technologies have been identified in Chapter 4, which can be helpful to overcome the limitations and challenges of supporting efficient storage for secure enclaves. The synthesis of native filesystem security mechanisms and bridging technologies led to an isolation-centric storage architecture that is proposed in Chapter 5, which leverages isolation mechanisms from different layers to facilitate secure storage for an enclave. Recommendations: The following highlights recommendations from the investigations done thus far. - The Lustre filesystem offers excellent performance but does not support some security related features, e.g., encryption, that are included in GPFS. If encryption is of paramount importance, then GPFS may be a more suitable choice. - There are several possible Lustre related enhancements that may provide functionality of use for secure-enclaves. However, since these features are not currently integrated, the use of Lustre as a secure storage system may require more direct involvement (support). (*The network that connects the storage subsystem and users, e.g., Lustre s LNET.) - The use of OpenStack with GPFS will be more streamlined than with Lustre, as there are available drivers for GPFS. - The Manilla project offers Filesystem as a Service for OpenStack and is worth further investigation. Manilla has some support for GPFS. - The proposed Lustre enhancement of Dynamic-LNET should be further investigated to provide more dynamic changes to the storage network which could be used to isolate hosts and their tenants. - The Linux namespaces offer a good solution for creating efficient restrictions to shared HPC filesystems. However, we still need to conduct a thorough round of storage/filesystem benchmarks. - Vendor products should be more closely reviewed, possibly to include evaluation of performance/protection of select products. (Note, we are investigation the option of evaluating equipment from Seagate/Xyratex.) Outline: The remainder of this report is structured as follows: - Section 1: Describes the growing importance of secure storage architectures and highlights some challenges for HPC. - Section 2: Provides background information on HPC storage architectures, relevant supporting technologies for secure storage and details on OpenStack components related to storage. Note, that background material on HPC storage architectures in this chapter can be skipped if the reader is already familiar with Lustre and GPFS. - Section 3: A review of protection mechanisms in two HPC filesystems; details about available isolation, authentication/authorization and performance capabilities are discussed. - Section 4: Describe technologies that can be used to bridge gaps in HPC storage and filesystems to facilitate...« less

48 CFR 2452.239-71 - Information Technology Virus Security.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

48 CFR 2452.239-71 - Information Technology Virus Security.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

48 CFR 2452.239-71 - Information Technology Virus Security.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

48 CFR 1252.239-71 - Information technology security plan and accreditation.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 5 2014-10-01 2014-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

48 CFR 1252.239-71 - Information technology security plan and accreditation.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 5 2013-10-01 2013-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

48 CFR 1252.239-71 - Information technology security plan and accreditation.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 5 2011-10-01 2011-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

48 CFR 2452.239-71 - Information Technology Virus Security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 6 2011-10-01 2011-10-01 false Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

48 CFR 1252.239-71 - Information technology security plan and accreditation.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 5 2012-10-01 2012-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

48 CFR 1252.239-71 - Information technology security plan and accreditation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Information technology... Provisions and Clauses 1252.239-71 Information technology security plan and accreditation. As prescribed in (TAR) 48 CFR 1239.70, insert the following provision: Information Technology Security Plan and...

48 CFR 2452.239-71 - Information Technology Virus Security.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Information Technology... Provisions and Clauses 2452.239-71 Information Technology Virus Security. As prescribed in 2439.107(b), insert the following clause: Information Technology Virus Security (FEB 2006) (a) The contractor hereby...

Scaling Analysis Techniques to Establish Experimental Infrastructure for Component, Subsystem, and Integrated System Testing

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sabharwall, Piyush; O'Brien, James E.; McKellar, Michael G.

2015-03-01

Hybrid energy system research has the potential to expand the application for nuclear reactor technology beyond electricity. The purpose of this research is to reduce both technical and economic risks associated with energy systems of the future. Nuclear hybrid energy systems (NHES) mitigate the variability of renewable energy sources, provide opportunities to produce revenue from different product streams, and avoid capital inefficiencies by matching electrical output to demand by using excess generation capacity for other purposes when it is available. An essential step in the commercialization and deployment of this advanced technology is scaled testing to demonstrate integrated dynamic performancemore » of advanced systems and components when risks cannot be mitigated adequately by analysis or simulation. Further testing in a prototypical environment is needed for validation and higher confidence. This research supports the development of advanced nuclear reactor technology and NHES, and their adaptation to commercial industrial applications that will potentially advance U.S. energy security, economy, and reliability and further reduce carbon emissions. Experimental infrastructure development for testing and feasibility studies of coupled systems can similarly support other projects having similar developmental needs and can generate data required for validation of models in thermal energy storage and transport, energy, and conversion process development. Experiments performed in the Systems Integration Laboratory will acquire performance data, identify scalability issues, and quantify technology gaps and needs for various hybrid or other energy systems. This report discusses detailed scaling (component and integrated system) and heat transfer figures of merit that will establish the experimental infrastructure for component, subsystem, and integrated system testing to advance the technology readiness of components and systems to the level required for commercial application and demonstration under NHES.« less

The Chain-Link Fence Model: A Framework for Creating Security Procedures

ERIC Educational Resources Information Center

Houghton, Robert F.

2013-01-01

A long standing problem in information technology security is how to help reduce the security footprint. Many specific proposals exist to address specific problems in information technology security. Most information technology solutions need to be repeatable throughout the course of an information systems lifecycle. The Chain-Link Fence Model is…

Activities report of PTT Research

NASA Astrophysics Data System (ADS)

In the field of postal infrastructure research, activities were performed on postcode readers, radiolabels, and techniques of operations research and artificial intelligence. In the field of telecommunication, transportation, and information, research was made on multipurpose coding schemes, speech recognition, hypertext, a multimedia information server, security of electronic data interchange, document retrieval, improvement of the quality of user interfaces, domotics living support (techniques), and standardization of telecommunication prototcols. In the field of telecommunication infrastructure and provisions research, activities were performed on universal personal telecommunications, advanced broadband network technologies, coherent techniques, measurement of audio quality, near field facilities, local beam communication, local area networks, network security, coupling of broadband and narrowband integrated services digital networks, digital mapping, and standardization of protocols.

MIT Lincoln Laboratory Annual Report 2007: Technology in Support of National Security

DTIC Science & Technology

2007-01-01

technical innovation and scientific discoveries. MISSION: TechnoLogy In SupporT of naTIonaL SecurITy 2007 Dr. Claude R. Canizares Vice president for...problems. The Lincoln Laboratory New Technology Initiatives Program is one of several internal technology innovation mechanisms. Technologies emerging...externships. LIFT2, an innovative professional learning program for science, technology , and math teachers, serves Massachusetts metro south/west region

Applying Science and Technology to Combat WMD Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wuest, C R; Werne, R W; Colston, B W

2006-05-04

Lawrence Livermore National Laboratory (LLNL) is developing and fielding advanced strategies that dramatically improve the nation's capabilities to prevent, prepare for, detect, and respond to terrorist use of chemical, biological, radiological, nuclear, and explosive (CBRNE) weapons. The science, technology, and integrated systems we provide are informed by and developed with key partners and end users. LLNL's long-standing role as one of the two principle U.S. nuclear weapons design laboratories has led to significant resident expertise for health effects of exposure to radiation, radiation detection technologies, characterization of radioisotopes, and assessment and response capabilities for terrorist nuclear weapons use. This papermore » provides brief overviews of a number of technologies developed at LLNL that are being used to address national security needs to confront the growing threats of CBRNE terrorism.« less

Applying science and technology to combat WMD terrorism

NASA Astrophysics Data System (ADS)

Wuest, Craig R.; Werne, Roger W.; Colston, Billy W.; Hartmann-Siantar, Christine L.

2006-05-01

Lawrence Livermore National Laboratory (LLNL) is developing and fielding advanced strategies that dramatically improve the nation's capabilities to prevent, prepare for, detect, and respond to terrorist use of chemical, biological, radiological, nuclear, and explosive (CBRNE) weapons. The science, technology, and integrated systems we provide are informed by and developed with key partners and end users. LLNL's long-standing role as one of the two principle U.S. nuclear weapons design laboratories has led to significant resident expertise for health effects of exposure to radiation, radiation detection technologies, characterization of radioisotopes, and assessment and response capabilities for terrorist nuclear weapons use. This paper provides brief overviews of a number of technologies developed at LLNL that are being used to address national security needs to confront the growing threats of CBRNE terrorism.

On determining specifications and selections of alternative technologies for airport checked-baggage security screening.

PubMed

Feng, Qianmei

2007-10-01

Federal law mandates that every checked bag at all commercial airports be screened by explosive detection systems (EDS), explosive trace detection systems (ETD), or alternative technologies. These technologies serve as critical components of airport security systems that strive to reduce security risks at both national and global levels. To improve the operational efficiency and airport security, emerging image-based technologies have been developed, such as dual-energy X-ray (DX), backscatter X-ray (BX), and multiview tomography (MVT). These technologies differ widely in purchasing cost, maintenance cost, operating cost, processing rate, and accuracy. Based on a mathematical framework that takes into account all these factors, this article investigates two critical issues for operating screening devices: setting specifications for continuous security responses by different technologies; and selecting technology or combination of technologies for efficient 100% baggage screening. For continuous security responses, specifications or thresholds are used for classifying threat items from nonthreat items. By investigating the setting of specifications on system security responses, this article assesses the risk and cost effectiveness of various technologies for both single-device and two-device systems. The findings provide the best selection of image-based technologies for both single-device and two-device systems. Our study suggests that two-device systems outperform single-device systems in terms of both cost effectiveness and accuracy. The model can be readily extended to evaluate risk and cost effectiveness of multiple-device systems for airport checked-baggage security screening.

48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 4 2014-10-01 2014-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 4 2012-10-01 2012-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

17 CFR 200.26a - Office of Information Technology.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Organization § 200.26a Office of Information Technology. The Office of Information Technology is responsible... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Office of Information Technology. 200.26a Section 200.26a Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION...

48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 4 2011-10-01 2011-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 4 2013-10-01 2013-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

17 CFR 200.26a - Office of Information Technology.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Organization § 200.26a Office of Information Technology. The Office of Information Technology is responsible... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Office of Information Technology. 200.26a Section 200.26a Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION...

17 CFR 200.26a - Office of Information Technology.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Organization § 200.26a Office of Information Technology. The Office of Information Technology is responsible... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Office of Information Technology. 200.26a Section 200.26a Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION...

14 CFR § 1274.937 - Security requirements for unclassified information technology resources.

Code of Federal Regulations, 2014 CFR

2014-01-01

... information technology resources. § 1274.937 Section § 1274.937 Aeronautics and Space NATIONAL AERONAUTICS... Conditions § 1274.937 Security requirements for unclassified information technology resources. Security Requirements for Unclassified Information Technology Resources July 2002 (a) The Recipient shall be responsible...

17 CFR 200.26a - Office of Information Technology.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Organization § 200.26a Office of Information Technology. The Office of Information Technology is responsible... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Office of Information Technology. 200.26a Section 200.26a Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION...

17 CFR 200.26a - Office of Information Technology.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Office of Information Technology. 200.26a Section 200.26a Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Organization § 200.26a Office of Information Technology. The Office of Information Technology is responsible...

48 CFR 652.239-70 - Information Technology Security Plan and Accreditation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 4 2010-10-01 2010-10-01 false Information Technology... Clauses 652.239-70 Information Technology Security Plan and Accreditation. As prescribed in 639.107-70(a), insert the following provision: Information Technology Security Plan and Accreditation (SEP 2007) All...

Integrated process modeling for the laser inertial fusion energy (LIFE) generation system

NASA Astrophysics Data System (ADS)

Meier, W. R.; Anklam, T. M.; Erlandson, A. C.; Miles, R. R.; Simon, A. J.; Sawicki, R.; Storm, E.

2010-08-01

A concept for a new fusion-fission hybrid technology is being developed at Lawrence Livermore National Laboratory. The primary application of this technology is base-load electrical power generation. However, variants of the baseline technology can be used to "burn" spent nuclear fuel from light water reactors or to perform selective transmutation of problematic fission products. The use of a fusion driver allows very high burn-up of the fission fuel, limited only by the radiation resistance of the fuel form and system structures. As a part of this process, integrated process models have been developed to aid in concept definition. Several models have been developed. A cost scaling model allows quick assessment of design changes or technology improvements on cost of electricity. System design models are being used to better understand system interactions and to do design trade-off and optimization studies. Here we describe the different systems models and present systems analysis results. Different market entry strategies are discussed along with potential benefits to US energy security and nuclear waste disposal. Advanced technology options are evaluated and potential benefits from additional R&D targeted at the different options is quantified.

Study on the context-aware middleware for ubiquitous greenhouses using wireless sensor networks.

PubMed

Hwang, Jeonghwang; Yoe, Hyun

2011-01-01

Wireless Sensor Network (WSN) technology is one of the important technologies to implement the ubiquitous society, and it could increase productivity of agricultural and livestock products, and secure transparency of distribution channels if such a WSN technology were successfully applied to the agricultural sector. Middleware, which can connect WSN hardware, applications, and enterprise systems, is required to construct ubiquitous agriculture environment combining WSN technology with agricultural sector applications, but there have been insufficient studies in the field of WSN middleware in the agricultural environment, compared to other industries. This paper proposes a context-aware middleware to efficiently process data collected from ubiquitous greenhouses by applying WSN technology and used to implement combined services through organic connectivity of data. The proposed middleware abstracts heterogeneous sensor nodes to integrate different forms of data, and provides intelligent context-aware, event service, and filtering functions to maximize operability and scalability of the middleware. To evaluate the performance of the middleware, an integrated management system for ubiquitous greenhouses was implemented by applying the proposed middleware to an existing greenhouse, and it was tested by measuring the level of load through CPU usage and the response time for users' requests when the system is working.

Colleges and universities: survival in the information age

NASA Astrophysics Data System (ADS)

Huff, Warren D.

2000-07-01

Coping with information technology (IT) planning is one of the more important, expensive, time-consuming and potentially disastrous exercises an academic institution can undertake. Those institutions that are successful in establishing administrative and academic frameworks within which rapid technological change and adaptation can occur will survive and those who stubbornly adhere to archaic styles of management and decision-making will not. IT strategies, priorities and plans must be driven by and integrated with on-going academic planning. Cross-department/unit collaboration must be encouraged and facilitated by university resources and processes. Long-range planning and identification of reasonable and attainable goals requires a leadership and governance structure in which all major stakeholders participate in setting information technology strategies, priorities, plans, standards and performance measures. A successful technology funding strategy must ensure budgeting for adequate network facilities, including assets and the people and processes to support them. Accompanying these administrative procedures should be an open dialogue on the issues brought about by apparent conflicts between University wide standardization of basic policy, procedures and technologies and the pedagogical and research initiatives which address unique collegiate or departmental needs. Network capabilities should be integrated, timely, accurate, secure and easily accessible to all who need it.

Final Report for Bio-Inspired Approaches to Moving-Target Defense Strategies

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Oehmen, Christopher S.

This report records the work and contributions of the NITRD-funded Bio-Inspired Approaches to Moving-Target Defense Strategies project performed by Pacific Northwest National Laboratory under the technical guidance of the National Security Agency’s R6 division. The project has incorporated a number of bio-inspired cyber defensive technologies within an elastic framework provided by the Digital Ants. This project has created the first scalable, real-world prototype of the Digital Ants Framework (DAF)[11] and integrated five technologies into this flexible, decentralized framework: (1) Ant-Based Cyber Defense (ABCD), (2) Behavioral Indicators, (3) Bioinformatic Clas- sification, (4) Moving-Target Reconfiguration, and (5) Ambient Collaboration. The DAF canmore » be used operationally to decentralize many such data intensive applications that normally rely on collection of large amounts of data in a central repository. In this work, we have shown how these component applications may be decentralized and may perform analysis at the edge. Operationally, this will enable analytics to scale far beyond current limitations while not suffering from the bandwidth or computational limitations of centralized analysis. This effort has advanced the R6 Cyber Security research program to secure digital infrastructures by developing a dynamic means to adaptively defend complex cyber systems. We hope that this work will benefit both our client’s efforts in system behavior modeling and cyber security to the overall benefit of the nation.« less

Advanced Communication and Control Solutions of Distributed Energy Resources (DER)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Asgeirsson, Haukur; Seguin, Richard; Sherding, Cameron

2007-01-10

This report covers work performed in Phase II of a two phase project whose objective was to demonstrate the aggregation of multiple Distributed Energy Resources (DERs) and to offer them into the energy market. The Phase I work (DE-FC36-03CH11161) created an integrated, but distributed, system and procedures to monitor and control multiple DERs from numerous manufacturers connected to the electric distribution system. Procedures were created which protect the distribution network and personnel that may be working on the network. Using the web as the communication medium for control and monitoring of the DERs, the integration of information and security wasmore » accomplished through the use of industry standard protocols such as secure SSL,VPN and ICCP. The primary objective of Phase II was to develop the procedures for marketing the power of the Phase I aggregated DERs in the energy market, increase the number of DER units, and implement the marketing procedures (interface with ISOs) for the DER generated power. The team partnered with the Midwest Independent System Operator (MISO), the local ISO, to address the energy market and demonstrate the economic dispatch of DERs in response to market signals. The selection of standards-based communication technologies offers the ability of the system to be deployed and integrated with other utilities’ resources. With the use of a data historian technology to facilitate the aggregation, the developed algorithms and procedures can be verified, audited, and modified. The team has demonstrated monitoring and control of multiple DERs as outlined in phase I report including procedures to perform these operations in a secure and safe manner. In Phase II, additional DER units were added. We also expanded on our phase I work to enhance communication security and to develop the market model of having DERs, both customer and utility owned, participate in the energy market. We are proposing a two-part DER energy market model--a utility need business model and an independent energy aggregator-business model. The approach of developing two group models of DER energy participation in the market is unique. The Detroit Edison (DECo, Utility)-led team includes: DTE Energy Technologies (Dtech, DER provider), Electrical Distribution Design (EDD, Virginia Tech company supporting EPRI’s Distribution Engineering Workstation, DEW), Systems Integration Specialists Company (SISCO, economic scheduling and real-time protocol integrator), and OSIsoft (PI software system for managing real-time information). This team is focused on developing the application engineering, including software systems necessary for DER’s integration, control and sale into the market place. Phase II Highlights Installed and tested an ICCP link with SSL (security) between DECo, the utility, and DTE Energy Technologies (DTECH), the aggregator, making DER data available to the utility for both monitoring and control. Installed and tested PI process book with circuit & DER operational models for DECo SOC/ROC operator’s use for monitoring of both utility circuit and customer DER parameters. The PI Process Book models also included DER control for the DECo SOC/ROC operators, which was tested and demonstrated control. The DER Tagging and Operating Procedures were developed, which allowed that control to be done in a safe manner, were modified for required MOC/MISO notification procedures. The Distribution Engineering Workstation (DEW) was modified to include temperature normalized load research statistics, using a 30 hour day-ahead weather feed. This allowed day-ahead forecasting of the customer load profile and the entire circuit to determine overload and low voltage problems. This forecast at the point of common coupling was passed to DTech DR SOC for use in their economic dispatch algorithm. Standard Work Instructions were developed for DER notification, sale, and operation into the MISO market. A software mechanism consisting of a suite of new and revised functionality was developed that integrated with the local ISO such that offers can be made electronically without human intervention. A suite of software was developed by DR SOC enabling DER usage in real time and day-ahead: Generation information file exchange with PI and the utility power flow A utility day-ahead information file Energy Offer Web Service Market Result Web Service Real-Time Meter Data Web Service Real-Time Notification Web Service Registered over 20 DER with MISO in Demand Response Market and demonstrated electronic sale to MISO.« less

Matrix Game Methodology - Support to V2010 Olympic Marine Security Planners

DTIC Science & Technology

2011-02-01

OMOC was called the Integrated Safety /Security Matrix Game – Marine III, and was held 16-17 June 2009. This was the most extensive and complex of...Protection Matrix Game Marine Two .................................................. 12 3.3 Integrated Safety /Security Matrix Game – Marine III...Integrated Safety /Security Matrix Game – Marine III Scenarios........................... 53 ISSMG Marine III – Team Groupings

Telemedicine and security. Confidentiality, integrity, and availability: a Canadian perspective.

PubMed

Jennett, P; Watanabe, M; Igras, E; Premkumar, K; Hall, W

1996-01-01

The health care system is undergoing major reform, characterized by organized delivery systems (regionalization, decentralization, devolution, etc); shifts in care delivery sites; changing health provider roles; increasing consumer responsibilities; and accountability. Rapid advances in information technology and telecommunications have led to a new type of information infrastructure which can play a major role in this reform. Compatible health information systems are now being integrated and connected across institutional, regional, and sectorial boundaries. In the near future, these information systems will readily be accessed and shared by health providers, researchers, policy makers, health consumers, and the public. SECURITY is a critical characteristic of any health information system. This paper will address three fields associated with SECURITY: confidentiality, integrity, and availability. These will be defined and examined as they relate to specific aspects of Telemedicine, such as electronic integrated records and clinical databases; electronic transfer of documents; as well as data storage and disposal. The guiding principles, standards, and safeguards being considered and put in place to ensure that telemedicine information intrastructures can protect and benefit all stakeholders' rights and needs in both primary and secondary uses of information will be reviewed. Implemented, proposed, and tested institutional, System, and Network solutions will be discussed; for example, encryption-decryption methods; data transfer standards; individual and terminal access and entry I.D. and password levels; smart card access and PIN number control; data loss prevention strategies; interference alerts; information access keys; algorithm safeguards; and active marketing to users of standards and principles. Issues such as policy, implementation, and ownership will be addressed.

Fuel Cycle Technologies 2014 Achievement Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hong, Bonnie C.

2015-01-01

The Fuel Cycle Technologies (FCT) program supports the Department of Energy’s (DOE’s) mission to: “Enhance U.S. security and economic growth through transformative science, technology innovation, and market solutions to meet our energy, nuclear security, and environmental challenges.” Goal 1 of DOE’s Strategic Plan is to innovate energy technologies that enhance U.S. economic growth and job creation, energy security, and environmental quality. FCT does this by investing in advanced technologies that could transform the nuclear fuel cycle in the decades to come. Goal 2 of DOE’s Strategic Plan is to strengthen national security by strengthening key science, technology, and engineering capabilities.more » FCT does this by working closely with the National Nuclear Security Administration and the U.S Department of State to develop advanced technologies that support the Nation’s nuclear nonproliferation goals.« less

Securing Real-Time Sessions in an IMS-Based Architecture

NASA Astrophysics Data System (ADS)

Cennamo, Paolo; Fresa, Antonio; Longo, Maurizio; Postiglione, Fabio; Robustelli, Anton Luca; Toro, Francesco

The emerging all-IP mobile network infrastructures based on 3rd Generation IP Multimedia Subsystem philosophy are characterised by radio access technology independence and ubiquitous connectivity for mobile users. Currently, great focus is being devoted to security issues since most of the security threats presently affecting the public Internet domain, and the upcoming ones as well, are going to be suffered by mobile users in the years to come. While a great deal of research activity, together with standardisation efforts and experimentations, is carried out on mechanisms for signalling protection, very few integrated frameworks for real-time multimedia data protection have been proposed in a context of IP Multimedia Subsystem, and even fewer experimental results based on testbeds are available. In this paper, after a general overview of the security issues arising in an advanced IP Multimedia Subsystem scenario, a comprehensive infrastructure for real-time multimedia data protection, based on the adoption of the Secure Real-Time Protocol, is proposed; then, the development of a testbed incorporating such functionalities, including mechanisms for key management and cryptographic context transfer, and allowing the setup of Secure Real-Time Protocol sessions is presented; finally, experimental results are provided together with quantitative assessments and comparisons of system performances for audio sessions with and without the adoption of the Secure Real-Time Protocol framework.

Cyber security with radio frequency interferences mitigation study for satellite systems

NASA Astrophysics Data System (ADS)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

48 CFR 1804.470-2 - Policy.

Code of Federal Regulations, 2010 CFR

2010-10-01

... ADMINISTRATIVE MATTERS Safeguarding Classified Information Within Industry 1804.470-2 Policy. NASA IT security...) 2810, Security of Information Technology; NASA Procedural Requirements (NPR) 2810, Security of Information Technology; and interim policy updates in the form of NASA Information Technology Requirements...

Blockchain technology for improving clinical research quality.

PubMed

Benchoufi, Mehdi; Ravaud, Philippe

2017-07-19

Reproducibility, data sharing, personal data privacy concerns and patient enrolment in clinical trials are huge medical challenges for contemporary clinical research. A new technology, Blockchain, may be a key to addressing these challenges and should draw the attention of the whole clinical research community.Blockchain brings the Internet to its definitive decentralisation goal. The core principle of Blockchain is that any service relying on trusted third parties can be built in a transparent, decentralised, secure "trustless" manner at the top of the Blockchain (in fact, there is trust, but it is hardcoded in the Blockchain protocol via a complex cryptographic algorithm). Therefore, users have a high degree of control over and autonomy and trust of the data and its integrity. Blockchain allows for reaching a substantial level of historicity and inviolability of data for the whole document flow in a clinical trial. Hence, it ensures traceability, prevents a posteriori reconstruction and allows for securely automating the clinical trial through what are called Smart Contracts. At the same time, the technology ensures fine-grained control of the data, its security and its shareable parameters, for a single patient or group of patients or clinical trial stakeholders.In this commentary article, we explore the core functionalities of Blockchain applied to clinical trials and we illustrate concretely its general principle in the context of consent to a trial protocol. Trying to figure out the potential impact of Blockchain implementations in the setting of clinical trials will shed new light on how modern clinical trial methods could evolve and benefit from Blockchain technologies in order to tackle the aforementioned challenges.

Climate change, resource use and food security in midcentury under a range of plausible scenarios

NASA Astrophysics Data System (ADS)

Wiebe, K.

2016-12-01

Achieving and maintaining food security at local, national and global scales is challenged by changes in population, income and climate, among other socioeconomic and biophysical drivers. Assessing these challenges and possible solutions over the coming decades requires a systematic and multidisciplinary approach. The Global Futures and Strategic Foresight program, a CGIAR initiative led by the International Food Policy Research Institute in collaboration with the 14 other CGIAR research centers, is working to improve tools and conduct ex ante assessments of promising technologies, investments and policies under alternative global futures to inform decision making in the CGIAR and its partners. Alternative socioeconomic and climate scenarios are explored using an integrated system of climate, water, crop and economic models. This presentation will share findings from recent projections of food production and prices to 2050 at global and regional scales, together with their potential implications for land and water use, food security, nutrition and health.

Emerging Agricultural Biotechnologies for Sustainable Agriculture and Food Security.

PubMed

Anderson, Jennifer A; Gipmans, Martijn; Hurst, Susan; Layton, Raymond; Nehra, Narender; Pickett, John; Shah, Dilip M; Souza, Thiago Lívio P O; Tripathi, Leena

2016-01-20

As global populations continue to increase, agricultural productivity will be challenged to keep pace without overtaxing important environmental resources. A dynamic and integrated approach will be required to solve global food insecurity and position agriculture on a trajectory toward sustainability. Genetically modified (GM) crops enhanced through modern biotechnology represent an important set of tools that can promote sustainable agriculture and improve food security. Several emerging biotechnology approaches were discussed in a recent symposium organized at the 13th IUPAC International Congress of Pesticide Chemistry meeting in San Francisco, CA, USA. This paper summarizes the innovative research and several of the new and emerging technologies within the field of agricultural biotechnology that were presented during the symposium. This discussion highlights how agricultural biotechnology fits within the context of sustainable agriculture and improved food security and can be used in support of further development and adoption of beneficial GM crops.

A linkable identity privacy algorithm for HealthGrid.

PubMed

Zhang, Ning; Rector, Alan; Buchan, Iain; Shi, Qi; Kalra, Dipak; Rogers, Jeremy; Goble, Carole; Walker, Steve; Ingram, David; Singleton, Peter

2005-01-01

The issues of confidentiality and privacy have become increasingly important as Grid technology is being adopted in public sectors such as healthcare. This paper discusses the importance of protecting the confidentiality and privacy of patient health/medical records, and the challenges exhibited in enforcing this protection in a Grid environment. It proposes a novel algorithm to allow traceable/linkable identity privacy in dealing with de-identified medical records. Using the algorithm, de-identified health records associated to the same patient but generated by different healthcare providers are given different pseudonyms. However, these pseudonymised records of the same patient can still be linked by a trusted entity such as the NHS trust or HealthGrid manager. The paper has also recommended a security architecture that integrates the proposed algorithm with other data security measures needed to achieve the desired security and privacy in the HealthGrid context.

Security Risk Assessment Process for UAS in the NAS CNPC Architecture

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Young, Dennis P.; Thadani, Suresh K.; Winter, Gilbert A.

2013-01-01

This informational paper discusses the risk assessment process conducted to analyze Control and Non-Payload Communications (CNPC) architectures for integrating civil Unmanned Aircraft Systems (UAS) into the National Airspace System (NAS). The assessment employs the National Institute of Standards and Technology (NIST) Risk Management framework to identify threats, vulnerabilities, and risks to these architectures and recommends corresponding mitigating security controls. This process builds upon earlier work performed by RTCA Special Committee (SC) 203 and the Federal Aviation Administration (FAA) to roadmap the risk assessment methodology and to identify categories of information security risks that pose a significant impact to aeronautical communications systems. A description of the deviations from the typical process is described in regards to this aeronautical communications system. Due to the sensitive nature of the information, data resulting from the risk assessment pertaining to threats, vulnerabilities, and risks is beyond the scope of this paper.

Security Risk Assessment Process for UAS in the NAS CNPC Architecture

NASA Technical Reports Server (NTRS)

Iannicca, Dennis Christopher; Young, Daniel Paul; Suresh, Thadhani; Winter, Gilbert A.

2013-01-01

This informational paper discusses the risk assessment process conducted to analyze Control and Non-Payload Communications (CNPC) architectures for integrating civil Unmanned Aircraft Systems (UAS) into the National Airspace System (NAS). The assessment employs the National Institute of Standards and Technology (NIST) Risk Management framework to identify threats, vulnerabilities, and risks to these architectures and recommends corresponding mitigating security controls. This process builds upon earlier work performed by RTCA Special Committee (SC) 203 and the Federal Aviation Administration (FAA) to roadmap the risk assessment methodology and to identify categories of information security risks that pose a significant impact to aeronautical communications systems. A description of the deviations from the typical process is described in regards to this aeronautical communications system. Due to the sensitive nature of the information, data resulting from the risk assessment pertaining to threats, vulnerabilities, and risks is beyond the scope of this paper

48 CFR 39.101 - Policy.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., including consideration of security of resources, protection of privacy, national security and emergency... information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of...

48 CFR 39.101 - Policy.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., including consideration of security of resources, protection of privacy, national security and emergency... information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of...

48 CFR 39.101 - Policy.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., including consideration of security of resources, protection of privacy, national security and emergency... information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of...

48 CFR 39.101 - Policy.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., including consideration of security of resources, protection of privacy, national security and emergency... information technology, agencies shall include the appropriate information technology security policies and requirements, including use of common security configurations available from the National Institute of...

Persian Gulf: U.S. Agencies Need to Improve Licensing Data and to Document Reviews of Arms Transfers for U.S. Foreign Policy and National Security Goals

DTIC Science & Technology

2010-09-01

of Defense DTSA Defense Technology Security Administration FMS Foreign Military Sales GSD Gulf Security Dialogue LOA Letter of Offer and...may refer license applications to the Defense Technology Security Administration ( DTSA ) to determine if the United States should release the...requested technology to the requesting foreign government. Specifically, DTSA assesses the sale’s impact on preserving critical U.S. military technological

National Security Technology Incubator Business Plan

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

This document contains a business plan for the National Security Technology Incubator (NSTI), developed as part of the National Security Preparedness Project (NSPP) and performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This business plan describes key features of the NSTI, including the vision and mission, organizational structure and staffing, services, evaluation criteria, marketing strategies, client processes, a budget, incubator evaluation criteria, and a development schedule. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with nationalmore » security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland. The NSTI is operated and managed by the Arrowhead Center, responsible for leading the economic development mission of New Mexico State University (NMSU). The Arrowhead Center will recruit business with applications for national security technologies recruited for the NSTI program. The Arrowhead Center and its strategic partners will provide business incubation services, including hands-on mentoring in general business matters, marketing, proposal writing, management, accounting, and finance. Additionally, networking opportunities and technology development assistance will be provided.« less

Crowdsourcing conservation: The role of citizen science in securing a future for seagrass.

PubMed

Jones, Benjamin L; Unsworth, Richard K F; McKenzie, Len J; Yoshida, Rudi L; Cullen-Unsworth, Leanne C

2017-11-11

Seagrass meadows are complex social-ecological systems. Understanding seagrass meadows demands a fresh approach integrating "the human dimension". Citizen science is widely acknowledged for providing significant contributions to science, education, society and policy. Although the take up of citizen science in the marine environment has been slow, the need for such methods to fill vast information gaps is arguably great. Seagrass meadows are easy to access and provide an example of where citizen science is expanding. Technological developments have been pivotal to this, providing new opportunities for citizens to engage with seagrass. The increasing use of online tools has created opportunities to collect and submit as well as help process and analyse data. Citizen science has helped researchers integrate scientific and local knowledge and engage communities to implement conservation measures. Here we use a selection of examples to demonstrate how citizen science can secure a future for seagrass. Copyright © 2017 Elsevier Ltd. All rights reserved.

Space and Time Partitioning with Hardware Support for Space Applications

NASA Astrophysics Data System (ADS)

Pinto, S.; Tavares, A.; Montenegro, S.

2016-08-01

Complex and critical systems like airplanes and spacecraft implement a very fast growing amount of functions. Typically, those systems were implemented with fully federated architectures, but the number and complexity of desired functions of todays systems led aerospace industry to follow another strategy. Integrated Modular Avionics (IMA) arose as an attractive approach for consolidation, by combining several applications into one single generic computing resource. Current approach goes towards higher integration provided by space and time partitioning (STP) of system virtualization. The problem is existent virtualization solutions are not ready to fully provide what the future of aerospace are demanding: performance, flexibility, safety, security while simultaneously containing Size, Weight, Power and Cost (SWaP-C).This work describes a real time hypervisor for space applications assisted by commercial off-the-shell (COTS) hardware. ARM TrustZone technology is exploited to implement a secure virtualization solution with low overhead and low memory footprint. This is demonstrated by running multiple guest partitions of RODOS operating system on a Xilinx Zynq platform.

A Cryptographic SoC for Robust Protection of Secret Keys in IPTV DRM Systems

NASA Astrophysics Data System (ADS)

Lee, Sanghan; Yang, Hae-Yong; Yeom, Yongjin; Park, Jongsik

The security level of an internet protocol television (IPTV) digital right management (DRM) system ultimately relies on protection of secret keys. Well known devices for the key protection include smartcards and battery backup SRAMs (BB-SRAMs); however, these devices could be vulnerable to various physical attacks. In this paper, we propose a secure and cost-effective design of a cryptographic system on chip (SoC) that integrates the BB-SRAM with a cell-based design technique. The proposed SoC provides robust safeguard against the physical attacks, and satisfies high-speed and low-price requirements of IPTV set-top boxes. Our implementation results show that the maximum encryption rate of the SoC is 633Mb/s. In order to verify the data retention capabilities, we made a prototype chip using 0.18µm standard cell technology. The experimental results show that the integrated BB-SRAM can reliably retain data with a 1.4µA leakage current.

21 CFR 1311.08 - Incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of Standards and Technology, Computer Security Division, Information Technology Laboratory, National... standards are available from the National Institute of Standards and Technology, Computer Security Division... 140-2, Security Requirements for Cryptographic Modules, May 25, 2001, as amended by Change Notices 2...

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Drone Technology and Future Aviation on This Week @NASA – August 5, 2016

NASA Image and Video Library

2016-08-05

On Aug. 2, NASA’s Associate Administrator for Aeronautics Jaiwon Shin, representatives from the Federal Aviation Administration (FAA), aviation industry leaders and the academic research community participated in a workshop hosted by the White House Office of Science and Technology Policy (OSTP) to discuss Drones and the Future of Aviation. The event was designed to explore airspace integration issues; public and commercial uses; and safety, security, and privacy concerns related to this emerging technology. NASA is working with the FAA on a traffic management system that will enable pilots of these aircraft to fly safely in the national airspace. Also, Maryland Storms Imaged from Space, Io’s Collapsing Atmosphere, Orion Crew Module Moved, AstrOlympics, and more!

Transparent and Flexible Self-Charging Power Film and Its Application in a Sliding Unlock System in Touchpad Technology.

PubMed

Luo, Jianjun; Tang, Wei; Fan, Feng Ru; Liu, Chaofeng; Pang, Yaokun; Cao, Guozhong; Wang, Zhong Lin

2016-08-23

Portable and wearable personal electronics and smart security systems are accelerating the development of transparent, flexible, and thin-film electronic devices. Here, we report a transparent and flexible self-charging power film (SCPF) that functions either as a power generator integrated with an energy storage unit or as a self-powered information input matrix. The SCPF possesses the capability of harvesting mechanical energy from finger motions, based on the coupling between the contact electrification and electrostatic induction effects, and meanwhile storing the generated energy. Under the fast finger sliding, the film can be charged from 0 to 2.5 V within 2094 s and discharge at 1 μA for approximately 1630 s. Furthermore, the film is able to identify personal characteristics during a sliding motion by recording the electric signals related to the person's individual bioelectricity, applied pressing force, sliding speed, and so on, which shows its potential applications in security systems in touchpad technology.

Development of a Laser for Landmine Destruction Final Report CRADA No. TC02126.0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yamamoto, R.; Sheppard, C.

2017-08-31

This was one of two CRADAs between Lawrence Livermore National Security, LLC as manager and operator of Lawrence Livermore National Laboratory (LLNL) and First Alliance Technologies, LLC (First Alliance), to conduct research and development activity toward an integrated system for the detecting, locating, and destroying of landmines and unexploded ordinance using a laser to destroy landmines and unexploded ordinance and First Alliance’s Land Mine Locator (LML) system.

Test and Evaluation Enhancements for Cognitive Radio Technologies

DTIC Science & Technology

2015-05-13

SECURITY CLASSIFICATION OF: This document serves as the final report for the Department of Defense (DoD) Research and Education Program for...report will described the instrumentation and the integration into the academic and research programs . All instrumentation has been procured, delivered...UNIT NUMBER 5c. PROGRAM ELEMENT NUMBER 5b. GRANT NUMBER 5a. CONTRACT NUMBER Form Approved OMB NO. 0704-0188 3. DATES COVERED (From - To) - UU UU UU UU

Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

DTIC Science & Technology

2008-03-01

Machine [29]. OC4J applications support Java Servlets , Web services, and the following J2EE specific standards: Extensible Markup Language (XML...IMAP Internet Message Access Protocol IP Internet Protocol IT Information Technology xviii J2EE Java Enterprise Environment JSR 168 Java ...LDAP), World Wide Web Distributed Authoring and Versioning (WebDav), Java Specification Request 168 (JSR 168), and Web Services for Remote

Hydrogen Infrastructure Testing and Research Facility

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2017-04-10

Learn about the Hydrogen Infrastructure Testing and Research Facility (HITRF), where NREL researchers are working on vehicle and hydrogen infrastructure projects that aim to enable more rapid inclusion of fuel cell and hydrogen technologies in the market to meet consumer and national goals for emissions reduction, performance, and energy security. As part of NREL’s Energy Systems Integration Facility (ESIF), the HITRF is designed for collaboration with a wide range of hydrogen, fuel cell, and transportation stakeholders.

Tracking Next-Generation Automatic Identification Technology (AIT) into 2035

DTIC Science & Technology

2010-04-01

Non-proliferation and Treaty inspections  Shielding / EMI issues  Security/Integrity/Encryption  Taiwan Shipment Fact Sheet http...followed the technical data, but had no idea that they had a live nuclear warhead. While the nuclear ALCM was loaded on the munitions trailer , the...three-man team continued to assemble the other seven ALCMs. As the end of shift neared, all eight ALCMs were loaded on the munitions trailers and the

Perimeter Security and Intruder Detection Using Gravity Gradiometry: A Feasibility Study

DTIC Science & Technology

2011-03-24

design, build, and operate, and it is usually not feasible to integrate new technology into an already existing system. So far, however, the...gravitational gradients is not a new concept and has been applied across a variety of industries. The first device for gravity gradient measurement was the...which generates a new simulated GGI reading. The program loops for a set number of iterations, and then ends by calculating algorithm performance

Remote object authentication: confidence model, cryptosystem and protocol

NASA Astrophysics Data System (ADS)

Lancrenon, Jean; Gillard, Roland; Fournel, Thierry

2009-04-01

This paper follows a paper by Bringer et al.3 to adapt a security model and protocol used for remote biometric authentication to the case of remote morphometric object authentication. We use a different type of encryption technique that requires smaller key sizes and has a built-in mechanism to help control the integrity of the messages received by the server. We also describe the optical technology used to extract the morphometric templates.

75 FR 28275 - Homeland Security Science and Technology Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-20

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0020] Homeland Security Science and...; Notice of Closed Federal Advisory Committee Meeting. SUMMARY: On April 12, 2010, the Homeland Security...: The Homeland Security Science and Technology Advisory Committee met on April 20, 2010 from 8:30 a.m...

77 FR 32655 - DHS Data Privacy and Integrity Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... Officer, Data Privacy and Integrity Advisory Committee, Department of Homeland Security, 245 Murray Lane..., DHS Data Privacy and Integrity Advisory Committee, Department of Homeland Security, 245 Murray Lane SW... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2012-0029] DHS Data...

76 FR 45645 - 10-Day Notice of Proposed Information Collection: Technology Security/Clearance Plans, Screening...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-29

...: Technology Security/Clearance Plans, Screening Records, and Non-Disclosure Agreements ACTION: Notice of... Information Collection: Technology Security/ Clearance Plans, Screening Records, and Non-Disclosure Agreements...: None. Respondents: Business and Nonprofit Organizations, Foreign Governments. Estimated Number of...

32 CFR 2400.46 - Suggestions or complaints.

Code of Federal Regulations, 2014 CFR

2014-07-01

... POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.46... Science and Technology Policy Information Security Program should do so in writing. This correspondence...

32 CFR 2400.46 - Suggestions or complaints.

Code of Federal Regulations, 2012 CFR

2012-07-01

... POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.46... Science and Technology Policy Information Security Program should do so in writing. This correspondence...

32 CFR 2400.46 - Suggestions or complaints.

Code of Federal Regulations, 2010 CFR

2010-07-01

... POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.46... Science and Technology Policy Information Security Program should do so in writing. This correspondence...

32 CFR 2400.46 - Suggestions or complaints.

Code of Federal Regulations, 2011 CFR

2011-07-01

... POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.46... Science and Technology Policy Information Security Program should do so in writing. This correspondence...

32 CFR 2400.46 - Suggestions or complaints.

Code of Federal Regulations, 2013 CFR

2013-07-01

... POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.46... Science and Technology Policy Information Security Program should do so in writing. This correspondence...

76 FR 41274 - Committee Name: Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-13

..., cyber-security, knowledge management and how best to leverage related technologies funded by other... Science and Technology Advisory Committee (HSSTAC) ACTION: Committee Management; Notice of Federal... Committee Management Secretariat, General Services Administration. Name of Committee: Homeland Security...

School Security Technologies

ERIC Educational Resources Information Center

Schneider, Tod

2010-01-01

Over the past decade electronic security technology has evolved from an exotic possibility into an essential safety consideration. Before resorting to high-tech security solutions, school officials should think carefully about the potential for unintended consequences. Technological fixes may be mismatched to the problems being addressed. They can…

Input from Key Stakeholders in the National Security Technology Incubator

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

This report documents the input from key stakeholders of the National Security Technology Incubator (NSTI) in developing a new technology incubator and related programs for southern New Mexico. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes identification of key stakeholders as well as a description and analysis of their input for the development of an incubator.

Control and Communication for a Secure and Reconfigurable Power Distribution System

NASA Astrophysics Data System (ADS)

Giacomoni, Anthony Michael

A major transformation is taking place throughout the electric power industry to overlay existing electric infrastructure with advanced sensing, communications, and control system technologies. This transformation to a smart grid promises to enhance system efficiency, increase system reliability, support the electrification of transportation, and provide customers with greater control over their electricity consumption. Upgrading control and communication systems for the end-to-end electric power grid, however, will present many new security challenges that must be dealt with before extensive deployment and implementation of these technologies can begin. In this dissertation, a comprehensive systems approach is taken to minimize and prevent cyber-physical disturbances to electric power distribution systems using sensing, communications, and control system technologies. To accomplish this task, an intelligent distributed secure control (IDSC) architecture is presented and validated in silico for distribution systems to provide greater adaptive protection, with the ability to proactively reconfigure, and rapidly respond to disturbances. Detailed descriptions of functionalities at each layer of the architecture as well as the whole system are provided. To compare the performance of the IDSC architecture with that of other control architectures, an original simulation methodology is developed. The simulation model integrates aspects of cyber-physical security, dynamic price and demand response, sensing, communications, intermittent distributed energy resources (DERs), and dynamic optimization and reconfiguration. Applying this comprehensive systems approach, performance results for the IEEE 123 node test feeder are simulated and analyzed. The results show the trade-offs between system reliability, operational constraints, and costs for several control architectures and optimization algorithms. Additional simulation results are also provided. In particular, the advantages of an IDSC architecture are highlighted when an intermittent DER is present on the system.

U.S.-CHINA RADIOLOGICAL SOURCE SECURITY PROJECT: CONTINUING AND EXPANDING BILATERAL COOPERATION

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zhu, Zhixuan; Zhou, Qifu; Yang, Yaoyun

2009-10-07

The successful radiological security cooperation between the U.S. and China to secure at-risk sites near venues of the 2008 Beijing Summer Olympics has led to an expanded bilateral nonproliferation cooperation scope. The U.S. Department of Energy’s National Nuclear Security Administration, the Chinese Atomic Energy Authority and the China Ministry of Environmental Protection are continuing joint efforts to secure radiological sources throughout China under the U.S.-China Peaceful Uses of Nuclear Technology (PUNT) Agreement. Joint cooperation activities include physical security upgrades of sites with International Atomic Energy Agency (IAEA) Category 1 radiological sources, packaging, recovery, and storage of high activity transuranic andmore » beta gamma sources, and secure transportation practices for the movement of recovered sources. Expansion of cooperation into numerous provinces within China includes the use of integrated training workshops that will demonstrate methodologies and best practices between U.S. and Chinese radiological source security and recovery experts. The fiscal year 2009 expanded scope of cooperation will be conducted similar to the 2008 Olympic cooperation with the Global Threat Reduction Initiative taking the lead for the U.S., PUNT being the umbrella agreement, and Los Alamos, Sandia, and Oak Ridge National Laboratories operating as technical working groups. This paper outlines the accomplishments of the joint implementation and training efforts to date and discusses the possible impact on future U.S./China cooperation.« less

An Axiology of Information Security for Futuristic Neuroprostheses: Upholding Human Values in the Context of Technological Posthumanization

PubMed Central

Gladden, Matthew E.

2017-01-01

Previous works exploring the challenges of ensuring information security for neuroprosthetic devices and their users have typically built on the traditional InfoSec concept of the “CIA Triad” of confidentiality, integrity, and availability. However, we argue that the CIA Triad provides an increasingly inadequate foundation for envisioning information security for neuroprostheses, insofar as it presumes that (1) any computational systems to be secured are merely instruments for expressing their human users' agency, and (2) computing devices are conceptually and practically separable from their users. Drawing on contemporary philosophy of technology and philosophical and critical posthumanist analysis, we contend that futuristic neuroprostheses could conceivably violate these basic InfoSec presumptions, insofar as (1) they may alter or supplant their users' biological agency rather than simply supporting it, and (2) they may structurally and functionally fuse with their users to create qualitatively novel “posthumanized” human-machine systems that cannot be secured as though they were conventional computing devices. Simultaneously, it is noted that many of the goals that have been proposed for future neuroprostheses by InfoSec researchers (e.g., relating to aesthetics, human dignity, authenticity, free will, and cultural sensitivity) fall outside the scope of InfoSec as it has historically been understood and touch on a wide range of ethical, aesthetic, physical, metaphysical, psychological, economic, and social values. We suggest that the field of axiology can provide useful frameworks for more effectively identifying, analyzing, and prioritizing such diverse types of values and goods that can (and should) be pursued through InfoSec practices for futuristic neuroprostheses. PMID:29163010

A Systematic Review of Research Studies Examining Telehealth Privacy and Security Practices used by Healthcare Providers

PubMed Central

WATZLAF, VALERIE J. M.; ZHOU, LEMING; DEALMEIDA, DILHARI R.; HARTMAN, LINDA M.

2017-01-01

The objective of this systematic review was to systematically review papers in the United States that examine current practices in privacy and security when telehealth technologies are used by healthcare providers. A literature search was conducted using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Protocols (PRISMA-P). PubMed, CINAHL and INSPEC from 2003 – 2016 were searched and returned 25,404 papers (after duplications were removed). Inclusion and exclusion criteria were strictly followed to examine title, abstract, and full text for 21 published papers which reported on privacy and security practices used by healthcare providers using telehealth. Data on confidentiality, integrity, privacy, informed consent, access control, availability, retention, encryption, and authentication were all searched and retrieved from the papers examined. Papers were selected by two independent reviewers, first per inclusion/exclusion criteria and, where there was disagreement, a third reviewer was consulted. The percentage of agreement and Cohen’s kappa was 99.04% and 0.7331 respectively. The papers reviewed ranged from 2004 to 2016 and included several types of telehealth specialties. Sixty-seven percent were policy type studies, and 14 percent were survey/interview studies. There were no randomized controlled trials. Based upon the results, we conclude that it is necessary to have more studies with specific information about the use of privacy and security practices when using telehealth technologies as well as studies that examine patient and provider preferences on how data is kept private and secure during and after telehealth sessions. PMID:29238448

An Axiology of Information Security for Futuristic Neuroprostheses: Upholding Human Values in the Context of Technological Posthumanization.

PubMed

Gladden, Matthew E

2017-01-01

Previous works exploring the challenges of ensuring information security for neuroprosthetic devices and their users have typically built on the traditional InfoSec concept of the "CIA Triad" of confidentiality, integrity, and availability. However, we argue that the CIA Triad provides an increasingly inadequate foundation for envisioning information security for neuroprostheses, insofar as it presumes that (1) any computational systems to be secured are merely instruments for expressing their human users' agency, and (2) computing devices are conceptually and practically separable from their users. Drawing on contemporary philosophy of technology and philosophical and critical posthumanist analysis, we contend that futuristic neuroprostheses could conceivably violate these basic InfoSec presumptions, insofar as (1) they may alter or supplant their users' biological agency rather than simply supporting it, and (2) they may structurally and functionally fuse with their users to create qualitatively novel "posthumanized" human-machine systems that cannot be secured as though they were conventional computing devices. Simultaneously, it is noted that many of the goals that have been proposed for future neuroprostheses by InfoSec researchers (e.g., relating to aesthetics, human dignity, authenticity, free will, and cultural sensitivity) fall outside the scope of InfoSec as it has historically been understood and touch on a wide range of ethical, aesthetic, physical, metaphysical, psychological, economic, and social values. We suggest that the field of axiology can provide useful frameworks for more effectively identifying, analyzing, and prioritizing such diverse types of values and goods that can (and should) be pursued through InfoSec practices for futuristic neuroprostheses.

Flexible operation of thermal plants with integrated energy storage technologies

NASA Astrophysics Data System (ADS)

Koytsoumpa, Efthymia Ioanna; Bergins, Christian; Kakaras, Emmanouil

2017-08-01

The energy system in the EU requires today as well as towards 2030 to 2050 significant amounts of thermal power plants in combination with the continuously increasing share of Renewables Energy Sources (RES) to assure the grid stability and to secure electricity supply as well as to provide heat. The operation of the conventional fleet should be harmonised with the fluctuating renewable energy sources and their intermittent electricity production. Flexible thermal plants should be able to reach their lowest minimum load capabilities while keeping the efficiency drop moderate as well as to increase their ramp up and down rates. A novel approach for integrating energy storage as an evolutionary measure to overcome many of the challenges, which arise from increasing RES and balancing with thermal power is presented. Energy storage technologies such as Power to Fuel, Liquid Air Energy Storage and Batteries are investigated in conjunction with flexible power plants.

HIPAA for physicians in the information age.

PubMed

Kavoussi, Shaheen C; Huang, John J; Tsai, James C; Kempton, James E

2014-08-01

The increased prominence of electronic health records, email, mobile devices, and social media has transformed the health care environment by providing both physicians and patients with opportunities for rapid communication and knowledge exchange. However, these technological advances require increased attention to patient privacy under the Health Insurance Portability and Accountability Act (HIPAA). Instant access to large amounts of electronic protected health information (PHI) merits the highest standard of network security and HIPAA training for all staff members. Physicians are responsible for protecting PHI stored on portable devices. Personal, residential, and public wireless connections are not certified with HIPAA-compliant Business Associate Agreements and are unsuitablefor PHI. A professional and privacy-oriented approach to electronic communication, online activity, and social media is imperative to maintaining public trust in physician integrity. As new technologies are integrated into health care practice, the assurance of privacy will encourage patients to continue to seek medical care.

Software to Manage the Unmanageable

NASA Technical Reports Server (NTRS)

2005-01-01

In 1995, NASA s Jet Propulsion Laboratory (JPL) contracted Redmond, Washington-based Lucidoc Corporation, to design a technology infrastructure to automate the intersection between policy management and operations management with advanced software that automates document workflow, document status, and uniformity of document layout. JPL had very specific parameters for the software. It expected to store and catalog over 8,000 technical and procedural documents integrated with hundreds of processes. The project ended in 2000, but NASA still uses the resulting highly secure document management system, and Lucidoc has managed to help other organizations, large and small, with integrating document flow and operations management to ensure a compliance-ready culture.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Backus, George A.; Strickland, James Hassler

Globally, there is no lack of security threats. Many of them demand priority engagement and there can never be adequate resources to address all threats. In this context, climate is just another aspect of global security and the Arctic just another region. In light of physical and budgetary constraints, new security needs must be integrated and prioritized with existing ones. This discussion approaches the security impacts of climate from that perspective, starting with the broad security picture and establishing how climate may affect it. This method provides a different view from one that starts with climate and projects it, inmore » isolation, as the source of a hypothetical security burden. That said, the Arctic does appear to present high-priority security challenges. Uncertainty in the timing of an ice-free Arctic affects how quickly it will become a security priority. Uncertainty in the emergent extreme and variable weather conditions will determine the difficulty (cost) of maintaining adequate security (order) in the area. The resolution of sovereignty boundaries affects the ability to enforce security measures, and the U.S. will most probably need a military presence to back-up negotiated sovereignty agreements. Without additional global warming, technology already allows the Arctic to become a strategic link in the global supply chain, possibly with northern Russia as its main hub. Additionally, the multinational corporations reaping the economic bounty may affect security tensions more than nation-states themselves. Countries will depend ever more heavily on the global supply chains. China has particular needs to protect its trade flows. In matters of security, nation-state and multinational-corporate interests will become heavily intertwined.« less

Security Risks: Management and Mitigation in the Software Life Cycle

NASA Technical Reports Server (NTRS)

Gilliam, David P.

2004-01-01

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

PubMed

Smith, Alan D

2009-01-01

Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

Photonic quantum technologies (Presentation Recording)

NASA Astrophysics Data System (ADS)

O'Brien, Jeremy L.

2015-09-01

The impact of quantum technology will be profound and far-reaching: secure communication networks for consumers, corporations and government; precision sensors for biomedical technology and environmental monitoring; quantum simulators for the design of new materials, pharmaceuticals and clean energy devices; and ultra-powerful quantum computers for addressing otherwise impossibly large datasets for machine learning and artificial intelligence applications. However, engineering quantum systems and controlling them is an immense technological challenge: they are inherently fragile; and information extracted from a quantum system necessarily disturbs the system itself. Of the various approaches to quantum technologies, photons are particularly appealing for their low-noise properties and ease of manipulation at the single qubit level. We have developed an integrated waveguide approach to photonic quantum circuits for high performance, miniaturization and scalability. We will described our latest progress in generating, manipulating and interacting single photons in waveguide circuits on silicon chips.

National research and education network

NASA Technical Reports Server (NTRS)

Villasenor, Tony

1991-01-01

Some goals of this network are as follows: Extend U.S. technological leadership in high performance computing and computer communications; Provide wide dissemination and application of the technologies both to the speed and the pace of innovation and to serve the national economy, national security, education, and the global environment; and Spur gains in the U.S. productivity and industrial competitiveness by making high performance computing and networking technologies an integral part of the design and production process. Strategies for achieving these goals are as follows: Support solutions to important scientific and technical challenges through a vigorous R and D effort; Reduce the uncertainties to industry for R and D and use of this technology through increased cooperation between government, industry, and universities and by the continued use of government and government funded facilities as a prototype user for early commercial HPCC products; and Support underlying research, network, and computational infrastructures on which U.S. high performance computing technology is based.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 6 2011-10-01 2011-10-01 false Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

48 CFR 1804.470 - Security requirements for unclassified information technology (IT) resources.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Security requirements for unclassified information technology (IT) resources. 1804.470 Section 1804.470 Federal Acquisition Regulations... Classified Information Within Industry 1804.470 Security requirements for unclassified information technology...

32 CFR 2400.45 - Information Security Program Review.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Section 2400.45 National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45...

32 CFR 2400.45 - Information Security Program Review.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Section 2400.45 National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45...

32 CFR 2400.45 - Information Security Program Review.

Code of Federal Regulations, 2012 CFR

2012-07-01

... Section 2400.45 National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45...

32 CFR 2400.45 - Information Security Program Review.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Section 2400.45 National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45...

32 CFR 2400.45 - Information Security Program Review.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Section 2400.45 National Defense Other Regulations Relating to National Defense OFFICE OF SCIENCE AND TECHNOLOGY POLICY REGULATIONS TO IMPLEMENT E.O. 12356; OFFICE OF SCIENCE AND TECHNOLOGY POLICY INFORMATION SECURITY PROGRAM Office of Science and Technology Policy Information Security Program Management § 2400.45...

CMOS-compatible photonic devices for single-photon generation

NASA Astrophysics Data System (ADS)

Xiong, Chunle; Bell, Bryn; Eggleton, Benjamin J.

2016-09-01

Sources of single photons are one of the key building blocks for quantum photonic technologies such as quantum secure communication and powerful quantum computing. To bring the proof-of-principle demonstration of these technologies from the laboratory to the real world, complementary metal-oxide-semiconductor (CMOS)-compatible photonic chips are highly desirable for photon generation, manipulation, processing and even detection because of their compactness, scalability, robustness, and the potential for integration with electronics. In this paper, we review the development of photonic devices made from materials (e.g., silicon) and processes that are compatible with CMOS fabrication facilities for the generation of single photons.

CR digital mammography: an affordable entry.

PubMed

Fischer, Cathy

2006-01-01

CR full-field digital mammography (FFDM) has been used extensively in other countries, and it was one of the 4 digital mammography technologies employed in the Digital Mammographic Imaging Screening Trial. Affordability and easy integration with pre-existing mammography systems makes CR FFDM an attractive way to secure the advantages of filmless mammography imaging. CR mammography is true digital mammography--it is merely a different way of acquiring the image. The FDA has recently approved the first CR FFDM system for sale in the United States. At Gundersen Lutheran Health System (La Crosse, Wisconsin), CR FFDM is the most practical technology for realizing the potential everyday clinical benefits of filmless mammography imaging.

Small Technology Business Incubation Needs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

2007-12-31

This report contains a summary of typical business incubation needs of small technology companies. This document will serve as a guide in the design and implementation of services offered by the National Security Technology Incubator (NSTI), an incubator program being designed and developed as part of the National Security Preparedness Project (NSPP), performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the methodology used to perform the needs assessment and services proposed to meet the needs of client companies. The purpose of the NSPP is to promote national security technologiesmore » through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland.« less

Information Security Management - Part Of The Integrated Management System

NASA Astrophysics Data System (ADS)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

Technology Requirements and Selection for Securely Partitioning OBSW

NASA Astrophysics Data System (ADS)

Mendham, Peter; Windsor, James; Eckstein, Knut

2010-08-01

The Securely Partitioning Spacecraft Computing Resources project is a current ESA TRP activity investigating the application of secure time and space partitioning (TSP) technologies to enable multi-use missions from a single platform. Secure TSP technologies are used in a number of application areas outside the space domain and an opportunity exists to 'spin-in' a suitable solution. The selection of a technology for use within space the European space industry relies on an understanding of the requirements for the application of secure TSP, of which this paper presents a summary. Further, the paper outlines the selection process taken by the project and highlights promising solutions for use today.

Space-based Science Operations Grid Prototype

NASA Technical Reports Server (NTRS)

Bradford, Robert N.; Welch, Clara L.; Redman, Sandra

2004-01-01

Grid technology is the up and coming technology that is enabling widely disparate services to be offered to users that is very economical, easy to use and not available on a wide basis. Under the Grid concept disparate organizations generally defined as "virtual organizations" can share services i.e. sharing discipline specific computer applications, required to accomplish the specific scientific and engineering organizational goals and objectives. Grids are emerging as the new technology of the future. Grid technology has been enabled by the evolution of increasingly high speed networking. Without the evolution of high speed networking Grid technology would not have emerged. NASA/Marshall Space Flight Center's (MSFC) Flight Projects Directorate, Ground Systems Department is developing a Space-based Science Operations Grid prototype to provide to scientists and engineers the tools necessary to operate space-based science payloads/experiments and for scientists to conduct public and educational outreach. In addition Grid technology can provide new services not currently available to users. These services include mission voice and video, application sharing, telemetry management and display, payload and experiment commanding, data mining, high order data processing, discipline specific application sharing and data storage, all from a single grid portal. The Prototype will provide most of these services in a first step demonstration of integrated Grid and space-based science operations technologies. It will initially be based on the International Space Station science operational services located at the Payload Operations Integration Center at MSFC, but can be applied to many NASA projects including free flying satellites and future projects. The Prototype will use the Internet2 Abilene Research and Education Network that is currently a 10 Gb backbone network to reach the University of Alabama at Huntsville and several other, as yet unidentified, Space Station based science experimenters. There is an international aspect to the Grid involving the America's Pathway (AMPath) network, the Chilean REUNA Research and Education Network and the University of Chile in Santiago that will further demonstrate how extensive these services can be used. From the user's perspective, the Prototype will provide a single interface and logon to these varied services without the complexity of knowing the where's and how's of each service. There is a separate and deliberate emphasis on security. Security will be addressed by specifically outlining the different approaches and tools used. Grid technology, unlike the Internet, is being designed with security in mind. In addition we will show the locations, configurations and network paths associated with each service and virtual organization. We will discuss the separate virtual organizations that we define for the varied user communities. These will include certain, as yet undetermined, space-based science functions and/or processes and will include specific virtual organizations required for public and educational outreach and science and engineering collaboration. We will also discuss the Grid Prototype performance and the potential for further Grid applications both space-based and ground based projects and processes. In this paper and presentation we will detail each service and how they are integrated using Grid

49 CFR 1544.409 - Integrity of screener tests.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Integrity of screener tests. 1544.409 Section 1544.409 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Screener...

National Security Technology Incubator Evaluation Process

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

This report describes the process by which the National Security Technology Incubator (NSTI) will be evaluated. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the components, steps, and measures of the proposed evaluation process. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages ofmore » early development. An effective evaluation process of the NSTI is an important step as it can provide qualitative and quantitative information on incubator performance over a given period. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The mission of the NSTI is to identify, incubate, and accelerate technologies with national security applications at various stages of development by providing hands-on mentoring and business assistance to small businesses and emerging or growing companies. To achieve success for both incubator businesses and the NSTI program, an evaluation process is essential to effectively measure results and implement corrective processes in the incubation design if needed. The evaluation process design will collect and analyze qualitative and quantitative data through performance evaluation system.« less

iMAGE cloud: medical image processing as a service for regional healthcare in a hybrid cloud environment.

PubMed

Liu, Li; Chen, Weiping; Nie, Min; Zhang, Fengjuan; Wang, Yu; He, Ailing; Wang, Xiaonan; Yan, Gen

2016-11-01

To handle the emergence of the regional healthcare ecosystem, physicians and surgeons in various departments and healthcare institutions must process medical images securely, conveniently, and efficiently, and must integrate them with electronic medical records (EMRs). In this manuscript, we propose a software as a service (SaaS) cloud called the iMAGE cloud. A three-layer hybrid cloud was created to provide medical image processing services in the smart city of Wuxi, China, in April 2015. In the first step, medical images and EMR data were received and integrated via the hybrid regional healthcare network. Then, traditional and advanced image processing functions were proposed and computed in a unified manner in the high-performance cloud units. Finally, the image processing results were delivered to regional users using the virtual desktop infrastructure (VDI) technology. Security infrastructure was also taken into consideration. Integrated information query and many advanced medical image processing functions-such as coronary extraction, pulmonary reconstruction, vascular extraction, intelligent detection of pulmonary nodules, image fusion, and 3D printing-were available to local physicians and surgeons in various departments and healthcare institutions. Implementation results indicate that the iMAGE cloud can provide convenient, efficient, compatible, and secure medical image processing services in regional healthcare networks. The iMAGE cloud has been proven to be valuable in applications in the regional healthcare system, and it could have a promising future in the healthcare system worldwide.

Hitchhiker's guide to multi-dimensional plant pathology.

PubMed

Saunders, Diane G O

2015-02-01

Filamentous pathogens pose a substantial threat to global food security. One central question in plant pathology is how pathogens cause infection and manage to evade or suppress plant immunity to promote disease. With many technological advances over the past decade, including DNA sequencing technology, an array of new tools has become embedded within the toolbox of next-generation plant pathologists. By employing a multidisciplinary approach plant pathologists can fully leverage these technical advances to answer key questions in plant pathology, aimed at achieving global food security. This review discusses the impact of: cell biology and genetics on progressing our understanding of infection structure formation on the leaf surface; biochemical and molecular analysis to study how pathogens subdue plant immunity and manipulate plant processes through effectors; genomics and DNA sequencing technologies on all areas of plant pathology; and new forms of collaboration on accelerating exploitation of big data. As we embark on the next phase in plant pathology, the integration of systems biology promises to provide a holistic perspective of plant–pathogen interactions from big data and only once we fully appreciate these complexities can we design truly sustainable solutions to preserve our resources.

Technology's Role in Security.

ERIC Educational Resources Information Center

Day, C. William

1999-01-01

Examines the use of technology to bolster the school security system, tips on selecting a security consultant, and several basic strategies to make buildings and grounds safer. Technological ideas discussed include the use of telephones in classrooms to expedite care in emergency situations, surveillance cameras to reduce crime, and metal…

Innovative dressing and securement of tunneled central venous access devices in pediatrics: a pilot randomized controlled trial.

PubMed

Ullman, Amanda J; Kleidon, Tricia; Gibson, Victoria; McBride, Craig A; Mihala, Gabor; Cooke, Marie; Rickard, Claire M

2017-08-30

Central venous access device (CVAD) associated complications are a preventable source of patient harm, frequently resulting in morbidity and delays to vital treatment. Dressing and securement products are used to prevent infectious and mechanical complications, however current complication rates suggest customary practices are inadequate. The aim of this study was to evaluate the feasibility of launching a full-scale randomized controlled efficacy trial of innovative dressing and securement products for pediatric tunneled CVAD to prevent complication and failure. An external, pilot, four-group randomized controlled trial of standard care (bordered polyurethane dressing and suture), in comparison to integrated securement-dressing, suture-less securement device, and tissue adhesive was undertaken across two large, tertiary referral pediatric hospitals in Australia. Forty-eight pediatric participants with newly inserted tunneled CVADs were consecutively recruited. The primary outcome of study feasibility was established by elements of eligibility, recruitment, attrition, protocol adherence, missing data, parent and healthcare staff satisfaction and acceptability, and effect size estimates for CVAD failure (cessation of function prior to completion of treatment) and complication (associated bloodstream infection, thrombosis, breakage, dislodgement or occlusion). Dressing integrity, product costs and site complications were also examined. Protocol feasibility was established. CVAD failure was: 17% (2/12) integrated securement-dressing; 8% (1/13) suture-less securement device; 0% tissue adhesive (0/12); and, 0% standard care (0/11). CVAD complications were: 15% (2/13) suture-less securement device (CVAD associated bloodstream infection, and occlusion and partial dislodgement); 8% (1/12) integrated securement-dressing (partial dislodgement); 0% tissue adhesive (0/12); and, 0% standard care (0/11). One CVAD-associated bloodstream infection occurred, within the suture-less securement device group. Overall satisfaction was highest in the integrated securement-dressing (mean 8.5/10; standard deviation 1.2). Improved dressing integrity was evident in the intervention arms, with the integrated securement-dressing associated with prolonged time to first dressing change (mean days 3.5). Improving the security and dressing integrity of tunneled CVADs is likely to improve outcomes for pediatric patients. Further research is necessary to identify novel, effective CVAD securement to reduce complications, and provide reliable vascular access for children. ACTRN12614000280606 ; prospectively registered on 17/03/2014.