When it comes to securing patient health information from breaches, your best medicine is a dose of prevention: A cybersecurity risk assessment checklist.

PubMed

Blanke, Sandra J; McGrady, Elizabeth

2016-07-01

Health care stakeholders are concerned about the growing risk of protecting sensitive patient health information from breaches. The Federal Emergency Management Agency (FEMA) has identified cyber attacks as an emerging concern, and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) have increased security requirements and are enforcing compliance through stiff financial penalties. The purpose of this study is to describe health care breaches of protected information, analyze the hazards and vulnerabilities of reported breach cases, and prescribe best practices of managing risk through security controls and countermeasures. Prescriptive findings were used to construct a checklist tool to assess and monitor common risks. This research uses a case methodology to describe specific examples of the 3 major types of cyber breach hazards: portable device, insider, and physical breaches. We utilize a risk management framework to prescribe preventative actions that organizations can take to assess, analyze, and mitigate these risks. The health care sector has the largest number of reported breaches, with 3 major types: portable device, insider, and physical breaches. Analysis of actual cases indicates security gaps requiring prescriptive fixes based on "best practices." Our research culminates in a 25-item checklist that organizations can use to assess existing practices and identify security gaps requiring improvement. © 2016 American Society for Healthcare Risk Management of the American Hospital Association.

Biosafety practices associated with potential agents of biocrime and biowarfare.

PubMed

Burnett, LouAnn C

2006-12-01

Conducting research in a manner that guards against theft and intentional misuse of biological materials requires a process of hazard identification and risk assessment to most effectively identify and implement a risk management plan. Procedures describing physical security, personnel reliability, and material control and accountability define a security plan for this type of research.

A framework to enhance security of physically unclonable functions using chaotic circuits

NASA Astrophysics Data System (ADS)

Chen, Lanxiang

2018-05-01

As a new technique for authentication and key generation, physically unclonable function (PUF) has attracted considerable attentions, with extensive research results achieved already. To resist the popular machine learning modeling attacks, a framework to enhance the security of PUFs is proposed. The basic idea is to combine PUFs with a chaotic system of which the response is highly sensitive to initial conditions. For this framework, a specific construction which combines the common arbiter PUF circuit, a converter, and the Chua's circuit is given to implement a more secure PUF. Simulation experiments are presented to further validate the framework. Finally, some practical suggestions for the framework and specific construction are also discussed.

Practical quantum digital signature

NASA Astrophysics Data System (ADS)

Yin, Hua-Lei; Fu, Yao; Chen, Zeng-Bing

2016-03-01

Guaranteeing nonrepudiation, unforgeability as well as transferability of a signature is one of the most vital safeguards in today's e-commerce era. Based on fundamental laws of quantum physics, quantum digital signature (QDS) aims to provide information-theoretic security for this cryptographic task. However, up to date, the previously proposed QDS protocols are impractical due to various challenging problems and most importantly, the requirement of authenticated (secure) quantum channels between participants. Here, we present the first quantum digital signature protocol that removes the assumption of authenticated quantum channels while remaining secure against the collective attacks. Besides, our QDS protocol can be practically implemented over more than 100 km under current mature technology as used in quantum key distribution.

Practice brief. Securing wireless technology for healthcare.

PubMed

Retterer, John; Casto, Brian W

2004-05-01

Wireless networking can be a very complex science, requiring an understanding of physics and the electromagnetic spectrum. While the radio theory behind the technology can be challenging, a basic understanding of wireless networking can be sufficient for small-scale deployment. Numerous security mechanisms are available to wireless technologies, making it practical, scalable, and affordable for healthcare organizations. The decision on the selected security model should take into account the needs for additional server hardware and administrative costs. Where wide area network connections exist between cooperative organizations, deployment of a distributed security model can be considered to reduce administrative overhead. The wireless approach chosen should be dynamic and concentrate on the organization's specific environmental needs. Aspects of organizational mission, operations, service level, and budget allotment as well as an organization's risk tolerance are all part of the balance in the decision to deploy wireless technology.

A Survey of Private Ohio Academic Libraries' Physical Processing Practices for Circulating Books.

ERIC Educational Resources Information Center

Factor, Olivia Spaid

Little guidance is given in today's general technical services or cataloging textbooks to assist librarians in making decisions on procedures for the physical preparation of materials prior to placement on the shelves for public access. As small, private academic libraries face automation of circulation, addition of security systems, and debates…

Nuclear Lessons for Cyber Security

DTIC Science & Technology

2011-01-01

major kinetic violence. In the physical world, governments have a near monopoly on large - scale use of force, the defender has an intimate knowledge of...with this transformative technology. Until now, the issue of cyber security has largely been the domain of computer experts and specialists. When the...with increasing economic returns to scale and political practices that make jurisdictional control difficult. Attacks from the informational realm

Full-field implementation of a perfect eavesdropper on a quantum cryptography system.

PubMed

Gerhardt, Ilja; Liu, Qin; Lamas-Linares, Antía; Skaar, Johannes; Kurtsiefer, Christian; Makarov, Vadim

2011-06-14

Quantum key distribution (QKD) allows two remote parties to grow a shared secret key. Its security is founded on the principles of quantum mechanics, but in reality it significantly relies on the physical implementation. Technological imperfections of QKD systems have been previously explored, but no attack on an established QKD connection has been realized so far. Here we show the first full-field implementation of a complete attack on a running QKD connection. An installed eavesdropper obtains the entire 'secret' key, while none of the parameters monitored by the legitimate parties indicate a security breach. This confirms that non-idealities in physical implementations of QKD can be fully practically exploitable, and must be given increased scrutiny if quantum cryptography is to become highly secure.

The AIP Career Pathways Project: Learning the Effective Practices of Physics Departments Preparing Graduates with the Bachelor's Degree for STEM Careers

NASA Astrophysics Data System (ADS)

Olsen, Thomas; Redmond, Kendra; Czujko, Roman

2012-10-01

Forty percent of students graduating with the bachelor's degree in physics seek employment immediately upon graduation. The AIP Career Pathways Project, funded by NSF, seeks to learn by site visits the effective practices of departments in preparing these students to successfully secure positions in STEM and to make these practices known by presentations, publications, and workshops. This talk will review AIP Statistical Resources data on the careers of physicists with the bachelor's degree, provide preliminary insights from the site visits, provide some advice for graduates seeking employment, and describe the upcoming workshops.

The Role Of Moral Awareness In Computer Security

NASA Astrophysics Data System (ADS)

Stawinski, Arthur

1984-08-01

Maintaining security of databases and other computer systems requires constraining the behavior of those persons who are able to access these systems so that they do not obtain, alter, or abuse the information contained in these systems. Three types of constraints are available: Physical contraints are obstructions designed to prevent (or at least make difficult) access to data by unauthorized persons; external constraints restrict behavior through threat of detection and punishment; internal constraints are self-imposed limitations on behavior which are derived from a person's moral standards. This paper argues that an effective computer security program will require attention to internal constraints as well as physical and external ones. Recent developments in moral philosophy and the psychology of moral development have given us new understanding of how individuals grow in moral awareness and how this growth can be encouraged. These insights are the foundation for some practical proposals for encouraging morally responsible behavior by computer professionals and others with access to confidential data. The aim of this paper is to encourage computer security professionals to discuss, refine and incorporate systems of internal constraints in developing methods of maintaining security.

Generalized Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system using arbitrary resistors.

PubMed

Vadai, Gergely; Mingesz, Robert; Gingl, Zoltan

2015-09-03

The Kirchhoff-Law-Johnson-Noise (KLJN) secure key exchange system has been introduced as a simple, very low cost and efficient classical physical alternative to quantum key distribution systems. The ideal system uses only a few electronic components-identical resistor pairs, switches and interconnecting wires-in order to guarantee perfectly protected data transmission. We show that a generalized KLJN system can provide unconditional security even if it is used with significantly less limitations. The more universal conditions ease practical realizations considerably and support more robust protection against attacks. Our theoretical results are confirmed by numerical simulations.

Security of BB84 with weak randomness and imperfect qubit encoding

NASA Astrophysics Data System (ADS)

Zhao, Liang-Yuan; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Fang, Xi; Han, Zheng-Fu; Huang, Wei

2018-03-01

The main threats for the well-known Bennett-Brassard 1984 (BB84) practical quantum key distribution (QKD) systems are that its encoding is inaccurate and measurement device may be vulnerable to particular attacks. Thus, a general physical model or security proof to tackle these loopholes simultaneously and quantitatively is highly desired. Here we give a framework on the security of BB84 when imperfect qubit encoding and vulnerability of measurement device are both considered. In our analysis, the potential attacks to measurement device are generalized by the recently proposed weak randomness model which assumes the input random numbers are partially biased depending on a hidden variable planted by an eavesdropper. And the inevitable encoding inaccuracy is also introduced here. From a fundamental view, our work reveals the potential information leakage due to encoding inaccuracy and weak randomness input. For applications, our result can be viewed as a useful tool to quantitatively evaluate the security of a practical QKD system.

10 CFR 95.18 - Key personnel.

Code of Federal Regulations, 2011 CFR

2011-01-01

... INFORMATION AND RESTRICTED DATA Physical Security § 95.18 Key personnel. The senior management official and... Clearance. Other key management officials, as determined by the CSA, must be granted an access authorization... organization's policies or practices in the performance of activities involving classified information. This...

Practical private database queries based on a quantum-key-distribution protocol

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jakobi, Markus; Humboldt-Universitaet zu Berlin, D-10117 Berlin; Simon, Christoph

2011-02-15

Private queries allow a user, Alice, to learn an element of a database held by a provider, Bob, without revealing which element she is interested in, while limiting her information about the other elements. We propose to implement private queries based on a quantum-key-distribution protocol, with changes only in the classical postprocessing of the key. This approach makes our scheme both easy to implement and loss tolerant. While unconditionally secure private queries are known to be impossible, we argue that an interesting degree of security can be achieved by relying on fundamental physical principles instead of unverifiable security assumptions inmore » order to protect both the user and the database. We think that the scope exists for such practical private queries to become another remarkable application of quantum information in the footsteps of quantum key distribution.« less

An All-Hazards Training Center for a Catastrophic Emergency

DTIC Science & Technology

2009-12-01

Physical Security, Military Academy, and Medical Service Corps. He held college faculty appointments as: adjunct professor for California College...Stewart has more than 20 years experience in healthcare as a Respiratory Care Practitioner. He is a registered respiratory therapist and practiced in...program.43 “The barriers to developing a nuclear weapon today are not intellectual; the barriers instead are the physical requirements needed to make a

U.S.-CHINA RADIOLOGICAL SOURCE SECURITY PROJECT: CONTINUING AND EXPANDING BILATERAL COOPERATION

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zhu, Zhixuan; Zhou, Qifu; Yang, Yaoyun

2009-10-07

The successful radiological security cooperation between the U.S. and China to secure at-risk sites near venues of the 2008 Beijing Summer Olympics has led to an expanded bilateral nonproliferation cooperation scope. The U.S. Department of Energy’s National Nuclear Security Administration, the Chinese Atomic Energy Authority and the China Ministry of Environmental Protection are continuing joint efforts to secure radiological sources throughout China under the U.S.-China Peaceful Uses of Nuclear Technology (PUNT) Agreement. Joint cooperation activities include physical security upgrades of sites with International Atomic Energy Agency (IAEA) Category 1 radiological sources, packaging, recovery, and storage of high activity transuranic andmore » beta gamma sources, and secure transportation practices for the movement of recovered sources. Expansion of cooperation into numerous provinces within China includes the use of integrated training workshops that will demonstrate methodologies and best practices between U.S. and Chinese radiological source security and recovery experts. The fiscal year 2009 expanded scope of cooperation will be conducted similar to the 2008 Olympic cooperation with the Global Threat Reduction Initiative taking the lead for the U.S., PUNT being the umbrella agreement, and Los Alamos, Sandia, and Oak Ridge National Laboratories operating as technical working groups. This paper outlines the accomplishments of the joint implementation and training efforts to date and discusses the possible impact on future U.S./China cooperation.« less

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

The Road to Covergence

ERIC Educational Resources Information Center

Villano, Matt

2008-01-01

In this article, the author offers six best practices for physical and data security convergence. These are: (1) assess the cable plant; (2) choose wisely; (3) be patient; (4) engineer for high availability; (5) test the converged network to make sure it works; and (6) don't forget the humans.

Building community resilience: what can the United States learn from experiences in other countries?

PubMed

Moore, Melinda; Chandra, Anita; Feeney, Kevin C

2013-06-01

Community resilience (CR) is emerging as a major public policy priority within disaster management and is one of two key pillars of the December 2009 US National Health Security Strategy. However, there is no clear agreement on what key elements constitute CR. We examined exemplary practices from international disaster management to validate the elements of CR, as suggested by Homeland Security Presidential Directive 21 (HSPD-21), to potentially identify new elements and to identify practices that could be emulated or adapted to help build CR. We extracted detailed information relevant to CR from unpublished case studies we had developed previously, describing exemplary practices from international natural disasters occurring between 1985 and 2005. We then mapped specific practices against the five elements of CR suggested by HSPD-21. We identified 49 relevant exemplary practices from 11 natural disasters in 10 countries (earthquakes in Mexico, India, and Iran; volcanic eruption in Philippines; hurricanes in Honduras and Cuba; floods in Bangladesh, Vietnam, and Mozambique; tsunami in Indian Ocean countries; and typhoon in Vietnam). Of these, 35 mapped well against the five elements of CR: community education, community empowerment, practice, social networks, and familiarity with local services; 15 additional practices were related to physical security and economic security. The five HSPD-21 CR elements and two additional ones we identified were closely related to one another; social networks were especially important to CR. While each disaster is unique, the elements of CR appear to be broadly applicable across countries and disaster settings. Our descriptive study provides retrospective empirical evidence that helps validate, and adds to, the elements of CR suggested by HSPD-21. It also generates hypotheses about factors contributing to CR that can be tested in future analytic or experimental research.

Self-Assembled Resonance Energy Transfer Keys for Secure Communication over Classical Channels.

PubMed

Nellore, Vishwa; Xi, Sam; Dwyer, Chris

2015-12-22

Modern authentication and communication protocols increasingly use physical keys in lieu of conventional software-based keys for security. This shift is primarily driven by the ability to derive a unique, unforgeable signature from a physical key. The sole demonstration of an unforgeable key, thus far, has been through quantum key distribution, which suffers from limited communication distances and expensive infrastructure requirements. Here, we show a method for creating unclonable keys by molecular self-assembly of resonance energy transfer (RET) devices. It is infeasible to clone the RET-key due to the inability to characterize the key using current technology, the large number of input-output combinations per key, and the variation of the key's response with time. However, the manufacturer can produce multiple identical devices, which enables inexpensive, secure authentication and communication over classical channels, and thus any distance. Through a detailed experimental survey of the nanoscale keys, we demonstrate that legitimate users are successfully authenticated 99.48% of the time and the false-positives are only 0.39%, over two attempts. We estimate that a legitimate user would have a computational advantage of more than 10(340) years over an attacker. Our method enables the discovery of physical key based multiparty authentication and communication schemes that are both practical and possess unprecedented security.

41 CFR 109-27.5008 - Control of drug substances and potable alcohol.

Code of Federal Regulations, 2012 CFR

2012-01-01

... practices shall provide for the management and physical security of controlled substances and potable... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false Control of drug substances and potable alcohol. 109-27.5008 Section 109-27.5008 Public Contracts and Property Management...

41 CFR 109-27.5008 - Control of drug substances and potable alcohol.

Code of Federal Regulations, 2014 CFR

2014-01-01

... practices shall provide for the management and physical security of controlled substances and potable... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false Control of drug substances and potable alcohol. 109-27.5008 Section 109-27.5008 Public Contracts and Property Management...

41 CFR 109-27.5008 - Control of drug substances and potable alcohol.

Code of Federal Regulations, 2013 CFR

2013-07-01

... practices shall provide for the management and physical security of controlled substances and potable... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false Control of drug substances and potable alcohol. 109-27.5008 Section 109-27.5008 Public Contracts and Property Management...

Exploitation of Unintentional Information Leakage from Integrated Circuits

ERIC Educational Resources Information Center

Cobb, William E.

2011-01-01

The information leakage of electronic devices, especially those used in cryptographic or other vital applications, represents a serious practical threat to secure systems. While physical implementation attacks have evolved rapidly over the last decade, relatively little work has been done to allow system designers to effectively counter the…

Radioactive source security: the cultural challenges.

PubMed

Englefield, Chris

2015-04-01

Radioactive source security is an essential part of radiation protection. Sources can be abandoned, lost or stolen. If they are stolen, they could be used to cause deliberate harm and the risks are varied and significant. There is a need for a global security protection system and enhanced capability to achieve this. The establishment of radioactive source security requires 'cultural exchanges'. These exchanges include collaboration between: radiation protection specialists and security specialists; the nuclear industry and users of radioactive sources; training providers and regulators/users. This collaboration will facilitate knowledge and experience exchange for the various stakeholder groups, beyond those already provided. This will promote best practice in both physical and information security and heighten security awareness generally. Only if all groups involved are prepared to open their minds to listen to and learn from, each other will a suitable global level of control be achieved. © The Author 2014. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

Cyber physical systems based on cloud computing and internet of things for energy efficiency

NASA Astrophysics Data System (ADS)

Suciu, George; Butca, Cristina; Suciu, Victor; Cretu, Alexandru; Fratu, Octavian

2016-12-01

Cyber Physical Systems (CPS) and energy efficiency play a major role in the context of industry expansion. Management practices for improving efficiency in the field of energy consumption became a priority of many major industries who are inefficient in terms of exploitation costs. The effort of adopting energy management means in an organization is quite challenging due to the lack of resources and expertise. One major problem consists in the lack of knowledge for energy management and practices. This paper aims to present authors' concept in creating a Cyber Physical Energy System (CPES) that will change organizations' way of consuming energy, by making them aware of their use. The presented concept will consider the security of the whole system and the easy integration with the existing electric network infrastructure.

Department of Defense Information Network (DODIN): A Study of Current Cyber Threats and Best Practices for Network Security

DTIC Science & Technology

2016-06-10

DODIN) is being threatened by state actors, non-state actors, and continuous hacking and cyber-attacks. These threats against the network come in a...variety of forms; physical attacks from radio jamming, logical cyber threats from hacking , or a combination of both physical and logical attacks. Each...year the number of hacking attacks is increasing. Corporations like Symantec publish annual reports on cyber threats and provide tips for best

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Standardization of quantum key distribution and the ETSI standardization initiative ISG-QKD

NASA Astrophysics Data System (ADS)

Länger, Thomas; Lenhart, Gaby

2009-05-01

In recent years, quantum key distribution (QKD) has been the object of intensive research activities and of rapid progress, and it is now developing into a competitive industry with commercial products. Once QKD systems are transferred from the controlled environment of physical laboratories into a real-world environment for practical use, a number of practical security, compatibility and connectivity issues need to be resolved. In particular, comprehensive security evaluation and watertight security proofs need to be addressed to increase trust in QKD. System interoperability with existing infrastructures and applications as well as conformance with specific user requirements have to be assured. Finding common solutions to these problems involving all actors can provide an advantage for the commercialization of QKD as well as for further technological development. The ETSI industry specification group for QKD (ISG-QKD) offers a forum for creating such universally accepted standards and will promote significant leverage effects on coordination, cooperation and convergence in research, technical development and business application of QKD.

Augmenting Probabilistic Risk Assesment with Malevolent Initiators

DOE Office of Scientific and Technical Information (OSTI.GOV)

Curtis Smith; David Schwieder

2011-11-01

As commonly practiced, the use of probabilistic risk assessment (PRA) in nuclear power plants only considers accident initiators such as natural hazards, equipment failures, and human error. Malevolent initiators are ignored in PRA, but are considered the domain of physical security, which uses vulnerability assessment based on an officially specified threat (design basis threat). This paper explores the implications of augmenting and extending existing PRA models by considering new and modified scenarios resulting from malevolent initiators. Teaming the augmented PRA models with conventional vulnerability assessments can cost-effectively enhance security of a nuclear power plant. This methodology is useful for operatingmore » plants, as well as in the design of new plants. For the methodology, we have proposed an approach that builds on and extends the practice of PRA for nuclear power plants for security-related issues. Rather than only considering 'random' failures, we demonstrated a framework that is able to represent and model malevolent initiating events and associated plant impacts.« less

6 CFR 37.43 - Physical security of DMV production facilities.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Physical security of DMV production facilities... Identification Card Production Facilities § 37.43 Physical security of DMV production facilities. (a) States must ensure the physical security of facilities where driver's licenses and identification cards are produced...

Compliance with HIPAA security standards in U.S. Hospitals.

PubMed

Davis, Diane; Having, Karen

2006-01-01

With the widespread use of computer networks, the amount of information stored electronically has grown exponentially, resulting in increased concern for privacy and security of information. The healthcare industry has been put to the test with the federally mandated Health Insurance Portability and Accountability Act (HIPAA) of 1996. To assess the compliance status of HIPAA security standards, a random sample of 1,000 U.S. hospitals was surveyed in January 2004, yielding a return rate of 29 percent. One year later, a follow-up survey was sent to all previous respondents, with 50 percent replying. HIPAA officers'perceptions of security compliance in 2004 and 2005 are compared in this article. The security standards achieving the highest level of compliance in both 2004 and 2005 were obtaining required business associate agreements and physical safeguards to limit access to electronic information systems. Respondents indicated least compliance both years in performing periodic evaluation of security practices governed by the Security Rule. Roadblocks, threats, problems and solutions regarding HIPAA compliance are discussed. This information may be applied to current and future strategies toward maintaining security of information systems throughout the healthcare industry.

Opening a new office: the dentist's personal frontier.

PubMed

Crafton, B Casey; Lofft, Alexander H

2006-01-01

The purpose of this article is to assist the dental practitioner by providing insight into commercial real estate and a framework for identifying and securing new office space, as well as by addressing concerns about the physical space of a dental practice. In the process of identifying and securing new office space, the dental practitioner can maximize efficiency and minimize risk by assembling a team of professionals to assist him or her. This team should be composed of an accountant and an attorney, as well as a dental equipment/design specialist and a commercial real estate professional. The professional team will provide invaluable assistance to the dentist, enabling him or her to avoid major financial, legal, logistic and real estate-related pitfalls inherent in establishing or moving a dental practice.

School Security Measures and Longitudinal Trends in Adolescents' Experiences of Victimization.

PubMed

Fisher, Benjamin W; Mowen, Thomas J; Boman, John H

2018-06-01

Although school security measures have become a common fixture in public schools across the United States, research on the relationship between security and adolescent victimization is mixed, with very few studies examining trends in adolescent victimization across time. Using two waves of data from the Educational Longitudinal Study 2002 (N = 7659; 50.6% female; 56.7% White, 13.3% Black, 13.5% Hispanic, 11.3% Asian American, 5.4% other race), results from a series of multi-level models demonstrate that adolescents in schools with more security measures report higher odds of being threatened with harm, and no difference in odds of being in a physical altercation or having something stolen over time. Although prior research has established racial disparities in using school security measures, results demonstrate inconsistent patterns in the extent to which adolescents' race conditions the relationship between security and victimization. The findings are discussed in light of existing theoretical and empirical work, and implications for both research and practice are offered.

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

The Impact of 'Being There': Psychiatric Staff Attitudes on the Use of Restraint.

PubMed

Dahan, Sagit; Levi, Galit; Behrbalk, Pnina; Bronstein, Israel; Hirschmann, Shmuel; Lev-Ran, Shaul

2018-03-01

The practice of mechanically restraining psychiatric patients is constantly under debate, and staff attitudes are considered a central factor influencing restraining practices. The aim of this study was to explore associations between psychiatric staff members' presence and participation in incidences of restraint and attitudes towards mechanical restraints. Staff members (psychiatrists, nurses, paramedical staff; N = 143 working in a government psychiatric hospital in Israel) completed a questionnaire including personal information, participation in incidents of restraint and attitudes towards mechanical restraints. Items were categorized into the following categories: security and care; humiliation and offending; control; order; education and punishment. Compared to those who were not present during restraint, staff members who were present agreed significantly less with statements indicating that restraints are humiliating and offending and agreed more with statements indicating that restraints are used primarily for security and care (p < .05). Among those present in incidences of restraint, staff members who physically participated in restraint agreed significantly more with statements indicating that restraints are a means for security, care and order, and less with statements indicating restraints are humiliating and offending, compared to those present but not physically participating in restraint (p < .05). These findings highlight the importance of proximity of staff members to incidences of restraints. This may have implications in understanding the professional and social discourse concerning mechanical restraints.

Summary of Technical Meeting To Compare US/French Approaches for Physical Protection Test Beds

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mack, Thomas Kimball; Martinez, Ruben; Thomas, Gerald

In September 2015, representatives of the US Department of Energy/National Nuclear Security Administration, including test bed professionals from Sandia National Laboratories, and representatives of the French Alternative Energies and Atomic Energy Commission participated in a one-week workshop to share best practices in design, organization, operations, utilization, improvement, and performance testing of physical protection test beds. The intended workshop outcomes were to (1) share methods of improving respective test bed methodologies and programs and (2) prepare recommendations for standards regarding creating and operating testing facilities for nations new to nuclear operations. At the workshop, the French and American subject matter expertsmore » compared best practices as developed at their respective test bed sites; discussed access delay test bed considerations; and presented the limitations/ constraints of physical protection test beds.« less

Physical activity practice among children and adolescents with visual impairment--influence of parental support and perceived barriers.

PubMed

Greguol, Márcia; Gobbi, Erica; Carraro, Attilio

2015-01-01

To analyze the practice of physical activity among children and adolescents with visual impairments (VI), regarding the possible influence of parental support and perceived barriers. Twenty-two young people with VIs (10 + 2.74 years old) and one of each of their parents were evaluated. They responded to the Physical Activity Questionnaire for Older Children (PAQ-C), Baecke Questionnaire, the Parental Support Scale and a questionnaire about perceived barriers to physical activity. The independent samples t-test, pearson correlation test and chi-square test were performed. Blind young people showed lower physical activity levels. There were significant correlations both between parents' physical activity and the support offered to children and between the PAQ-C results and the importance given by young people to physical activity, but only for those aged between 8 and 10 years old. The main perceived barriers were lack of security, motivation, professional training and information about available physical activity programs. The influence of parental support seems to be an important factor in the adoption of a physically active lifestyle for young people with VI. Parents and children should have more information about the benefits and opportunities of physical activity. Implications for Rehabilitation Young people with visual impairment should be encouraged by parents to practice physical activity. More information should be provided on the benefits of physical activity to both parents and children. Professional training should be available to help support this group become more active.

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners..., DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.73 Physical security... adequate security for the area or building. If such security requires an alarm, such alarm, upon...

6 CFR 37.15 - Physical security features for the driver's license or identification card.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Physical security features for the driver's license or identification card. 37.15 Section 37.15 Domestic Security DEPARTMENT OF HOMELAND SECURITY..., Verification, and Card Issuance Requirements § 37.15 Physical security features for the driver's license or...

78 FR 59981 - Proposed Revision to Physical Security-Standard Design Certification and Operating Reactors

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-30

... the Standard Review Plan (SRP), concerning the physical security reviews of design certification... NRC staff with the physical security review of applications for design certifications, incorporate... NUCLEAR REGULATORY COMMISSION [NRC-2013-0225] Proposed Revision to Physical Security--Standard...

Cyber Exercise Playbook

DTIC Science & Technology

2014-11-01

unclassified tools and techniques that can be shared with PNs, to include social engineering, spear phishing , fake web sites, physical access attempts, and...and instead rely on commercial services such as Yahoo or Google . Some nations have quite advanced cyber security practices, but may take vastly...unauthorized access to data/systems Inject external network scanning, email phishing , malicious website access, social engineering Sample

Quantum key distribution protocol based on contextuality monogamy

NASA Astrophysics Data System (ADS)

Singh, Jaskaran; Bharti, Kishor; Arvind

2017-06-01

The security of quantum key distribution (QKD) protocols hinges upon features of physical systems that are uniquely quantum in nature. We explore the role of quantumness, as qualified by quantum contextuality, in a QKD scheme. A QKD protocol based on the Klyachko-Can-Binicioğlu-Shumovsky (KCBS) contextuality scenario using a three-level quantum system is presented. We explicitly show the unconditional security of the protocol by a generalized contextuality monogamy relationship based on the no-disturbance principle. This protocol provides a new framework for QKD which has conceptual and practical advantages over other protocols.

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Physical security standards. 110.44 Section 110.44 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) EXPORT AND IMPORT OF NUCLEAR EQUIPMENT AND MATERIAL Review of License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient...

27 CFR 19.153 - Statement of physical security.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 1 2010-04-01 2010-04-01 false Statement of physical... Plants § 19.153 Statement of physical security. (a) Content. The statement of security shall include: (1) A general description of the physical security at the distilled spirits plant, including methods...

When trust defies common security sense.

PubMed

Williams, Patricia A H

2008-09-01

Primary care medical practices fail to recognize the seriousness of security threats to their patient and practice information. This can be attributed to a lack of understanding of security concepts, underestimation of potential threats and the difficulty in configuration of security technology countermeasures. To appreciate the factors contributing to such problems, research into general practitioner security practice and perceptions of security was undertaken. The investigation focused on demographics, actual practice, issues and barriers, and practitioner perception. Poor implementation, lack of relevant knowledge and inconsistencies between principles and practice were identified as key themes. Also the results revealed an overwhelming reliance on trust in staff and in computer information systems. This clearly identified that both cultural and technical attributes contribute to the deficiencies in information security practice. The aim of this research is to understand user needs and problems when dealing with information security practice.

Security practices and regulatory compliance in the healthcare industry.

PubMed

Kwon, Juhee; Johnson, M Eric

2013-01-01

Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance. We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance. We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security. Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices). Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.

Security practices and regulatory compliance in the healthcare industry

PubMed Central

Kwon, Juhee; Johnson, M Eric

2013-01-01

Objective Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance. Design We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance. Measurement We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security. Results Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices). Conclusions Hospitals in the highest level of compliance were significantly managing third parties’ breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption. PMID:22955497

Securing 'supportive environments' for health in the face of ecosystem collapse: meeting the triple threat with a sociology of creative transformation.

PubMed

Poland, Blake; Dooris, Mark; Haluza-Delay, Randolph

2011-12-01

In this paper, we reflect on and explore what remains to be done to make the concept of supportive environments--one of the Ottawa Charter's five core action areas--a reality in the context of growing uncertainty about the future and accelerated pace of change. We pay particular attention to the physical environment, while underscoring the inextricable links between physical and social environments, and particularly the need to link social and environmental justice. The paper begins with a brief orientation to three emerging threats to health equity, namely ecological degradation, climate change, and peak oil, and their connection to economic instability, food security, energy security and other key determinants of health. We then present three contrasting perspectives on the nature of social change and how change is catalyzed, arguing for an examination of the conditions under which cultural change on the scale required to realize the vision of 'supportive environments for all' might be catalyzed, and the contribution that health promotion as a field could play in this process. Drawing on sociological theory, and specifically practice theory and the work of Pierre Bourdieu, we advocate rethinking education for social change by attending more adequately to the social conditions of transformative learning and cultural change. We conclude with an explication of three key implications for health promotion practice: a more explicit alignment with those seeking to curtail environmental destruction and promote environmental justice, strengthening engagement with local or settings-focused 'communities of practice' (such as the Transition Town movement), and finding new ways to creatively 'engage emergence', a significant departure from the current dominant focus on 'risk management'.

Securing a web-based teleradiology platform according to German law and "best practices".

PubMed

Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

2009-01-01

The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data.

A method of non-contact reading code based on computer vision

NASA Astrophysics Data System (ADS)

Zhang, Chunsen; Zong, Xiaoyu; Guo, Bingxuan

2018-03-01

With the purpose of guarantee the computer information exchange security between internal and external network (trusted network and un-trusted network), A non-contact Reading code method based on machine vision has been proposed. Which is different from the existing network physical isolation method. By using the computer monitors, camera and other equipment. Deal with the information which will be on exchanged, Include image coding ,Generate the standard image , Display and get the actual image , Calculate homography matrix, Image distort correction and decoding in calibration, To achieve the computer information security, Non-contact, One-way transmission between the internal and external network , The effectiveness of the proposed method is verified by experiments on real computer text data, The speed of data transfer can be achieved 24kb/s. The experiment shows that this algorithm has the characteristics of high security, fast velocity and less loss of information. Which can meet the daily needs of the confidentiality department to update the data effectively and reliably, Solved the difficulty of computer information exchange between Secret network and non-secret network, With distinctive originality, practicability, and practical research value.

A Review of the Extent, Nature, Characteristics and Effects of Bullying Behaviour in Schools

ERIC Educational Resources Information Center

Aluede, Oyaziwo; Adeleke, Fajoju; Omoike, Don; Afen-Akpaida, Justina

2008-01-01

Bullying behaviour no doubt is becoming a common feature, and a nightmare in schools all over the world. It is a worrisome practice in schools because it infringes on the child's right to human dignity, privacy, freedom and security. The physical, emotional and educational consequences of bullying behaviour can never be underestimated. Therefore,…

High-capacity quantum key distribution via hyperentangled degrees of freedom

NASA Astrophysics Data System (ADS)

Simon, David S.; Sergienko, Alexander V.

2014-06-01

Quantum key distribution (QKD) has long been a promising area for the application of quantum effects in solving real-world problems. However, two major obstacles have stood in the way of its widespread application: low secure key generation rates and short achievable operating distances. In this paper, a new physical mechanism for dealing with the first of these problems is proposed: the interplay between different degrees of freedom in a hyperentangled system (parametric down-conversion) is used to increase the Hilbert space dimension available for key generation while maintaining security. Polarization-based Bell tests provide security checking, while orbital angular momentum (OAM) and total angular momentum (TAM) provide a higher key generation rate. Whether to measure TAM or OAM is decided randomly in each trial. The concurrent noncommutativity of TAM with OAM and polarization provides the physical basis for quantum security. TAM measurements link polarization to OAM, so that if the legitimate participants measure OAM while the eavesdropper measures TAM (or vice-versa), then polarization entanglement is lost, revealing the eavesdropper. In contrast to other OAM-based QKD methods, complex active switching between OAM bases is not required; instead, passive switching by beam splitters combined with much simpler active switching between polarization bases makes implementation at high OAM more practical.

Software Security Practices: Integrating Security into the SDLC

DTIC Science & Technology

2011-05-01

Software Security Practices Integrating Security into the SDLC Robert A. Martin HS SEDI is a trademark of the U.S. Department of Homeland Security...2011 to 00-00-2011 4. TITLE AND SUBTITLE Software Security Practices Integrating Security into the SDLC 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c...SEDI FFRDC is managed and operated by The MITRE Corporation for DHS. 4 y y w SDLC Integrating Security into a typical software development lifecycle

Securing the data economy: translating privacy and enacting security in the development of DataSHIELD.

PubMed

Murtagh, M J; Demir, I; Jenkings, K N; Wallace, S E; Murtagh, B; Boniol, M; Bota, M; Laflamme, P; Boffetta, P; Ferretti, V; Burton, P R

2012-01-01

Contemporary bioscience is seeing the emergence of a new data economy: with data as its fundamental unit of exchange. While sharing data within this new 'economy' provides many potential advantages, the sharing of individual data raises important social and ethical concerns. We examine ongoing development of one technology, DataSHIELD, which appears to elide privacy concerns about sharing data by enabling shared analysis while not actually sharing any individual-level data. We combine presentation of the development of DataSHIELD with presentation of an ethnographic study of a workshop to test the technology. DataSHIELD produced an application of the norm of privacy that was practical, flexible and operationalizable in researchers' everyday activities, and one which fulfilled the requirements of ethics committees. We demonstrated that an analysis run via DataSHIELD could precisely replicate results produced by a standard analysis where all data are physically pooled and analyzed together. In developing DataSHIELD, the ethical concept of privacy was transformed into an issue of security. Development of DataSHIELD was based on social practices as well as scientific and ethical motivations. Therefore, the 'success' of DataSHIELD would, likewise, be dependent on more than just the mathematics and the security of the technology. Copyright © 2012 S. Karger AG, Basel.

Measurement-device-independent quantum digital signatures

NASA Astrophysics Data System (ADS)

Puthoor, Ittoop Vergheese; Amiri, Ryan; Wallden, Petros; Curty, Marcos; Andersson, Erika

2016-08-01

Digital signatures play an important role in software distribution, modern communication, and financial transactions, where it is important to detect forgery and tampering. Signatures are a cryptographic technique for validating the authenticity and integrity of messages, software, or digital documents. The security of currently used classical schemes relies on computational assumptions. Quantum digital signatures (QDS), on the other hand, provide information-theoretic security based on the laws of quantum physics. Recent work on QDS Amiri et al., Phys. Rev. A 93, 032325 (2016);, 10.1103/PhysRevA.93.032325 Yin, Fu, and Zeng-Bing, Phys. Rev. A 93, 032316 (2016), 10.1103/PhysRevA.93.032316 shows that such schemes do not require trusted quantum channels and are unconditionally secure against general coherent attacks. However, in practical QDS, just as in quantum key distribution (QKD), the detectors can be subjected to side-channel attacks, which can make the actual implementations insecure. Motivated by the idea of measurement-device-independent quantum key distribution (MDI-QKD), we present a measurement-device-independent QDS (MDI-QDS) scheme, which is secure against all detector side-channel attacks. Based on the rapid development of practical MDI-QKD, our MDI-QDS protocol could also be experimentally implemented, since it requires a similar experimental setup.

Error function attack of chaos synchronization based encryption schemes.

PubMed

Wang, Xingang; Zhan, Meng; Lai, C-H; Gang, Hu

2004-03-01

Different chaos synchronization based encryption schemes are reviewed and compared from the practical point of view. As an efficient cryptanalysis tool for chaos encryption, a proposal based on the error function attack is presented systematically and used to evaluate system security. We define a quantitative measure (quality factor) of the effective applicability of a chaos encryption scheme, which takes into account the security, the encryption speed, and the robustness against channel noise. A comparison is made of several encryption schemes and it is found that a scheme based on one-way coupled chaotic map lattices performs outstandingly well, as judged from quality factor. Copyright 2004 American Institute of Physics.

Collaborative Access Control For Critical Infrastructures

NASA Astrophysics Data System (ADS)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Is your station secure?

PubMed

Patrick, Richard W

2003-07-01

All department personnel must practice and assure safety and security of stations, vehicles, equipment and related items. Keep vehicle bay doors closed unless the bays are physically occupied by a department member. When responding or leaving the station, ensure, after exiting the bay, that the door is closed. If confronted with questions pertaining to department operations, including SOPs and SOGs, box alarms, response patterns, training times, member rosters/addresses, etc., do not provide the information. Document the incident and immediately report it. Should the inquiry appear extremely unusual in nature, do not hesitate to contact law enforcement. Emergency service personnel should be educated on a periodic basis and remain vigilant at all times.

Measurement-Device-Independent Quantum Cryptography

NASA Astrophysics Data System (ADS)

Tang, Zhiyuan

Quantum key distribution (QKD) enables two legitimate parties to share a secret key even in the presence of an eavesdropper. The unconditional security of QKD is based on the fundamental laws of quantum physics. Original security proofs of QKD are based on a few assumptions, e.g., perfect single photon sources and perfect single-photon detectors. However, practical implementations of QKD systems do not fully comply with such assumptions due to technical limitations. The gap between theory and implementations leads to security loopholes in most QKD systems, and several attacks have been launched on sophisticated QKD systems. Particularly, the detectors have been found to be the most vulnerable part of QKD. Much effort has been put to build side-channel-free QKD systems. Solutions such as security patches and device-independent QKD have been proposed. However, the former are normally ad-hoc, and cannot close unidentified loopholes. The latter, while having the advantages of removing all assumptions on devices, is impractical to implement today. Measurement-device-independent QKD (MDI-QKD) turns out to be a promising solution to the security problem of QKD. In MDI-QKD, all security loopholes, including those yet-to-be discovered, have been removed from the detectors, the most critical part in QKD. In this thesis, we investigate issues related to the practical implementation and security of MDI-QKD. We first present a demonstration of polarization-encoding MDI-QKD. Taking finite key effect into account, we achieve a secret key rate of 0.005 bit per second (bps) over 10 km spooled telecom fiber, and a 1600-bit key is distributed. This work, together with other demonstrations, shows the practicality of MDI-QKD. Next we investigate a critical assumption of MDI-QKD: perfect state preparation. We apply the loss-tolerant QKD protocol and adapt it to MDI-QKD to quantify information leakage due to imperfect state preparation. We then present an experimental demonstration of MDI-QKD over 10 km and 40 km of spooled fiber, which for the first time considers the impact of inaccurate polarization state preparation on the secret key rate. This would not have been possible under previous security proofs, given the same amount of state preparation flaws.

Promoting physical therapists' of research evidence to inform clinical practice: part 1--theoretical foundation, evidence, and description of the PEAK program.

PubMed

Tilson, Julie K; Mickan, Sharon

2014-06-25

There is a need for theoretically grounded and evidence-based interventions that enhance the use of research evidence in physical therapist practice. This paper and its companion paper introduce the Physical therapist-driven Education for Actionable Knowledge translation (PEAK) program, an educational program designed to promote physical therapists' integration of research evidence into clinical decision-making. The pedagogical foundations for the PEAK educational program include Albert Bandura's social cognitive theory and Malcolm Knowles's adult learning theory. Additionally, two complementary frameworks of knowledge translation, the Promoting Action on Research Implementation in Health Services (PARiHS) and Knowledge to Action (KTA) Cycle, were used to inform the organizational elements of the program. Finally, the program design was influenced by evidence from previous attempts to facilitate the use of research in practice at the individual and organizational levels. The 6-month PEAK program consisted of four consecutive and interdependent components. First, leadership support was secured and electronic resources were acquired and distributed to participants. Next, a two-day training workshop consisting of didactic and small group activities was conducted that addressed the five steps of evidence based practice. For five months following the workshop, participants worked in small groups to review and synthesize literature around a group-selected area of common clinical interest. Each group contributed to the generation of a "Best Practices List" - a list of locally generated, evidence-based, actionable behaviors relevant to the groups' clinical practice. Ultimately, participants agreed to implement the Best Practices List in their clinical practice. This, first of two companion papers, describes the underlying pedagogical theories, knowledge translation frameworks, and research evidence used to derive the PEAK program - an educational program designed to promote the use of research evidence to inform physical therapist practice. The four components of the program are described in detail. The companion paper reports the results of a mixed methods feasibility analysis of this complex educational intervention.

The hobbyist phenomenon in physical security.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Michaud, E. C.

Pro-Ams (professional amateurs) are groups of people who work on a problem as amateurs or unpaid persons in a given field at professional levels of competence. Astronomy is a good example of Pro-Am activity. At Galaxy Zoo, Pro-Ams evaluate data generated by professional observatories and are able to evaluate the millions of galaxies that have been observed but not classified, and report their findings at professional levels for fun. To allow the archiving of millions of galaxies that have been observed but not classified, the website has been engineered so that the public can view and classify galaxies even ifmore » they are not professional astronomers. In this endeavor, it has been found that amateurs can easily outperform automated vision systems. Today in the world of physical security, Pro-Ams are playing an ever-increasing role. Traditionally, locksmiths, corporations, and government organizations have been largely responsible for developing standards, uncovering vulnerabilities, and devising best security practices. Increasingly, however, nonprofit sporting organizations and clubs are doing this. They can be found all over the world, from Europe to the US and now South East Asia. Examples include TOOOL (The Open Organization of Lockpickers), the Longhorn Lockpicking Club, Sportsfreunde der Sperrtechnik - Deustcheland e.V., though there are many others. Members of these groups have been getting together weekly to discuss many elements of security, with some groups specializing in specific areas of security. When members are asked why they participate in these hobbyist groups, they usually reply (with gusto) that they do it for fun, and that they view defeating locks and other security devices as an interesting and entertaining puzzle. A lot of what happens at these clubs would not be possible if it weren't for 'Super Abundance', the ability to easily acquire (at little or no cost) the products, security tools, technologies, and intellectual resources traditionally limited to corporations, government organizations, or wealthy individuals. With this new access comes new discoveries. For example, hobbyist sport lockpicking groups discovered - and publicized - a number of new vulnerabilities between 2004 and 2009 that resulted in the majority of high-security lock manufacturers having to make changes and improvements to their products. A decade ago, amateur physical security discoveries were rare, at least those discussed publicly. In the interim, Internet sites such as lockpicking.org, lockpicking101.com and others have provided an online meeting place for people to trade tips, find friends with similar interests, and develop tools. The open, public discussion of software vulnerabilities, in contrast, has been going on for a long time. These two industries, physical security and software, have very different upgrade mechanisms. With software, a patch can typically be deployed quickly to fix a serious vulnerability, whereas a hardware fix for a physical security device or system can take upwards of months to implement in the field, especially if (as is often the case) hardware integrators are involved. Even when responding to publicly announced security vulnerabilities, manufacturers of physical security devices such as locks, intrusion detectors, or access control devices rarely view hobbyists as a positive resource. This is most unfortunate. In the field of software, it is common to speak of Open Source versus Closed Source. An Open Source software company may choose to distribute their software with a particular license, and give it away openly, with full details and all the lines of source code made available. Linux is a very popular example of this. A Close Source company, in contrast, chooses not to reveal its source code and will license its software products in a restrictive manor. Slowly, the idea of Open Source is now coming to the world of physical security. In the case of locks, it provides an alternative to the traditional Closed Source world of locksmiths. Now locks are physical objects, and can therefore be disassembled. As such, they have always been Open Source in a limited sense. Secrecy, in fact, is very difficult to maintain for a lock that is widely distributed. Having direct access to the lock design provides the hobbyist with a very open environment for finding security flaws, even if the lock manufacturer attempts to follow a Close Source model. It is clear that the field of physical security is going the digital route with companies such as Medeco, Mul-T-Lock, and Abloy manufacturing electromechanical locks. Various companies have already begun to add microcontrollers, cryptographic chip sets, solid-state sensors, and a number of other high-tech improvements to their product lineup in an effort to thwart people from defeating their security products.« less

Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

DTIC Science & Technology

2012-03-01

SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD) THESIS...protection in the United States. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD...FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY

Physical and Cross-Layer Security Enhancement and Resource Allocation for Wireless Networks

ERIC Educational Resources Information Center

Bashar, Muhammad Shafi Al

2011-01-01

In this dissertation, we present novel physical (PHY) and cross-layer design guidelines and resource adaptation algorithms to improve the security and user experience in the future wireless networks. Physical and cross-layer wireless security measures can provide stronger overall security with high efficiency and can also provide better…

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

Practical device-independent quantum cryptography via entropy accumulation.

PubMed

Arnon-Friedman, Rotem; Dupuis, Frédéric; Fawzi, Omar; Renner, Renato; Vidick, Thomas

2018-01-31

Device-independent cryptography goes beyond conventional quantum cryptography by providing security that holds independently of the quality of the underlying physical devices. Device-independent protocols are based on the quantum phenomena of non-locality and the violation of Bell inequalities. This high level of security could so far only be established under conditions which are not achievable experimentally. Here we present a property of entropy, termed "entropy accumulation", which asserts that the total amount of entropy of a large system is the sum of its parts. We use this property to prove the security of cryptographic protocols, including device-independent quantum key distribution, while achieving essentially optimal parameters. Recent experimental progress, which enabled loophole-free Bell tests, suggests that the achieved parameters are technologically accessible. Our work hence provides the theoretical groundwork for experimental demonstrations of device-independent cryptography.

Guidelines for computer security in general practice.

PubMed

Schattner, Peter; Pleteshner, Catherine; Bhend, Heinz; Brouns, Johan

2007-01-01

As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template that is also relevant for other countries. Current data on computer security measures was sought from Australian divisions of general practice. Semi-structured interviews were conducted with general practitioners (GPs), the medical software industry, senior managers within government responsible for health IT (information technology) initiatives, technical IT experts, divisions of general practice and a member of a health information consumer group. The respondents were asked to assess both the likelihood and the consequences of potential risks in computer security being breached. The study suggested that the most important computer security issues in general practice were: the need for a nominated IT security coordinator; having written IT policies, including a practice disaster recovery plan; controlling access to different levels of electronic data; doing and testing backups; protecting against viruses and other malicious codes; installing firewalls; undertaking routine maintenance of hardware and software; and securing electronic communication, for example via encryption. This information led to the production of computer security guidelines, including a one-page summary checklist, which were subsequently distributed to all GPs in Australia. This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

Embedding Secure Coding Instruction into the IDE: Complementing Early and Intermediate CS Courses with ESIDE

ERIC Educational Resources Information Center

Whitney, Michael; Lipford, Heather Richter; Chu, Bill; Thomas, Tyler

2018-01-01

Many of the software security vulnerabilities that people face today can be remediated through secure coding practices. A critical step toward the practice of secure coding is ensuring that our computing students are educated on these practices. We argue that secure coding education needs to be included across a computing curriculum. We are…

INVITED PAPER: Low power cryptography

NASA Astrophysics Data System (ADS)

Kitsos, P.; Koufopavlou, O.; Selimis, G.; Sklavos, N.

2005-01-01

Today more and more sensitive data is stored digitally. Bank accounts, medical records and personal emails are some categories that data must keep secure. The science of cryptography tries to encounter the lack of security. Data confidentiality, authentication, non-reputation and data integrity are some of the main parts of cryptography. The evolution of cryptography drove in very complex cryptographic models which they could not be implemented before some years. The use of systems with increasing complexity, which usually are more secure, has as result low throughput rate and more energy consumption. However the evolution of cipher has no practical impact, if it has only theoretical background. Every encryption algorithm should exploit as much as possible the conditions of the specific system without omitting the physical, area and timing limitations. This fact requires new ways in design architectures for secure and reliable crypto systems. A main issue in the design of crypto systems is the reduction of power consumption, especially for portable systems as smart cards.

Improving Mental Health Reporting Practices in Between Personnel Security Investigations

DTIC Science & Technology

2017-06-01

Improving Mental Health Reporting Practices in Between Personnel Security Investigations Stephanie L. Jaros Donna L. Tadle David Ciani Keith B...2017 Improving Mental Health Reporting Practices in Between Personnel Security Investigations Stephanie L. Jaros, Donna L. Tadle, David Ciani, Keith...COVERED: 4. Improving Mental Health Reporting Practices in Between Personnel Security Investigations 5a. CONTRACT NUMBER: 5b. GRANT NUMBER: 5c

12 CFR 208.37 - Government securities sales practices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 2 2010-01-01 2010-01-01 false Government securities sales practices. 208.37... Securities-Related Activities § 208.37 Government securities sales practices. (a) Scope. This subpart is applicable to state member banks that have filed notice as, or are required to file notice as, government...

12 CFR 208.37 - Government securities sales practices.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 12 Banks and Banking 2 2013-01-01 2013-01-01 false Government securities sales practices. 208.37... Securities-Related Activities § 208.37 Government securities sales practices. (a) Scope. This subpart is applicable to state member banks that have filed notice as, or are required to file notice as, government...

Animal house: University risk environments and the regulation of students' alcohol use.

PubMed

Wilkinson, Blair; Ivsins, Andrew

2017-09-01

This article extends the risk environment framework to understand the factors that universities identify as influencing university students' risky drinking behaviours and universities attempts at managing risky alcohol use on their campuses. This article examines data collected as part of qualitative fieldwork on university corporate security services, and others involved in university alcohol policy implementation (e.g., residence services), conducted at five Canadian universities. Interviews (n=56), fieldnotes from 246h of observations of university corporate security personnel, and university policy documents (i.e., codes of student behaviour, residence policies) were analysed to understand the influence of risk environments on high-risk alcohol use. We identify three risk environments on university campuses in relation to the use and regulation of alcohol: the physical, social, and policy environments. Residence buildings and abutting spaces (physical risk environment) and the university "party" culture (social risk environment) are principal contributors to risk within their risk environments. University policies and practices (policy risk environment) attempt to modify these environments in order to manage risky alcohol use. We suggest current approaches to regulating student alcohol use may not be the best approach to preventing harms (e.g., health problems, legal troubles) to students. Given university policies and practices have the potential to shape and influence risky alcohol use and associated harms we argue it is necessary for university administrators to adopt the best practices of "harm reduction" and seek new ways to address on-campus alcohol use. Copyright © 2017 Elsevier B.V. All rights reserved.

What Practices in Airport Security Should the United States Implement at Commercial Airports in Light of the Events of September 11, 2001?

DTIC Science & Technology

2002-06-01

NAVAL POSTGRADUATE SCHOOL Monterey, California THESIS WHAT PRACTICES IN AIRPORT SECURITY SHOULD THE UNITED STATES IMPLEMENT AT...COVERED Master’s Thesis 4. TITLE AND SUBTITLE What Practices in Airport Security Should the United States Implement at Commercial...complacency and conflicts of interest. 14. SUBJECT TERMS Airport Security , Aviation Security Systems, Terrorism, Hijacking

78 FR 10169 - Federal Advisory Committee Act; Communications Security, Reliability, and Interoperability Council

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-13

... Location Accuracy, Network Security Best Practices, DNSSEC Implementation Practices for ISPs, Secure BGP... FEDERAL COMMUNICATIONS COMMISSION Federal Advisory Committee Act; Communications Security... persons that the Federal Communications Commission's (FCC) Communications Security, Reliability, and...

Data-Aware Retrodiction for Asynchronous Harmonic Measurement in a Cyber-Physical Energy System.

PubMed

Liu, Youda; Wang, Xue; Liu, Yanchi; Cui, Sujin

2016-08-18

Cyber-physical energy systems provide a networked solution for safety, reliability and efficiency problems in smart grids. On the demand side, the secure and trustworthy energy supply requires real-time supervising and online power quality assessing. Harmonics measurement is necessary in power quality evaluation. However, under the large-scale distributed metering architecture, harmonic measurement faces the out-of-sequence measurement (OOSM) problem, which is the result of latencies in sensing or the communication process and brings deviations in data fusion. This paper depicts a distributed measurement network for large-scale asynchronous harmonic analysis and exploits a nonlinear autoregressive model with exogenous inputs (NARX) network to reorder the out-of-sequence measuring data. The NARX network gets the characteristics of the electrical harmonics from practical data rather than the kinematic equations. Thus, the data-aware network approximates the behavior of the practical electrical parameter with real-time data and improves the retrodiction accuracy. Theoretical analysis demonstrates that the data-aware method maintains a reasonable consumption of computing resources. Experiments on a practical testbed of a cyber-physical system are implemented, and harmonic measurement and analysis accuracy are adopted to evaluate the measuring mechanism under a distributed metering network. Results demonstrate an improvement of the harmonics analysis precision and validate the asynchronous measuring method in cyber-physical energy systems.

Confidentiality, electronic health records, and the clinician.

PubMed

Graves, Stuart

2013-01-01

The advent of electronic health records (EHRs) to improve access and enable research in the everyday clinical world has simultaneously made medical information much more vulnerable to illicit, non-beneficent uses. This wealth of identified, aggregated data has and will attract attacks by domestic governments for surveillance and protection, foreign governments for espionage and sabotage, organized crime for illegal profits, and large corporations for "legal" profits. Against these powers with almost unlimited resources no security scheme is likely to prevail, so the design of such systems should include appropriate security measures. Unlike paper records, where the person maintaining and controlling the existence of the records also controls access to them, these two functions can be separated for EHRs. By giving physical control over access to individual records to their individual owners, the aggregate is dismantled, thereby protecting the nation's identified health information from large-scale data mining or tampering. Control over the existence and integrity of all the records--yet without the ability to examine their contents--would be left with larger institutions. This article discusses the implications of all of the above for the role of the clinician in assuring confidentiality (a cornerstone of clinical practice), for research and everyday practice, and for current security designs.

Securing and sustaining employment: concerns of HIV patients in Singapore.

PubMed

Tan, Si Ying; Ow Yong, Lai Meng; Foong, Jasmin Yuet Ee; Wong, Nicole Huay Sze; Chew, Li Ling; Koh, Yin Ling

2013-01-01

Employment sustainability is one of the most pressing issues inflicting people living with HIV (PLHIV). A qualitative approach was used to elucidate the perceived challenges in sustaining their employment and the perceived barriers in re-entering the workforce for HIV patients. In-depth interviews were conducted with 16 patients from an acute hospital in Singapore. The main challenges raised in sustaining employment were: (1) ability to ensure secrecy of diagnosis from employers, (2) ability to secure financial resources for treatment and sustenance, (3) ability to ensure stable health to meet job requirements, (4) ability to cognitively sit with the concerns of uncertainty and limitations in career, and (5) ability to work through discriminatory workplace practices. The perceived barriers in gaining workforce re-entry were: (1) fear of pre-employment medical screening and potential discriminatory practices at workplace, (2) concerns over health (frequent hospital admissions, physical weakness, and existing medical co-morbidities), and (3) psychosocial challenges (unstable accommodation, older age, financial issues, and trade skills limitation). The overarching factor that influences the success of sustaining and securing an employment among HIV patients is secrecy of the diagnosis. The individuals' health status, financial status and access to healthcare, and other psychosocial challenges further compound the issue.

Measurement-device-independent quantum cryptography

DOE PAGES

Xu, Feihu; Curty, Marcos; Qi, Bing; ...

2014-12-18

In theory, quantum key distribution (QKD) provides information-theoretic security based on the laws of physics. Owing to the imperfections of real-life implementations, however, there is a big gap between the theory and practice of QKD, which has been recently exploited by several quantum hacking activities. To fill this gap, a novel approach, called measurement-device-independent QKD (mdiQKD), has been proposed. In addition, it can remove all side-channels from the measurement unit, arguably the most vulnerable part in QKD systems, thus offering a clear avenue toward secure QKD realisations. In this study, we review the latest developments in the framework of mdiQKD,more » together with its assumptions, strengths, and weaknesses.« less

Physical-enhanced secure strategy in an OFDM-PON.

PubMed

Zhang, Lijia; Xin, Xiangjun; Liu, Bo; Yu, Jianjun

2012-01-30

The physical layer of optical access network is vulnerable to various attacks. As the dramatic increase of users and network capacity, the issue of physical-layer security becomes more and more important. This paper proposes a physical-enhanced secure strategy for orthogonal frequency division multiplexing passive optical network (OFDM-PON) by employing frequency domain chaos scrambling. The Logistic map is adopted for the chaos mapping. The chaos scrambling strategy can dynamically allocate the scrambling matrices for different OFDM frames according to the initial condition, which enhance the confidentiality of the physical layer. A mathematical model of this secure system is derived firstly, which achieves a secure transmission at physical layer in OFDM-PON. The results from experimental implementation using Logistic mapped chaos scrambling are also given to further demonstrate the efficiency of this secure strategy. An 10.125 Gb/s 64QAM-OFDM data with Logistic mapped chaos scrambling are successfully transmitted over 25-km single mode fiber (SMF), and the experimental results show that proposed security scheme can protect the system from eavesdropper and attacker, while keep a good performance for the legal ONU.

78 FR 79017 - Zion Solutions, LLC; Zion Nuclear Power Station, Units 1 and 2; Exemption From Certain Physical...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-27

...; Zion Nuclear Power Station, Units 1 and 2; Exemption From Certain Physical Security Requirements 1.0... the ZNPS Physical Security Plan (PSP) for the protection of the nuclear material while in transit to... the new physical security requirements in 10 CFR 73.55. The December 2, 2010, letter included...

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

Laboratory security and emergency response guidance for laboratories working with select agents. Centers for Disease Control and Prevention.

PubMed

Richmond, Jonathan Y; Nesby-O'Dell, Shanna L

2002-12-06

In recent years, concern has increased regarding use of biologic materials as agents of terrorism, but these same agents are often necessary tools in clinical and research microbiology laboratories. Traditional biosafety guidelines for laboratories have emphasized use of optimal work practices, appropriate containment equipment, well-designed facilities, and administrative controls to minimize risk of worker injury and to ensure safeguards against laboratory contamination. The guidelines discussed in this report were first published in 1999 (U.S. Department of Health and Human Services/CDC and National Institutes of Health. Biosafety in microbiological and biomedical laboratories [BMBL]. Richmond JY, McKinney RW, eds. 4th ed. Washington, DC: US Department of Health and Human Services, 1999 [Appendix F]). In that report, physical security concerns were addressed, and efforts were focused on preventing unauthorized entry to laboratory areas and preventing unauthorized removal of dangerous biologic agents from the laboratory. Appendix F of BMBL is now being revised to include additional information regarding personnel risk assessments, and inventory controls. The guidelines contained in this report are intended for laboratories working with select agents under biosafety-level 2, 3, or 4 conditions as described in Sections II and III of BMBL. These recommendations include conducting facility risk assessments and developing comprehensive security plans to minimize the probability of misuse of select agents. Risk assessments should include systematic, site-specific reviews of 1) physical security; 2) security of data and electronic technology systems; 3) employee security; 4) access controls to laboratory and animal areas; 5) procedures for agent inventory and accountability; 6) shipping/transfer and receiving of select agents; 7) unintentional incident and injury policies; 8) emergency response plans; and 9) policies that address breaches in security. The security plan should be an integral part of daily operations. All employees should be well-trained and equipped, and the plan should be reviewed annually, at least.

Knowledge of practice: A multi-sited event ethnography of border security fairs in Europe and North America.

PubMed

Baird, Theodore

2017-06-01

This article takes the reader inside four border security fairs in Europe and North America to examine the knowledge practices of border security professionals. Building on the border security as practice research agenda, the analysis focuses on the production, circulation, and consumption of scarce forms of knowledge. To explore situated knowledge of border security practices, I develop an approach to multi-sited event ethnography to observe and interpret knowledge that may be hard to access at the security fairs. The analysis focuses on mechanisms for disseminating and distributing scarce forms of knowledge, technological materializations of situated knowledge, expressions of transversal knowledge of security problems, how masculinities structure knowledge in gendered ways, and how unease is expressed through imagined futures in order to anticipate emergent solutions to proposed security problems. The article concludes by reflecting on the contradictions at play at fairs and how to address such contradictions through alternative knowledges and practices.

Knowledge of practice: A multi-sited event ethnography of border security fairs in Europe and North America

PubMed Central

Baird, Theodore

2017-01-01

This article takes the reader inside four border security fairs in Europe and North America to examine the knowledge practices of border security professionals. Building on the border security as practice research agenda, the analysis focuses on the production, circulation, and consumption of scarce forms of knowledge. To explore situated knowledge of border security practices, I develop an approach to multi-sited event ethnography to observe and interpret knowledge that may be hard to access at the security fairs. The analysis focuses on mechanisms for disseminating and distributing scarce forms of knowledge, technological materializations of situated knowledge, expressions of transversal knowledge of security problems, how masculinities structure knowledge in gendered ways, and how unease is expressed through imagined futures in order to anticipate emergent solutions to proposed security problems. The article concludes by reflecting on the contradictions at play at fairs and how to address such contradictions through alternative knowledges and practices. PMID:29046601

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

32 CFR 322.4 - Responsibilities.

Code of Federal Regulations, 2011 CFR

2011-07-01

... physical security requirements for the protection of personal information and ensure that such requirements... NATIONAL SECURITY AGENCY/CENTRAL SECURITY SERVICES PRIVACY ACT PROGRAM § 322.4 Responsibilities. (a) The... Associate Director for Human Resources Services or designee shall: (1) Establish the physical security...

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security background checks for secure transfer of nuclear materials. 73.28 Section 73.28 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PHYSICAL PROTECTION OF PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security...

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Security background checks for secure transfer of nuclear materials. 73.28 Section 73.28 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PHYSICAL PROTECTION OF PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security...

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Security background checks for secure transfer of nuclear materials. 73.28 Section 73.28 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PHYSICAL PROTECTION OF PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security...

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Security background checks for secure transfer of nuclear materials. 73.28 Section 73.28 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PHYSICAL PROTECTION OF PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security...

10 CFR 73.28 - Security background checks for secure transfer of nuclear materials.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Security background checks for secure transfer of nuclear materials. 73.28 Section 73.28 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) PHYSICAL PROTECTION OF PLANTS AND MATERIALS Physical Protection of Special Nuclear Material in Transit § 73.28 Security...

MODELING AND PERFORMANCE EVALUATION FOR AVIATION SECURITY CARGO INSPECTION QUEUING SYSTEM

DOE Office of Scientific and Technical Information (OSTI.GOV)

Allgood, Glenn O; Olama, Mohammed M; Rose, Terri A

Beginning in 2010, the U.S. will require that all cargo loaded in passenger aircraft be inspected. This will require more efficient processing of cargo and will have a significant impact on the inspection protocols and business practices of government agencies and the airlines. In this paper, we conduct performance evaluation study for an aviation security cargo inspection queuing system for material flow and accountability. The overall performance of the aviation security cargo inspection system is computed, analyzed, and optimized for the different system dynamics. Various performance measures are considered such as system capacity, residual capacity, and throughput. These metrics aremore » performance indicators of the system s ability to service current needs and response capacity to additional requests. The increased physical understanding resulting from execution of the queuing model utilizing these vetted performance measures will reduce the overall cost and shipping delays associated with the new inspection requirements.« less

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

32 CFR 700.826 - Physical security.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 32 National Defense 5 2014-07-01 2014-07-01 false Physical security. 700.826 Section 700.826 National Defense Department of Defense (Continued) DEPARTMENT OF THE NAVY UNITED STATES NAVY REGULATIONS... Commanding Officers in General § 700.826 Physical security. (a) The commanding officer shall take appropriate...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

32 CFR 700.826 - Physical security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 32 National Defense 5 2013-07-01 2013-07-01 false Physical security. 700.826 Section 700.826 National Defense Department of Defense (Continued) DEPARTMENT OF THE NAVY UNITED STATES NAVY REGULATIONS... Commanding Officers in General § 700.826 Physical security. (a) The commanding officer shall take appropriate...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

32 CFR 700.826 - Physical security.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 32 National Defense 5 2010-07-01 2010-07-01 false Physical security. 700.826 Section 700.826 National Defense Department of Defense (Continued) DEPARTMENT OF THE NAVY UNITED STATES NAVY REGULATIONS... Commanding Officers in General § 700.826 Physical security. (a) The commanding officer shall take appropriate...

32 CFR 700.826 - Physical security.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 32 National Defense 5 2011-07-01 2011-07-01 false Physical security. 700.826 Section 700.826 National Defense Department of Defense (Continued) DEPARTMENT OF THE NAVY UNITED STATES NAVY REGULATIONS... Commanding Officers in General § 700.826 Physical security. (a) The commanding officer shall take appropriate...

32 CFR 700.826 - Physical security.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 32 National Defense 5 2012-07-01 2012-07-01 false Physical security. 700.826 Section 700.826 National Defense Department of Defense (Continued) DEPARTMENT OF THE NAVY UNITED STATES NAVY REGULATIONS... Commanding Officers in General § 700.826 Physical security. (a) The commanding officer shall take appropriate...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

Security breaches: tips for assessing and limiting your risks.

PubMed

Coons, Leeanne R

2011-01-01

As part of their compliance planning, medical practices should undergo a risk assessment to determine any vulnerability within the practice relative to security breaches. Practices should also implement safeguards to limit their risks. Such safeguards include facility access controls, information and electronic media management, use of business associate agreements, and education and enforcement. Implementation of specific policies and procedures to address security incidents is another critical step that medical practices should take as part of their security incident prevention plan. Medical practices should not only develop policies and procedures to prevent, detect, contain, and correct security violations, but should make sure that such policies and procedures are actually implemented in their everyday operations.

Cyber / Physical Security Vulnerability Assessment Integration

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Simpkins, Bret E.

Abstract Both physical protection and cyber security domains offer solutions for the discovery of vulnerabilities through the use of various assessment processes and software tools. Each vulnerability assessment (VA) methodology provides the ability to identify and categorize vulnerabilities, and quantifies the risks within their own areas of expertise. Neither approach fully represents the true potential security risk to a site and/or a facility, nor comprehensively assesses the overall security posture. The technical approach to solving this problem was to identify methodologies and processes that blend the physical and cyber security assessments, and develop tools to accurately quantify the unaccounted formore » risk. SMEs from both the physical and the cyber security domains developed the blending methodologies, and cross trained each other on the various aspects of the physical and cyber security assessment processes. A local critical infrastructure entity volunteered to host a proof of concept physical/cyber security assessment, and the lessons learned have been leveraged by this effort. The four potential modes of attack an adversary can use in approaching a target are; Physical Only Attack, Cyber Only Attack, Physical Enabled Cyber Attack, and the Cyber Enabled Physical Attack. The Physical Only and the Cyber Only pathway analysis are two of the most widely analyzed attack modes. The pathway from an off-site location to the desired target location is dissected to ensure adversarial activity can be detected and neutralized by the protection strategy, prior to completion of a predefined task. This methodology typically explores a one way attack from the public space (or common area) inward towards the target. The Physical Enabled Cyber Attack and the Cyber Enabled Physical Attack are much more intricate. Both scenarios involve beginning in one domain to affect change in the other, then backing outward to take advantage of the reduced system effectiveness, before penetrating further into the defenses. The proper identification and assessment of the overlapping areas (and interaction between these areas) in the VA process is necessary to accurately assess the true risk.« less

Correlation Research of Medical Security Management System Network Platform in Medical Practice

NASA Astrophysics Data System (ADS)

Jie, Wang; Fan, Zhang; Jian, Hao; Li-nong, Yu; Jun, Fei; Ping, Hao; Ya-wei, Shen; Yue-jin, Chang

Objective-The related research of medical security management system network in medical practice. Methods-Establishing network platform of medical safety management system, medical security network host station, medical security management system(C/S), medical security management system of departments and sections, comprehensive query, medical security disposal and examination system. Results-In medical safety management, medical security management system can reflect the hospital medical security problem, and can achieve real-time detection and improve the medical security incident detection rate. Conclusion-The application of the research in the hospital management implementation, can find hospital medical security hidden danger and the problems of medical disputes, and can help in resolving medical disputes in time and achieve good work efficiency, which is worth applying in the hospital practice.

Physical aggressive resident behavior during hygienic care.

PubMed

Farrell Miller, M

1997-05-01

Management of aggressive behavior has been identified as a concern for nursing staff who provide institutional care for cognitively impaired elderly. The Omnibus Reconciliation Act (OBRA '87) mandates a trial reduction in the use of chemical and physical restraints, and the development of nursing interventions for the management of behavioral disorders of institutionalized cognitively impaired elderly. Most skilled nursing facilities, however, are limited in their ability to provide environmental and behavioral programs to manage aggressive patient behavior. For the purposes of this study, physically aggressive behavior was identified as threatened or actual aggressive patient contact which has taken place between a patient and a member of the nursing staff. This study explored the nursing staff's responses to patient physical aggression and the effects that physical aggression had on them and on nursing practice from the perspective of the nursing staff. Nursing staff employed on one Dementia Special Care Unit (DSCU) were invited to participate. Interviews with nursing staff were analyzed using qualitative descriptive methods described by Miles and Huberman (1994). Nursing staff reported that they were subjected to aggressive patient behaviors ranging from verbal threats to actual physical violence. Nursing staff reported that showering a resident was the activity of daily living most likely to provoke patient to staff physical aggression. The findings revealed geropsychiatric nursing practices for the management of physically aggressive residents, and offered recommendations for improving the safety of nursing staff and residents on a secured DSCU.

An Axiology of Information Security for Futuristic Neuroprostheses: Upholding Human Values in the Context of Technological Posthumanization

PubMed Central

Gladden, Matthew E.

2017-01-01

Previous works exploring the challenges of ensuring information security for neuroprosthetic devices and their users have typically built on the traditional InfoSec concept of the “CIA Triad” of confidentiality, integrity, and availability. However, we argue that the CIA Triad provides an increasingly inadequate foundation for envisioning information security for neuroprostheses, insofar as it presumes that (1) any computational systems to be secured are merely instruments for expressing their human users' agency, and (2) computing devices are conceptually and practically separable from their users. Drawing on contemporary philosophy of technology and philosophical and critical posthumanist analysis, we contend that futuristic neuroprostheses could conceivably violate these basic InfoSec presumptions, insofar as (1) they may alter or supplant their users' biological agency rather than simply supporting it, and (2) they may structurally and functionally fuse with their users to create qualitatively novel “posthumanized” human-machine systems that cannot be secured as though they were conventional computing devices. Simultaneously, it is noted that many of the goals that have been proposed for future neuroprostheses by InfoSec researchers (e.g., relating to aesthetics, human dignity, authenticity, free will, and cultural sensitivity) fall outside the scope of InfoSec as it has historically been understood and touch on a wide range of ethical, aesthetic, physical, metaphysical, psychological, economic, and social values. We suggest that the field of axiology can provide useful frameworks for more effectively identifying, analyzing, and prioritizing such diverse types of values and goods that can (and should) be pursued through InfoSec practices for futuristic neuroprostheses. PMID:29163010

An Axiology of Information Security for Futuristic Neuroprostheses: Upholding Human Values in the Context of Technological Posthumanization.

PubMed

Gladden, Matthew E

2017-01-01

Previous works exploring the challenges of ensuring information security for neuroprosthetic devices and their users have typically built on the traditional InfoSec concept of the "CIA Triad" of confidentiality, integrity, and availability. However, we argue that the CIA Triad provides an increasingly inadequate foundation for envisioning information security for neuroprostheses, insofar as it presumes that (1) any computational systems to be secured are merely instruments for expressing their human users' agency, and (2) computing devices are conceptually and practically separable from their users. Drawing on contemporary philosophy of technology and philosophical and critical posthumanist analysis, we contend that futuristic neuroprostheses could conceivably violate these basic InfoSec presumptions, insofar as (1) they may alter or supplant their users' biological agency rather than simply supporting it, and (2) they may structurally and functionally fuse with their users to create qualitatively novel "posthumanized" human-machine systems that cannot be secured as though they were conventional computing devices. Simultaneously, it is noted that many of the goals that have been proposed for future neuroprostheses by InfoSec researchers (e.g., relating to aesthetics, human dignity, authenticity, free will, and cultural sensitivity) fall outside the scope of InfoSec as it has historically been understood and touch on a wide range of ethical, aesthetic, physical, metaphysical, psychological, economic, and social values. We suggest that the field of axiology can provide useful frameworks for more effectively identifying, analyzing, and prioritizing such diverse types of values and goods that can (and should) be pursued through InfoSec practices for futuristic neuroprostheses.

Promoting physical therapists’ of research evidence to inform clinical practice: part 1 - theoretical foundation, evidence, and description of the PEAK program

PubMed Central

2014-01-01

Background There is a need for theoretically grounded and evidence-based interventions that enhance the use of research evidence in physical therapist practice. This paper and its companion paper introduce the Physical therapist-driven Education for Actionable Knowledge translation (PEAK) program, an educational program designed to promote physical therapists’ integration of research evidence into clinical decision-making. The pedagogical foundations for the PEAK educational program include Albert Bandura’s social cognitive theory and Malcolm Knowles’s adult learning theory. Additionally, two complementary frameworks of knowledge translation, the Promoting Action on Research Implementation in Health Services (PARiHS) and Knowledge to Action (KTA) Cycle, were used to inform the organizational elements of the program. Finally, the program design was influenced by evidence from previous attempts to facilitate the use of research in practice at the individual and organizational levels. Discussion The 6-month PEAK program consisted of four consecutive and interdependent components. First, leadership support was secured and electronic resources were acquired and distributed to participants. Next, a two-day training workshop consisting of didactic and small group activities was conducted that addressed the five steps of evidence based practice. For five months following the workshop, participants worked in small groups to review and synthesize literature around a group-selected area of common clinical interest. Each group contributed to the generation of a “Best Practices List” - a list of locally generated, evidence-based, actionable behaviors relevant to the groups’ clinical practice. Ultimately, participants agreed to implement the Best Practices List in their clinical practice. Summary This, first of two companion papers, describes the underlying pedagogical theories, knowledge translation frameworks, and research evidence used to derive the PEAK program – an educational program designed to promote the use of research evidence to inform physical therapist practice. The four components of the program are described in detail. The companion paper reports the results of a mixed methods feasibility analysis of this complex educational intervention. PMID:24965501

Interpreting international governance standards for health IT use within general medical practice.

PubMed

Mahncke, Rachel J; Williams, Patricia A H

2014-01-01

General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

Research-based resources on PhysPort

NASA Astrophysics Data System (ADS)

Sayre, Eleanor

2017-01-01

PhysPort (http://physport.org) is a website that supports physics faculty in implementing research-based teaching practices in their classrooms. We provide expert recommendations and practical information about teaching methods and assessment. The PhysPort Data Explorer is an intuitive online tool for physics faculty to analyze their assessment data. Faculty upload their students' responses using our secure interface. The Data Explorer matches their pre/post data, scores it, compares it to national data, and graphs it in an interactive and intuitive manner. The Periscope collection on Physport brings together classroom video of students working groups with professional development materials for faculty, pre-service teachers, and learning assistants. To support PhysPort's development efforts, we conduct research on faculty needs around teaching and assessment, secondary analysis of published PER studies, and primary analysis of assessment data. In this talk, I'll introduce some of PhysPort's research-based resources and the research results which support them.

An overview of health and safety in the Colorado cannabis industry.

PubMed

Walters, Kevin M; Fisher, Gwenith G; Tenney, Liliana

2018-06-01

Understanding worker health and safety in the rapidly growing legal U.S. cannabis industry is important. Although little published research exists, workers may be exposed to biological, chemical, and physical hazards. This study investigated the Colorado cannabis industry workforce and both physical and psychosocial hazards to worker health and safety. Two hundred and fourteen Colorado cannabis workers completed an online survey after in-person and online recruitment. Participants answered questions about their occupation, job tasks, general well-being, occupational health and safety, cannabis use, and tobacco use. Colorado cannabis workers were generally job secure and valued safety. However, they regularly consumed cannabis, expressed low concerns about workplace hazards, reported some occupational injuries and exposures, and reported inconsistent training practices. Working in the cannabis industry is associated with positive outcomes for workers and their organizations, but there is an imminent need to establish formal health and safety training to implement best practices. © 2018 Wiley Periodicals, Inc.

Randomness determines practical security of BB84 quantum key distribution.

PubMed

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-11-10

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

Randomness determines practical security of BB84 quantum key distribution

PubMed Central

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-01-01

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system. PMID:26552359

Randomness determines practical security of BB84 quantum key distribution

NASA Astrophysics Data System (ADS)

Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

2015-11-01

Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

The Design Process of Physical Security as Applied to a U.S. Border Port of Entry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wagner, G.G.

1999-02-22

This paper details the application of a standard physical security system design process to a US Border Port of Entry (PoE) for vehicle entry/exit. The physical security design methodology is described as well as the physical security similarities to facilities currently at a US Border PoE for vehicles. The physical security design process description includes the various elements that make up the methodologies well as the considerations that must be taken into account when dealing with system integration of those elements. The distinctions between preventing unlawful entry/exit of illegal contraband and personnel are described. The potential to enhance the functionsmore » of drug/contraband detection in the Pre-Primary Inspection area through the application of emerging technologies are also addressed.« less

Physical security and IT convergence: Managing the cyber-related risks.

PubMed

McCreight, Tim; Leece, Doug

The convergence of physical security devices into the corporate network is increasing, due to the perceived economic benefits and efficiencies gained from using one enterprise network. Bringing these two networks together is not without risk. Physical devices like closed circuit television cameras (CCTV), card access readers, and heating, ventilation and air conditioning controllers (HVAC) are typically not secured to the standards we expect for corporate computer networks. These devices can pose significant risks to the corporate network by creating new avenues to exploit vulnerabilities in less-than-secure implementations of physical systems. The ASIS Information Technology Security Council (ITSC) developed a white paper describing steps organisations can take to reduce the risks this convergence can pose, and presented these concepts at the 2015 ASIS/ISC2 Congress in Anaheim, California. 1 This paper expands upon the six characteristics described by ITSC, and provides business continuity planners with information on how to apply these recommendations to physical security devices that use the corporate network.

Report: Information Security Series: Security Practices Comprehensive Environmental Response, Compensation, and Liability Information System

EPA Pesticide Factsheets

Report #2006-P-00019, March 28, 2006. OSWER’s implemented practices to ensure production servers were being monitored for known vulnerabilities and personnel with significant security responsibility completed the Agency’s recommended security training.

Is the dentist an entrepreneur? Yes and no.

PubMed

Levin, Roger

2004-12-01

Although dentists may have an entrepreneurial spirit, they are not true entrepreneurs. Simply by selecting dentistry as a profession, dentists have engaged in a business that has a high level of success and limited growth potential. By limited growth potential, I do not mean to imply that practices cannot be successful and create excellent lifestyles for dentists. As stated above, they will be limited in growth by the physical capacity of the dentist, the team and the facilities. There is a great deal of security in dental practice if basic management principles are followed and business systems are put in place. In my next column, I will continue to explore the similarities and differences between entrepreneurs and dentists, and how a dentist can take a practice through the multiple stages necessary to achieve the highest levels of dental practice success.

Rotting from Within: American Education and National Security

DTIC Science & Technology

2011-03-04

Service, Training, Obesity, Health, Physical Fitness, Economic, Security, Training Education, High School, Pre-School, Teachers, Leaders, Military...Accessions, Citizenship, Quality, Selfless Service, Training, Obesity, Health, Physical Fitness, Economic, Security, Training Education, High School...subject areas 4 such as the arts and physical fitness. This emphasis on core-courses was mostly adhered to by America‘s diverse school systems

Data-Aware Retrodiction for Asynchronous Harmonic Measurement in a Cyber-Physical Energy System

PubMed Central

Liu, Youda; Wang, Xue; Liu, Yanchi; Cui, Sujin

2016-01-01

Cyber-physical energy systems provide a networked solution for safety, reliability and efficiency problems in smart grids. On the demand side, the secure and trustworthy energy supply requires real-time supervising and online power quality assessing. Harmonics measurement is necessary in power quality evaluation. However, under the large-scale distributed metering architecture, harmonic measurement faces the out-of-sequence measurement (OOSM) problem, which is the result of latencies in sensing or the communication process and brings deviations in data fusion. This paper depicts a distributed measurement network for large-scale asynchronous harmonic analysis and exploits a nonlinear autoregressive model with exogenous inputs (NARX) network to reorder the out-of-sequence measuring data. The NARX network gets the characteristics of the electrical harmonics from practical data rather than the kinematic equations. Thus, the data-aware network approximates the behavior of the practical electrical parameter with real-time data and improves the retrodiction accuracy. Theoretical analysis demonstrates that the data-aware method maintains a reasonable consumption of computing resources. Experiments on a practical testbed of a cyber-physical system are implemented, and harmonic measurement and analysis accuracy are adopted to evaluate the measuring mechanism under a distributed metering network. Results demonstrate an improvement of the harmonics analysis precision and validate the asynchronous measuring method in cyber-physical energy systems. PMID:27548171

45 CFR 1182.15 - Institute responsibility for maintaining adequate technical, physical, and security safeguards to...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... data and automated systems shall be adequately trained in the security and privacy of personal data. (4... technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of manual and...

45 CFR 2508.10 - Who has the responsibility for maintaining adequate technical, physical, and security safeguards...

Code of Federal Regulations, 2010 CFR

2010-10-01

... record systems. These security safeguards shall apply to all systems in which identifiable personal data... the security and privacy of such records. (7) The disposal and destruction of records within a system... adequate technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of...

45 CFR 1159.15 - Who has the responsibility for maintaining adequate technical, physical, and security safeguards...

Code of Federal Regulations, 2010 CFR

2010-10-01

... disclosure or destruction of manual and automatic record systems. These security safeguards shall apply to... use of records contained in a system of records are adequately trained to protect the security and... adequate technical, physical, and security safeguards to prevent unauthorized disclosure or destruction of...

17 CFR 240.31 - Section 31 transaction fees.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of a security future settled by physical delivery) or covered round turn transaction that a covered... resulting from the maturation of a security future settled by physical delivery; and (iv) The trade date.... (6) Covered sale means a sale of a security, other than an exempt sale or a sale of a security future...

78 FR 15722 - Federal Advisory Committee Act; Communications Security, Reliability, and Interoperability Council

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... Alerting, E9-1-1 Location Accuracy, Network Security Best Practices, DNSSEC Implementation Practices for... FEDERAL COMMUNICATIONS COMMISSION Federal Advisory Committee Act; Communications Security... Security, Reliability, and Interoperability Council (CSRIC) meeting that was scheduled for March 6, 2013 is...

Sensor Authentication in Collaborating Sensor Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bielefeldt, Jake Uriah

2014-11-01

In this thesis, we address a new security problem in the realm of collaborating sensor networks. By collaborating sensor networks, we refer to the networks of sensor networks collaborating on a mission, with each sensor network is independently owned and operated by separate entities. Such networks are practical where a number of independent entities can deploy their own sensor networks in multi-national, commercial, and environmental scenarios, and some of these networks will integrate complementary functionalities for a mission. In the scenario, we address an authentication problem wherein the goal is for the Operator O i of Sensor Network S imore » to correctly determine the number of active sensors in Network Si. Such a problem is challenging in collaborating sensor networks where other sensor networks, despite showing an intent to collaborate, may not be completely trustworthy and could compromise the authentication process. We propose two authentication protocols to address this problem. Our protocols rely on Physically Unclonable Functions, which are a hardware based authentication primitive exploiting inherent randomness in circuit fabrication. Our protocols are light-weight, energy efficient, and highly secure against a number of attacks. To the best of our knowledge, ours is the first to addresses a practical security problem in collaborating sensor networks.« less

Security Personnel Practices and Policies in U.S. Hospitals: Findings From a National Survey.

PubMed

Schoenfisch, Ashley L; Pompeii, Lisa A

2016-06-27

Concerns of violence in hospitals warrant examination of current hospital security practices. Cross-sectional survey data were collected from members of a health care security and safety association to examine the type of personnel serving as security in hospitals, their policies and practices related to training and weapon/restraint tool carrying/use, and the broader context in which security personnel work to maintain staff and patient safety, with an emphasis on workplace violence prevention and mitigation. Data pertaining to 340 hospitals suggest security personnel were typically non-sworn officers directly employed (72%) by hospitals. Available tools included handcuffs (96%), batons (56%), oleoresin capsicum products (e.g., pepper spray; 52%), hand guns (52%), conducted electrical weapons (e.g., TASERs®; 47%), and K9 units (12%). Current workplace violence prevention policy components, as well as recommendations to improve hospital security practices, aligned with Occupational Safety and Health Administration guidelines. Comprehensive efforts to address the safety and effectiveness of hospital security personnel should consider security personnel's relationships with other hospital work groups and hospitals' focus on patients' safety and satisfaction. © 2016 The Author(s).

Study on perception and control layer of mine CPS with mixed logic dynamic approach

NASA Astrophysics Data System (ADS)

Li, Jingzhao; Ren, Ping; Yang, Dayu

2017-01-01

Mine inclined roadway transportation system of mine cyber physical system is a hybrid system consisting of a continuous-time system and a discrete-time system, which can be divided into inclined roadway signal subsystem, error-proofing channel subsystems, anti-car subsystems, and frequency control subsystems. First, to ensure stable operation, improve efficiency and production safety, this hybrid system model with n inputs and m outputs is constructed and analyzed in detail, then its steady schedule state to be solved. Second, on the basis of the formal modeling for real-time systems, we use hybrid toolbox for system security verification. Third, the practical application of mine cyber physical system shows that the method for real-time simulation of mine cyber physical system is effective.

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation.

PubMed

Bernik, Igor; Prislan, Kaja

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model-ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it's recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes.

MO-F-204-00: Preparing for the ABR Diagnostic and Nuclear Medical Physics Exams

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance of allmore » aspects of clinical medical physics. All parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those unique aspects of the nuclear exam, and how preparing for a second specialty differs from the first. Medical physicists who recently completed each ABR exam portion will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

MO-F-204-02: Preparing for Part 2 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

Szczykutowicz, T.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance of allmore » aspects of clinical medical physics. All parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those unique aspects of the nuclear exam, and how preparing for a second specialty differs from the first. Medical physicists who recently completed each ABR exam portion will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

MO-F-204-03: Preparing for Part 3 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zambelli, J.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance of allmore » aspects of clinical medical physics. All parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those unique aspects of the nuclear exam, and how preparing for a second specialty differs from the first. Medical physicists who recently completed each ABR exam portion will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

MO-F-204-01: Preparing for Part 1 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

McKenney, S.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance of allmore » aspects of clinical medical physics. All parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those unique aspects of the nuclear exam, and how preparing for a second specialty differs from the first. Medical physicists who recently completed each ABR exam portion will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

MO-F-204-04: Preparing for Parts 2 & 3 of the ABR Nuclear Medicine Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDougall, R.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance of allmore » aspects of clinical medical physics. All parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those unique aspects of the nuclear exam, and how preparing for a second specialty differs from the first. Medical physicists who recently completed each ABR exam portion will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

WE-D-213-04: Preparing for Parts 2 & 3 of the ABR Nuclear Medicine Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDougall, R.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR professional certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance ofmore » all aspects of clinical medical physics. All three parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation and skill sets necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those aspects that are unique to the nuclear exam. Medical physicists who have recently completed each of part of the ABR exam will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to Prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to Prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

WE-D-213-00: Preparing for the ABR Diagnostic and Nuclear Medicine Physics Exams

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR professional certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance ofmore » all aspects of clinical medical physics. All three parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation and skill sets necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those aspects that are unique to the nuclear exam. Medical physicists who have recently completed each of part of the ABR exam will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to Prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to Prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

WE-D-213-01: Preparing for Part 1 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

Simiele, S.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR professional certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance ofmore » all aspects of clinical medical physics. All three parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation and skill sets necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those aspects that are unique to the nuclear exam. Medical physicists who have recently completed each of part of the ABR exam will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to Prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to Prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

WE-D-213-03: Preparing for Part 3 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bevins, N.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR professional certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance ofmore » all aspects of clinical medical physics. All three parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation and skill sets necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those aspects that are unique to the nuclear exam. Medical physicists who have recently completed each of part of the ABR exam will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to Prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to Prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

WE-D-213-02: Preparing for Part 2 of the ABR Diagnostic Physics Exam

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zambelli, J.

Adequate, efficient preparation for the ABR Diagnostic and Nuclear Medical Physics exams is key to successfully obtain ABR professional certification. Each part of the ABR exam presents its own challenges: Part I: Determine the scope of basic medical physics study material, efficiently review this material, and solve related written questions/problems. Part II: Understand imaging principles, modalities, and systems, including image acquisition, processing, and display. Understand the relationship between imaging techniques, image quality, patient dose and safety, and solve related written questions/problems. Part III: Gain crucial, practical, clinical medical physics experience. Effectively communicate and explain the practice, performance, and significance ofmore » all aspects of clinical medical physics. All three parts of the ABR exam require specific skill sets and preparation: mastery of basic physics and imaging principles; written problem solving often involving rapid calculation; responding clearly and succinctly to oral questions about the practice, methods, and significance of clinical medical physics. This symposium focuses on the preparation and skill sets necessary for each part of the ABR exam. Although there is some overlap, the nuclear exam covers a different body of knowledge than the diagnostic exam. A separate speaker will address those aspects that are unique to the nuclear exam. Medical physicists who have recently completed each of part of the ABR exam will share their experiences, insights, and preparation methods to help attendees best prepare for the challenges of each part of the ABR exam. In accordance with ABR exam security policy, no recalls or exam questions will be discussed. Learning Objectives: How to prepare for Part 1 of the ABR exam by determining the scope of basic medical physics study material and related problem solving/calculations How to Prepare for Part 2 of the ABR exam by understanding diagnostic and/or nuclear imaging physics, systems, dosimetry, safety and related problem solving/calculations How to Prepare for Part 3 of the ABR exam by effectively communicating the practice, methods, and significance of clinical diagnostic and/or nuclear medical physics.« less

Physician office readiness for managing Internet security threats.

PubMed

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks.Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done.

Physician Office Readiness for Managing Internet Security Threats

PubMed Central

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks. Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done. PMID:17238600

The Design Process of Physical Security as Applied to a U.S. Border Point of Entry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wagner, G.G.

1998-10-26

This paper describes the design process of physical security as applied to a U.S. Border Port of Entry (PoE). Included in this paper are descriptions of the elements that compose U.S. border security. The physical security design will describe the various elements that make up the process as well as the considerations that must be taken into account when dealing with system integration of those elements. The distinctions between preventing unlawful entry and exit of illegal contraband will be emphasized.

Potential uses of a wireless network in physical security systems.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Witzke, Edward L.

2010-07-01

Many possible applications requiring or benefiting from a wireless network are available for bolstering physical security and awareness at high security installations or facilities. These enhancements are not always straightforward and may require careful analysis, selection, tuning, and implementation of wireless technologies. In this paper, an introduction to wireless networks and the task of enhancing physical security is first given. Next, numerous applications of a wireless network are brought forth. The technical issues that arise when using a wireless network to support these applications are then discussed. Finally, a summary is presented.

Association between household food security and infant feeding practices in urban informal settlements in Nairobi, Kenya.

PubMed

Macharia, T N; Ochola, S; Mutua, M K; Kimani-Murage, E W

2018-02-01

Studies in urban informal settlements show widespread inappropriate infant and young child feeding (IYCF) practices and high rates of food insecurity. This study assessed the association between household food security and IYCF practices in two urban informal settlements in Nairobi, Kenya. The study adopted a longitudinal design that involved a census sample of 1110 children less than 12 months of age and their mothers aged between 12 and 49 years. A questionnaire was used to collect information on: IYCF practices and household food security. Logistic regression was used to determine the association between food insecurity and IYFC practices. The findings showed high household food insecurity; only 19.5% of the households were food secure based on Household Insecurity Access Score. Infant feeding practices were inappropriate: 76% attained minimum meal frequency; 41% of the children attained a minimum dietary diversity; and 27% attained minimum acceptable diet. With the exception of the minimum meal frequency, infants living in food secure households were significantly more likely to achieve appropriate infant feeding practices than those in food insecure households: minimum meal frequency (adjusted odds ratio (AOR)=1.26, P=0.530); minimum dietary diversity (AOR=1.84, P=0.046) and minimum acceptable diet (AOR=2.35, P=0.008). The study adds to the existing body of knowledge by demonstrating an association between household food security and infant feeding practices in low-income settings. The findings imply that interventions aimed at improving infant feeding practices and ultimately nutritional status need to also focus on improving household food security.

Analyzing Cases of Resilience Success and Failure - A Research Study

DTIC Science & Technology

2012-12-01

controls [NIST 2012, NIST 2008] ISO 27002 and ISO 27004 Guidelines for initiating, implementing, maintaining, and improving information security...Commission ( ISO /IEC). Information technology—Security techniques—Code of practice for information security management ( ISO /IEC 27002 :2005). ISO /IEC, 2005...security management system and controls or groups of controls [ ISO /IEC 2005, ISO /IEC 2009] CIS Security Metrics Outcome and practice metrics measuring

10 CFR 1046.12 - Physical fitness training program.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Physical fitness training program. 1046.12 Section 1046.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) PHYSICAL PROTECTION OF SECURITY INTERESTS Protective Force Personnel § 1046.12 Physical fitness training program. (a) Each incumbent security police officer...

10 CFR 1046.12 - Physical fitness training program.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 4 2013-01-01 2013-01-01 false Physical fitness training program. 1046.12 Section 1046.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) PHYSICAL PROTECTION OF SECURITY INTERESTS Protective Force Personnel § 1046.12 Physical fitness training program. (a) Each incumbent security police officer...

How ISO/IEC 17799 can be used for base lining information assurance among entities using data mining for defense, homeland security, commercial, and other civilian/commercial domains

NASA Astrophysics Data System (ADS)

Perry, William G.

2006-04-01

One goal of database mining is to draw unique and valid perspectives from multiple data sources. Insights that are fashioned from closely-held data stores are likely to possess a high degree of reliability. The degree of information assurance comes into question, however, when external databases are accessed, combined and analyzed to form new perspectives. ISO/IEC 17799, Information technology-Security techniques-Code of practice for information security management, can be used to establish a higher level of information assurance among disparate entities using data mining in the defense, homeland security, commercial and other civilian/commercial domains. Organizations that meet ISO/IEC information security standards have identified and assessed risks, threats and vulnerabilities and have taken significant proactive steps to meet their unique security requirements. The ISO standards address twelve domains: risk assessment and treatment, security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management and business continuity management and compliance. Analysts can be relatively confident that if organizations are ISO 17799 compliant, a high degree of information assurance is likely to be a characteristic of the data sets being used. The reverse may be true. Extracting, fusing and drawing conclusions based upon databases with a low degree of information assurance may be wrought with all of the hazards that come from knowingly using bad data to make decisions. Using ISO/IEC 17799 as a baseline for information assurance can help mitigate these risks.

[The role of environmental factors in managing labour stress].

PubMed

Rados, Melinda; Mészáros, Judit

2017-07-01

Emotional, cognitive and behavioural aspects of birth and labour stress are strongly associated with the underlying physiological processes. To study the factors of physical security and social support, the administration of synthetic oxytocin, and how they relate to perceived stress during childbirth. Women's experienced physical security, social support and oxytocin administration was measured with targeted questions, and their perceived stress with the short and modified version of the Perceived Stress Scale. A strong negative association was found between perceived stress and physical and social security. The group of women experiencing low physical and social security perceived significantly higher stress, while those given synthetic oxytocin perceived higher stress, and lower physical and social security. Since physiological, psychological processes and behaviours are strongly intertwined, the support of natural physiological birth without interventions is recommended, which considers not only short-term but long-term health consequences for mother and child. The contribution of calming physical surroundings, minimal interventions and empowering support of caregivers to safe and satisfying birth is demonstrated in a model. Orv Hetil. 2017; 158(29): 1149-1156.

Meeting the privacy requirements for the development of a multi-centre patient registry in Canada: the Rick Hansen Spinal Cord Injury Registry.

PubMed

Noonan, Vanessa K; Thorogood, Nancy P; Joshi, Phalgun B; Fehlings, Michael G; Craven, B Catharine; Linassi, Gary; Fourney, Daryl R; Kwon, Brian K; Bailey, Christopher S; Tsai, Eve C; Drew, Brian M; Ahn, Henry; Tsui, Deborah; Dvorak, Marcel F

2013-05-01

Privacy legislation addresses concerns regarding the privacy of personal information; however, its interpretation by research ethics boards has resulted in significant challenges to the collection, management, use and disclosure of personal health information for multi-centre research studies. This paper describes the strategy used to develop the national Rick Hansen Spinal Cord Injury Registry (RHSCIR) in accordance with privacy statutes and benchmarked against best practices. An analysis of the regional and national privacy legislation was conducted to determine the requirements for each of the 31 local RHSCIR sites and the national RHSCIR office. A national privacy and security framework was created for RHSCIR that includes a governance structure, standard operating procedures, training processes, physical and technical security and privacy impact assessments. The framework meets a high-water mark in ensuring privacy and security of personal health information nationally and may assist in the development of other national or international research initiatives. Copyright © 2013 Longwoods Publishing.

Meeting the Privacy Requirements for the Development of a Multi-Centre Patient Registry in Canada: The Rick Hansen Spinal Cord Injury Registry

PubMed Central

Noonan, Vanessa K.; Thorogood, Nancy P.; Joshi, Phalgun B.; Fehlings, Michael G.; Craven, B. Catharine; Linassi, Gary; Fourney, Daryl R.; Kwon, Brian K.; Bailey, Christopher S.; Tsai, Eve C.; Drew, Brian M.; Ahn, Henry; Tsui, Deborah; Dvorak, Marcel F.

2013-01-01

Privacy legislation addresses concerns regarding the privacy of personal information; however, its interpretation by research ethics boards has resulted in significant challenges to the collection, management, use and disclosure of personal health information for multi-centre research studies. This paper describes the strategy used to develop the national Rick Hansen Spinal Cord Injury Registry (RHSCIR) in accordance with privacy statutes and benchmarked against best practices. An analysis of the regional and national privacy legislation was conducted to determine the requirements for each of the 31 local RHSCIR sites and the national RHSCIR office. A national privacy and security framework was created for RHSCIR that includes a governance structure, standard operating procedures, training processes, physical and technical security and privacy impact assessments. The framework meets a high-water mark in ensuring privacy and security of personal health information nationally and may assist in the development of other national or international research initiatives. PMID:23968640

Comparative Assessment of Physical and Social Determinants of Water Quantity and Water Quality Concerns

NASA Astrophysics Data System (ADS)

Gunda, T.; Hornberger, G. M.

2017-12-01

Concerns over water resources have evolved over time, from physical availability to economic access and recently, to a more comprehensive study of "water security," which is inherently interdisciplinary because a secure water system is influenced by and affects both physical and social components. The concept of water security carries connotations of both an adequate supply of water as well as water that meets certain quality standards. Although the term "water security" has many interpretations in the literature, the research field has not yet developed a synthetic analysis of water security as both a quantity (availability) and quality (contamination) issue. Using qualitative comparative and multi-regression analyses, we evaluate the primary physical and social factors influencing U.S. states' water security from a quantity perspective and from a quality perspective. Water system characteristics are collated from academic and government sources and include access/use, governance, and sociodemographic, and ecosystem metrics. Our analysis indicates differences in variables driving availability and contamination concerns; for example, climate is a more significant determinant in water quantity-based security analyses than in water quality-based security analyses. We will also discuss coevolution of system traits and the merits of constructing a robust water security index based on the relative importance of metrics from our analyses. These insights will improve understanding of the complex interactions between quantity and quality aspects and thus, overall security of water systems.

Report: Information Security Series: Security Practices Safe Drinking Water Information System

EPA Pesticide Factsheets

Report #2006-P-00021, March 30, 2006. We found that the Office of Water (OW) substantially complied with many of the information security controls reviewed and had implemented practices to ensure production servers are monitored.

5 CFR 9701.517 - Unfair labor practices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.517 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.517 Unfair labor practices. (a) For the...

Safety, security and dual-use chemicals

DOE PAGES

Walters, Douglas B.; Ho, Pauline; Hardesty, Jasper

2014-12-18

Many chemicals that are frequently used in laboratories and industries can be harmful if not handled properly. Chemical safety best practices are designed to protect people from accidentally being exposed to hazardous chemicals. On the other hand, chemical security best practices are designed to protect people from someone deliberately exposing others to hazardous chemicals. Finally, many chemical safety best practices overlap with chemical security best practices, but there are important differences, as will be discussed in this paper.

Water security - Nation state and international security implications

USGS Publications Warehouse

Tindall, James A.; Andrew A. Campbell,

2009-01-01

A terrorist attack such as poisoning and sabotage of the national water supply and water-quality infrastructure of the continental United States or any country, could disrupt the delivery of vital human services, threaten both public health and the environment, potentially cause mass casualties and pose grave public concern for homeland security. Most significantly, an attack on water resources would weaken social cohesion and trust in government. A threat to continuity of services is a potential threat to continuity of government since both are necessary for continuity of operations. Water infrastructure is difficult to protect, as it extends over vast areas across the U.S. and for which ownership is overwhelmingly nonfederal (approximately 85 percent). Since the 9111 attacks, federal dam operators and water and wastewater utilities have established counter measures. Similar measures have been taken in countries around the world. These include enhanced physical security, improved coordination between corporate ownership, Department of Homeland Security, and local law enforcement, and research into risk assessment and vulnerability analysis to ensure greater system safety. A key issue is the proportionate additional resources directed at public and private sector specific priorities. Agencies that have the scientific and technological ability to leverage resources, exploit integrated science approaches, focus on interdisciplinary practices, utilize informatics expertise and employ a wide use of evolving technologies should play a key role in water security and related issues.

Guidelines for Automatic Data Processing Physical Security and Risk Management. Federal Information Processing Standards Publication 31.

ERIC Educational Resources Information Center

National Bureau of Standards (DOC), Washington, DC.

These guidelines provide a handbook for use by federal organizations in structuring physical security and risk management programs for their automatic data processing facilities. This publication discusses security analysis, natural disasters, supporting utilities, system reliability, procedural measures and controls, off-site facilities,…

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... significance (Category III), and for protection of Restricted Data, National Security Information, Safeguards... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED...

Twenty Seven Years of Quantum Cryptography!

NASA Astrophysics Data System (ADS)

Hughes, Richard

2011-03-01

One of the fundamental goals of cryptographic research is to minimize the assumptions underlying the protocols that enable secure communications between pairs or groups of users. In 1984, building on earlier research by Stephen Wiesner, Charles Bennett and Gilles Brassard showed how quantum physics could be harnessed to provide information-theoretic security for protocols such as the distribution of cryptographic keys, which enables two parties to secure their conventional communications. Bennett and Brassard and colleagues performed a proof-of-principle quantum key distribution (QKD) experiment with single-photon quantum state transmission over a 32-cm air path in 1991. This seminal experiment led other researchers to explore QKD in optical fibers and over line-of-sight outdoor atmospheric paths (``free-space''), resulting in dramatic increases in range, bit rate and security. These advances have been enabled by improvements in sources and single-photon detectors. Also in 1991 Artur Ekert showed how the security of QKD could be related to quantum entanglement. This insight led to a deeper understanding and proof of QKD security with practical sources and detectors in the presence of transmission loss and channel noise. Today, QKD has been implemented over ranges much greater than 100km in both fiber and free-space, multi-node network testbeds have been demonstrated, and satellite-based QKD is under study in several countries. ``Quantum hacking'' researchers have shown the importance of extending security considerations to the classical devices that produce and detect the photon quantum states. New quantum cryptographic protocols such as secure identification have been proposed, and others such as quantum secret splitting have been demonstrated. It is now possible to envision quantum cryptography providing a more secure alternative to present-day cryptographic methods for many secure communications functions. My talk will survey these remarkable developments.

Measuring Information Security Performance with 10 by 10 Model for Holistic State Evaluation

PubMed Central

2016-01-01

Organizations should measure their information security performance if they wish to take the right decisions and develop it in line with their security needs. Since the measurement of information security is generally underdeveloped in practice and many organizations find the existing recommendations too complex, the paper presents a solution in the form of a 10 by 10 information security performance measurement model. The model—ISP 10×10M is composed of ten critical success factors, 100 key performance indicators and 6 performance levels. Its content was devised on the basis of findings presented in the current research studies and standards, while its structure results from an empirical research conducted among information security professionals from Slovenia. Results of the study show that a high level of information security performance is mostly dependent on measures aimed at managing information risks, employees and information sources, while formal and environmental factors have a lesser impact. Experts believe that information security should evolve systematically, where it’s recommended that beginning steps include technical, logical and physical security controls, while advanced activities should relate predominantly strategic management activities. By applying the proposed model, organizations are able to determine the actual level of information security performance based on the weighted indexing technique. In this manner they identify the measures they ought to develop in order to improve the current situation. The ISP 10×10M is a useful tool for conducting internal system evaluations and decision-making. It may also be applied to a larger sample of organizations in order to determine the general state-of-play for research purposes. PMID:27655001

Eating and Weight-related Parenting of Adolescents in the Context of Food Insecurity

PubMed Central

MacLehose, Rich; Loth, Katie A.; Fisher, Jennifer O.; Larson, Nicole I.; Neumark-Sztainer, Dianne

2015-01-01

Background Food insecurity is hypothesized to influence mothers’ use of parenting strategies to regulate children’s eating. Little is known about the parenting practices directed toward adolescents in food insecure households. Objective Examine differences in use of eating- and weight-related parenting practices among mothers of adolescents by household food security status. Design Cross-sectional Participants/setting A socio-demographically diverse sample of mothers and adolescents from the Minneapolis/St. Paul metropolitan area who participated in the EAT 2010 and Project F-EAT studies in 2009–2010 (dyad n=2,087). Seventy percent of mothers identified as non-white. Main outcome measures Mother-reported use of parenting practices including pressuring children to eat, restricting high-calorie foods, and encouraging dieting. Statistical analyses performed Logistic regression models were used to determine the predicted probabilities of parenting practices among food secure, low food secure, and very low food secure households. Socio-demographic characteristics, mothers’ body mass index (BMI), and adolescents’ BMI-for-age percentile were examined as confounders. Results In unadjusted models, food insecure mothers were more likely than food secure mothers to frequently encourage their children to diet, comment on their child’s weight, be concerned about their child’s weight, use restrictive feeding practices, and use pressured feeding practices. After adjustment for socio-demographic characteristics and mothers’ and children’s BMI, compared to food secure mothers, mothers with low food security were more likely to frequently comment on their son’s weight (41.5% vs. 32.9%, prevalence difference (PD=8.6 (0.9, 16.3)) and mothers with very low food security were more likely to be concerned about their son’s weight (48.8% vs. 35.1%, PD=13.7 (3.5, 23.9)). Mothers with very low food security were more likely to frequently use restrictive feeding practices with their daughters compared to food secure mothers (33.0% vs. 20.5%, PD=12.4 (4.2, 20.7)). Conclusions Interventions to improve food insecure adolescents’ eating behaviors may benefit from supporting mothers’ use of health-promoting parenting practices. PMID:25824114

[The psychological security in the framework of the system of factors responsible for the effectiveness of spa and health resort-based rehabilitation].

PubMed

Krasnyanskaya, T M; Tylets, V G

The present work was designed to address the problem of ensuring the psychological security in the framework of organization of the rehabilitative treatment based at the spa and health resort facilities. We undertook the questionnaire study for which 650 subjects were recruited among those attending spa and health resort facilities of the cities of Essentuki and Kislovodsk. The participants were asked to estimate the level of their personal security and the quality of the provided means for the rehabilitative treatment and general health improvement. It was found that as many as 43% of the respondents reported the moderate level of psychological security whereas about 30% of them estimated the level of their psychological security as low. Overall, the attitude toward the available means for health improvement and rehabilitation proved extremely variable. The factorial analysis has demonstrated the highly subjective opinions of the responders as regards the provided services categorized in terms of therapeutic (mineral water, preformed physical factors, peloid and dietary therapy), health improvement (herbal medicine, therapeutic physical training, therapy, bioclimatic therapy), and recreational (animation, excursion and touristic activities) factors. The value of these factors was perceived differently by the vacationers with different feelings of psychological security. Those reporting the high level of psychological security demonstrated the positive attitude toward all factors and circumstances available for the general improvement of the health status whereas the holidaymakers reporting the moderate level of personal psychological security exhibited the non-equivalent attitude toward the provided services; namely, they highly estimated the available therapeutic factors but either underestimated the value of the constituent components of the health improving and recreational factors or demonstrated the very selective attitude toward their assessment. Generally speaking, the feeling of personal psychological security in the participants of the study reflected their subjective approach to structuralization and differentiation of the factors underlying the effectiveness, final outcome, and psychological security of the spa and health resort-based rehabilitative treatment. The results of the present study give evidence of the paramount importance of personal psychological security as a most important factor contributing to the solution of problems facing the practice of the rehabilitation treatment based at the spa and health resort facilities. This work should be organized taking into consideration the necessity to ensure the feeling of personal security and psychological comfort in the holidaymakers as an indispensable prerequisite for the successful rehabilitative treatment of the vacationers and meeting the requirements of the holidaymakers.

Urban farming activity towards sustainable wellbeing of urban dwellers

NASA Astrophysics Data System (ADS)

Othman, N.; Mohamad, M.; Latip, R. A.; Ariffin, M. H.

2018-02-01

In Malaysia, urban farming is viewed as a catalyst towards achieving the well-being of urban dwellers and natural environment. Urban farming is a strategy for Malaysia’s food and economic security, and as one of the foci in the agriculture transformation whereby urban dwellers are encouraged to participate in this activity. Previous study proved that urban farming can help to address social problems of food security, urban poverty and high living cost, also provides leisure and recreation among urban dwellers. Thus, this study investigates the best urban farming practices suitable for urban setting, environment and culture of urban dwellers. Data collection was done via questionnaire survey to urban farmers of a selected community garden in Subang Jaya, Selangor. Meanwhile, on-site observations were carried out on gardening activities and the gardens’ physical attributes. The study sample encompasses of 131 urban farmers of 22 community gardens in Subang Jaya. It was found that most of the community gardens practiced crops planting on the ground or soil base planting and dwellers in the lower income group with monthly low household income constitutes the majority (83.2%) of the respondents. Social and health benefits are the highest motivating factors for urban farmers. This study provides unprecedented insights on urban farming practices and motivations in a Malaysian setting.

12 CFR 19.122 - Newspaper notice.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Securities and Corporate Practices Division, Office of the Comptroller of the Currency, Washington, DC 20219... to the Securities and Corporate Practices Division, and to bank shareholders. ... Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.122 Newspaper notice...

12 CFR 19.122 - Newspaper notice.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Securities and Corporate Practices Division, Office of the Comptroller of the Currency, Washington, DC 20219... to the Securities and Corporate Practices Division, and to bank shareholders. ... Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.122 Newspaper notice...

12 CFR 19.122 - Newspaper notice.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Securities and Corporate Practices Division, Office of the Comptroller of the Currency, Washington, DC 20219... to the Securities and Corporate Practices Division, and to bank shareholders. ... Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.122 Newspaper notice...

12 CFR 19.122 - Newspaper notice.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Securities and Corporate Practices Division, Office of the Comptroller of the Currency, Washington, DC 20219... to the Securities and Corporate Practices Division, and to bank shareholders. ... Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.122 Newspaper notice...

12 CFR 19.122 - Newspaper notice.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Securities and Corporate Practices Division, Office of the Comptroller of the Currency, Washington, DC 20219... to the Securities and Corporate Practices Division, and to bank shareholders. ... Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.122 Newspaper notice...

Improving Insider Threat Training Awareness and Mitigation Programs at Nuclear Facilities.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abbott, Shannon

In recent years, insider threat programs have become an important aspect of nuclear security, and nuclear security training courses. However, many nuclear security insider threat programs fail to address the insider threat attack and monitoring potential that exists on information technology (IT) systems. This failure is critical because of the importance of information technology and networks in today’s world. IT systems offer an opportunity to perpetrate dangerous insider attacks, but they also present an opportunity to monitor for them and prevent them. This paper suggests a number of best practices for monitoring and preventing insider attacks on IT systems, andmore » proposes the development of a new IT insider threat tabletop that can be used to help train nuclear security practitioners on how best to implement IT insider threat prevention best practices. The development of IT insider threat best practices and a practical tabletop exercise will allow nuclear security practitioners to improve nuclear security trainings as it integrates a critical part of insider threat prevention into the broader nuclear security system.« less

The complexities of HIPAA and administration simplification.

PubMed

Mozlin, R

2000-11-01

The Health Insurance Portability and Accessibility Act (HIPAA) was signed into law in 1996. Although focused on information technology issues, HIPAA will ultimately impact day-to-day operations at multiple levels within any clinical setting. Optometrists must begin to familiarize themselves with HIPAA in order to prepare themselves to practice in a technology-enriched environment. Title II of HIPAA, entitled "Administration Simplification," is intended to reduce the costs and administrative burden of healthcare by standardizing the electronic transmission of administrative and financial transactions. The Department of Health and Human Services is expected to publish the final rules and regulations that will govern HIPAA's implementation this year. The rules and regulations will cover three key aspects of healthcare delivery: electronic data interchange (EDI), security and privacy. EDI will standardize the format for healthcare transactions. Health plans must accept and respond to all transactions in the EDI format. Security refers to policies and procedures that protect the accuracy and integrity of information and limit access. Privacy focuses on how the information is used and disclosure of identifiable health information. Security and privacy regulations apply to all information that is maintained and transmitted in a digital format and require administrative, physical, and technical safeguards. HIPAA will force the healthcare industry to adopt an e-commerce paradigm and provide opportunities to improve patient care processes. Optometrists should take advantage of the opportunity to develop more efficient and profitable practices.

Designing quantum information processing via structural physical approximation.

PubMed

Bae, Joonwoo

2017-10-01

In quantum information processing it may be possible to have efficient computation and secure communication beyond the limitations of classical systems. In a fundamental point of view, however, evolution of quantum systems by the laws of quantum mechanics is more restrictive than classical systems, identified to a specific form of dynamics, that is, unitary transformations and, consequently, positive and completely positive maps to subsystems. This also characterizes classes of disallowed transformations on quantum systems, among which positive but not completely maps are of particular interest as they characterize entangled states, a general resource in quantum information processing. Structural physical approximation offers a systematic way of approximating those non-physical maps, positive but not completely positive maps, with quantum channels. Since it has been proposed as a method of detecting entangled states, it has stimulated fundamental problems on classifications of positive maps and the structure of Hermitian operators and quantum states, as well as on quantum measurement such as quantum design in quantum information theory. It has developed efficient and feasible methods of directly detecting entangled states in practice, for which proof-of-principle experimental demonstrations have also been performed with photonic qubit states. Here, we present a comprehensive review on quantum information processing with structural physical approximations and the related progress. The review mainly focuses on properties of structural physical approximations and their applications toward practical information applications.

Designing quantum information processing via structural physical approximation

NASA Astrophysics Data System (ADS)

Bae, Joonwoo

2017-10-01

In quantum information processing it may be possible to have efficient computation and secure communication beyond the limitations of classical systems. In a fundamental point of view, however, evolution of quantum systems by the laws of quantum mechanics is more restrictive than classical systems, identified to a specific form of dynamics, that is, unitary transformations and, consequently, positive and completely positive maps to subsystems. This also characterizes classes of disallowed transformations on quantum systems, among which positive but not completely maps are of particular interest as they characterize entangled states, a general resource in quantum information processing. Structural physical approximation offers a systematic way of approximating those non-physical maps, positive but not completely positive maps, with quantum channels. Since it has been proposed as a method of detecting entangled states, it has stimulated fundamental problems on classifications of positive maps and the structure of Hermitian operators and quantum states, as well as on quantum measurement such as quantum design in quantum information theory. It has developed efficient and feasible methods of directly detecting entangled states in practice, for which proof-of-principle experimental demonstrations have also been performed with photonic qubit states. Here, we present a comprehensive review on quantum information processing with structural physical approximations and the related progress. The review mainly focuses on properties of structural physical approximations and their applications toward practical information applications.

Monitoring of continuous-variable quantum key distribution system in real environment.

PubMed

Liu, Weiqi; Peng, Jinye; Huang, Peng; Huang, Duan; Zeng, Guihua

2017-08-07

How to guarantee the practical security of continuous-variable quantum key distribution (CVQKD) system has been an important issue in the quantum cryptography applications. In contrast to the previous practical security strategies, which focus on the intercept-resend attack or the Gaussian attack, we investigate the practical security strategy based on a general attack, i.e., an arbitrated individual attack or collective attack on the system by Eve in this paper. The low bound of intensity disturbance of the local oscillator signal for eavesdropper successfully concealing herself is obtained, considering all noises can be used by Eve in the practical environment. Furthermore, we obtain an optimal monitoring condition for the practical CVQKD system so that legitimate communicators can monitor the general attack in real-time. As examples, practical security of two special systems, i.e., the Gaussian modulated coherent state CVQKD system and the middle-based CVQKD system, are investigated under the intercept-resend attacks.

12 CFR 208.37 - Government securities sales practices.

Code of Federal Regulations, 2011 CFR

2011-01-01

...-institutional customer means any customer other than: (i) A bank, savings association, insurance company, or registered investment company; (ii) An investment adviser registered under section 203 of the Investment... Securities-Related Activities § 208.37 Government securities sales practices. (a) Scope. This subpart is...

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

DOE Office of Scientific and Technical Information (OSTI.GOV)

McDonald, K; Curran, B

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusionmore » Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.« less

Restaurant industry preparedness against intentional food contamination: results of a South Carolina survey.

PubMed

Xirasagar, Sudha; Kanwat, C P; Smith, Lillian U; Li, Yi-Jhen; Sros, Lekhena; Shewchuk, Richard M

2010-01-01

Food safety and food defense are both responsibilities of public health agencies. Food safety practices within restaurants are regulated by state and local public health laws based on the US Food and Drug Administration Model Food Code. However, little is known about preemptive practices against intentional food-borne outbreaks within restaurants. The researchers administered a survey to a 50 percent random sample of South Carolina's restaurants, a state that relies heavily on tourism and the restaurant industry for its economic well-being. The survey received a response rate of 15 percent. The food defense practice items fall under three functional categories: employee management and training practices; vendor and delivery-related practices; and physical facilities and operational security practices. This study presents the results, classified by geographic region. Findings indicate some key areas of vulnerability that need attention to protect the public from mass food outbreaks due to intentional contamination. Of concern, there is much variation in practices by geographic region. On the basis of the survey, recommendations are made to improve restaurant preparedness against food-borne outbreaks from terrorism and malevolent contamination.

75 FR 1093 - Self-Regulatory Organizations; The Options Clearing Corporation; Notice of Filing of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-08

... any option or any futures contracts on ETFS Physical Swiss Gold Shares and ETFS Physical Silver Shares... jurisdictional status of options or security futures on ETFS Physical Swiss Gold Shares or ETFS Physical Silver... approving a proposed rule change clarifying that options and securities futures on SPDR Gold Shares are...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

Effectiveness of an intervention to facilitate the implementation of healthy eating and physical activity policies and practices in childcare services: a randomised controlled trial.

PubMed

Jones, Jannah; Wyse, Rebecca; Finch, Meghan; Lecathelinais, Christophe; Wiggers, John; Marshall, Josephine; Falkiner, Maryann; Pond, Nicole; Yoong, Sze Lin; Hollis, Jenna; Fielding, Alison; Dodds, Pennie; Clinton-McHarg, Tara; Freund, Megan; McElduff, Patrick; Gillham, Karen; Wolfenden, Luke

2015-10-25

The primary aim of this study was to evaluate the effectiveness of an intervention to increase the implementation of healthy eating and physical activity policies and practices by centre-based childcare services. The study also sought to determine if the intervention was effective in improving child dietary intake and increasing child physical activity levels while attending childcare. A parallel group, randomised controlled trial was conducted in a sample of 128 childcare services. Intervention strategies included provision of implementation support staff, securing executive support, staff training, consensus processes, academic detailing visits, tools and resources, performance monitoring and feedback and a communications strategy. The primary outcome of the trial was the proportion of services implementing all seven healthy eating and physical activity policies and practices targeted by the intervention. Outcome data were collected via telephone surveys with nominated supervisors and room leaders at baseline and immediately post-intervention. Secondary trial outcomes included the differences between groups in the number of serves consumed by children for each food group within the Australian Guide to Healthy Eating and in the proportion of children engaged in sedentary, walking or very active physical activity assessed via observation in a random subsample of 36 services at follow-up. There was no significant difference between groups for the primary trial outcome (p = 0.44). Relative to the control group, a significantly larger proportion of intervention group services reported having a written nutrition and physical activity policy (p = 0.05) and providing adult-guided activities to develop fundamental movement skills (p = 0.01). There were no significant differences between groups at follow-up on measures of child dietary intake or physical activity. The findings of the trial were equivocal. While there was no significant difference between groups for the primary trial outcome, the intervention did significantly increase the proportion of intervention group services implementing two of the seven healthy eating and physical activity policies and practices. High levels of implementation of a number of policies and practices at baseline, significant obesity prevention activity in the study region and higher than previously reported intra-class correlation of child behaviours may, in part, explain the trial findings. Australian Clinical Trials Registry (reference ACTRN12612000927820 ).

Making Our Buildings Safer: Security Management and Equipment Issues.

ERIC Educational Resources Information Center

Clark, James H.

1997-01-01

Discusses three major components of library security: physical security of the environment; operating procedures for library staff, the public, and security personnel; and a contract security force (or campus security in academic institutions.) Topics include risk management; maintenance; appropriate technology, including security systems and…

Physical layer security in fiber-optic MIMO-SDM systems: An overview

NASA Astrophysics Data System (ADS)

Guan, Kyle; Cho, Junho; Winzer, Peter J.

2018-02-01

Fiber-optic transmission systems provide large capacities over enormous distances but are vulnerable to simple eavesdropping attacks at the physical layer. We classify key-based and keyless encryption and physical layer security techniques and discuss them in the context of optical multiple-input-multiple-output space-division multiplexed (MIMO-SDM) fiber-optic communication systems. We show that MIMO-SDM not only increases system capacity, but also ensures the confidentiality of information transmission. Based on recent numerical and experimental results, we review how the unique channel characteristics of MIMO-SDM can be exploited to provide various levels of physical layer security.

PennDOT transportation security strategy : volume 2 : effective practices of state departments of transportation security planning

DOT National Transportation Integrated Search

2004-08-01

Since September 11, 2001, state departments of transportation (DOTs) have been assuming a more proactive role in security and emergency management. The purpose of this Effective Practices Report is to document key lessons learned by state DOTs as the...

17 CFR 201.104 - Business hours.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Business hours. 201.104 Section 201.104 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.104 Business hours. The Headquarters office of the Commission, at...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2014 CFR

2014-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2010 CFR

2010-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2012 CFR

2012-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2011 CFR

2011-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2013 CFR

2013-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

17 CFR 201.104 - Business hours.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Business hours. 201.104 Section 201.104 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.104 Business hours. The Headquarters office of the Commission, at...

17 CFR 201.104 - Business hours.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Business hours. 201.104 Section 201.104 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.104 Business hours. The Headquarters office of the Commission, at...

17 CFR 201.104 - Business hours.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Business hours. 201.104 Section 201.104 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.104 Business hours. The Headquarters office of the Commission, at...

17 CFR 201.104 - Business hours.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Business hours. 201.104 Section 201.104 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.104 Business hours. The Headquarters office of the Commission, at...

Plug-and-play measurement-device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Choi, Yujun; Kwon, Osung; Woo, Minki; Oh, Kyunghwan; Han, Sang-Wook; Kim, Yong-Su; Moon, Sung

2016-03-01

Quantum key distribution (QKD) guarantees unconditional communication security based on the laws of quantum physics. However, practical QKD suffers from a number of quantum hackings due to the device imperfections. From the security standpoint, measurement-device-independent quantum key distribution (MDI-QKD) is in the limelight since it eliminates all the possible loopholes in detection. Due to active control units for mode matching between the photons from remote parties, however, the implementation of MDI-QKD is highly impractical. In this paper, we propose a method to resolve the mode matching problem while minimizing the use of active control units. By introducing the plug-and-play (P&P) concept into MDI-QKD, the indistinguishability in spectral and polarization modes between photons can naturally be guaranteed. We show the feasibility of P&P MDI-QKD with a proof-of-principle experiment.

Reflective practices at the Security Council: Children and armed conflict and the three United Nations

PubMed Central

Bode, Ingvild

2017-01-01

The United Nations Security Council passed its first resolution on children in armed conflict in 1999, making it one of the oldest examples of Security Council engagement with a thematic mandate and leading to the creation of a dedicated working group in 2005. Existing theoretical accounts of the Security Council cannot account for the developing substance of the children and armed conflict agenda as they are macro-oriented and focus exclusively on states. I argue that Security Council decision-making on thematic mandates is a productive process whose outcomes are created by and through practices of actors across the three United Nations: member states (the first United Nations), United Nations officials (the second United Nations) and non-governmental organizations (the third United Nations). In presenting a practice-based, micro-oriented analysis of the children and armed conflict agenda, the article aims to deliver on the empirical promise of practice theories in International Relations. I make two contributions to practice-based understandings: first, I argue that actors across the three United Nations engage in reflective practices of a strategic or tactical nature to manage, arrange or create space in Security Council decision-making. Portraying practices as reflective rather than as only based on tacit knowledge highlights how actors may creatively adapt their practices to social situations. Second, I argue that particular individuals from the three United Nations are more likely to become recognized as competent performers of practices because of their personality, understood as plural socialization experiences. This adds varied individual agency to practice theories that, despite their micro-level interests, have focused on how agency is relationally constituted. PMID:29782586

Reflective practices at the Security Council: Children and armed conflict and the three United Nations.

PubMed

Bode, Ingvild

2018-06-01

The United Nations Security Council passed its first resolution on children in armed conflict in 1999, making it one of the oldest examples of Security Council engagement with a thematic mandate and leading to the creation of a dedicated working group in 2005. Existing theoretical accounts of the Security Council cannot account for the developing substance of the children and armed conflict agenda as they are macro-oriented and focus exclusively on states. I argue that Security Council decision-making on thematic mandates is a productive process whose outcomes are created by and through practices of actors across the three United Nations: member states (the first United Nations), United Nations officials (the second United Nations) and non-governmental organizations (the third United Nations). In presenting a practice-based, micro-oriented analysis of the children and armed conflict agenda, the article aims to deliver on the empirical promise of practice theories in International Relations. I make two contributions to practice-based understandings: first, I argue that actors across the three United Nations engage in reflective practices of a strategic or tactical nature to manage, arrange or create space in Security Council decision-making. Portraying practices as reflective rather than as only based on tacit knowledge highlights how actors may creatively adapt their practices to social situations. Second, I argue that particular individuals from the three United Nations are more likely to become recognized as competent performers of practices because of their personality, understood as plural socialization experiences. This adds varied individual agency to practice theories that, despite their micro-level interests, have focused on how agency is relationally constituted.

Canine Supply for Physical Security: An Analysis of the Royal Australian Air Force Military Working Dog Program

DTIC Science & Technology

2016-03-01

PHYSICAL SECURITY: AN ANALYSIS OF THE ROYAL AUSTRALIAN AIR FORCE MILITARY WORKING DOG PROGRAM by Mark W. Powell March 2016 Thesis...AN ANALYSIS OF THE ROYAL AUSTRALIAN AIR FORCE MILITARY WORKING DOG PROGRAM 5. FUNDING NUMBERS 6. AUTHOR(S) Mark W. Powell 7. PERFORMING...increased demand on its physical security elements. Its military working dog (MWD) workforce is required to meet an inventory of 204 by end of year 2023 as

Practical security analysis of continuous-variable quantum key distribution with jitter in clock synchronization

NASA Astrophysics Data System (ADS)

Xie, Cailang; Guo, Ying; Liao, Qin; Zhao, Wei; Huang, Duan; Zhang, Ling; Zeng, Guihua

2018-03-01

How to narrow the gap of security between theory and practice has been a notoriously urgent problem in quantum cryptography. Here, we analyze and provide experimental evidence of the clock jitter effect on the practical continuous-variable quantum key distribution (CV-QKD) system. The clock jitter is a random noise which exists permanently in the clock synchronization in the practical CV-QKD system, it may compromise the system security because of its impact on data sampling and parameters estimation. In particular, the practical security of CV-QKD with different clock jitter against collective attack is analyzed theoretically based on different repetition frequencies, the numerical simulations indicate that the clock jitter has more impact on a high-speed scenario. Furthermore, a simplified experiment is designed to investigate the influence of the clock jitter.

Practical scheme to share a secret key through a quantum channel with a 27.6% bit error rate

NASA Astrophysics Data System (ADS)

Chau, H. F.

2002-12-01

A secret key shared through quantum key distribution between two cooperative players is secure against any eavesdropping attack allowed by the laws of physics. Yet, such a key can be established only when the quantum channel error rate due to eavesdropping or imperfect apparatus is low. Here, a practical quantum key distribution scheme by making use of an adaptive privacy amplification procedure with two-way classical communication is reported. Then, it is proven that the scheme generates a secret key whenever the bit error rate of the quantum channel is less than 0.5-0.1(5)≈27.6%, thereby making it the most error resistant scheme known to date.

Data security101: avoiding the list.

PubMed

Perna, Gabriel

2012-01-01

Thanks to the rampant digitization of healthcare data, breaches have become commonplace in an industry that lacks advanced security practices. In this industry-wide report, those who have dealt with breaches implore others to shore up internal security practices and be transparent. As one CIO keenly notes, "we're all in this together."

17 CFR 201.411 - Commission consideration of initial decisions by hearing officers.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Commission consideration of initial decisions by hearing officers. 201.411 Section 201.411 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice Appeal to the Commission and...

76 FR 10362 - Public Safety and Homeland Security Bureau; Federal Advisory Committee Act; Communications...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-24

... including cybersecurity best practices, media security and reliability best practices, transition to Next... Cybersecurity and Communications Reliability Public Safety and Homeland Security Bureau, Federal Communications... Chief for Cybersecurity and Communications Reliability. [FR Doc. 2011-4211 Filed 2-23-11; 8:45 am...

17 CFR 201.153 - Filing of papers: Signature requirement and effect.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Filing of papers: Signature requirement and effect. 201.153 Section 201.153 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice General Rules § 201.153 Filing of papers: Signature...

76 FR 23513 - Public and Closed Meeting To Discuss Comments on Draft Regulatory Basis for Rulemaking Revising...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-27

..., ``Security Performance (Adversary) Characteristics for Physical Security Programs for 10 CFR [Title 10 of the..., ``Physical Protection of Plants and Materials,'' that would apply during the storage of SNF at an ISFSI and... facilities licensed to store SNF through a combination of these existing security regulations and the...

Privacy and Security: A Bibliography.

ERIC Educational Resources Information Center

Computer and Business Equipment Manufacturers Association, Washington, DC.

Compiled at random from many sources, this bibliography attempts to cite as many publications concerning privacy and security as are available. The entries are organized under seven headings: (1) systems security, technical security, clearance of personnel, (2) corporate physical security, (3) administrative security, (4) miscellaneous--privacy…

Process Security in Chemical Engineering Education

ERIC Educational Resources Information Center

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

Assessing the Need for an On-Line Educational Module for Volunteer Leaders on Bio-Security in Washington State 4-H Livestock Projects

ERIC Educational Resources Information Center

Stevenson, Jill L.; Moore, Dale A.; Newman, Jerry; Schmidt, Janet L.; Smith, Sarah M.; Smith, Jean; Kerr, Susan; Wallace, Michael; BoyEs, Pat

2011-01-01

4-H livestock projects present disease transmission risks that can be reduced by the use of bio-security practices. The responsibility of teaching bio-security to youth belongs primarily to volunteer leaders, who may not be aware of the importance of these practices. A needs assessment for an online educational module about bio-security revealed…

A room for design: Through participatory design young adults with schizophrenia become strong collaborators.

PubMed

Terp, Malene; Laursen, Birgitte Schantz; Jørgensen, Rikke; Mainz, Jan; Bjørnes, Charlotte D

2016-12-01

Smartphone technology is being increasingly viewed as key to engaging young adults with schizophrenia in their own mental health care. In an attempt to use smartphones as an engagement tool, we conducted a participatory design process, where young adults with schizophrenia (n = 4), healthcare providers (n = 7), software designers (n = 3), graphic designer (n = 1), graphic recorder (n = 1), and team leader (n = 1) co-designed a smartphone application for use in early phase schizophrenia care. This paper reports the co-design process. Based on a variety of written data-sources, the paper describes if, and how, participatory design can help construct a physical and relational environment that enables young adults with schizophrenia to become active participants in the design of a more participatory mental health practice. Guided by Etienne Wenger's construct of Community of Practice, three major categories of characteristics and construction of a physical and relational environment supporting and inspiring participation and engagement were identified: (i) a pre-narrative about a community of practice, (ii) the room for design is a community of practice and (iii) the community of practice as a practice of special qualities. It is concluded that participatory design can support and inspire participation and engagement in the development of mental health care with young adults with schizophrenia, given that the environment in which participatory design unfolds is transparent, flexible, secure and informal. © 2016 Australian College of Mental Health Nurses Inc.

Eating- and weight-related parenting of adolescents in the context of food insecurity.

PubMed

Bauer, Katherine W; MacLehose, Rich; Loth, Katie A; Fisher, Jennifer O; Larson, Nicole I; Neumark-Sztainer, Dianne

2015-09-01

Food insecurity is hypothesized to influence mothers' use of parenting strategies to regulate children's eating. Little is known about the parenting practices directed toward adolescents in food-insecure households. Our aim was to examine the differences in use of eating- and weight-related parenting practices among mothers of adolescents by household food-security status. This was a cross-sectional study. A sociodemographically diverse sample of mothers and adolescents from the Minneapolis/St Paul, MN, metropolitan area who participated in the Eating and Activity Among Teens 2010 and Project Families and Eating and Activity Among Teens studies in 2009 to 2010 (dyad n=2,087). Seventy percent of mothers identified as nonwhite. We examined mother-reported use of parenting practices, including pressuring children to eat, restricting high-calorie foods, and encouraging dieting. Logistic regression models were used to determine the predicted probabilities of parenting practices among food-secure, low food-secure, and very-low food-secure households. Sociodemographic characteristics, mothers' body mass index, and adolescents' body mass index-for-age percentile were examined as confounders. In unadjusted models, food-insecure mothers were more likely than food-secure mothers to frequently encourage their children to diet, comment on their child's weight, be concerned about their child's weight, use restrictive feeding practices, and use pressured feeding practices. After adjustment for sociodemographic characteristics and mothers' and children's body mass index, compared to food-secure mothers, mothers with low food security were more likely to frequently comment on their sons' weight (41.5% vs 32.9%, prevalence difference=8.6; 95% CI 0.9 to 16.3) and mothers with very low food security were more likely to be concerned about their sons' weight (48.8% vs 35.1%; prevalence difference=13.7; 95% CI 3.5 to 23.9). Mothers with very low food security were more likely to frequently use restrictive feeding practices with their daughters compared to food-secure mothers (33.0% vs 20.5%; prevalence difference=12.4; 95% CI 4.2 to 20.7). Interventions to improve food-insecure adolescents' eating behaviors may benefit from supporting mothers' use of health-promoting parenting practices. Copyright © 2015 Academy of Nutrition and Dietetics. Published by Elsevier Inc. All rights reserved.

The Physical Layer Security Experiments of Cooperative Communication System with Different Relay Behaviors.

PubMed

Su, Yishan; Han, Guangyao; Fu, Xiaomei; Xu, Naishen; Jin, Zhigang

2017-04-06

Physical layer security is an attractive security mechanism, which exploits the randomness characteristics of wireless transmission channel to achieve security. However, it is hampered by the limitation of the channel condition that the main channel must be better than the eavesdropper channel. To alleviate the limitation, cooperative communication is introduced. Few studies have investigated the physical layer security of the relay transmission model. In this paper, we performed some experiments to evaluate the physical layer security of a cooperative communication system, with a relay operating in decode-and-forward (DF) cooperative mode, selfish and malicious behavior in real non-ideal transmission environment. Security performance is evaluated in terms of the probability of non-zero secrecy capacity. Experiments showed some different results compared to theoretical simulation: (1) to achieve the maximum secrecy capacity, the optimal relay power according to the experiments result is larger than that of ideal theoretical results under both cooperative and selfish behavior relay; (2) the relay in malicious behavior who forwards noise to deteriorate the main channel may deteriorate the eavesdropper channel more seriously than the main channel; (3) the optimal relay positions under cooperative and selfish behavior relay cases are both located near the destination because of non-ideal transmission.

Counterfactual quantum cryptography network with untrusted relay

NASA Astrophysics Data System (ADS)

Chen, Yuanyuan; Gu, Xuemei; Jiang, Dong; Xie, Ling; Chen, Lijun

2015-07-01

Counterfactual quantum cryptography allows two remote parties to share a secret key even though a physical particle is not in fact transmitted through the quantum channel. In order to extend the scope of counterfactual quantum cryptography, we use an untrusted relay to construct a multi-user network. The implementation issues are discussed to show that the scheme can be realized with current technologies. We also prove the practical security advantages of the scheme by eliminating the probability that an eavesdropper can directly access the signal or an untrusted relay can perform false operations.

The role of the health physicist in nuclear security.

PubMed

Waller, Edward J; van Maanen, Jim

2015-04-01

Health physics is a recognized safety function in the holistic context of the protection of workers, members of the public, and the environment against the hazardous effects of ionizing radiation, often generically designated as radiation protection. The role of the health physicist as protector dates back to the Manhattan Project. Nuclear security is the prevention and detection of, and response to, criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Its importance has become more visible and pronounced in the post 9/11 environment, and it has a shared purpose with health physics in the context of protection of workers, members of the public, and the environment. However, the duties and responsibilities of the health physicist in the nuclear security domain are neither clearly defined nor recognized, while a fundamental understanding of nuclear phenomena in general, nuclear or other radioactive material specifically, and the potential hazards related to them is required for threat assessment, protection, and risk management. Furthermore, given the unique skills and attributes of professional health physicists, it is argued that the role of the health physicist should encompass all aspects of nuclear security, ranging from input in the development to implementation and execution of an efficient and effective nuclear security regime. As such, health physicists should transcend their current typical role as consultants in nuclear security issues and become fully integrated and recognized experts in the nuclear security domain and decision making process. Issues regarding the security clearances of health physics personnel and the possibility of insider threats must be addressed in the same manner as for other trusted individuals; however, the net gain from recognizing and integrating health physics expertise in all levels of a nuclear security regime far outweighs any negative aspects. In fact, it can be argued that health physics is essential in achieving an integrated approach toward nuclear safety, security, and safeguards.

The Role of the Health Physicist in Nuclear Security

PubMed Central

Waller, Edward J.; van Maanen, Jim

2015-01-01

Abstract Health physics is a recognized safety function in the holistic context of the protection of workers, members of the public, and the environment against the hazardous effects of ionizing radiation, often generically designated as radiation protection. The role of the health physicist as protector dates back to the Manhattan Project. Nuclear security is the prevention and detection of, and response to, criminal or intentional unauthorized acts involving or directed at nuclear material, other radioactive material, associated facilities, or associated activities. Its importance has become more visible and pronounced in the post 9/11 environment, and it has a shared purpose with health physics in the context of protection of workers, members of the public, and the environment. However, the duties and responsibilities of the health physicist in the nuclear security domain are neither clearly defined nor recognized, while a fundamental understanding of nuclear phenomena in general, nuclear or other radioactive material specifically, and the potential hazards related to them is required for threat assessment, protection, and risk management. Furthermore, given the unique skills and attributes of professional health physicists, it is argued that the role of the health physicist should encompass all aspects of nuclear security, ranging from input in the development to implementation and execution of an efficient and effective nuclear security regime. As such, health physicists should transcend their current typical role as consultants in nuclear security issues and become fully integrated and recognized experts in the nuclear security domain and decision making process. Issues regarding the security clearances of health physics personnel and the possibility of insider threats must be addressed in the same manner as for other trusted individuals; however, the net gain from recognizing and integrating health physics expertise in all levels of a nuclear security regime far outweighs any negative aspects. In fact, it can be argued that health physics is essential in achieving an integrated approach toward nuclear safety, security, and safeguards. PMID:25706142

Continuous-variable quantum authentication of physical unclonable keys: Security against an emulation attack

NASA Astrophysics Data System (ADS)

Nikolopoulos, Georgios M.

2018-01-01

We consider a recently proposed entity authentication protocol in which a physical unclonable key is interrogated by random coherent states of light, and the quadratures of the scattered light are analyzed by means of a coarse-grained homodyne detection. We derive a sufficient condition for the protocol to be secure against an emulation attack in which an adversary knows the challenge-response properties of the key and moreover, he can access the challenges during the verification. The security analysis relies on Holevo's bound and Fano's inequality, and suggests that the protocol is secure against the emulation attack for a broad range of physical parameters that are within reach of today's technology.

3D Imaging with Structured Illumination for Advanced Security Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Birch, Gabriel Carisle; Dagel, Amber Lynn; Kast, Brian A.

2015-09-01

Three-dimensional (3D) information in a physical security system is a highly useful dis- criminator. The two-dimensional data from an imaging systems fails to provide target dis- tance and three-dimensional motion vector, which can be used to reduce nuisance alarm rates and increase system effectiveness. However, 3D imaging devices designed primarily for use in physical security systems are uncommon. This report discusses an architecture favorable to physical security systems; an inexpensive snapshot 3D imaging system utilizing a simple illumination system. The method of acquiring 3D data, tests to understand illumination de- sign, and software modifications possible to maximize information gathering capabilitymore » are discussed.« less

A randomised controlled trial of an intervention to facilitate the implementation of healthy eating and physical activity policies and practices in childcare services

PubMed Central

Jones, Jannah; Wolfenden, Luke; Wyse, Rebecca; Finch, Meghan; Yoong, Sze Lin; Dodds, Pennie; Pond, Nicole; Gillham, Karen; Freund, Megan; McElduff, Patrick; Wye, Paula; Wiggers, John

2014-01-01

Introduction Childhood overweight and obesity tracks into adulthood, increasing the risk of developing future chronic disease. Implementing initiatives promoting healthy eating and physical activity in childcare settings has been identified as a priority to prevent excessive child weight gain. Despite this, few trials have been conducted to assess the effectiveness of interventions to support population-wide implementation of such initiatives. The aim of this study is to assess the effectiveness of a multicomponent intervention in increasing the implementation of healthy eating and physical activity policies and practices by centre-based childcare services. Methods and analysis The study will employ a parallel group randomised controlled trial design. A sample of 128 childcare services in the Hunter region of New South Wales, Australia, will be recruited to participate in the trial. 64 services will be randomly allocated to a 12-month implementation intervention. The remaining 64 services will be allocated to a usual care control group. The intervention will consist of a number of strategies to facilitate childcare service implementation of healthy eating and physical activity policies and practices. Intervention strategies will include implementation support staff, securing executive support, consensus processes, staff training, academic detailing visits, performance monitoring and feedback, tools and resources, and a communications strategy. The primary outcome of the trial will be the prevalence of services implementing all healthy eating and physical activity policies and practices targeted by the intervention. To assess the effectiveness of the intervention, telephone surveys with nominated supervisors and room leaders of childcare services will be conducted at baseline and immediately postintervention. Ethics and dissemination The study was approved by the Hunter New England Human Research Ethics Committee and the University of Newcastle Human Research Ethics Committee. Study findings will be disseminated widely through peer-reviewed publications and conference presentations. Trial registration number Australian Clinical Trials Registry ACTRN12612000927820. PMID:24742978

Emergency Response Manual

NASA Technical Reports Server (NTRS)

Barnett, Traci M.

2004-01-01

Safety and security is very important at NASA. The Security Management and Safeguards Office goal is ensure safety and security for all NASA Lewis and Plum Brook Station visitors and workers. The office protects against theft, sabotage, malicious damage, espionage, and other threats or acts of violence. There are three types of security at NASA: physical, IT, and personnel. IT is concerned with sensitive and classified information and computers. Physical security includes the officers who check visitors and workers in and patrol the facility. Personnel security is concerned with background checks during hiring. During my internship, I met people from and gained knowledge about all three types of security. I primarily worked with Dr. Richard Soppet in physical security. During my experience with physical security, I observed and worked with many aspects of it. I attended various security meetings at both NASA Lewis and Plum Brook. The meetings were about homeland security and other improvements that will be made to both facilities. I also spent time with a locksmith. The locksmith makes copies of keys and unlocks doors for people who need them. I rode around in a security vehicle with an officer as he patrolled. I also observed the officer make a search of a visitor s vehicle. All visitors vehicles are searched upon entering NASA. I spent time and observed in the dispatch office. The officer answers calls and sends out officers when needed. The officer also monitors the security cameras. My primary task was completing an emergency response manual. This manual would assist local law enforcement and fire agencies in case of an emergency. The manual has pictures and descriptions of the buildings. It also contains the information about hazards inside of the buildings. This information will be very helpul to law enforcement so that when called upon during an emergency, they will not create an even bigger problem with collateral damage.

16 CFR 801.13 - Aggregation of voting securities, assets and non-corporate interests.

Code of Federal Regulations, 2010 CFR

2010-01-01

... COVERAGE RULES § 801.13 Aggregation of voting securities, assets and non-corporate interests. (a) Voting... 16 Commercial Practices 1 2010-01-01 2010-01-01 false Aggregation of voting securities, assets and non-corporate interests. 801.13 Section 801.13 Commercial Practices FEDERAL TRADE COMMISSION RULES...

16 CFR 801.13 - Aggregation of voting securities, assets and non-corporate interests.

Code of Federal Regulations, 2011 CFR

2011-01-01

... COVERAGE RULES § 801.13 Aggregation of voting securities, assets and non-corporate interests. (a) Voting... 16 Commercial Practices 1 2011-01-01 2011-01-01 false Aggregation of voting securities, assets and non-corporate interests. 801.13 Section 801.13 Commercial Practices FEDERAL TRADE COMMISSION RULES...

16 CFR 801.13 - Aggregation of voting securities, assets and non-corporate interests.

Code of Federal Regulations, 2012 CFR

2012-01-01

... COVERAGE RULES § 801.13 Aggregation of voting securities, assets and non-corporate interests. (a) Voting... 16 Commercial Practices 1 2012-01-01 2012-01-01 false Aggregation of voting securities, assets and non-corporate interests. 801.13 Section 801.13 Commercial Practices FEDERAL TRADE COMMISSION RULES...

16 CFR 801.13 - Aggregation of voting securities, assets and non-corporate interests.

Code of Federal Regulations, 2014 CFR

2014-01-01

... COVERAGE RULES § 801.13 Aggregation of voting securities, assets and non-corporate interests. (a) Voting... 16 Commercial Practices 1 2014-01-01 2014-01-01 false Aggregation of voting securities, assets and non-corporate interests. 801.13 Section 801.13 Commercial Practices FEDERAL TRADE COMMISSION RULES...

16 CFR 801.13 - Aggregation of voting securities, assets and non-corporate interests.

Code of Federal Regulations, 2013 CFR

2013-01-01

... COVERAGE RULES § 801.13 Aggregation of voting securities, assets and non-corporate interests. (a) Voting... 16 Commercial Practices 1 2013-01-01 2013-01-01 false Aggregation of voting securities, assets and non-corporate interests. 801.13 Section 801.13 Commercial Practices FEDERAL TRADE COMMISSION RULES...

Practical School Security: Basic Guidelines for Safe and Secure Schools.

ERIC Educational Resources Information Center

Trump, Kenneth S.

This book is written primarily for elementary and secondary school administrators and teachers, but college faculty involved in providing teacher or administrator education would also benefit from the practical approach to issues of school security. Chapters 1 through 3 establish a framework for dealing with the myths and realities of school…

Risk assessment for physical and cyber attacks on critical infrastructures.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.

2005-08-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results ofmore » a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.« less

17 CFR 38.152 - Abusive trading practices prohibited.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Abusive trading practices prohibited. 38.152 Section 38.152 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Compliance With Rules § 38.152 Abusive trading practices prohibited. A designated...

17 CFR 38.152 - Abusive trading practices prohibited.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Abusive trading practices prohibited. 38.152 Section 38.152 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Compliance With Rules § 38.152 Abusive trading practices prohibited. A designated...

Information security system quality assessment through the intelligent tools

NASA Astrophysics Data System (ADS)

Trapeznikov, E. V.

2018-04-01

The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

Lessons Learned in Over a Decade of Technical Support for U.S. Nuclear Cyber Security Programmes

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Landine, Guy P.; Craig, Philip A.

Pacific Northwest National Laboratory’s (PNNL) nuclear cyber security team has been providing technical support to the U.S. Nuclear Regulatory Commission (NRC) since 2002. This team has provided cyber security technical experties in conducting cyber security inspections, developing of regulatory rules and guidance, reviewing facility cyber security plans, developing inspection guidance, and developing and teaching NRC inspectors how to conduct cyber security assessments. The extensive experience the PNNL team has gathered has allowed them to compile a lenghty list of recommendations on how to improve cyber security programs and conduct assessments. A selected set of recommendations are presented, including the needmore » to: integrate an array of defenisve strategies into a facility’s cyber security program, coordinate physical and cyber security activities, train phycial security forces to resist a cyber-enabled physical attack, improve estimates of the consequences of a cyber attack, properly resource cyber security assessments, appropropriately account for insider threats, routinely monitor security devices for potential attacks, supplement compliance-based requirements with risk-based decision making, and introduce the concept of resilience into cyber security programs.« less

76 FR 78215 - Possession, Use, and Transfer of Select Agents and Toxins; Biennial Review; Proposed Rule

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-16

... agents and toxins list; whether minimum standards for personnel reliability, physical and cyber security... toxins list; (3) whether minimum standards for personnel reliability, physical and cyber security should...

The kelvin redefined

NASA Astrophysics Data System (ADS)

Machin, Graham

2018-02-01

On 20 May 2019 it is anticipated that the most radical revision of the International System of Units (the SI), since its inception, will come into force. From that point, all the SI units will be based on defined values of fundamental constants of nature. In this paper the redefinition of the kelvin and its implications are considered. The topic will be introduced by discussing how the wording of the new definition of the kelvin developed. The kelvin redefinition is reliant on a secure low-uncertainty value of the Boltzmann constant; its determination by different physical methods and how the final definitive value for the kelvin redefinition was arrived at is discussed. The redefined kelvin will be implemented through a document known as the mise en pratique (i.e. the ‘practical realisation’) for the definition of the kelvin (MeP-K). The development and contents of the MeP-K will be described. There follows a discussion of contemporary primary thermometry, which is the bedrock on which a secure kelvin redefinition will be founded. Finally the paper ends with a discussion of the implications of the redefinition, for traceability, and, more widely, the practice of thermometry in general.

17 CFR 201.230 - Enforcement and disciplinary proceedings: Availability of documents for inspection and copying.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Enforcement and disciplinary proceedings: Availability of documents for inspection and copying. 201.230 Section 201.230 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION RULES OF PRACTICE Rules of Practice Initiation of Proceedings and Prehearing Rules §...

16 CFR 801.21 - Securities and cash not considered assets when acquired.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 16 Commercial Practices 1 2010-01-01 2010-01-01 false Securities and cash not considered assets when acquired. 801.21 Section 801.21 Commercial Practices FEDERAL TRADE COMMISSION RULES, REGULATIONS... regularly prepared balance sheet of “A” referred to in § 801.11—the voting securities of X must be reflected...

12 CFR 16.32 - Fraudulent transactions and unsafe and unsound practices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... operates as a fraud or deceit upon any person, in connection with the purchase or sale of any security of a... SECURITIES OFFERING DISCLOSURE RULES § 16.32 Fraudulent transactions and unsafe and unsound practices. (a) No person in the offer or sale of bank securities shall directly or indirectly: (1) Employ any device...

Game theoretic analysis of physical protection system design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Canion, B.; Schneider, E.; Bickel, E.

The physical protection system (PPS) of a fictional small modular reactor (SMR) facility have been modeled as a platform for a game theoretic approach to security decision analysis. To demonstrate the game theoretic approach, a rational adversary with complete knowledge of the facility has been modeled attempting a sabotage attack. The adversary adjusts his decisions in response to investments made by the defender to enhance the security measures. This can lead to a conservative physical protection system design. Since defender upgrades were limited by a budget, cost benefit analysis may be conducted upon security upgrades. One approach to cost benefitmore » analysis is the efficient frontier, which depicts the reduction in expected consequence per incremental increase in the security budget.« less

Behavioral Analysis of Physical Security Job Analyses. Volume 1.

DTIC Science & Technology

1980-10-01

Job Analyses Personnel Reliability Program Junior Officers Physical Security Morale Motivation 20. ABSTRACT (Continue an reverese ode It neceearly and...internal motivation factors. Assignment of some auxiliary duties to enlisted personnel is possibly conducive to lowered efficiency in physical...subordinates; scheduling pressures; operational alerts and emergencies; relative lack of extrinsic rewards; constant necessity to prove credibility and

Improved Wireless Security through Physical Layer Protocol Manipulation and Radio Frequency Fingerprinting

DTIC Science & Technology

2014-09-18

radios in a cognitive radio network using a radio frequency fingerprinting based method. In IEEE International Conference on Communications (ICC...IMPROVEDWIRELESS SECURITY THROUGH PHYSICAL LAYER PROTOCOL MANIPULATION AND RADIO FREQUENCY FINGERPRINTING DISSERTATION Benjamin W. Ramsey, Captain...PHYSICAL LAYER PROTOCOL MANIPULATION AND RADIO FREQUENCY FINGERPRINTING DISSERTATION Presented to the Faculty Graduate School of Engineering and

Key Reconciliation for High Performance Quantum Key Distribution

PubMed Central

Martinez-Mateo, Jesus; Elkouss, David; Martin, Vicente

2013-01-01

Quantum Key Distribution is carving its place among the tools used to secure communications. While a difficult technology, it enjoys benefits that set it apart from the rest, the most prominent is its provable security based on the laws of physics. QKD requires not only the mastering of signals at the quantum level, but also a classical processing to extract a secret-key from them. This postprocessing has been customarily studied in terms of the efficiency, a figure of merit that offers a biased view of the performance of real devices. Here we argue that it is the throughput the significant magnitude in practical QKD, specially in the case of high speed devices, where the differences are more marked, and give some examples contrasting the usual postprocessing schemes with new ones from modern coding theory. A good understanding of its implications is very important for the design of modern QKD devices. PMID:23546440

Medicine, material science and security: the versatility of the coded-aperture approach.

PubMed

Munro, P R T; Endrizzi, M; Diemoz, P C; Hagen, C K; Szafraniec, M B; Millard, T P; Zapata, C E; Speller, R D; Olivo, A

2014-03-06

The principal limitation to the widespread deployment of X-ray phase imaging in a variety of applications is probably versatility. A versatile X-ray phase imaging system must be able to work with polychromatic and non-microfocus sources (for example, those currently used in medical and industrial applications), have physical dimensions sufficiently large to accommodate samples of interest, be insensitive to environmental disturbances (such as vibrations and temperature variations), require only simple system set-up and maintenance, and be able to perform quantitative imaging. The coded-aperture technique, based upon the edge illumination principle, satisfies each of these criteria. To date, we have applied the technique to mammography, materials science, small-animal imaging, non-destructive testing and security. In this paper, we outline the theory of coded-aperture phase imaging and show an example of how the technique may be applied to imaging samples with a practically important scale.

Resilient off-grid microgrids: Capacity planning and N-1 security

DOE PAGES

Madathil, Sreenath Chalil; Yamangil, Emre; Nagarajan, Harsha; ...

2017-06-13

Over the past century the electric power industry has evolved to support the delivery of power over long distances with highly interconnected transmission systems. Despite this evolution, some remote communities are not connected to these systems. These communities rely on small, disconnected distribution systems, i.e., microgrids to deliver power. However, as microgrids often are not held to the same reliability standards as transmission grids, remote communities can be at risk for extended blackouts. To address this issue, we develop an optimization model and an algorithm for capacity planning and operations of microgrids that include N-1 security and other practical modelingmore » features like AC power flow physics, component efficiencies and thermal limits. Lastly, we demonstrate the computational effectiveness of our approach on two test systems; a modified version of the IEEE 13 node test feeder and a model of a distribution system in a remote community in Alaska.« less

High-rate measurement-device-independent quantum cryptography

NASA Astrophysics Data System (ADS)

Pirandola, Stefano; Ottaviani, Carlo; Spedalieri, Gaetana; Weedbrook, Christian; Braunstein, Samuel L.; Lloyd, Seth; Gehring, Tobias; Jacobsen, Christian S.; Andersen, Ulrik L.

2015-06-01

Quantum cryptography achieves a formidable task—the remote distribution of secret keys by exploiting the fundamental laws of physics. Quantum cryptography is now headed towards solving the practical problem of constructing scalable and secure quantum networks. A significant step in this direction has been the introduction of measurement-device independence, where the secret key between two parties is established by the measurement of an untrusted relay. Unfortunately, although qubit-implemented protocols can reach long distances, their key rates are typically very low, unsuitable for the demands of a metropolitan network. Here we show, theoretically and experimentally, that a solution can come from the use of continuous-variable systems. We design a coherent-state network protocol able to achieve remarkably high key rates at metropolitan distances, in fact three orders of magnitude higher than those currently achieved. Our protocol could be employed to build high-rate quantum networks where devices securely connect to nearby access points or proxy servers.

Experimental measurement-device-independent quantum digital signatures.

PubMed

Roberts, G L; Lucamarini, M; Yuan, Z L; Dynes, J F; Comandar, L C; Sharpe, A W; Shields, A J; Curty, M; Puthoor, I V; Andersson, E

2017-10-23

The development of quantum networks will be paramount towards practical and secure telecommunications. These networks will need to sign and distribute information between many parties with information-theoretic security, requiring both quantum digital signatures (QDS) and quantum key distribution (QKD). Here, we introduce and experimentally realise a quantum network architecture, where the nodes are fully connected using a minimum amount of physical links. The central node of the network can act either as a totally untrusted relay, connecting the end users via the recently introduced measurement-device-independent (MDI)-QKD, or as a trusted recipient directly communicating with the end users via QKD. Using this network, we perform a proof-of-principle demonstration of QDS mediated by MDI-QKD. For that, we devised an efficient protocol to distil multiple signatures from the same block of data, thus reducing the statistical fluctuations in the sample and greatly enhancing the final QDS rate in the finite-size scenario.

Resilient off-grid microgrids: Capacity planning and N-1 security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Madathil, Sreenath Chalil; Yamangil, Emre; Nagarajan, Harsha

Over the past century the electric power industry has evolved to support the delivery of power over long distances with highly interconnected transmission systems. Despite this evolution, some remote communities are not connected to these systems. These communities rely on small, disconnected distribution systems, i.e., microgrids to deliver power. However, as microgrids often are not held to the same reliability standards as transmission grids, remote communities can be at risk for extended blackouts. To address this issue, we develop an optimization model and an algorithm for capacity planning and operations of microgrids that include N-1 security and other practical modelingmore » features like AC power flow physics, component efficiencies and thermal limits. Lastly, we demonstrate the computational effectiveness of our approach on two test systems; a modified version of the IEEE 13 node test feeder and a model of a distribution system in a remote community in Alaska.« less

Minor Corrections to Physics for Optimizing Homeland Security by Our Pal Asija

NASA Astrophysics Data System (ADS)

Asija, Pal

2008-04-01

To optimize Homeland security it must be based on correct physics. There is But ONE Reality of Physics and finding that rugged reality requires identifying and expunging erroneous knowledge. Six examples are included. *Lighter Bodies Travel Faster. (Aristotle got it backwards) *Faster Objects Become Lighter. (Einstein got it backwards) *Two Minor Corrections to Newton's First Law of Motion. *Three D or No D (Any theory based on other than 3 D is fantastic) *Gravity is A Local and Physical Contact Force *Light is never Waves and Photons at the Same Instant. These corrections are then further delineated by several examples for leading and driving innovations in homeland security.

49 CFR 1549.103 - Qualifications and training of individuals with security-related duties.

Code of Federal Regulations, 2010 CFR

2010-10-01

... with security-related duties. (a) Security threat assessments. Each certified cargo screening facility... certified cargo screening facility complete a security threat assessment or comparable security threat... acuity, physical coordination, and motor skills to the extent required to effectively operate cargo...

Practices in security and confidentiality of HIV/AIDS patients' information: A national survey among staff at HIV outpatient clinics in Vietnam.

PubMed

Khac Hai, Nguyen; Lawpoolsri, Saranath; Jittamala, Podjanee; Thi Thu Huong, Phan; Kaewkungwal, Jaranit

2017-01-01

Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs) in Vietnam. A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique. In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44-9.67); staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39-11.32) and moderate knowledge levels (OR: 5.10; 95%CI: 2.36-11.00); and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices) and moderate perception levels (OR: 5.67; 95%CI: 2.93-10.95). Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29-3.65). Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate healthcare clinics (HIV-OPC) into units integrated into general hospitals/healthcare facilities. The findings of this study highlight topics that could be used for improving management and operation of information system and revising guidelines and regulations on protection measures/strategies for data security and confidentiality of HIV/AIDS patients by Vietnam health authorities or other countries facing similar situations. Secure infrastructure and secure measures for data access and use are very important, worthwhile investments. The provision of continuous training and active enforcement and monitoring of the practices of healthcare personnel might lead to an improved understanding and acknowledegement of the importance of national policies/guidelines regarding HIV-related patient information.

48 CFR 3003.502 - Subcontractor kickbacks.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... 3003.502 Section 3003.502 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) GENERAL IMPROPER BUSINESS PRACTICES AND PERSONAL CONFLICTS OF INTEREST Other Improper Business Practices 3003.502 Subcontractor kickbacks. ...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kercel, S.W.; Baylor, V.M.; Labaj, L.E.

Enclosed Space Detection System (ESDS) is a fast, inexpensive, and reliable device for detecting human occupants hidden in vehicles. Operation requires less than two minutes. ESDS is used to foil attempts at smuggling illegal aliens, terrorists, and escaping prisoners. It is being tested at nuclear weapons facilities and has been operated at several prisons and international border crossings. ESDS is the first practical electronic alternative to physical searches of vehicles for hidden passengers. At critical checkpoints, a thorough physical search of a single fully loaded truck requires a team of from two to six people, and may take as longmore » as eight hours. Despite this level of security, experience has shown that the search can occasionally be foiled. Due to the enormous time and expense of thorough physical searches of vehicles, they are seldom conducted at any but the most critical of locations, simply leaving many sites vulnerable to crime and terrorism. Prior to the development of the ESDS, the only other effective alternative to physical search was the use of specially-trained canines, which can be vastly superior to the physical search in both time and accuracy. However, as discussed in this paper, canine inspection is not really a competitive substitute for ESDS because canine reliability (80% at most) is not as high as that of the ESDS (99%+), while the costs, training requirements, and operator skill needed are significantly higher with canines than with the ESDS. In addition, the ESDS has straightforward self-diagnostic tests to ensure the system is operating correctly; such tests are not currently available with either canine or human inspectors. ESDS offers an attractive supplement or alternative to meet current security requirements for vehicle searches at portals at government, nuclear, industrial, and other facilities where concealed persons may pose a threat either by entering or leaving.« less

Addressing cargo security with strategies involving private sector.

DOT National Transportation Integrated Search

2008-12-01

The public and private sectors contributing to goods movement agree that cargo security has : not been addressed nearly as much as physical and vessel security. Addressing cargo security : will require additional operational data that is not currentl...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 13 2011-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 13 2012-01-01 2012-01-01 false Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 13 2014-01-01 2013-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 13 2013-01-01 2013-01-01 false Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

7 CFR 1942.114 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 13 2010-01-01 2009-01-01 true Security. 1942.114 Section 1942.114 Agriculture... Security. Specific requirements for security for each loan will be included in the letter of conditions. Loans must be secured by the best security position practicable, in a manner which will adequately...

Fade-resistant forward error correction method for free-space optical communications systems

DOEpatents

Johnson, Gary W.; Dowla, Farid U.; Ruggiero, Anthony J.

2007-10-02

Free-space optical (FSO) laser communication systems offer exceptionally wide-bandwidth, secure connections between platforms that cannot other wise be connected via physical means such as optical fiber or cable. However, FSO links are subject to strong channel fading due to atmospheric turbulence and beam pointing errors, limiting practical performance and reliability. We have developed a fade-tolerant architecture based on forward error correcting codes (FECs) combined with delayed, redundant, sub-channels. This redundancy is made feasible though dense wavelength division multiplexing (WDM) and/or high-order M-ary modulation. Experiments and simulations show that error-free communications is feasible even when faced with fades that are tens of milliseconds long. We describe plans for practical implementation of a complete system operating at 2.5 Gbps.

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

10 CFR 1016.12 - Termination of security facility approval.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be terminated...

10 CFR 1016.12 - Termination of security facility approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Termination of security facility approval. 1016.12 Section 1016.12 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.12 Termination of security facility approval. Security facility approval will be terminated...

Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

ERIC Educational Resources Information Center

Buckman, Joel; Gold, Stephanie

2012-01-01

This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

Physical security, HIPPA, and the HHS wall of shame.

PubMed

Sage, April

2014-01-01

In this article, the author a healthcare IT expert, reveals what experts have discovered in analyzing HIPPA data breaches. Most are the result of theft or loss. She explains why this is so, and offers a solution--improved physical security.

Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

NASA Astrophysics Data System (ADS)

Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

Biocontainment, biosecurity, and security practices in beef feedyards.

PubMed

Brandt, Aric W; Sanderson, Michael W; DeGroot, Brad D; Thomson, Dan U; Hollis, Larry C

2008-01-15

To determine the biocontainment, biosecurity, and security practices at beef feedyards in the Central Plains of the United States. Survey. Managers of feedyards in Colorado, Kansas, Nebraska, Oklahoma, and Texas that feed beef cattle for finish before slaughter; feedyards had to have an active concentrated animal feeding operation permit with a 1-time capacity of >or= 1,000 cattle. A voluntary survey of feedyard personnel was conducted. Identified feedyard personnel were interviewed and responses regarding facility design, security, employees, disease preparedness, feedstuffs, hospital or treatment systems, sanitation, cattle sources, handling of sick cattle, and disposal of carcasses were collected in a database questionnaire. The survey was conducted for 106 feedyards with a 1-time capacity that ranged from 1,300 to 125,000 cattle. Feedyards in general did not have high implementation of biocontainment, biosecurity, or security practices. Smaller feedyards were, in general, less likely to use good practices than were larger feedyards. Results of the survey provided standard practices for biocontainment, biosecurity, and security in feedyards located in Central Plains states. Information gained from the survey results can be used by consulting veterinarians and feedyard managers as a basis for discussion and to target training efforts.

Practices and technologies in hazardous material transportation and security.

DOT National Transportation Integrated Search

2011-11-23

"The University of Arkansas (UA) team is responsible for investigating practices of : hazardous material transportation in the private sector. The UA team is a subcontractor : to the project Petrochemical Transportation Security, Development of...

77 FR 35336 - Privacy and Security of Information Stored on Mobile Communications Devices

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-13

.... ACTION: Proposed rule. SUMMARY: This document seeks comment on the privacy and data security practices of... Practice and Procedure and Part 0 Rules of Commission Organization, Notice of Proposed Rulemaking, 25 FCC... practices of mobile wireless service providers with respect to customer information stored on their users...

Practical secure quantum communications

NASA Astrophysics Data System (ADS)

Diamanti, Eleni

2015-05-01

We review recent advances in the field of quantum cryptography, focusing in particular on practical implementations of two central protocols for quantum network applications, namely key distribution and coin flipping. The former allows two parties to share secret messages with information-theoretic security, even in the presence of a malicious eavesdropper in the communication channel, which is impossible with classical resources alone. The latter enables two distrustful parties to agree on a random bit, again with information-theoretic security, and with a cheating probability lower than the one that can be reached in a classical scenario. Our implementations rely on continuous-variable technology for quantum key distribution and on a plug and play discrete-variable system for coin flipping, and necessitate a rigorous security analysis adapted to the experimental schemes and their imperfections. In both cases, we demonstrate the protocols with provable security over record long distances in optical fibers and assess the performance of our systems as well as their limitations. The reported advances offer a powerful toolbox for practical applications of secure communications within future quantum networks.

10 CFR 95.33 - Security education.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... providing security education and training. A licensee or other entity subject to part 95 may obtain...

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

SecureCPS: Defending a nanosatellite cyber-physical system

NASA Astrophysics Data System (ADS)

Forbes, Lance; Vu, Huy; Udrea, Bogdan; Hagar, Hamilton; Koutsoukos, Xenofon D.; Yampolskiy, Mark

2014-06-01

Recent inexpensive nanosatellite designs employ maneuvering thrusters, much as large satellites have done for decades. However, because a maneuvering nanosatellite can threaten HVAs on-­orbit, it must provide a level of security typically reserved for HVAs. Securing nanosatellites with maneuvering capability is challenging due to extreme cost, size, and power constraints. While still in the design process, our low-­cost SecureCPS architecture promises to dramatically improve security, to include preempting unknown binaries and detecting abnormal behavior. SecureCPS also applies to a broad class of cyber-­physical systems (CPS), such as aircraft, cars, and trains. This paper focuses on Embry-­Riddle's ARAPAIMA nanosatellite architecture, where we assume any off-­the-­shelf component could be compromised by a supply chain attack.1 Based on these assumptions, we have used Vanderbilt's Cyber Physical -­ Attack Description Language (CP-­ADL) to represent realistic attacks, analyze how these attacks propagate in the ARAPAIMA architecture, and how to defeat them using the combination of a low-­cost Root of Trust (RoT) Module, Global InfoTek's Advanced Malware Analysis System (GAMAS), and Anomaly Detection by Machine Learning (ADML).2 Our most recent efforts focus on refining and validating the design of SecureCPS.

Quantum key distribution with hacking countermeasures and long term field trial.

PubMed

Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

2017-05-16

Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

Printable, scannable biometric templates for secure documents and materials

NASA Astrophysics Data System (ADS)

Cambier, James L.; Musgrave, Clyde

2000-04-01

Biometric technology has been widely acknowledged as an effective means for enhancing private and public security through applications in physical access control, computer and computer network access control, medical records protection, banking security, public identification programs, and others. Nearly all of these applications involve use of a biometric token to control access to a physical entity or private information. There are also unique benefits to be derived from attaching a biometric template to a physical entity such as a document, package, laboratory sample, etc. Such an association allows fast, reliable, and highly accurate association of an individual person's identity to the physical entity, and can be used to enhance security, convenience, and privacy in many types of transactions. Examples include authentication of documents, tracking of laboratory samples in a testing environment, monitoring the movement of physical evidence within the criminal justice system, and authenticating the identity of both sending and receiving parties in shipment of high value parcels. A system is described which combines a biometric technology based on iris recognition with a printing and scanning technology for high-density bar codes.

Good Manufacturing Practices (GMP) / Good Laboratory Practices (GLP) Review and Applicability for Chemical Security Enhancements

DOE Office of Scientific and Technical Information (OSTI.GOV)

Iveson, Steven W.

Global chemical security has been enhanced through the determined use and integration of both voluntary and legislated standards. Many popular standards contain components that specifically detail requirements for the security of materials, facilities and other vital assets. In this document we examine the roll of quality management standards and how they affect the security culture within the institutions that adopt these standards in order to conduct business within the international market place. Good manufacturing practices and good laboratory practices are two of a number of quality management systems that have been adopted as law in many nations. These standards aremore » designed to protect the quality of drugs, medicines, foods and analytical test results in order to provide the world-wide consumer with safe and affective products for consumption. These standards provide no established security protocols and yet manage to increase the security of chemicals, materials, facilities and the supply chain via the effective and complete control over the manufacturing, the global supply chains and testing processes. We discuss the means through which these systems enhance security and how nations can further improve these systems with additional regulations that deal specifically with security in the realm of these management systems. We conclude with a discussion of new technologies that may cause disruption within the industries covered by these standards and how these issues might be addressed in order to maintain or increase the level of security within the industries and nations that have adopted these standards.« less

36 CFR 1008.6 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... subject to the Privacy Act be maintained with appropriate administrative, technical and physical...) Records security. Whether maintained in physical or electronic form, records subject to the Privacy Act... the system of records. The Privacy Act Officer will periodically review these security measures to...

78 FR 69139 - Physical Security-Design Certification and Operating Reactors

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-18

... scheduled to close on October 30, 2013. The Nuclear Energy Institute (NEI) submitted a letter on October 9... NUCLEAR REGULATORY COMMISSION [NRC-2013-0225] Physical Security--Design Certification and Operating Reactors AGENCY: Nuclear Regulatory Commission. ACTION: Standard review plan--draft section...

Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glenn, Colleen; Sterbentz, Dane; Wright, Aaron

With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks,more » the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices for prevention and response to cyber threats, and utility suggestions about how the federal government can aid utilities in combating and mitigating risks.« less

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

Experimental quantum key distribution with simulated ground-to-satellite photon losses and processing limitations

NASA Astrophysics Data System (ADS)

Bourgoin, Jean-Philippe; Gigov, Nikolay; Higgins, Brendon L.; Yan, Zhizhong; Meyer-Scott, Evan; Khandani, Amir K.; Lütkenhaus, Norbert; Jennewein, Thomas

2015-11-01

Quantum key distribution (QKD) has the potential to improve communications security by offering cryptographic keys whose security relies on the fundamental properties of quantum physics. The use of a trusted quantum receiver on an orbiting satellite is the most practical near-term solution to the challenge of achieving long-distance (global-scale) QKD, currently limited to a few hundred kilometers on the ground. This scenario presents unique challenges, such as high photon losses and restricted classical data transmission and processing power due to the limitations of a typical satellite platform. Here we demonstrate the feasibility of such a system by implementing a QKD protocol, with optical transmission and full post-processing, in the high-loss regime using minimized computing hardware at the receiver. Employing weak coherent pulses with decoy states, we demonstrate the production of secure key bits at up to 56.5 dB of photon loss. We further illustrate the feasibility of a satellite uplink by generating a secure key while experimentally emulating the varying losses predicted for realistic low-Earth-orbit satellite passes at 600 km altitude. With a 76 MHz source and including finite-size analysis, we extract 3374 bits of a secure key from the best pass. We also illustrate the potential benefit of combining multiple passes together: while one suboptimal "upper-quartile" pass produces no finite-sized key with our source, the combination of three such passes allows us to extract 165 bits of a secure key. Alternatively, we find that by increasing the signal rate to 300 MHz it would be possible to extract 21 570 bits of a secure finite-sized key in just a single upper-quartile pass.

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

78 FR 26057 - Extension of Agency Information Collection Activity Under OMB Review: Pipeline Corporate Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-03

... Information Collection Activity Under OMB Review: Pipeline Corporate Security Review AGENCY: Transportation.... Information Collection Requirement Title: Pipeline Corporate Security Review (PCSR). Type of Request... current industry security practices through its Pipeline Corporate Security Review (PCSR) program. The...

Finite-key analysis for measurement-device-independent quantum key distribution.

PubMed

Curty, Marcos; Xu, Feihu; Cui, Wei; Lim, Charles Ci Wen; Tamaki, Kiyoshi; Lo, Hoi-Kwong

2014-04-29

Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach--measurement-device-independent quantum key distribution--has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time frame of signal transmission.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Walters, Douglas B.; Ho, Pauline; Hardesty, Jasper

Many chemicals that are frequently used in laboratories and industries can be harmful if not handled properly. Chemical safety best practices are designed to protect people from accidentally being exposed to hazardous chemicals. On the other hand, chemical security best practices are designed to protect people from someone deliberately exposing others to hazardous chemicals. Finally, many chemical safety best practices overlap with chemical security best practices, but there are important differences, as will be discussed in this paper.

Security Implications of Physical Design Attributes in the Emergency Department.

PubMed

Pati, Debajyoti; Pati, Sipra; Harvey, Thomas E

2016-07-01

Security, a subset of safety, is equally important in the efficient delivery of patient care. The emergency department (ED) is susceptible to violence creating concerns for the safety and security of patients, staff, and visitors and for the safe and efficient delivery of care. Although there is an implicit and growing recognition of the role of the physical environment, interventions typically have been at the microlevel. The objective of this study was to identify physical design attributes that potentially influence safety and efficiency of ED operations. An exploratory, qualitative research design was adopted to examine the efficiency and safety correlates of ED physical design attributes. The study comprised a multimeasure approach involving multidisciplinary gaming, semistructured interviews, and touring interviews of frontline staff in four EDs at three hospital systems across three states. Five macro physical design attributes (issues that need to be addressed at the design stage and expensive to rectify once built) emerged from the data as factors substantially associated with security issues. They are design issues pertaining to (a) the entry zone, (b) traffic management, (c) patient room clustering, (d) centralization versus decentralization, and (e) provisions for special populations. Data from this study suggest that ED security concerns are generally associated with three sources: (a) gang-related violence, (b) dissatisfied patients, and (c) behavioral health patients. Study data show that physical design has an important role in addressing the above-mentioned concerns. Implications for ED design are outlined in the article. © The Author(s) 2016.

A Theoretical Analysis: Physical Unclonable Functions and The Software Protection Problem

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nithyanand, Rishab; Solis, John H.

2011-09-01

Physical Unclonable Functions (PUFs) or Physical One Way Functions (P-OWFs) are physical systems whose responses to input stimuli (i.e., challenges) are easy to measure (within reasonable error bounds) but hard to clone. This property of unclonability is due to the accepted hardness of replicating the multitude of uncontrollable manufacturing characteristics and makes PUFs useful in solving problems such as device authentication, software protection, licensing, and certified execution. In this paper, we focus on the effectiveness of PUFs for software protection and show that traditional non-computational (black-box) PUFs cannot solve the problem against real world adversaries in offline settings. Our contributionsmore » are the following: We provide two real world adversary models (weak and strong variants) and present definitions for security against the adversaries. We continue by proposing schemes secure against the weak adversary and show that no scheme is secure against a strong adversary without the use of trusted hardware. Finally, we present a protection scheme secure against strong adversaries based on trusted hardware.« less

Physical Security Modeling for the Shipboard Nuclear Weapons Security Program,

DTIC Science & Technology

1982-04-01

I AOA1IR 396 NAVAL SURFACE WEAPONS CENTER SILVER SPRING MO F/G 15/3 PHYSICAL SECURITY MODELING FOR THE SHIPROARD NUCLEAR WEAPONS SE--ETEEU) APR A2 E ...WEAPONS SECURITY )PROGRAM 0% BY E . G. JACOUES D. L BARTUSEK R. W. MONROE M. S. SCHWARTZ WEAPONS SYSTEMS DEPARTMENT 1 APRIL 1982 A4pm lvW for p uic r...ASSIPICATIO N O F Tb IS PAGE t’W "mu Dat e E DLeT R)....... t READ W~STRUCTIoNs’ REPORT DOCUMENTATION PAGE BEFORE COMPLETNG FORM4 . REPiQRT NUM1e[i ja. VT

Guidelines for Network Security in the Learning Environment.

ERIC Educational Resources Information Center

Littman, Marlyn Kemper

1996-01-01

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

10 CFR 706.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY POLICIES AND PRACTICES RELATING TO LABOR-MANAGEMENT RELATIONS General § 706.1 Purpose. The purpose of this part is to set forth Department of Energy, hereinafter “DOE,” security policies and practices in the area of labor-management relations. ...

Improving the Security of the U.S. Aeronautical Domain: Adopting an Intelligence-Led, Risk-Based Strategy and Partnership

DTIC Science & Technology

2010-12-01

Methodology RMAT Risk Management Assessment Tool SIDA Security Identification Display Area SIGINT Signals Intelligence SO18 Aviation Security...aircraft operate (§ 1542.203); • Provide detection and physical security measures for the “Security Identification Display Area” ( SIDA ), i.e., the area

Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

ERIC Educational Resources Information Center

Branstad, Dennis K., Ed.

The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 12 2010-01-01 2010-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 7 Agriculture 12 2011-01-01 2011-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 7 Agriculture 12 2012-01-01 2012-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 7 Agriculture 12 2013-01-01 2013-01-01 false Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

7 CFR 1780.14 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 7 Agriculture 12 2014-01-01 2013-01-01 true Security. 1780.14 Section 1780.14 Agriculture... (CONTINUED) WATER AND WASTE LOANS AND GRANTS General Policies and Requirements § 1780.14 Security. Loans will be secured by the best security position practicable in a manner which will adequately protect the...

Safeguards and Security by Design (SSBD) for Small Modular Reactors (SMRs) through a Common Global Approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott Francis; Miller, Michael Conrad

Small Modular Reactors (SMR) with power levels significantly less than the currently standard 1000 to 1600-MWe reactors have been proposed as a potential game changer for future nuclear power. SMRs may offer a simpler, more standardized, and safer modular design by using factory built and easily transportable components. Additionally, SMRs may be more easily built and operated in isolated locations, and may require smaller initial capital investment and shorter construction times. Because many SMRs designs are still conceptual and consequently not yet fixed, designers have a unique opportunity to incorporate updated design basis threats, emergency preparedness requirements, and then fullymore » integrate safety, physical security, and safeguards/material control and accounting (MC&A) designs. Integrating safety, physical security, and safeguards is often referred to as integrating the 3Ss, and early consideration of safeguards and security in the design is often referred to as safeguards and security by design (SSBD). This paper describes U.S./Russian collaborative efforts toward developing an internationally accepted common approach for implementing SSBD/3Ss for SMRs based upon domestic requirements, and international guidance and requirements. These collaborative efforts originated with the Nuclear Energy and Nuclear Security working group established under the U.S.-Russia Bilateral Presidential Commission during the 2009 Presidential Summit. Initial efforts have focused on review of U.S. and Russian domestic requirements for Security and MC&A, IAEA guidance for security and MC&A, and IAEA requirements for international safeguards. Additionally, example SMR design features that can enhance proliferation resistance and physical security have been collected from past work and reported here. The development of a U.S./Russian common approach for SSBD/3Ss should aid the designer of SMRs located anywhere in the world. More specifically, the application of this approach may lead to more proliferation resistant and physically secure design features for SMRs.« less

Practices in security and confidentiality of HIV/AIDS patients’ information: A national survey among staff at HIV outpatient clinics in Vietnam

PubMed Central

Khac Hai, Nguyen; Lawpoolsri, Saranath; Jittamala, Podjanee; Thi Thu Huong, Phan

2017-01-01

Introduction Breach of confidentiality or invasion of privacy from the collection and use of medical records, particularly those of patients with HIV/AIDS or other diseases sensitive to stigmatization, should be prevented by all related stakeholders in healthcare settings. The main focus of this study was to assess practices regarding security and confidentiality of HIV-related information among staff at HIV outpatient clinics (HIV-OPCs) in Vietnam. Methods A descriptive cross-sectional study was conducted at all 312 HIV-OPCs across the country using an online survey technique. Results In general, the staff practices for securing and protecting patient information were at acceptable levels. Most staff had proper measures and practices for maintaining data security; however, the protection of patient confidentiality, particularly for data access, sharing, and transfer still required improvement. Most HIV-OPC staff had good or moderate knowledge and positive perceptions towards security and confidentiality issues. Staff who were not trained in the practice of security measures differed significantly from those who were trained (OR: 3.74; 95%CI: 1.44–9.67); staff needing improved knowledge levels differed significantly from those with good (OR: 5.20; 95%CI: 2.39–11.32) and moderate knowledge levels (OR: 5.10; 95%CI: 2.36–11.00); and staff needing improved perception levels differed significantly from those with good (i.e., with 100% proper practices) and moderate perception levels (OR: 5.67; 95%CI: 2.93–10.95). Staff who were not trained in the protection of data confidentiality differed significantly from those who were trained (OR: 2.18; 95%CI: 1.29–3.65). Conclusions Training is an important factor to help raise the levels of proper practices regarding confidentiality and security, to improve knowledge and raise awareness about change among staff. The operation and management of HIV treatment and care in Vietnam are currently transitioning from separate healthcare clinics (HIV-OPC) into units integrated into general hospitals/healthcare facilities. The findings of this study highlight topics that could be used for improving management and operation of information system and revising guidelines and regulations on protection measures/strategies for data security and confidentiality of HIV/AIDS patients by Vietnam health authorities or other countries facing similar situations. Secure infrastructure and secure measures for data access and use are very important, worthwhile investments. The provision of continuous training and active enforcement and monitoring of the practices of healthcare personnel might lead to an improved understanding and acknowledegement of the importance of national policies/guidelines regarding HIV-related patient information. PMID:29136017

Homeland Security and Information.

ERIC Educational Resources Information Center

Relyea, Harold C.

2002-01-01

Reviews the development of two similar policy concepts, national security and internal security, before exploring the new phrase homeland security that has become popular since the September 11 terrorist attacks. Discusses the significance of each for information policy and practice. (Author/LRW)

10 CFR 39.71 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Security. 39.71 Section 39.71 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL LOGGING Security, Records, Notifications § 39.71 Security. (a) A logging supervisor must be physically present at a temporary jobsite whenever...

10 CFR 39.71 - Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Security. 39.71 Section 39.71 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL LOGGING Security, Records, Notifications § 39.71 Security. (a) A logging supervisor must be physically present at a temporary jobsite whenever...

10 CFR 39.71 - Security.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Security. 39.71 Section 39.71 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL LOGGING Security, Records, Notifications § 39.71 Security. (a) A logging supervisor must be physically present at a temporary jobsite whenever...

10 CFR 39.71 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 1 2012-01-01 2012-01-01 false Security. 39.71 Section 39.71 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL LOGGING Security, Records, Notifications § 39.71 Security. (a) A logging supervisor must be physically present at a temporary jobsite whenever...

10 CFR 39.71 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Security. 39.71 Section 39.71 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL LOGGING Security, Records, Notifications § 39.71 Security. (a) A logging supervisor must be physically present at a temporary jobsite whenever...

Aviation security : terrorist acts demonstrate urgent need to improve security at the nation's airports

DOT National Transportation Integrated Search

2001-09-20

A safe and secure civil aviation system is a critical component of the nation's overall security, physical infrastructure, and economic foundation. Billions of dollars and a myriad of programs and policies have been devoted to achieving such a system...

Transportation Security : federal action needed to enhance security efforts : statement of Peter Guerrero, Director, Physical Infrastructure Issues

DOT National Transportation Integrated Search

2003-09-09

Mr. Guerrero's testimony examines (1) challenges in securing the nation's transportation system; (2) actions transportation operators, as well as state and local governments, have taken since September 11 to enhance security; (3) the federal role in ...

17 CFR 450.4 - Custodial holdings of government securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... appropriate regulatory agency that expressly govern securities lending practices. (b)(1) Except as otherwise... security (or the amount of each issue of a government security issued in book-entry form) held for the.... (d) Counts of government securities held for customers in both definitive and book-entry form shall...

48 CFR 3003.502-2 - Subcontractor kickbacks.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... 3003.502-2 Section 3003.502-2 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) GENERAL IMPROPER BUSINESS PRACTICES AND PERSONAL CONFLICTS OF INTEREST Other Improper Business Practices 3003.502-2 Subcontractor kickbacks. (g) The DHS OIG...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

Improving computer security by health smart card.

PubMed

Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

2003-01-01

The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual national implementation of the CPS project and the introduction of new functions using electronic signatures and encryption.

USMC Rethinking Coin in Helmand Province Afghanistan

DTIC Science & Technology

2015-04-01

in Kabul, which is over 700 miles away from the provincial capital of Helmand, Lashkar Gah. The physical and cultural disconnect enabled the Taliban...had historically been able to sway the opinion of the people through tribal connections and the presentation of business and agricultural...physical and human security to conduct life under both the Taliban and GIRoA. Physical security focuses on the protection of the population from

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS... such as walls or partitions, by traffic control lines or restricted space designation. The employee...

Report: EPA Needs to Improve Physical Security at Its Offices in Las Vegas, Nevada

EPA Pesticide Factsheets

Report #10-P-0059, February 3, 2010. EPA needs to improve physical security at its Las Vegas facilities. The Las Vegas Finance Center’s (LVFC’s) server room and other key areas are susceptible to unauthorized access by personnel not a part of LVFC.

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified physical and logical process model of the CPS. Specifically, three main tasks are discussed in this presentation: (i) we first investigate diverse granularity of the interactions inside the CPS and propose feasible cyber attack models to characterize the compromised behavior of the CPS with various measures, from its severity to detectability; (ii) based on this risk information, our approach to securing the CPS addresses both monitoring of and high assurance control design against cyber attacks by developing on-line safety assessment and mitigation algorithms; and (iii) by extending the developed theories and methods from a single CPS to multiple CPSs, we examine the security and safety of multi-CPS network that are strongly dependent on the network topology, cooperation protocols between individual CPSs, etc. The effectiveness of the analytical findings is demonstrated and validated with illustrative examples, especially unmanned aircraft system (UAS) applications.

Fast and simple high-capacity quantum cryptography with error detection

PubMed Central

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A.

2017-01-01

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth. PMID:28406240

Fast and simple high-capacity quantum cryptography with error detection.

PubMed

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A

2017-04-13

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth.

Fast and simple high-capacity quantum cryptography with error detection

NASA Astrophysics Data System (ADS)

Lai, Hong; Luo, Ming-Xing; Pieprzyk, Josef; Zhang, Jun; Pan, Lei; Li, Shudong; Orgun, Mehmet A.

2017-04-01

Quantum cryptography is commonly used to generate fresh secure keys with quantum signal transmission for instant use between two parties. However, research shows that the relatively low key generation rate hinders its practical use where a symmetric cryptography component consumes the shared key. That is, the security of the symmetric cryptography demands frequent rate of key updates, which leads to a higher consumption of the internal one-time-pad communication bandwidth, since it requires the length of the key to be as long as that of the secret. In order to alleviate these issues, we develop a matrix algorithm for fast and simple high-capacity quantum cryptography. Our scheme can achieve secure private communication with fresh keys generated from Fibonacci- and Lucas- valued orbital angular momentum (OAM) states for the seed to construct recursive Fibonacci and Lucas matrices. Moreover, the proposed matrix algorithm for quantum cryptography can ultimately be simplified to matrix multiplication, which is implemented and optimized in modern computers. Most importantly, considerably information capacity can be improved effectively and efficiently by the recursive property of Fibonacci and Lucas matrices, thereby avoiding the restriction of physical conditions, such as the communication bandwidth.

Transporting children in wheelchairs in passenger vehicles: a comparison of best practice to observed and reported practice in a pilot sample.

PubMed

Yonkman, Janell; O'Neil, Joseph; Talty, Judith; Bull, Marilyn J

2010-01-01

We compared observed and reported practice among children with special health care needs transported in wheelchairs with the recommendations from the American National Standards Institute/Rehabilitation Engineering and Assistive Technology Society of North America Committee on Wheelchairs and Transportation voluntary standards for best practice for using wheelchairs in vehicles. A convenience sample of vehicles exiting the garage of a children's hospital was observed. Certified child passenger safety technicians gathered driver demographics and the child's reported medical condition, weight, age, clinic visited, and relation to the driver. Technicians observed how the wheelchair and occupant were secured. A sample of 20 vehicles showed that 90% used four-point tie-down systems to secure the wheelchairs. A total of 88% of drivers tied the wheelchairs down correctly; only 20% used a separate lap-shoulder belts to secure the occupants. Twenty-five percent used lap trays, which are not recommended. Fifteen participants traveled with medical equipment secured inappropriately. Many deviations from best practice were observed and highlight areas for increased awareness, education, and resources for caregivers.

School Violence: Physical Security.

ERIC Educational Resources Information Center

Utah State Office of Education, Salt Lake City.

This booklet provides an overview of security technology product areas that might be appropriate and affordable for school applications. Topics cover security concepts and operational issues; security issues when designing for new schools; the role of maintenance; video camera use; walk-through metal detectors; duress alarm devices; and a partial…

Telecommuting: Occupational health considerations for employee health and safety.

PubMed

Healy, M L

2000-06-01

1. Information technology has moved "work" out of a centralized location. Employees who telecommute pose significant challenges and considerations for the practice of occupational health nursing. 2. Employer and employee benefits associated with telecommuting are reportedly associated with high levels of job satisfaction. However, the occupational health and safety risks of this new work environment need to be fully assessed and understood. 3. The ergonomic controls to minimize the risk of repetitive motion injuries are the same for both office and home locations. Additional attention need to be paid to implementing risk controls for other physical hazards and psychosocial considerations, as well as personal safety and security issues. 4. The scope of occupational health nursing practice needs to remain dynamic, recognizing the impact new technologies have on the workplace, to continue to meet the needs of the changing workplace.

76 FR 61563 - Voluntary Surrender of Certificate of Registration

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-05

... 21 CFR Part 1301 Administrative practice and procedure, Drug traffic control, Security measures. 21 CFR Part 1309 Administrative practice and procedure, Drug traffic control, Exports, Imports, Security... DEPARTMENT OF JUSTICE Drug Enforcement Administration 21 CFR Parts 1301 and 1309 [Docket No. DEA...

Homeland Security and Contraband Detection

NASA Astrophysics Data System (ADS)

Lanza, R. C.

Detection of contraband and illicit materials has become increasingly important, especially since the terrorist attacks in the United States on September 11, 2001. The nature of the detection problem embodies both physics issues and a set of operational constraints that limit the practical application of neutrons. The issue under consideration is detection of materials that are considered serious threats; these may include explosives; radioactive materials, fissile materials, and other materials associated with nuclear weapons, often referred to as special nuclear material (SNM). The overriding constraint is in the physics: systems must be based on clean physics; but unlike physics experiments, detection systems work under the limitation that materials must be identified nonintrusively, without interrupting the normal flow of commerce and with a high probability of detection and a low probability of false alarms. A great deal of work has been reported in the literature on neutron-based techniques for detecting explosives and drugs. The largest impetus by far for detecting explosives comes from aviation industry requirements for inspecting luggage and, to a lesser extent, cargo. The major alternative techniques are either X-ray-based or chemical trace detection methods that look for small traces of explosive residues. The limitations of the X-ray and trace methods in detecting explosives are well known, but currently (2008) it is safe to say that no neutron- or nuclear-based technique is being used routinely for security inspection, despite extensive development of these methods. Smuggling of nuclear materials has become a concern, and neutron techniques are particularly attractive for detecting them. Given the limitations of X-ray techniques and the need for SNM detection, it is now useful to reexamine neutron methodologies, particularly imaging. A significant number of neutron-based techniques have been proposed and are under development for security applications, especially SNM detection, but describing how they work is beyond the scope of the chapter. Instead, one particular approach to neutron imaging, neutron resonance radiography (NRR), is discussed in detail as it illustrates many of the issues connected with imaging and detection.

A Tale of Two Trails: Exploring Different Paths to Success

PubMed Central

Walker, Jennifer G.; Evenson, Kelly R.; Davis, William J.; Bors, Philip; Rodríguez, Daniel A.

2016-01-01

Background This comparative case study investigates 2 successful community trail initiatives, using the Active Living By Design (ALBD) Community Action Model as an analytical framework. The model includes 5 strategies: preparation, promotion, programs, policy, and physical projects. Methods Key stakeholders at 2 sites participated in in-depth interviews (N = 14). Data were analyzed for content using Atlas Ti and grouped according to the 5 strategies. Results Preparation Securing trail resources was challenging, but shared responsibilities facilitated trail development. Promotions The initiatives demonstrated minimal physical activity encouragement strategies. Programs Community stakeholders did not coordinate programmatic opportunities for routine physical activity. Policy Trails’ inclusion in regional greenway master plans contributed to trail funding and development. Policies that were formally institutionalized and enforced led to more consistent trail construction and safer conditions for users. Physical Projects Consistent standards for way finding signage and design safety features enhanced trail usability and safety. Conclusions Communities with different levels of government support contributed unique lessons to inform best practices of trail initiatives. This study revealed a disparity between trail development and use-encouragement strategies, which may limit trails’ impact on physical activity. The ALBD Community Action Model provided a viable framework to structure cross-disciplinary community trail initiatives. PMID:21597125

International Classification of Functioning, Disability and Health core set for physical health of older adults.

PubMed

Ruaro, João A; Ruaro, Marinêz B; Guerra, Ricardo O

2014-01-01

To facilitate a systematic, comprehensive description of functioning and to enable the use of the International Classification of Functioning, Disability and Health (ICF) in clinical practice and research, core sets have been developed. The aim of this study was to propose a version of the ICF core set to classify the physical health of older adults. The proposition of the ICF core set was based on the Delphi technique. The panel of experts included 8 Brazilian researchers (physical therapists, medical doctors, nurses, and physical educators). The communication was wholly electronic. In total, there were 5 rounds of interactivity between the participants to arrive at the final version of the construct. The ICF core set presented 30 categories (14 on body functions, 4 on body structures, 9 on activities or participation, and 3 on environmental factors) and had a Cronbach α of 0.964. The presented core set is a secure, fast, and accurate instrument for assessing the physical health and engagement of older adults. It defines points related to functioning and health that are relevant when evaluating this population, as well as when reevaluating it and monitoring changes.

12 CFR 701.20 - Suretyship and guaranty.

Code of Federal Regulations, 2010 CFR

2010-01-01

... which the federal credit union has perfected its security interest (for example, if the collateral is a printed security, the federal credit union must have obtained physical control of the security, and, if... security interest); and (2) That has a market value, at the close of each business day, equal to 100...

10 CFR 1016.11 - Cancellation of requests for security facility approval.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When a...

10 CFR 1016.11 - Cancellation of requests for security facility approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Cancellation of requests for security facility approval. 1016.11 Section 1016.11 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.11 Cancellation of requests for security facility approval. When a...

10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility approval...

10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility approval...

10 CFR 1016.10 - Grant, denial, or suspension of security facility approval.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 4 2012-01-01 2012-01-01 false Grant, denial, or suspension of security facility approval. 1016.10 Section 1016.10 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.10 Grant, denial, or suspension of security facility approval...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false IT security requirements... security requirements. (a) These IT security requirements cover all NASA awards in which IT plays a role in... physical or electronic access beyond that granted the general public to NASA's computer systems, networks...

Assessing security technology's impact: old tools for new problems.

PubMed

Kreissl, Reinhard

2014-09-01

The general idea developed in this paper from a sociological perspective is that some of the foundational categories on which the debate about privacy, security and technology rests are blurring. This process is a consequence of a blurring of physical and digital worlds. In order to define limits for legitimate use of intrusive digital technologies, one has to refer to binary distinctions such as private versus public, human versus technical, security versus insecurity to draw differences determining limits for the use of surveillance technologies. These distinctions developed in the physical world and are rooted in a cultural understanding of pre-digital culture. Attempts to capture the problems emerging with the implementation of security technologies using legal reasoning encounter a number of problems since law is by definition oriented backwards, adapting new developments to existing traditions, whereas the intrusion of new technologies in the physical world produces changes and creates fundamentally new problems.

Physical key-protected one-time pad

PubMed Central

Horstmeyer, Roarke; Judkewitz, Benjamin; Vellekoop, Ivo M.; Assawaworrarit, Sid; Yang, Changhuei

2013-01-01

We describe an encrypted communication principle that forms a secure link between two parties without electronically saving either of their keys. Instead, random cryptographic bits are kept safe within the unique mesoscopic randomness of two volumetric scattering materials. We demonstrate how a shared set of patterned optical probes can generate 10 gigabits of statistically verified randomness between a pair of unique 2 mm3 scattering objects. This shared randomness is used to facilitate information-theoretically secure communication following a modified one-time pad protocol. Benefits of volumetric physical storage over electronic memory include the inability to probe, duplicate or selectively reset any bits without fundamentally altering the entire key space. Our ability to securely couple the randomness contained within two unique physical objects can extend to strengthen hardware required by a variety of cryptographic protocols, which is currently a critically weak link in the security pipeline of our increasingly mobile communication culture. PMID:24345925

75 FR 32140 - Voluntary Surrender of Certificate of Registration

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-07

... 21 CFR Part 1301 Administrative practice and procedure, Drug traffic control, Security measures. 21 CFR Part 1309 Administrative practice and procedure, Drug traffic control, Exports, Imports, Security... DEPARTMENT OF JUSTICE Drug Enforcement Administration 21 CFR Parts 1301, 1309 [Docket No. DEA-304P...

Information Security Management Practices of K-12 School Districts

ERIC Educational Resources Information Center

Nyachwaya, Samson

2013-01-01

The research problem addressed in this quantitative correlational study was the inadequacy of sound information security management (ISM) practices in K-12 school districts, despite their increasing ownership of information assets. Researchers have linked organizational and sociotechnical factors to the implementation of information security…

A game-theoretic method for cross-layer stochastic resilient control design in CPS

NASA Astrophysics Data System (ADS)

Shen, Jiajun; Feng, Dongqin

2018-03-01

In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Aviation security : weaknesses in airport security and options for assigning screening responsibilities

DOT National Transportation Integrated Search

2001-09-21

This is the statement of Gerald L. Dillingham, Director, Physical Infrastructure Issues before the Subcommittee on Aviation, Committee on Transportation and Infrastructure, House of Representatives regarding aviation safety and security. The statemen...

Security Science as an Applied Science?

ERIC Educational Resources Information Center

Smith, Clifton

2001-01-01

Describes the development of a security science degree as the emerging applied science of the protection of individuals and assets. Proposes the themes of physical, electronic, information security and facility management as scientific applications for the course. (Author/MM)

78 FR 69433 - Executive Order 13650 Improving Chemical Facility Safety and Security Listening Sessions

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-19

... Chemical Facility Safety and Security Listening Sessions AGENCY: National Protection and Programs... from stakeholders on issues pertaining to Improving Chemical Facility Safety and Security (Executive... regulations, guidance, and policies; and identifying best practices in chemical facility safety and security...

75 FR 36126 - Office of New Reactors; Proposed Revision to Standard Review Plan Section 13.6.1, Revision 1 on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-24

... NUCLEAR REGULATORY COMMISSION [NRC-2010-0228] Office of New Reactors; Proposed Revision to Standard Review Plan Section 13.6.1, Revision 1 on Physical Security--Combined License and Operating...), Section 13.6.1 on ``Physical Security--Combined License and Operating Reactors,'' (Agencywide Documents...

Information Operations Primer

DTIC Science & Technology

2010-11-01

altering drugs ) but must be influenced indirectly through the physical and information dimensions. c. Information Operations modify the three dimensions...restoration of information systems by incorporating protection, detection, and reaction capabilities. (2) Physical Security is that part of security...wargamed using the traditional friendly action, expected enemy reaction , and friendly counteraction methodology. The wargaming process must also occur

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network

PubMed Central

Yang, Bin; Zhang, Jianfeng

2017-01-01

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme. PMID:28657588

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

PubMed

Yang, Bin; Zhang, Jianfeng

2017-06-28

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

Women's secure hospital care pathways in practice: a qualitative analysis of clinicians views in England and Wales.

PubMed

Somers, Nadia; Bartlett, Annie

2014-10-01

In England and Wales women form a small but significant group within the wider, largely male, secure hospital population. Secure hospitals are designed to assess and treat individuals with both mental health problems and significant criminal behaviour. The theoretical approach to the care of secure hospital women is increasingly informed by a grasp of gender-specific issues. However, there is a lack of evidence on the adequacy of current structures and processes of care delivery. This qualitative study explores the nature and quality of care pathways for women in low and medium secure hospital beds by eliciting participants' views of factors enhancing or impeding care. Beds are publicly funded and provided either by the National Health Service (NHS) or the Independent Sector (IS). Participants from both sectors were local experts (40 Consultant Psychiatrists, 7 Service Managers) who were well placed to describe their immediate health environment. Evidence from the study indicates that participants were focused on the physical relocation of women to less secure conditions, even though many women do not readily achieve this.Participants were alert to potential conflicts between ideal care and affordable care. Ideal care was compromised by the absence of suitable local services (beds or community placements), curtailed episodes of care and changes of care team. It was promoted by an awareness of the specific needs of women, continuity of care and support for teams unfamiliar with women's needs. Future service design must address these challenges in care delivery, incorporating a better understanding of and response to the ways the system can echo women's experiences of trauma and their negative attachment histories. Specifically, critical transitions in care must not be allowed to further reinforce the discontinuity, failure and rejection experienced by individual women earlier in their lives.

Unconditional security from noisy quantum storage

NASA Astrophysics Data System (ADS)

Wehner, Stephanie

2010-03-01

We consider the implementation of two-party cryptographic primitives based on the sole physical assumption that no large-scale reliable quantum storage is available to the cheating party. An important example of such a task is secure identification. Here, Alice wants to identify herself to Bob (possibly an ATM machine) without revealing her password. More generally, Alice and Bob wish to solve problems where Alice holds an input x (e.g. her password), and Bob holds an input y (e.g. the password an honest Alice should possess), and they want to obtain the value of some function f(x,y) (e.g. the equality function). Security means that the legitimate users should not learn anything beyond this specification. That is, Alice should not learn anything about y and Bob should not learn anything about x, other than what they may be able to infer from the value of f(x,y). We show that any such problem can be solved securely in the noisy-storage model by constructing protocols for bit commitment and oblivious transfer, where we prove security against the most general attack. Our protocols can be implemented with present-day hardware used for quantum key distribution. In particular, no quantum storage is required for the honest parties. Our work raises a large number of immediate theoretical as well as experimental questions related to many aspects of quantum information science, such as for example understanding the information carrying properties of quantum channels and memories, randomness extraction, min-entropy sampling, as well as constructing small handheld devices which are suitable for the task of secure identification. [4pt] Full version available at arXiv:0906.1030 (theoretical) and arXiv:0911.2302 (practically oriented).

Finite-Time Performance of Local Search Algorithms: Theory and Application

DTIC Science & Technology

2010-06-10

security devices deployed at airport security checkpoints are used to detect prohibited items (e.g., guns, knives, explosives). Each security device...security devices are deployed, the practical issue of determining how to optimally use them can be difficult. For an airport security system design...checked baggage), explosive detection systems (designed to detect explosives in checked baggage), and detailed hand search by an airport security official

Stable operation of a Secure QKD system in the real-world setting

NASA Astrophysics Data System (ADS)

Tomita, Akihisa

2007-06-01

Quantum Key Distribution (QKD) now steps forward from the proof of principle to the validation of the practical feasibility. Nevertheless, the QKD technology should respond to the challenges from the real-world such as stable operation against the fluctuating environment, and security proof under the practical setting. We report our recent progress on stable operation of a QKD system, and key generation with security assurance. A QKD system should robust to temperature fluctuation in a common office environment. We developed a loop-mirror, a substitution of a Faraday mirror, to allow easy compensation for the temperature dependence of the device. Phase locking technique was also employed to synchronize the system clock to the quantum signals. This technique is indispensable for the transmission system based on the installed fiber cables, which stretch and shrink due to the temperature change. The security proof of QKD, however, has assumed the ideal conditions, such as the use of a genuine single photon source and/or unlimited computational resources. It has been highly desirable to give an assurance of security for practical systems, where the ideal conditions are no longer satisfied. We have constructed a theory to estimate the leakage information on the transmitted key under the practically attainable conditions, and have developed a QKD system equipped with software for secure key distillation. The QKD system generates the final key at the rate of 2000 bps after 20 km fiber transmission. Eavesdropper's information on the final key is guaranteed to be less than 2-7 per bit. This is the first successful generation of the secure key with quantitative assurance of the upper bound of the leakage information. It will put forth the realization of highly secure metropolitan optical communication network against any types of eavesdropping.

77 FR 44641 - President's National Security Telecommunications Advisory Committee

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-30

..., interoperability, security, reliability, and resiliency; and (3) help ensure the deployment and evolution of the... how commercial off-the-shelf technologies and private sector best practices can be used to secure...

5 CFR 9701.103 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES..., to provide Governmentwide oversight in human resources management programs and practices. Department...

Security Shift in Future Network Architectures

DTIC Science & Technology

2010-11-01

RTO-MP-IST-091 2 - 1 Security Shift in Future Network Architectures Tim Hartog, M.Sc Information Security Dept. TNO Information and...current practice military communication infrastructures are deployed as stand-alone networked information systems. Network -Enabled Capabilities (NEC) and...information architects and security specialists about the separation of network and information security, the consequences of this shift and our view

Practical performance of real-time shot-noise measurement in continuous-variable quantum key distribution

NASA Astrophysics Data System (ADS)

Wang, Tao; Huang, Peng; Zhou, Yingming; Liu, Weiqi; Zeng, Guihua

2018-01-01

In a practical continuous-variable quantum key distribution (CVQKD) system, real-time shot-noise measurement (RTSNM) is an essential procedure for preventing the eavesdropper exploiting the practical security loopholes. However, the performance of this procedure itself is not analyzed under the real-world condition. Therefore, we indicate the RTSNM practical performance and investigate its effects on the CVQKD system. In particular, due to the finite-size effect, the shot-noise measurement at the receiver's side may decrease the precision of parameter estimation and consequently result in a tight security bound. To mitigate that, we optimize the block size for RTSNM under the ensemble size limitation to maximize the secure key rate. Moreover, the effect of finite dynamics of amplitude modulator in this scheme is studied and its mitigation method is also proposed. Our work indicates the practical performance of RTSNM and provides the real secret key rate under it.

Secure software practices among Malaysian software practitioners: An exploratory study

NASA Astrophysics Data System (ADS)

Mohamed, Shafinah Farvin Packeer; Baharom, Fauziah; Deraman, Aziz; Yahya, Jamaiah; Mohd, Haslina

2016-08-01

Secure software practices is increasingly gaining much importance among software practitioners and researchers due to the rise of computer crimes in the software industry. It has become as one of the determinant factors for producing high quality software. Even though its importance has been revealed, its current practice in the software industry is still scarce, particularly in Malaysia. Thus, an exploratory study is conducted among software practitioners in Malaysia to study their experiences and practices in the real-world projects. This paper discusses the findings from the study, which involved 93 software practitioners. Structured questionnaire is utilized for data collection purpose whilst statistical methods such as frequency, mean, and cross tabulation are used for data analysis. Outcomes from this study reveal that software practitioners are becoming increasingly aware on the importance of secure software practices, however, they lack of appropriate implementation, which could affect the quality of produced software.

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

NASA Astrophysics Data System (ADS)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

Teaching Web Security Using Portable Virtual Labs

ERIC Educational Resources Information Center

Chen, Li-Chiou; Tao, Lixin

2012-01-01

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Best-Practice Criteria for Practical Security of Self-Differencing Avalanche Photodiode Detectors in Quantum Key Distribution

NASA Astrophysics Data System (ADS)

Koehler-Sidki, A.; Dynes, J. F.; Lucamarini, M.; Roberts, G. L.; Sharpe, A. W.; Yuan, Z. L.; Shields, A. J.

2018-04-01

Fast-gated avalanche photodiodes (APDs) are the most commonly used single photon detectors for high-bit-rate quantum key distribution (QKD). Their robustness against external attacks is crucial to the overall security of a QKD system, or even an entire QKD network. We investigate the behavior of a gigahertz-gated, self-differencing (In,Ga)As APD under strong illumination, a tactic Eve often uses to bring detectors under her control. Our experiment and modeling reveal that the negative feedback by the photocurrent safeguards the detector from being blinded through reducing its avalanche probability and/or strengthening the capacitive response. Based on this finding, we propose a set of best-practice criteria for designing and operating fast-gated APD detectors to ensure their practical security in QKD.

Critical Infrastructure Protection and Federal Statutory Authority for the Departments of Homeland Security and Defense to Perform Two Key Tasks

DTIC Science & Technology

2017-04-13

Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law , no person shall be...policy, and law . The research question is whether the Departments of Homeland Security (DHS) and Defense (DOD) have federal statutory authority to... law ); Department of Homeland Security; Department of Defense; establish standards; physical protection and security; national security 16. SECURITY

77 FR 43407 - Self-Regulatory Organizations; The Options Clearing Corporation; Order Approving Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-24

...-Laws and Rules to security futures on index-linked securities such as exchange-traded notes, which are currently traded on OneChicago, LLC. Index-linked securities are non-convertible debt of a major financial... futures contracts, one or more physical commodities, currencies or debt securities, or a combination of...

10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security facility...

10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security facility...

Development of Security Measures: Implementation Instructions for MIL-STD on Physical Security for DCS Facilities.

DTIC Science & Technology

1981-07-01

security measures to in- crease the survivability of these assets. However, sabotage, terrorism and vandalism continue to be serious threats to DCS and its...Closed circuit television. e. Comunication cables. f. Fuel storage. g. Fuel lines. h. Air conditioning. The primary benefits of security measures

A review of physical security robotics at Sandia National Laboratories

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roerig, S.C.

1990-01-01

As an outgrowth of research into physical security technologies, Sandia is investigating the role of robotics in security systems. Robotics may allow more effective utilization of guard forces, especially in scenarios where personnel would be exposed to harmful environments. Robots can provide intrusion detection and assessment functions for failed sensors or transient assets, can test existing fixed site sensors, and can gather additional intelligence and dispense delaying elements. The Robotic Security Vehicle (RSV) program for DOE/OSS is developing a fieldable prototype for an exterior physical security robot based upon a commercial four wheel drive vehicle. The RSV will be capablemore » of driving itself, being driven remotely, or being driven by an onboard operator around a site and will utilize its sensors to alert an operator to unusual conditions. The Remote Security Station (RSS) program for the Defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior security systems. The RSS consists of an independent sensor pod, a mobile sensor platform and a control and display console. Sensor data fusion is used to optimize the system's intrusion detection performance. These programs are complementary, the RSV concentrates on developing autonomous mobility, while the RSS thrust is on mobile sensor employment. 3 figs.« less

Parallel Processable Cryptographic Methods with Unbounded Practical Security.

ERIC Educational Resources Information Center

Rothstein, Jerome

Addressing the problem of protecting confidential information and data stored in computer databases from access by unauthorized parties, this paper details coding schemes which present such astronomical work factors to potential code breakers that security breaches are hopeless in any practical sense. Two procedures which can be used to encode for…

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 16 Commercial Practices 1 2013-01-01 2013-01-01 false Confidentiality, security, and integrity of personal information collected from children. 312.8 Section 312.8 Commercial Practices FEDERAL TRADE COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8...

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 16 Commercial Practices 1 2010-01-01 2010-01-01 false Confidentiality, security, and integrity of personal information collected from children. 312.8 Section 312.8 Commercial Practices FEDERAL TRADE COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8...

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 16 Commercial Practices 1 2011-01-01 2011-01-01 false Confidentiality, security, and integrity of personal information collected from children. 312.8 Section 312.8 Commercial Practices FEDERAL TRADE COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8...

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 16 Commercial Practices 1 2012-01-01 2012-01-01 false Confidentiality, security, and integrity of personal information collected from children. 312.8 Section 312.8 Commercial Practices FEDERAL TRADE COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8...

16 CFR 312.8 - Confidentiality, security, and integrity of personal information collected from children.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 16 Commercial Practices 1 2014-01-01 2014-01-01 false Confidentiality, security, and integrity of personal information collected from children. 312.8 Section 312.8 Commercial Practices FEDERAL TRADE COMMISSION REGULATIONS UNDER SPECIFIC ACTS OF CONGRESS CHILDREN'S ONLINE PRIVACY PROTECTION RULE § 312.8...

Analyzing Cyber-Physical Threats on Robotic Platforms.

PubMed

Ahmad Yousef, Khalil M; AlMajali, Anas; Ghalyon, Salah Abu; Dweik, Waleed; Mohd, Bassam J

2018-05-21

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBot TM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

Analyzing Cyber-Physical Threats on Robotic Platforms †

PubMed Central

2018-01-01

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications. PMID:29883403

Household food security and infant feeding practices in rural Bangladesh.

PubMed

Owais, Aatekah; Kleinbaum, David G; Suchdev, Parminder S; Faruque, Asg; Das, Sumon K; Schwartz, Benjamin; Stein, Aryeh D

2016-07-01

To determine the association between household food security and infant complementary feeding practices in rural Bangladesh. Prospective, cohort study using structured home interviews during pregnancy and 3 and 9 months after delivery. We used two indicators of household food security at 3-months' follow-up: maternal Food Composition Score (FCS), calculated via the World Food Programme method, and an HHFS index created from an eleven-item food security questionnaire. Infant feeding practices were characterized using WHO definitions. Two rural sub-districts of Kishoreganj, Bangladesh. Mother-child dyads (n 2073) who completed the 9-months' follow-up. Complementary feeding was initiated at age ≤4 months for 7 %, at 5-6 months for 49 % and at ≥7 months for 44 % of infants. Based on 24 h dietary recall, 98 % of infants were still breast-feeding at age 9 months, and 16 % received ≥4 food groups and ≥4 meals (minimally acceptable diet) in addition to breast milk. Mothers' diet was more diverse than infants'. The odds of receiving a minimally acceptable diet for infants living in most food-secure households were three times those for infants living in least food-secure households (adjusted OR=3·0; 95 % CI 2·1, 4·3). Socio-economic status, maternal age, literacy, parity and infant sex were not associated with infant diet. HHFS and maternal FCS were significant predictors of subsequent infant feeding practices. Nevertheless, even the more food-secure households had poor infant diet. Interventions aimed at improving infant nutritional status need to focus on both complementary food provision and education.

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data...

Institutionalization of Information Security: Case of the Indonesian Banking Sector

ERIC Educational Resources Information Center

Nasution, Muhamad Faisal Fariduddin Attar

2012-01-01

This study focuses on the institutionalization of information security in the banking sector. This study is important to pursue since it explicates the internalization of information security governance and practices and how such internalization develops an organizational resistance towards security breach. The study argues that information…

78 FR 13075 - Intent To Request Renewal From OMB of One Current Public Collection of Information: Pipeline...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-26

... From OMB of One Current Public Collection of Information: Pipeline Corporate Security Review Program... current security practices in the pipeline industry by way of TSA's Pipeline Corporate Security Review... Collection Requirement The TSA Pipeline Security Branch is responsible for conducting Pipeline Corporate...

76 FR 62818 - Extension of Agency Information Collection Activity Under OMB Review: Critical Facility...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-11

... Review (CFSR) Form. The CFSR will differ from TSA's Corporate Security Review (CSR) in that a CSR looks at corporate or company-wide security management plans and practices while the CFSR will look at... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency...

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.911 Admissibility of restricted data or other national security information. A presiding officer shall not receive any Restricted Data...

Exploring Factors That Affect Adoption of Computer Security Practices among College Students

ERIC Educational Resources Information Center

Alqarni, Amani

2017-01-01

Cyber-attacks threaten the security of computer users' information, networks, machines, and privacy. Studies of computer security education, awareness, and training among ordinary computer users, college students, non-IT-oriented user groups, and non-technically trained citizens are limited. Most research has focused on computer security standards…

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for non-practitioners... 1301.72 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF... a central protection company or a local or State police agency which has a legal duty to respond, or...

32 CFR Appendix A to Part 223 - Procedures for Identifying and Controlling DoD UCNI

Code of Federal Regulations, 2010 CFR

2010-07-01

... security measures, including security plans, procedures, and equipment, for the physical protection of DoD... sabotage of DoD SNM, equipment, or facilities (e.g., relative importance of a facility or the location... equipment, for the physical protection of DoD SNM, equipment, or facilities. c. Meet the adverse effects...

Experimental Physical Sciences Vitae 2017

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kippen, Karen Elizabeth; Del Mauro, Diana; Patterson, Eileen Frances

Frequently our most basic research experiments stimulate solutions for some of the most intractable national security problems, such as nuclear weapons stewardship, homeland security, intelligence and information analysis, and nuclear and alternative energy. This publication highlights our talented and creative staff who deliver solutions to these complex scientific and technological challenges by conducting cutting-edge multidisciplinary physical science research.

75 FR 41247 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-15

... Rule Change to List and Trade Options on the Sprott Physical Gold Trust July 8, 2010. Pursuant to... Exchange Commission (``SEC'' or ``Commission'') authorized ISE to list and trade options on the SPDR Gold... list and trade options on the Sprott Physical Gold Trust. \\5\\ See Securities Exchange Act Release No...

Environmental Change & Fragile States Early Warning and Intervention

DTIC Science & Technology

2011-05-12

data needed , and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this...power to effectively meet the most challenging international objectives 7 Addressing Basic Human Needs Self- Actualization Ego (Esteem) Social...Belonging) Safety/Security Physiological Physical survival needs : water, food, shelter, warmth, sleep, etc. Physical safety, economic security, freedom

The Napoleon Complex: When Shorter Men Take More.

PubMed

Knapen, Jill E P; Blaker, Nancy M; Van Vugt, Mark

2018-05-01

Inspired by an evolutionary psychological perspective on the Napoleon complex, we hypothesized that shorter males are more likely to show indirect aggression in resource competitions with taller males. Three studies provide support for our interpretation of the Napoleon complex. Our pilot study shows that men (but not women) keep more resources for themselves when they feel small. When paired with a taller male opponent (Study 1), shorter men keep more resources to themselves in a game in which they have all the power (dictator game) versus a game in which the opponent also has some power (ultimatum game). Furthermore, shorter men are not more likely to show direct, physical aggression toward a taller opponent (Study 2). As predicted by the Napoleon complex, we conclude that (relatively) shorter men show greater behavioral flexibility in securing resources when presented with cues that they are physically less competitive. Theoretical and practical implications are discussed.

Benford’s Law: Textbook Exercises and Multiple-Choice Testbanks

PubMed Central

Slepkov, Aaron D.; Ironside, Kevin B.; DiBattista, David

2015-01-01

Benford’s Law describes the finding that the distribution of leading (or leftmost) digits of innumerable datasets follows a well-defined logarithmic trend, rather than an intuitive uniformity. In practice this means that the most common leading digit is 1, with an expected frequency of 30.1%, and the least common is 9, with an expected frequency of 4.6%. Currently, the most common application of Benford’s Law is in detecting number invention and tampering such as found in accounting-, tax-, and voter-fraud. We demonstrate that answers to end-of-chapter exercises in physics and chemistry textbooks conform to Benford’s Law. Subsequently, we investigate whether this fact can be used to gain advantage over random guessing in multiple-choice tests, and find that while testbank answers in introductory physics closely conform to Benford’s Law, the testbank is nonetheless secure against such a Benford’s attack for banal reasons. PMID:25689468

Benford's Law: textbook exercises and multiple-choice testbanks.

PubMed

Slepkov, Aaron D; Ironside, Kevin B; DiBattista, David

2015-01-01

Benford's Law describes the finding that the distribution of leading (or leftmost) digits of innumerable datasets follows a well-defined logarithmic trend, rather than an intuitive uniformity. In practice this means that the most common leading digit is 1, with an expected frequency of 30.1%, and the least common is 9, with an expected frequency of 4.6%. Currently, the most common application of Benford's Law is in detecting number invention and tampering such as found in accounting-, tax-, and voter-fraud. We demonstrate that answers to end-of-chapter exercises in physics and chemistry textbooks conform to Benford's Law. Subsequently, we investigate whether this fact can be used to gain advantage over random guessing in multiple-choice tests, and find that while testbank answers in introductory physics closely conform to Benford's Law, the testbank is nonetheless secure against such a Benford's attack for banal reasons.

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2011 CFR

2011-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

49 CFR 15.5 - Sensitive security information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... sources and methods used to gather or develop threat information, including threats against cyber infrastructure. (8) Security measures. Specific details of aviation or maritime transportation security measures... infrastructure asset information. Any list identifying systems or assets, whether physical or virtual, so vital...

Education and Strategic Research Collaborations

Science.gov Websites

Los Alamos National Laboratory National Security Education Center Image Search Site submit LaboratoryNational Security Education Center Menu Program Offices Energy Security Council New Mexico Consortium Geophysics, Planetary Physics, Signatures Events Collaborations for education and strategic research, student

49 CFR 40.351 - What confidentiality requirements apply to service agents?

Code of Federal Regulations, 2013 CFR

2013-10-01

... confidentiality and security measures to ensure that confidential employee records are not available to unauthorized persons. This includes protecting the physical security of records, access controls, and computer security measures to safeguard confidential data in electronic data bases. ...

49 CFR 40.351 - What confidentiality requirements apply to service agents?

Code of Federal Regulations, 2014 CFR

2014-10-01

... confidentiality and security measures to ensure that confidential employee records are not available to unauthorized persons. This includes protecting the physical security of records, access controls, and computer security measures to safeguard confidential data in electronic data bases. ...

49 CFR 40.351 - What confidentiality requirements apply to service agents?

Code of Federal Regulations, 2012 CFR

2012-10-01

... confidentiality and security measures to ensure that confidential employee records are not available to unauthorized persons. This includes protecting the physical security of records, access controls, and computer security measures to safeguard confidential data in electronic data bases. ...

49 CFR 40.351 - What confidentiality requirements apply to service agents?

Code of Federal Regulations, 2011 CFR

2011-10-01

... confidentiality and security measures to ensure that confidential employee records are not available to unauthorized persons. This includes protecting the physical security of records, access controls, and computer security measures to safeguard confidential data in electronic data bases. ...

Test security in medicolegal cases: proposed guidelines for attorneys utilizing neuropsychology practice.

PubMed

Morel, Kenneth R

2009-11-01

In the context of forensic neuropsychological assessments, the professional interaction of law and psychology is viewed primarily as one where the retaining attorney or court dictates its needs to psychologists when resolving legal disputes. While this perspective is conceptually accurate, the positive and practical collaboration of law and psychology also relies on attorneys adhering to basic protections of sensitive psychological assessment procedures and tests. Objective testing is undermined when a practitioner of law engages in actions prior to, during, or following a neuropsychological examination in a manner that threatens the test security. An appreciation among practitioners of law and psychology regarding the necessity of test security is essential. This article reviews attorney actions that can affect test security, proposes a distinction by psychology between appropriate and problematic client preparation for a neuropsychological examination, integrates the available legal precedent regarding test security, and suggests productive measures to protect test security in medicolegal settings.

[A guide to good practice for information security in the handling of personal health data by health personnel in ambulatory care facilities].

PubMed

Sánchez-Henarejos, Ana; Fernández-Alemán, José Luis; Toval, Ambrosio; Hernández-Hernández, Isabel; Sánchez-García, Ana Belén; Carrillo de Gea, Juan Manuel

2014-04-01

The appearance of electronic health records has led to the need to strengthen the security of personal health data in order to ensure privacy. Despite the large number of technical security measures and recommendations that exist to protect the security of health data, there is an increase in violations of the privacy of patients' personal data in healthcare organizations, which is in many cases caused by the mistakes or oversights of healthcare professionals. In this paper, we present a guide to good practice for information security in the handling of personal health data by health personnel, drawn from recommendations, regulations and national and international standards. The material presented in this paper can be used in the security audit of health professionals, or as a part of continuing education programs in ambulatory care facilities. Copyright © 2013 Elsevier España, S.L. All rights reserved.

Development of Decision-Making Automated System for Optimal Placement of Physical Access Control System’s Elements

NASA Astrophysics Data System (ADS)

Danilova, Olga; Semenova, Zinaida

2018-04-01

The objective of this study is a detailed analysis of physical protection systems development for information resources. The optimization theory and decision-making mathematical apparatus is used to formulate correctly and create an algorithm of selection procedure for security systems optimal configuration considering the location of the secured object’s access point and zones. The result of this study is a software implementation scheme of decision-making system for optimal placement of the physical access control system’s elements.

75 FR 9981 - Self-Regulatory Organizations; The Options Clearing Corporation; Order Approving Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-04

... securities options or the clearing of such futures as security futures constitutes a violation of the CEA. \\3... same as the options and security futures on SPDR Gold Shares, iShares COMEX Gold Shares, and iShares... to help clarify that options and security futures on ETFS Physical Swiss Gold Shares and ETFS...

75 FR 63867 - DTE Energy; Enrico Fermi Atomic Power Plant Unit 1, Exemption From Certain Security Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-18

... procedures, physical security plan, guard training and qualification plan, or cyber security plan for the... Power Plant Unit 1, Exemption From Certain Security Requirements 1.0 Background DTE Energy (DTE) is the... atmospheric pressure. In November 1972, the Power Reactor Development Company (PRDC), the licensee at that...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2012 CFR

2012-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2013 CFR

2013-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) A cyber security plan in accordance with the criteria set forth in § 73.54 of this chapter; (iv) A... cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan, shall protect the plans and...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2014 CFR

2014-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

Measuring Operational Resilience Using the CERT(Registered) Resilience Management Model

DTIC Science & Technology

2010-09-01

such as ISO 27002 [ ISO 2005]) and then measure the implementation and performance of practices contained in the standard. This checklist-based ap...Security techniques – Code of practice for information security management. ISO /IEC 27002 :2005, June 2005. Also known as ISO /IEC 17799:2005. [ ISO 2007...Table 23: ISO 15939 Process Activities and Tasks 54 Table 24: CERT-RMM Measurement and Analysis Process Area Goals and Practices 55 CMU/SEI

Assessment of global water security: moving beyond water scarcity assessment

NASA Astrophysics Data System (ADS)

Wada, Y.; Gain, A. K.; Giupponi, C.

2015-12-01

Water plays an important role in underpinning equitable, stable and productive societies, and the ecosystems on which we depend. Many international river basins are likely to experience 'low water security' over the coming decades. Hence, ensuring water security along with energy and food securities has been recognised as priority goals in Sustainable Development Goals (SDGs) by the United Nations. This water security is not rooted only in the limitation of physical resources, i.e. the shortage in the availability of freshwater relative to water demand, but also on social and economic factors (e.g. flawed water planning and management approaches, institutional incapability to provide water services, unsustainable economic policies). Until recently, advanced tools and methods are available for assessment of global water scarcity. However, integrating both physical and socio-economic indicators assessment of water security at global level is not available yet. In this study, we present the first global understanding of water security using a spatial multi-criteria analysis framework that goes beyond available water scarcity assessment. For assessing water security at global scale, the term 'security' is conceptualized as a function of 'availability', 'accessibility to services', 'safety and quality', and 'management'. The Water security index is calculated by aggregating the indicators using both simple additive weighting (SAW) and ordered weighted average (OWA).

Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

NASA Astrophysics Data System (ADS)

Fleischmann, Kenneth R.

The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

14 CFR 1203a.101 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.101 Definitions. For the purpose of this part, the following definitions apply: (a) Security area. A physically defined area, established for the protection or security of facilities, property, or classfied information...

Performance of device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Cao, Zhu; Zhao, Qi; Ma, Xiongfeng

2016-07-01

Quantum key distribution provides information-theoretically-secure communication. In practice, device imperfections may jeopardise the system security. Device-independent quantum key distribution solves this problem by providing secure keys even when the quantum devices are untrusted and uncharacterized. Following a recent security proof of the device-independent quantum key distribution, we improve the key rate by tightening the parameter choice in the security proof. In practice where the system is lossy, we further improve the key rate by taking into account the loss position information. From our numerical simulation, our method can outperform existing results. Meanwhile, we outline clear experimental requirements for implementing device-independent quantum key distribution. The maximal tolerable error rate is 1.6%, the minimal required transmittance is 97.3%, and the minimal required visibility is 96.8 % .

Religion, Schooling, Community, and Security: Exploring Transitions and Transformations in England

ERIC Educational Resources Information Center

Lundie, David

2017-01-01

Education is a complex social practice. In the United Kingdom context, schooling is further nested within the complex social practices of community governance, quasi-market public choice, and religion. This essay explores the shifting definitions of community and education in the context of the Counter Terrorism and Security Act 2015, which places…

Analysis of health professional security behaviors in a real clinical setting: an empirical study.

PubMed

Fernández-Alemán, José Luis; Sánchez-Henarejos, Ana; Toval, Ambrosio; Sánchez-García, Ana Belén; Hernández-Hernández, Isabel; Fernandez-Luque, Luis

2015-06-01

The objective of this paper is to evaluate the security behavior of healthcare professionals in a real clinical setting. Standards, guidelines and recommendations on security and privacy best practices for staff personnel were identified using a systematic literature review. After a revision process, a questionnaire consisting of 27 questions was created and responded to by 180 health professionals from a public hospital. Weak passwords were reported by 62.2% of the respondents, 31.7% were unaware of the organization's procedures for discarding confidential information, and 19.4% did not carry out these procedures. Half of the respondents (51.7%) did not take measures to ensure that the personal health information on the computer monitor could not be seen by unauthorized individuals, and 57.8% were unaware of the procedure established to report a security violation. The correlation between the number of years in the position and good security practices was not significant (Pearson's r=0.085, P=0.254). Age was weakly correlated with good security practices (Pearson's r=-0.169, P=0.028). A Mann-Whitney test showed no significant difference between the respondents' security behavior as regards gender (U=2536, P=0.792, n=178). The results of the study suggest that more efforts are required to improve security education for health personnel. It was found that both preventive and corrective actions are needed to prevent health staff from causing security incidents. Healthcare organizations should: identify the types of information that require protection, clearly communicate the penalties that will be imposed, promote security training courses, and define what the organization considers improper behavior to be and communicate this to all personnel. Copyright © 2015 Elsevier Ireland Ltd. All rights reserved.

10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a notice...

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Admissibility of restricted data or other national security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.911 Admissibility of restricted data or other national security...

10 CFR 2.911 - Admissibility of restricted data or other national security information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Admissibility of restricted data or other national security information. 2.911 Section 2.911 Energy NUCLEAR REGULATORY COMMISSION AGENCY RULES OF PRACTICE AND... National Security Information § 2.911 Admissibility of restricted data or other national security...

16 CFR 802.4 - Acquisitions of voting securities of issuers or non-corporate interests in unincorporated...

Code of Federal Regulations, 2012 CFR

2012-01-01

... § 802.4 Acquisitions of voting securities of issuers or non-corporate interests in unincorporated... voting securities or an unincorporated entity whose non-corporate interests are being acquired pursuant... 16 Commercial Practices 1 2012-01-01 2012-01-01 false Acquisitions of voting securities of issuers...

16 CFR 802.4 - Acquisitions of voting securities of issuers or non-corporate interests in unincorporated...

Code of Federal Regulations, 2013 CFR

2013-01-01

... § 802.4 Acquisitions of voting securities of issuers or non-corporate interests in unincorporated... voting securities or an unincorporated entity whose non-corporate interests are being acquired pursuant... 16 Commercial Practices 1 2013-01-01 2013-01-01 false Acquisitions of voting securities of issuers...

16 CFR 802.4 - Acquisitions of voting securities of issuers or non-corporate interests in unincorporated...

Code of Federal Regulations, 2014 CFR

2014-01-01

... § 802.4 Acquisitions of voting securities of issuers or non-corporate interests in unincorporated... voting securities or an unincorporated entity whose non-corporate interests are being acquired pursuant... 16 Commercial Practices 1 2014-01-01 2014-01-01 false Acquisitions of voting securities of issuers...

10 CFR 2.907 - Notice of intent to introduce restricted data or national security information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... security information. 2.907 Section 2.907 Energy NUCLEAR REGULATORY COMMISSION RULES OF PRACTICE FOR... Proceedings Involving Restricted Data and/or National Security Information § 2.907 Notice of intent to introduce restricted data or national security information. (a) If, at the time of publication of a notice...

The Continuing Evolution of Effective IT Security Practices

ERIC Educational Resources Information Center

Voloudakis, John

2006-01-01

In the past three years, higher education institutions have made a number of moves to secure their critical systems and protect their users, resulting in a marked change in the techniques used to combat security threats. Today, continued progress may depend on the development of an enterprise IT security program. (Contains 10 notes.)

Bio-Security Proficiencies Project for Beginning Producers in 4-H

ERIC Educational Resources Information Center

Smith, Martin H.; Meehan, Cheryl L.; Borba, John A.

2014-01-01

Improving bio-security practices among 4-H members who raise and show project animals is important. Bio-security measures can reduce the risk of disease spread and mitigate potential health and economic risks of disease outbreaks involving animal and zoonotic pathogens. Survey data provided statistical evidence that the Bio-Security Proficiencies…

Exploring Factors that Influence Students' Behaviors in Information Security

ERIC Educational Resources Information Center

Yoon, Cheolho; Hwang, Jae-Won; Kim, Rosemary

2012-01-01

Due to the ever-increasing use of the Internet, information security has become a critical issue in society. This is especially the case for young adults who have different attitudes towards information security practices. In this research, we examine factors that motivate college students' information security behaviors. Based on the concept of…

How to secure your servers, code and data

ScienceCinema

Lopienski, Sebastian

2018-04-30

Oral presentation in English, slides in English. Advice and best practices regarding the security of your servers, code and data will be presented. We will also describe how the Computer Security Team can help you reduce the risks.

Corporate liability: security and violence--Part II.

PubMed

Fiesta, J

1996-04-01

A hospital can be held liable for injuries resulting from failure to provide adequate, reasonable security Part II of "corporate Liability: Security and Violence" addresses negligent hiring and supervision practices, injury and domestic violence in the workplace and communication procedures.

Report: Fiscal Year 2006 Federal Information Security Management Act Report Status of EPA’s Computer Security Program

EPA Pesticide Factsheets

Report #2006-S-00008, September 25, 2006. Although the Agency has made substantial progress to improve its security program, the OIG identified weaknesses in the Agency’s incident reporting practices.

14 CFR 1203b.105 - Use of non-deadly physical force when making an arrest.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 14 Aeronautics and Space 5 2013-01-01 2013-01-01 false Use of non-deadly physical force when making an arrest. 1203b.105 Section 1203b.105 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SECURITY PROGRAMS; ARREST AUTHORITY AND USE OF FORCE BY NASA SECURITY FORCE PERSONNEL § 1203b.105...

14 CFR 1203b.105 - Use of non-deadly physical force when making an arrest.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Use of non-deadly physical force when making an arrest. 1203b.105 Section 1203b.105 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SECURITY PROGRAMS; ARREST AUTHORITY AND USE OF FORCE BY NASA SECURITY FORCE PERSONNEL § 1203b.105...

14 CFR 1203b.105 - Use of non-deadly physical force when making an arrest.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Use of non-deadly physical force when making an arrest. 1203b.105 Section 1203b.105 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SECURITY PROGRAMS; ARREST AUTHORITY AND USE OF FORCE BY NASA SECURITY FORCE PERSONNEL § 1203b.105...

14 CFR 1203b.105 - Use of non-deadly physical force when making an arrest.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 14 Aeronautics and Space 5 2012-01-01 2012-01-01 false Use of non-deadly physical force when making an arrest. 1203b.105 Section 1203b.105 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SECURITY PROGRAMS; ARREST AUTHORITY AND USE OF FORCE BY NASA SECURITY FORCE PERSONNEL § 1203b.105...

75 FR 32972 - Office of New Reactors: Notice of Availability of the Final Staff Guidance; Section 14.3.12 on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-10

... the Final Staff Guidance; Section 14.3.12 on Physical Security Hardware Inspections, Tests, Analyses...: The NRC is issuing its Final Revision 1 to NUREG-0800, ``Standard Review Plan (SRP) for the Review of Safety Analysis Reports for Nuclear Power Plants,'' Section 14.3.12 on ``Physical Security Hardware...

75 FR 68009 - Office of New Reactors; Notice of Availability of the Final Staff Guidance Standard Review Plan...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-04

... the Final Staff Guidance Standard Review Plan Section 13.6.3, Revision 1 on Physical Security--Early... NRC is issuing its Final Revision 1 to NUREG-0800, ``Standard Review Plan (SRP) for the Review of Safety Analysis Reports for Nuclear Power Plants,'' Section 13.6.3, Revision 1 on Physical Security...

75 FR 36125 - Office of New Reactors; Proposed Revision to Standard Review Plan, Section 13.6.2, Revision 1 on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-24

... Standard Review Plan, Section 13.6.2, Revision 1 on Physical Security--Design Certification AGENCY: Nuclear... comment on NUREG-0800, ``Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants,'' on a proposed Revision 1 to Standard Review Plan (SRP), Section 13.6.2 on ``Physical Security...

75 FR 68009 - Office of New Reactors; Notice of Availability of the Final Staff Guidance Standard Review Plan...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-04

... the Final Staff Guidance Standard Review Plan Section 13.6.2, Revision 1 on Physical Security--Design... issuing its Final Revision 1 to NUREG-0800, ``Standard Review Plan (SRP) for the Review of Safety Analysis Reports for Nuclear Power Plants,'' Section 13.6.2, Revision 1 on Physical Security--Design Certification...

Striding Towards Better Physical Therapy

NASA Technical Reports Server (NTRS)

2003-01-01

This paper presents a discussion on a new rehabilitative device that promises to improve physical therapy for patients working to regain the ability to walk after facing traumatic injuries or a degenerative illness. Produced by Enduro Medical Technology, of East Hartford, Connecticut, the Secure Ambulation Module (S.A.M.) creates a stable and secure environment for patients as they stand during ambulation therapy.

Florida Postsecondary Education Security Information Act. Annual Report of Campus Crime Statistics 1991-93 and Annual Assessment of Physical Plant Safety 1994.

ERIC Educational Resources Information Center

Florida State Dept. of Education, Tallahassee. Office of Postsecondary Education Coordination.

This state-mandated report presents crime statistics at higher education institutions in Florida and an assessment of physical plant security. The crime data list numbers of homicides, forcible sex offenses, robberies, aggravated assaults, burglaries/breaking and entering, larcenies and thefts, and motor vehicle thefts for each state university,…

Using Mathematics to Make Computing on Encrypted Data Secure and Practical

DTIC Science & Technology

2015-12-01

LLL) lattice basis reduction algorithm, G-Lattice, Cryptography , Security, Gentry-Szydlo Algorithm, Ring-LWE 16. SECURITY CLASSIFICATION OF: 17...with symmetry be further developed, in order to quantify the security of lattice-based cryptography , including especially the security of homomorphic...the Gentry-Szydlo algorithm, and the ideas should be applicable to a range of questions in cryptography . The new algorithm of Lenstra and Silverberg

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

DTIC Science & Technology

2007-09-01

the Systems Security Engineering Capability Maturity Model (SSE- CMM / ISO 21827) and its use in system software developments ...software development life cycle ( SDLC )? 6. In what ways should process improvement support security in the SDLC ? 1.2 10BPANEL RESOURCES For each... project management, and support practices through the use of the capability maturity models including the CMMI and the Systems Security

44 CFR 321.4 - Achieving production readiness.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY PREPAREDNESS MAINTENANCE OF THE MOBILIZATION BASE (DEPARTMENT OF DEFENSE... sabotage through adequate physical security measures. (iv) Protection of personnel from widespread...

44 CFR 321.4 - Achieving production readiness.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY PREPAREDNESS MAINTENANCE OF THE MOBILIZATION BASE (DEPARTMENT OF DEFENSE... sabotage through adequate physical security measures. (iv) Protection of personnel from widespread...

44 CFR 321.4 - Achieving production readiness.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY PREPAREDNESS MAINTENANCE OF THE MOBILIZATION BASE (DEPARTMENT OF DEFENSE... sabotage through adequate physical security measures. (iv) Protection of personnel from widespread...

44 CFR 321.4 - Achieving production readiness.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY PREPAREDNESS MAINTENANCE OF THE MOBILIZATION BASE (DEPARTMENT OF DEFENSE... sabotage through adequate physical security measures. (iv) Protection of personnel from widespread...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.51 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.226 - Assuring integrity of records.

Code of Federal Regulations, 2014 CFR

2014-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

43 CFR 2.226 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-10-01

... on those recommended in the National Bureau of Standard's booklet “Computer Security Guidelines for..., technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in...

Three tenets for secure cyber-physical system design and assessment

NASA Astrophysics Data System (ADS)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System.more » Selected papers were processed separately for inclusion in the Energy Science and Technology Database.« less

Tulsi - Ocimum sanctum: A herb for all reasons

PubMed Central

Cohen, Marc Maurice

2014-01-01

The predominant cause of global morbidity and mortality is lifestyle-related chronic diseases, many of which can be addressed through Ayurveda with its focus on healthy lifestyle practices and regular consumption of adaptogenic herbs. Of all the herbs used within Ayurveda, tulsi (Ocimum sanctum Linn) is preeminent, and scientific research is now confirming its beneficial effects. There is mounting evidence that tulsi can address physical, chemical, metabolic and psychological stress through a unique combination of pharmacological actions. Tulsi has been found to protect organs and tissues against chemical stress from industrial pollutants and heavy metals, and physical stress from prolonged physical exertion, ischemia, physical restraint and exposure to cold and excessive noise. Tulsi has also been shown to counter metabolic stress through normalization of blood glucose, blood pressure and lipid levels, and psychological stress through positive effects on memory and cognitive function and through its anxiolytic and anti-depressant properties. Tulsi's broad-spectrum antimicrobial activity, which includes activity against a range of human and animal pathogens, suggests it can be used as a hand sanitizer, mouthwash and water purifier as well as in animal rearing, wound healing, the preservation of food stuffs and herbal raw materials and traveler's health. Cultivation of tulsi plants has both spiritual and practical significance that connects the grower to the creative powers of nature, and organic cultivation offers solutions for food security, rural poverty, hunger, environmental degradation and climate change. The use of tulsi in daily rituals is a testament to Ayurvedic wisdom and provides an example of ancient knowledge offering solutions to modern problems. PMID:25624701

Security system signal supervision

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chritton, M.R.; Matter, J.C.

1991-09-01

This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs.

Physical and property victimization behind bars: a multilevel examination.

PubMed

Lahm, Karen F

2009-06-01

The majority of the extant literature on inmate victimization considers only one level of analysis, thus ignoring the interaction effects between inmate- and prison-level variables. To extend this literature, multilevel modeling techniques were used to analyze self-report data from more than 1,000 inmates and 30 prisons in Kentucky, Tennessee, and Ohio. Results revealed that demographic variables were strong predictors of physical victimization (i.e., race and assaultive behavior). Also, security level had a contextual direct effect on physical victimization. Property victimization was best explained with an integrated model including inmate (i.e., race, assaultive behavior, prior education, prior employment, and time served), contextual (i.e., security level and proportion non-White), and micro-macro interaction variables (i.e., Race x Security Level). Policy implications and suggestions for future research are discussed.

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

PubMed Central

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

PubMed

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2014-07-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

48 CFR 45.101 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... to the public safety or security if stolen, lost, or misplaced, or that shall be subject to exceptional physical security, protection, control, and accountability. Examples include weapons, ammunition...

76 FR 80421 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-23

... SECURITIES AND EXCHANGE COMMISSION Submission for OMB Review; Comment Request Upon Written Request, Copies Available From: Securities and Exchange Commission, Office of Investor Education and Advocacy... federal securities laws and promote ethical behavior of attorneys appearing and practicing before the...

48 CFR 3003.101-3 - Agency regulations.

Code of Federal Regulations, 2010 CFR

2010-10-01

....101-3 Section 3003.101-3 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) GENERAL IMPROPER BUSINESS PRACTICES AND PERSONAL CONFLICTS... Security regulations governing the conduct and responsibilities of employees are contained in 5 CFR part...

Synchronization of random bit generators based on coupled chaotic lasers and application to cryptography.

PubMed

Kanter, Ido; Butkovski, Maria; Peleg, Yitzhak; Zigzag, Meital; Aviad, Yaara; Reidler, Igor; Rosenbluh, Michael; Kinzel, Wolfgang

2010-08-16

Random bit generators (RBGs) constitute an important tool in cryptography, stochastic simulations and secure communications. The later in particular has some difficult requirements: high generation rate of unpredictable bit strings and secure key-exchange protocols over public channels. Deterministic algorithms generate pseudo-random number sequences at high rates, however, their unpredictability is limited by the very nature of their deterministic origin. Recently, physical RBGs based on chaotic semiconductor lasers were shown to exceed Gbit/s rates. Whether secure synchronization of two high rate physical RBGs is possible remains an open question. Here we propose a method, whereby two fast RBGs based on mutually coupled chaotic lasers, are synchronized. Using information theoretic analysis we demonstrate security against a powerful computational eavesdropper, capable of noiseless amplification, where all parameters are publicly known. The method is also extended to secure synchronization of a small network of three RBGs.

Tensions of network security and collaborative work practice: understanding a single sign-on deployment in a regional hospital.

PubMed

Heckle, Rosa R; Lutters, Wayne G

2011-08-01

Healthcare providers and their IT staff, working in an effort to balance appropriate accessibility with stricter security mandates, are considering the use of a single network sign-on approach for authentication and password management. Single sign-on (SSO) promises to improve usability of authentication for multiple-system users, increase compliance, and help curb system maintenance costs. However, complexities are introduced when SSO is placed within a collaborative environment. These complexities include unanticipated workflow implications that introduce greater security vulnerability for the individual user. OBJECTIVES AND METHODOLOGY: In this work, we examine the challenges of implementing a single sign-on authentication technology in a hospital environment. The aim of the study was to document the factors that affected SSO adoption within the context of use. The ultimate goal is to better inform the design of usable authentication systems within collaborative healthcare work sites. The primary data collection techniques used are ethnographically informed - observation, contextual interviews, and document review. The study included a cross-section of individuals from various departments and varying rolls. These participants were a mix of both clinical and administrative staff, as well as the Information Technology group. The field work revealed fundamental mis-matches between the technology and routine work practices that will significantly impact its effective adoption. While single sign-on was effective in the administrative offices, SSO was not a good fit for collaborative areas. The collaborative needs of the clinical staff unearthed tensions in its implementation. An analysis of the findings revealed that the workflow, activities, and physical environment of the clinical areas create increased security vulnerabilities for the individual user. The clinical users were cognizant of these vulnerabilities and this created resistance to the implementation due to a concern for privacy. From a preliminary analysis of our on-going field study at a community hospital, there appears to be a number of mismatches between the SSO vision and the realities of routine work. While we cannot conclusively say if a SSO adoption will be effective in meeting its goals in a hospital environment, we do know that it will affect the work practice and that will make the management of the SSO system problematic. Copyright © 2011 Elsevier Ireland Ltd. All rights reserved.

Bayesian performance metrics and small system integration in recent homeland security and defense applications

NASA Astrophysics Data System (ADS)

Jannson, Tomasz; Kostrzewski, Andrew; Patton, Edward; Pradhan, Ranjit; Shih, Min-Yi; Walter, Kevin; Savant, Gajendra; Shie, Rick; Forrester, Thomas

2010-04-01

In this paper, Bayesian inference is applied to performance metrics definition of the important class of recent Homeland Security and defense systems called binary sensors, including both (internal) system performance and (external) CONOPS. The medical analogy is used to define the PPV (Positive Predictive Value), the basic Bayesian metrics parameter of the binary sensors. Also, Small System Integration (SSI) is discussed in the context of recent Homeland Security and defense applications, emphasizing a highly multi-technological approach, within the broad range of clusters ("nexus") of electronics, optics, X-ray physics, γ-ray physics, and other disciplines.

[Violence undergone by the general practitioners: Under-reporting of the attacks or of the infringements to their properties].

PubMed

Clinet, Marie-Laure; Vaysse, Benoît; Gignon, Maxime; Jarde, Olivier; Manaouil, Cécile

2015-11-01

The main objective of this study was to estimate prevalence on the liberal general practitioners. The secondary objectives are to identify the possible brakes with the declaration in the monitoring observatory for security of the doctors as well as to determine if the feminization of the profession was associated with the situations violence. A questionnaire in 5 parts was submitted by telephone to 146 drawn lots liberal general practitioners. It approached the undergone physical and verbal attacks, the infringements on the properties arisen during their career, and the proven feeling of insecurity. The rate of participation was 63% (93/146). In all 171 incidents were reported among which 96 physical and verbal attacks (56%), and 75 infringements on the properties (44%) without difference according to the sex. The main motive for the attacks was the refusal of prescription (44%). Practically, no concerned doctor made declaration for the monitoring observatory for the security of the doctors, for lack of interest for 5 of them or the ignorance of its existence for 10 on 32 practitioners having undergone an aggression after the creation of the monitoring observatory. We observed an under-reporting of the attacks or of the infringements on the properties by the doctors victims. Our study did not highlight difference between men and women. Copyright © 2015 Elsevier Masson SAS. All rights reserved.

Towards a Standard for Highly Secure SCADA Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carlson, R.

1998-09-25

The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied tomore » automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the requirements analysis for a highly secure SCADA system. The fi-arnework for the discussion consists of the identification of SCADA security investment areas coupled with the tradeoffs that will force compromises in the solution. For example, computational and bandwidth requirements of a security standard could force the replacement of entire SCADA systems. The requirements for a real-time response in a cascading electric power failure could pose limitations on authentication and encryption mechanisms. The shortest path to the development of a high securi~ SC.ADA standard will be achieved by leveraging existing standards efforts and ensuring that security is being properly addressed in those standards. The Utility Communications Architecture 2.o (UC@, for real-time utili~ decision control, represents one such standard. The development of a SCADA secwiy specification is a complex task that will benefit from a systems engineering approach.« less

Creation of backdoors in quantum communications via laser damage

NASA Astrophysics Data System (ADS)

Makarov, Vadim; Bourgoin, Jean-Philippe; Chaiwongkhot, Poompong; Gagné, Mathieu; Jennewein, Thomas; Kaiser, Sarah; Kashyap, Raman; Legré, Matthieu; Minshull, Carter; Sajeed, Shihan

2016-09-01

Practical quantum communication (QC) protocols are assumed to be secure provided implemented devices are properly characterized and all known side channels are closed. We show that this is not always true. We demonstrate a laser-damage attack capable of modifying device behavior on demand. We test it on two practical QC systems for key distribution and coin tossing, and show that newly created deviations lead to side channels. This reveals that laser damage is a potential security risk to existing QC systems, and necessitates their testing to guarantee security.

Nuclear energy and security

DOE Office of Scientific and Technical Information (OSTI.GOV)

BLEJWAS,THOMAS E.; SANDERS,THOMAS L.; EAGAN,ROBERT J.

2000-01-01

Nuclear power is an important and, the authors believe, essential component of a secure nuclear future. Although nuclear fuel cycles create materials that have some potential for use in nuclear weapons, with appropriate fuel cycles, nuclear power could reduce rather than increase real proliferation risk worldwide. Future fuel cycles could be designed to avoid plutonium production, generate minimal amounts of plutonium in proliferation-resistant amounts or configurations, and/or transparently and efficiently consume plutonium already created. Furthermore, a strong and viable US nuclear infrastructure, of which nuclear power is a large element, is essential if the US is to maintain a leadershipmore » or even participatory role in defining the global nuclear infrastructure and controlling the proliferation of nuclear weapons. By focusing on new fuel cycles and new reactor technologies, it is possible to advantageously burn and reduce nuclear materials that could be used for nuclear weapons rather than increase and/or dispose of these materials. Thus, the authors suggest that planners for a secure nuclear future use technology to design an ideal future. In this future, nuclear power creates large amounts of virtually atmospherically clean energy while significantly lowering the threat of proliferation through the thoughtful use, physical security, and agreed-upon transparency of nuclear materials. The authors must develop options for policy makers that bring them as close as practical to this ideal. Just as Atoms for Peace became the ideal for the first nuclear century, they see a potential nuclear future that contributes significantly to power for peace and prosperity.« less

40 CFR 13.16 - Liquidation of collateral.

Code of Federal Regulations, 2010 CFR

2010-07-01

... STANDARDS Collection § 13.16 Liquidation of collateral. Where the Administrator holds a security instrument with a power of sale or has physical possession of collateral, he may liquidate the security or... businesses, including liquidation of security or collateral, is not a prerequisite to requiring payment by a...

10 CFR 39.31 - Labels, security, and transportation precautions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Labels, security, and transportation precautions. 39.31 Section 39.31 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL... explosion or fire. (2) The licensee shall lock and physically secure the transport package containing...

10 CFR 39.31 - Labels, security, and transportation precautions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Labels, security, and transportation precautions. 39.31 Section 39.31 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL... explosion or fire. (2) The licensee shall lock and physically secure the transport package containing...

10 CFR 39.31 - Labels, security, and transportation precautions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 1 2012-01-01 2012-01-01 false Labels, security, and transportation precautions. 39.31 Section 39.31 Energy NUCLEAR REGULATORY COMMISSION LICENSES AND RADIATION SAFETY REQUIREMENTS FOR WELL... explosion or fire. (2) The licensee shall lock and physically secure the transport package containing...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2011 CFR

2011-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2013 CFR

2013-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or...

25 CFR 43.22 - Assuring integrity of records.

Code of Federal Regulations, 2012 CFR

2012-04-01

..., “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May 30, 1975), and any supplements... appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which...