Mechanical code comparator

DOEpatents

Peter, Frank J.; Dalton, Larry J.; Plummer, David W.

2002-01-01

A new class of mechanical code comparators is described which have broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electromechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. These devices provide extremely high levels of robust security. Being totally mechanical in operation, an access control system properly based on such devices cannot be circumvented by software attack alone.

75 FR 69150 - Self-Regulatory Organizations; The Depository Trust Company; Order Approving Proposed Rule Change...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-10

... Process in Providing Trustee Access to the Security Position Report Service November 4, 2010. I.... The current review process to approve a trustee's access to the SPR service for a security is done... a trustee's access to DTC's SPR service for an issue with an automated approval process, DTC will be...

Security of social network credentials for accessing course portal: Users' experience

NASA Astrophysics Data System (ADS)

Katuk, Norliza; Fong, Choo Sok; Chun, Koo Lee

2015-12-01

Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the within-subject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems

PubMed Central

Fernández, Gonzalo; López-Coronado, Miguel

2013-01-01

Background The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients’ medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. Objective To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. Methods To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Results Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Conclusions Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access and data breaches. Patients must be kept informed about how their data are being managed. PMID:23965254

Analysis of the security and privacy requirements of cloud-based electronic health records systems.

PubMed

Rodrigues, Joel J P C; de la Torre, Isabel; Fernández, Gonzalo; López-Coronado, Miguel

2013-08-21

The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients' medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access and data breaches. Patients must be kept informed about how their data are being managed.

75 FR 73137 - Order Extending Temporary Conditional Exemption for Nationally Recognized Statistical Rating...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-29

...: issuing or maintaining a credit rating for a security or money market instrument issued by an asset pool... issuer, sponsor, or underwriter of the security or money market instrument. 17 CFR 240.17g-5(b)(9). \\11... information provided to the hired NRSRO can be accessed by other NRSROs; Provide free and unlimited access to...

Network Access Control List Situation Awareness

ERIC Educational Resources Information Center

Reifers, Andrew

2010-01-01

Network security is a large and complex problem being addressed by multiple communities. Nevertheless, current theories in networking security appear to overestimate network administrators' ability to understand network access control lists (NACLs), providing few context specific user analyses. Consequently, the current research generally seems to…

5 CFR 1630.7 - Identification requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... or herself by signature, i.e., to note by signature the date of access, Social Security number, and... number or Social Security number and shall sign the request. Most other individuals shall provide the participant's account number or Social Security number, shall provide a statement of relationship to the...

Towards an Approach of Semantic Access Control for Cloud Computing

NASA Astrophysics Data System (ADS)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

47 CFR 76.1204 - Availability of equipment performing conditional access or security functions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... system; and (3) Does not provide access to any digital transmission of multichannel video programming or... COMMISSION (CONTINUED) BROADCAST RADIO SERVICES MULTICHANNEL VIDEO AND CABLE TELEVISION SERVICE Competitive... security functions. (a)(1) A multichannel video programming distributor that utilizes navigation devices to...

A threat intelligence framework for access control security in the oil industry

NASA Astrophysics Data System (ADS)

Alaskandrani, Faisal T.

The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

Securing the Global Airspace System Via Identity-Based Security

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Healthcare teams over the Internet: programming a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2003-07-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modern healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has, therefore, become a major concern. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security model is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control (HAC) security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Healthcare teams over the Internet: towards a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2002-01-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modem healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has therefore become a major concern for healthcare applications over the Internet. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security policy is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Security in Distributed Collaborative Environments: Limitations and Solutions

NASA Astrophysics Data System (ADS)

Saadi, Rachid; Pierson, Jean-Marc; Brunie, Lionel

The main goal of establishing collaboration between heterogeneous environment is to create such as Pervasive context which provide nomadic users with ubiquitous access to digital information and surrounding resources. However, the constraints of mobility and heterogeneity arise a number of crucial issues related to security, especially authentication access control and privacy. First of all, in this chapter we explore the trust paradigm, specially the transitive capability to enable a trust peer to peer collaboration. In this manner, when each organization sets its own security policy to recognize (authenticate) users members of a trusted community and provide them a local access (access control), the trust transitivity between peers will allows users to gain a broad, larger and controlled access inside the pervasive environment. Next, we study the problem of user's privacy. In fact in pervasive and ubiquitous environments, nomadic users gather and exchange certificates or credential which providing them rights to access by transitivity unknown and trusted environments. These signed documents embeds increasing number of attribute that require to be filtered according to such contextual situation. In this chapter, we propose a new morph signature enabling each certificate owner to preserve his privacy by discloses or blinds some sensitive attributes according to faced situation.

System and method for secure group transactions

DOEpatents

Goldsmith, Steven Y [Rochester, MN

2006-04-25

A method and a secure system, processing on one or more computers, provides a way to control a group transaction. The invention uses group consensus access control and multiple distributed secure agents in a network environment. Each secure agent can organize with the other secure agents to form a secure distributed agent collective.

Effect of security threats on primary care access in Logar province, Afghanistan.

PubMed

Morikawa, Masahiro J

2008-01-01

Security threats are a major concern for access to health care in many war-torn communities; however, there is little quantified data on actual access to care in rural communities during war. Kinderberg International e.V. provided primary care in rural Logar province, Afghanistan, for these three years in eight districts until they were integrated into the new health care structure led by the Ministry of Health in early 2005. We examined the number of patients visiting our clinic before and during the security threats related to the parliamentary election and subsequent national assembly in 2004. The number of patients declined in remote clinics while the number increased in central locations. This finding has an important practical implication: the monitoring of access to care should include remote clinics, otherwise it may potentially underestimate compromised access to health care due to security threats.

Access Control of Web- and Java-Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

KENNEDY SPACE CENTER, FLA. - Daniel L. Tweed, with the Facilities Division, NASA Spaceport Services, addresses attendees at the ribbon cutting for the KSC Security gates. Tweed was project manager. The two new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3) were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily. Others taking part in the ribbon cutting were Center Director Jim Kennedy; Chief, Protective & Safe Guards Office, Calvin L. Burch; SGS Deputy Program Manager William A. Sample; and Bobby Porter, with Oneida Construction.

NASA Image and Video Library

2003-08-27

KENNEDY SPACE CENTER, FLA. - Daniel L. Tweed, with the Facilities Division, NASA Spaceport Services, addresses attendees at the ribbon cutting for the KSC Security gates. Tweed was project manager. The two new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3) were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily. Others taking part in the ribbon cutting were Center Director Jim Kennedy; Chief, Protective & Safe Guards Office, Calvin L. Burch; SGS Deputy Program Manager William A. Sample; and Bobby Porter, with Oneida Construction.

Security middleware infrastructure for DICOM images in health information systems.

PubMed

Kallepalli, Vijay N V; Ehikioya, Sylvanus A; Camorlinga, Sergio; Rueda, Jose A

2003-12-01

In health care, it is mandatory to maintain the privacy and confidentiality of medical data. To achieve this, a fine-grained access control and an access log for accessing medical images are two important aspects that need to be considered in health care systems. Fine-grained access control provides access to medical data only to authorized persons based on priority, location, and content. A log captures each attempt to access medical data. This article describes an overall middleware infrastructure required for secure access to Digital Imaging and Communication in Medicine (DICOM) images, with an emphasis on access control and log maintenance. We introduce a hybrid access control model that combines the properties of two existing models. A trust relationship between hospitals is used to make the hybrid access control model scalable across hospitals. We also discuss events that have to be logged and where the log has to be maintained. A prototype of security middleware infrastructure is implemented.

Ver-i-Fus: an integrated access control and information monitoring and management system

NASA Astrophysics Data System (ADS)

Thomopoulos, Stelios C.; Reisman, James G.; Papelis, Yiannis E.

1997-01-01

This paper describes the Ver-i-Fus Integrated Access Control and Information Monitoring and Management (IAC-I2M) system that INTELNET Inc. has developed. The Ver-i-Fus IAC-I2M system has been designed to meet the most stringent security and information monitoring requirements while allowing two- way communication between the user and the system. The systems offers a flexible interface that permits to integrate practically any sensing device, or combination of sensing devices, including a live-scan fingerprint reader, thus providing biometrics verification for enhanced security. Different configurations of the system provide solutions to different sets of access control problems. The re-configurable hardware interface, tied together with biometrics verification and a flexible interface that allows to integrate Ver-i-Fus with an MIS, provide an integrated solution to security, time and attendance, labor monitoring, production monitoring, and payroll applications.

42 CFR 73.15 - Training.

Code of Federal Regulations, 2010 CFR

2010-10-01

... provide information and training on biosafety and security to each individual with access approval from... entity must provide information and training on biosafety and security to each individual not approved... provided under the OSHA Bloodborne Pathogen Standard set forth at 29 CFR 1910.1030. (b) Refresher training...

Securing a Lock on Safety.

ERIC Educational Resources Information Center

Daneman, Kathy

1998-01-01

Describes the integration of security systems to provide enhanced security that is both effective and long lasting. Examines combining card-access systems with camera surveillance, and highly visible emergency phones and security officers. as one of many possible combinations. Some systems most capable of being integrated are listed. (GR)

Context-aware access control for pervasive access to process-based healthcare systems.

PubMed

Koufi, Vassiliki; Vassilacopoulos, George

2008-01-01

Healthcare is an increasingly collaborative enterprise involving a broad range of healthcare services provided by many individuals and organizations. Grid technology has been widely recognized as a means for integrating disparate computing resources in the healthcare field. Moreover, Grid portal applications can be developed on a wireless and mobile infrastructure to execute healthcare processes which, in turn, can provide remote access to Grid database services. Such an environment provides ubiquitous and pervasive access to integrated healthcare services at the point of care, thus improving healthcare quality. In such environments, the ability to provide an effective access control mechanism that meets the requirement of the least privilege principle is essential. Adherence to the least privilege principle requires continuous adjustments of user permissions in order to adapt to the current situation. This paper presents a context-aware access control mechanism for HDGPortal, a Grid portal application which provides access to workflow-based healthcare processes using wireless Personal Digital Assistants. The proposed mechanism builds upon and enhances security mechanisms provided by the Grid Security Infrastructure. It provides tight, just-in-time permissions so that authorized users get access to specific objects according to the current context. These permissions are subject to continuous adjustments triggered by the changing context. Thus, the risk of compromising information integrity during task executions is reduced.

75 FR 60158 - Self-Regulatory Organizations; The Depository Trust Company; Notice of Filing of a Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-29

... Process in Providing Trustee Access to the Security Position Report Service September 24, 2010. Pursuant...'') service with an automated approval process. II. Self-Regulatory Organization's Statement of the Purpose of... approve a Trustee's access to the SPR service for a security is done manually, and the process is...

Transportation Secure Data Center | NREL

Science.gov Websites

Data Center The Transportation Secure Data Center (TSDC) provides free access to detailed transportation data from a variety of travel surveys and studies. Data include global positioning system (GPS demographics. Learn more about the TSDC. Cleansed Data by State and Region Use the map to access cleansed data

Transportation Secure Data Center: Real-World Data for Planning, Modeling, and Analysis (Fact Sheet)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2014-01-01

This fact sheet describes the Transportation Secure Data Center (TSDC) - an NREL-operated resource that provides secure access to detailed GPS travel data for valuable research purposes in a way that protects original participant privacy.

A scoping review of traditional food security in Alaska.

PubMed

Walch, Amanda; Bersamin, Andrea; Loring, Philip; Johnson, Rhonda; Tholl, Melissa

2018-12-01

Food insecurity is a public health concern. Food security includes the pillars of food access, availability and utilisation. For some indigenous peoples, this may also include traditional foods. To conduct a scoping review on traditional foods and food security in Alaska. Google Scholar and the High North Research Documents were used to search for relevant primary research using the following terms: "traditional foods", "food security", "access", "availability", "utilisation", "Alaska", "Alaska Native" and "indigenous". Twenty four articles from Google Scholar and four articles from the High North Research Documents were selected. The articles revealed three types of research approaches, those that quantified traditional food intake (n=18), those that quantified food security (n=2), and qualitative articles that addressed at least one pillar of food security (n=8). Limited primary research is available on food security in Alaskan. Few studies directly measure food security while most provide a review of food security factors. Research investigating dietary intake of traditional foods is more prevalent, though many differences exist among participant age groups and geographical areas. Future research should include direct measurements of traditional food intake and food security to provide a more complete picture of traditional food security in Alaska.

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

PubMed

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-05-17

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

Derived virtual devices: a secure distributed file system mechanism

NASA Technical Reports Server (NTRS)

VanMeter, Rodney; Hotz, Steve; Finn, Gregory

1996-01-01

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

SPI/U3.2. Security Profile Inspector for UNIX Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, A.

1994-08-01

SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

Quantum key distribution in multicore fibre for secure radio access networks

NASA Astrophysics Data System (ADS)

Llorente, Roberto; Provot, Antoine; Morant, Maria

2018-01-01

Broadband access in optical domain usually focuses in providing a pervasive cost-effective high bitrate communication in a given area. Nowadays, it is of utmost interest also to be able to provide a secure communication to the costumers in the area. Wireless access networks rely on optical domain for both fronthaul and backhaul of the radio access network (C-RAN). Multicore fiber (MCF) has been proposed as a promising candidate for the optical media of choice in nextgeneration wireless. The capacity demand of next-generation 5G networks makes interesting the use of high-capacity optical solutions as space-division multiplexing of different signals over MCF media. This work addresses secure MCF communication supporting C-RAN architectures. The paper proposes the use of one core in the MCF to transport securely an optical quantum key encoding altogether with end-to-end wireless signal transmitted in the remaining cores in radio-over-fiber (RoF). The RoF wireless signals are suitable for radio access fronthaul and backhaul. The theoretical principle and simulation analysis of quantum key distribution (QKD) are presented in this paper. The potential impact of optical RoF transmission crosstalk impairments is assessed experimentally considering different cellular signals on the remaining optical cores in the MCF. The experimental results report fronthaul performance over a four-core optical fiber with RoF transmission of full-standard CDMA signals providing 3.5G services in one core, HSPA+ signals providing 3.9G services in the second core and 3GPP LTEAdvanced signals providing 4G services in the third core, considering that the QKD signal is allocated in the fourth core.

The use of biometrics in the Personal Health Record (PHR).

PubMed

Bonney, Wilfred

2011-01-01

The emergence of the Personal Health Record (PHR) has made individual health information more readily accessible to a wide range of users including patients, consumers, practitioners, and healthcare providers. However, increased accessibility of PHR threatens the confidentiality, privacy, and security of personalized health information. Therefore, a need for robust and reliable forms of authentication is of prime concern. The concept of biometric authentication is now highly visible to healthcare providers as a technology to prevent unauthorized access to individual health information. Implementing biometric authentication mechanisms to protect PHR facilitates access control and secure exchange of health information. In this paper, a literature review is used to explore the key benefits, technical barriers, challenges, and ethical implications for using biometric authentication in PHR.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

50 CFR 300.220 - Confidentiality of information.

Code of Federal Regulations, 2010 CFR

2010-10-01

... met: (i) The employee has a need for confidential information to further the Department of Commerce's...) Homeland and national security activities. Confidential information may be made accessible to Federal... agency only if: (i) Providing the information promotes homeland security or national security purposes...

75 FR 35444 - Safety and Security Equipment and Services Trade Mission To Brazil

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-22

... electronic security, the market is estimated at US$ 1.5 billion. Today, electronic security equipment is not... market information and to provide access to key government officials and potential business partners for... both the public sector (e.g., public security authorities and officials) and private business (e.g...

9 CFR 121.15 - Training.

Code of Federal Regulations, 2012 CFR

2012-01-01

... must provide information and training on biosafety and security to each individual with access approval... or entity must provide information and training on biosafety and security to each individual not... Internet at http://www.aphis.usda.gov/programs/ag_selectagent/index.html. (b) Refresher training must be...

Detecting Inappropriate Access to Electronic Health Records Using Collaborative Filtering.

PubMed

Menon, Aditya Krishna; Jiang, Xiaoqian; Kim, Jihoon; Vaidya, Jaideep; Ohno-Machado, Lucila

2014-04-01

Many healthcare facilities enforce security on their electronic health records (EHRs) through a corrective mechanism: some staff nominally have almost unrestricted access to the records, but there is a strict ex post facto audit process for inappropriate accesses, i.e., accesses that violate the facility's security and privacy policies. This process is inefficient, as each suspicious access has to be reviewed by a security expert, and is purely retrospective, as it occurs after damage may have been incurred. This motivates automated approaches based on machine learning using historical data. Previous attempts at such a system have successfully applied supervised learning models to this end, such as SVMs and logistic regression. While providing benefits over manual auditing, these approaches ignore the identity of the users and patients involved in a record access. Therefore, they cannot exploit the fact that a patient whose record was previously involved in a violation has an increased risk of being involved in a future violation. Motivated by this, in this paper, we propose a collaborative filtering inspired approach to predicting inappropriate accesses. Our solution integrates both explicit and latent features for staff and patients, the latter acting as a personalized "finger-print" based on historical access patterns. The proposed method, when applied to real EHR access data from two tertiary hospitals and a file-access dataset from Amazon, shows not only significantly improved performance compared to existing methods, but also provides insights as to what indicates an inappropriate access.

Detecting Inappropriate Access to Electronic Health Records Using Collaborative Filtering

PubMed Central

Menon, Aditya Krishna; Jiang, Xiaoqian; Kim, Jihoon; Vaidya, Jaideep; Ohno-Machado, Lucila

2013-01-01

Many healthcare facilities enforce security on their electronic health records (EHRs) through a corrective mechanism: some staff nominally have almost unrestricted access to the records, but there is a strict ex post facto audit process for inappropriate accesses, i.e., accesses that violate the facility’s security and privacy policies. This process is inefficient, as each suspicious access has to be reviewed by a security expert, and is purely retrospective, as it occurs after damage may have been incurred. This motivates automated approaches based on machine learning using historical data. Previous attempts at such a system have successfully applied supervised learning models to this end, such as SVMs and logistic regression. While providing benefits over manual auditing, these approaches ignore the identity of the users and patients involved in a record access. Therefore, they cannot exploit the fact that a patient whose record was previously involved in a violation has an increased risk of being involved in a future violation. Motivated by this, in this paper, we propose a collaborative filtering inspired approach to predicting inappropriate accesses. Our solution integrates both explicit and latent features for staff and patients, the latter acting as a personalized “finger-print” based on historical access patterns. The proposed method, when applied to real EHR access data from two tertiary hospitals and a file-access dataset from Amazon, shows not only significantly improved performance compared to existing methods, but also provides insights as to what indicates an inappropriate access. PMID:24683293

Breach Risk Magnitude: A Quantitative Measure of Database Security.

PubMed

Yasnoff, William A

2016-01-01

A quantitative methodology is described that provides objective evaluation of the potential for health record system breaches. It assumes that breach risk increases with the number of potential records that could be exposed, while it decreases when more authentication steps are required for access. The breach risk magnitude (BRM) is the maximum value for any system user of the common logarithm of the number of accessible database records divided by the number of authentication steps needed to achieve such access. For a one million record relational database, the BRM varies from 5.52 to 6 depending on authentication protocols. For an alternative data architecture designed specifically to increase security by separately storing and encrypting each patient record, the BRM ranges from 1.3 to 2.6. While the BRM only provides a limited quantitative assessment of breach risk, it may be useful to objectively evaluate the security implications of alternative database organization approaches.

Practice improvement, part II: update on patient communication technologies.

PubMed

Roett, Michelle A; Coleman, Mary Thoesen

2013-11-01

Patient portals (ie, secure web-based services for patient health record access) and secure messaging to health care professionals are gaining popularity slowly. Advantages of web portals include timely communication and instruction, access to appointments and other services, and high patient satisfaction. Limitations include inappropriate use, security considerations, organizational costs, and exclusion of patients who are uncomfortable with or unable to use computers. Attention to the organization's strategic plan and office policies, patient and staff expectations, workflow and communication integration, training, marketing, and enrollment can facilitate optimal use of this technology. Other communication technologies that can enhance patient care include automated voice or text reminders and brief electronic communications. Social media provide another method of patient outreach, but privacy and access are concerns. Incorporating telehealthcare (health care provided via telephone or Internet), providing health coaching, and using interactive health communication applications can improve patient knowledge and clinical outcomes and provide social support. Written permission from the American Academy of Family Physicians is required for reproduction of this material in whole or in part in any form or medium.

An effective and secure key-management scheme for hierarchical access control in E-medicine system.

PubMed

Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

2013-04-01

Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

49 CFR 1548.15 - Access to cargo: Security threat assessments for individuals having unescorted access to cargo.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for... SECURITY CIVIL AVIATION SECURITY INDIRECT AIR CARRIER SECURITY § 1548.15 Access to cargo: Security threat... must successfully complete a security threat assessment or comparable security threat assessment...

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

PubMed

Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

2018-02-13

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors

PubMed Central

Huarte, Maider; Romaña, Pedro

2018-01-01

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model. PMID:29438338

Infant nutrition in Saskatoon: barriers to infant food security.

PubMed

Partyka, Brendine; Whiting, Susan; Grunerud, Deanna; Archibald, Karen; Quennell, Kara

2010-01-01

We explored infant nutrition in Saskatoon by assessing current accessibility to all forms of infant nourishment, investigating challenges in terms of access to infant nutrition, and determining the use and effectiveness of infant nutrition programs and services. We also examined recommendations to improve infant food security in Saskatoon. Semi-structured community focus groups and stakeholder interviews were conducted between June 2006 and August 2006. Thematic analysis was used to identify themes related to infant feeding practices and barriers, as well as recommendations to improve infant food security in Saskatoon. Our study showed that infant food security is a concern among lower-income families in Saskatoon. Barriers that limited breastfeeding sustainability or nourishing infants through other means included knowledge of feeding practices, lack of breastfeeding support, access and affordability of infant formula, transportation, and poverty. Infant nutrition and food security should be improved by expanding education and programming opportunities, increasing breastfeeding support, and identifying acceptable ways to provide emergency formula. If infant food security is to be addressed successfully, discussion and change must occur in social policy and family food security contexts.

Key Considerations in Providing a Free Appropriate Public Education for Youth with Disabilities in Juvenile Justice Secure Care Facilities. Issue Brief

ERIC Educational Resources Information Center

Gagnon, Joseph C.; Read, Nicholas W.; Gonsoulin, Simon

2015-01-01

Access to high-quality education for youth is critical to their long-term success as adults. Youth in juvenile justice secure care facilities, however, too often do not have access to the high-quality education and related supports and services that they need, particularly youth with disabilities residing in such facilities. This brief discusses…

Data security.

PubMed

2016-09-01

A government-commissioned review of data security across health and care has led to the proposal of new standards for security and options for a consent/opt-out model. Standards include that all staff complete appropriate annual data security training and pass a mandatory test provided through the revised Information Governance Toolkit, that personal confidential data is only accessible to staff who need it for their current role, and that access is removed as soon as it is no longer required. The consent/opt-out model is outlined under 8 statements, and includes certain circumstances where it will not apply, for example, where there is an overriding public interest, or mandatory legal requirement.

Integration of EGA secure data access into Galaxy.

PubMed

Hoogstrate, Youri; Zhang, Chao; Senf, Alexander; Bijlard, Jochem; Hiltemann, Saskia; van Enckevort, David; Repo, Susanna; Heringa, Jaap; Jenster, Guido; J A Fijneman, Remond; Boiten, Jan-Willem; A Meijer, Gerrit; Stubbs, Andrew; Rambla, Jordi; Spalding, Dylan; Abeln, Sanne

2016-01-01

High-throughput molecular profiling techniques are routinely generating vast amounts of data for translational medicine studies. Secure access controlled systems are needed to manage, store, transfer and distribute these data due to its personally identifiable nature. The European Genome-phenome Archive (EGA) was created to facilitate access and management to long-term archival of bio-molecular data. Each data provider is responsible for ensuring a Data Access Committee is in place to grant access to data stored in the EGA. Moreover, the transfer of data during upload and download is encrypted. ELIXIR, a European research infrastructure for life-science data, initiated a project (2016 Human Data Implementation Study) to understand and document the ELIXIR requirements for secure management of controlled-access data. As part of this project, a full ecosystem was designed to connect archived raw experimental molecular profiling data with interpreted data and the computational workflows, using the CTMM Translational Research IT (CTMM-TraIT) infrastructure http://www.ctmm-trait.nl as an example. Here we present the first outcomes of this project, a framework to enable the download of EGA data to a Galaxy server in a secure way. Galaxy provides an intuitive user interface for molecular biologists and bioinformaticians to run and design data analysis workflows. More specifically, we developed a tool -- ega_download_streamer - that can download data securely from EGA into a Galaxy server, which can subsequently be further processed. This tool will allow a user within the browser to run an entire analysis containing sensitive data from EGA, and to make this analysis available for other researchers in a reproducible manner, as shown with a proof of concept study.  The tool ega_download_streamer is available in the Galaxy tool shed: https://toolshed.g2.bx.psu.edu/view/yhoogstrate/ega_download_streamer.

Integration of EGA secure data access into Galaxy

PubMed Central

Hoogstrate, Youri; Zhang, Chao; Senf, Alexander; Bijlard, Jochem; Hiltemann, Saskia; van Enckevort, David; Repo, Susanna; Heringa, Jaap; Jenster, Guido; Fijneman, Remond J.A.; Boiten, Jan-Willem; A. Meijer, Gerrit; Stubbs, Andrew; Rambla, Jordi; Spalding, Dylan; Abeln, Sanne

2016-01-01

High-throughput molecular profiling techniques are routinely generating vast amounts of data for translational medicine studies. Secure access controlled systems are needed to manage, store, transfer and distribute these data due to its personally identifiable nature. The European Genome-phenome Archive (EGA) was created to facilitate access and management to long-term archival of bio-molecular data. Each data provider is responsible for ensuring a Data Access Committee is in place to grant access to data stored in the EGA. Moreover, the transfer of data during upload and download is encrypted. ELIXIR, a European research infrastructure for life-science data, initiated a project (2016 Human Data Implementation Study) to understand and document the ELIXIR requirements for secure management of controlled-access data. As part of this project, a full ecosystem was designed to connect archived raw experimental molecular profiling data with interpreted data and the computational workflows, using the CTMM Translational Research IT (CTMM-TraIT) infrastructure http://www.ctmm-trait.nl as an example. Here we present the first outcomes of this project, a framework to enable the download of EGA data to a Galaxy server in a secure way. Galaxy provides an intuitive user interface for molecular biologists and bioinformaticians to run and design data analysis workflows. More specifically, we developed a tool -- ega_download_streamer - that can download data securely from EGA into a Galaxy server, which can subsequently be further processed. This tool will allow a user within the browser to run an entire analysis containing sensitive data from EGA, and to make this analysis available for other researchers in a reproducible manner, as shown with a proof of concept study.  The tool ega_download_streamer is available in the Galaxy tool shed: https://toolshed.g2.bx.psu.edu/view/yhoogstrate/ega_download_streamer. PMID:28232859

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation

PubMed Central

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-01-01

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional “encrypt-then-sign” or “sign-then-encrypt” strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation. PMID:29772840

Sharing Data and Analytical Resources Securely in a Biomedical Research Grid Environment

PubMed Central

Langella, Stephen; Hastings, Shannon; Oster, Scott; Pan, Tony; Sharma, Ashish; Permar, Justin; Ervin, David; Cambazoglu, B. Barla; Kurc, Tahsin; Saltz, Joel

2008-01-01

Objectives To develop a security infrastructure to support controlled and secure access to data and analytical resources in a biomedical research Grid environment, while facilitating resource sharing among collaborators. Design A Grid security infrastructure, called Grid Authentication and Authorization with Reliably Distributed Services (GAARDS), is developed as a key architecture component of the NCI-funded cancer Biomedical Informatics Grid (caBIG™). The GAARDS is designed to support in a distributed environment 1) efficient provisioning and federation of user identities and credentials; 2) group-based access control support with which resource providers can enforce policies based on community accepted groups and local groups; and 3) management of a trust fabric so that policies can be enforced based on required levels of assurance. Measurements GAARDS is implemented as a suite of Grid services and administrative tools. It provides three core services: Dorian for management and federation of user identities, Grid Trust Service for maintaining and provisioning a federated trust fabric within the Grid environment, and Grid Grouper for enforcing authorization policies based on both local and Grid-level groups. Results The GAARDS infrastructure is available as a stand-alone system and as a component of the caGrid infrastructure. More information about GAARDS can be accessed at http://www.cagrid.org. Conclusions GAARDS provides a comprehensive system to address the security challenges associated with environments in which resources may be located at different sites, requests to access the resources may cross institutional boundaries, and user credentials are created, managed, revoked dynamically in a de-centralized manner. PMID:18308979

Secure Dynamic access control scheme of PHR in cloud computing.

PubMed

Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

2012-12-01

With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access scheme in Cloud computing environments is proven flexible and secure and could effectively correspond to real-time appending and deleting user access authorization and appending and revising PHR records.

Telemedicine with integrated data security in ATM-based networks

NASA Astrophysics Data System (ADS)

Thiel, Andreas; Bernarding, Johannes; Kurth, Ralf; Wenzel, Rudiger; Villringer, Arno; Tolxdorff, Thomas

1997-05-01

Telemedical services rely on the digital transfer of large amounts of data in a short time. The acceptance of these services requires therefore new hard- and software concepts. The fast exchange of data is well performed within a high- speed ATM-based network. The fast access to the data from different platforms imposes more difficult problems, which may be divided into those relating to standardized data formats and those relating to different levels of data security across nations. For a standardized access to the formats and those relating to different levels of data security across nations. For a standardized access to the image data, a DICOM 3.0 server was implemented.IMages were converted into the DICOM 3.0 standard if necessary. The access to the server is provided by an implementation of DICOM in JAVA allowing access to the data from different platforms. Data protection measures to ensure the secure transfer of sensitive patient data are not yet solved within the DICOM concept. We investigated different schemes to protect data using the DICOM/JAVA modality with as little impact on data transfer speed as possible.

Integration of LDSE and LTVS logs with HIPAA compliant auditing system (HCAS)

NASA Astrophysics Data System (ADS)

Zhou, Zheng; Liu, Brent J.; Huang, H. K.; Guo, Bing; Documet, Jorge; King, Nelson

2006-03-01

The deadline of HIPAA (Health Insurance Portability and Accountability Act) Security Rules has passed on February 2005; therefore being HIPAA compliant becomes extremely critical to healthcare providers. HIPAA mandates healthcare providers to protect the privacy and integrity of the health data and have the ability to demonstrate examples of mechanisms that can be used to accomplish this task. It is also required that a healthcare institution must be able to provide audit trails on image data access on demand for a specific patient. For these reasons, we have developed a HIPAA compliant auditing system (HCAS) for image data security in a PACS by auditing every image data access. The HCAS was presented in 2005 SPIE. This year, two new components, LDSE (Lossless Digital Signature Embedding) and LTVS (Patient Location Tracking and Verification System) logs, have been added to the HCAS. The LDSE can assure medical image integrity in a PACS, while the LTVS can provide access control for a PACS by creating a security zone in the clinical environment. By integrating the LDSE and LTVS logs with the HCAS, the privacy and integrity of image data can be audited as well. Thus, a PACS with the HCAS installed can become HIPAA compliant in image data privacy and integrity, access control, and audit control.

A security architecture for interconnecting health information systems.

PubMed

Gritzalis, Dimitris; Lambrinoudakis, Costas

2004-03-31

Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

National Aeronautics and Space Administration's (NASA) Automated Information Security Handbook

NASA Technical Reports Server (NTRS)

Roback, E.

1991-01-01

The NASA Automated Information Security Handbook provides NASA's overall approach to automated information systems security including discussions of such aspects as: program goals and objectives, assignment of responsibilities, risk assessment, foreign national access, contingency planning and disaster recovery, awareness training, procurement, certification, planning, and special considerations for microcomputers.

Protecting the Privacy and Security of Your Health Information

MedlinePlus

... Access to Medical Records Privacy, Security, and HIPAA Laws, Regulation, and Policy Scientific Initiatives Standards & Technology Usability ... care providers and professionals, and the government. Federal laws require many of the key persons and organizations ...

The MANPAD Threat to Civilian Airliners

DTIC Science & Technology

2006-03-03

PAGES: 19 KEY TERMS: Homeland Security; Non-Proliferation; Airport Security CLASSIFICATION: Unclassified This paper investigates strategic approaches...technological solutions and law enforcement operations to provide a competent airport security perimeter.”18 To combat this ominous threat of MANPADS...sites for phone and computer tips should be established with access for airport security , local and federal law enforcement, as well as intelligence

High-Performance Secure Database Access Technologies for HEP Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysismore » capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure authorization is pushed into the database engine will eliminate inefficient data transfer bottlenecks. Furthermore, traditionally separated database and security layers provide an extra vulnerability, leaving a weak clear-text password authorization as the only protection on the database core systems. Due to the legacy limitations of the systems’ security models, the allowed passwords often can not even comply with the DOE password guideline requirements. We see an opportunity for the tight integration of the secure authorization layer with the database server engine resulting in both improved performance and improved security. Phase I has focused on the development of a proof-of-concept prototype using Argonne National Laboratory’s (ANL) Argonne Tandem-Linac Accelerator System (ATLAS) project as a test scenario. By developing a grid-security enabled version of the ATLAS project’s current relation database solution, MySQL, PIOCON Technologies aims to offer a more efficient solution to secure database access.« less

Safe Grid

NASA Technical Reports Server (NTRS)

Chow, Edward T.; Stewart, Helen; Korsmeyer, David (Technical Monitor)

2003-01-01

The biggest users of GRID technologies came from the science and technology communities. These consist of government, industry and academia (national and international). The NASA GRID is moving into a higher technology readiness level (TRL) today; and as a joint effort among these leaders within government, academia, and industry, the NASA GRID plans to extend availability to enable scientists and engineers across these geographical boundaries collaborate to solve important problems facing the world in the 21 st century. In order to enable NASA programs and missions to use IPG resources for program and mission design, the IPG capabilities needs to be accessible from inside the NASA center networks. However, because different NASA centers maintain different security domains, the GRID penetration across different firewalls is a concern for center security people. This is the reason why some IPG resources are been separated from the NASA center network. Also, because of the center network security and ITAR concerns, the NASA IPG resource owner may not have full control over who can access remotely from outside the NASA center. In order to obtain organizational approval for secured remote access, the IPG infrastructure needs to be adapted to work with the NASA business process. Improvements need to be made before the IPG can be used for NASA program and mission development. The Secured Advanced Federated Environment (SAFE) technology is designed to provide federated security across NASA center and NASA partner's security domains. Instead of one giant center firewall which can be difficult to modify for different GRID applications, the SAFE "micro security domain" provide large number of professionally managed "micro firewalls" that can allow NASA centers to accept remote IPG access without the worry of damaging other center resources. The SAFE policy-driven capability-based federated security mechanism can enable joint organizational and resource owner approved remote access from outside of NASA centers. A SAFE enabled IPG can enable IPG capabilities to be available to NASA mission design teams across different NASA center and partner company firewalls. This paper will first discuss some of the potential security issues for IPG to work across NASA center firewalls. We will then present the SAFE federated security model. Finally we will present the concept of the architecture of a SAFE enabled IPG and how it can benefit NASA mission development.

Security and Privacy in a DACS.

PubMed

Delgado, Jaime; Llorente, Silvia; Pàmies, Martí; Vilalta, Josep

2016-01-01

The management of electronic health records (EHR), in general, and clinical documents, in particular, is becoming a key issue in the daily work of Healthcare Organizations (HO). The need for providing secure and private access to, and storage for, clinical documents together with the need for HO to interoperate, raises a number of issues difficult to solve. Many systems are in place to manage EHR and documents. Some of these Healthcare Information Systems (HIS) follow standards in their document structure and communications protocols, but many do not. In fact, they are mostly proprietary and do not interoperate. Our proposal to solve the current situation is the use of a DACS (Document Archiving and Communication System) for providing security, privacy and standardized access to clinical documents.

Identification and Access Management: An Action Research Approach to Develop a Training Strategy for Higher Education

ERIC Educational Resources Information Center

San Nicolas-Rocca, Tonia

2010-01-01

Identification and access management has been among the top security issues facing institutions of higher education. Most institutions of higher education require end users to provide usernames and passwords to gain access to personally identifiable information (PII). This leaves universities vulnerable to unauthorized access and unauthorized…

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

Archiving data from new survey technologies: Enabling research with high-precision data while preserving participant privacy

DOE PAGES

Gonder, Jeffrey; Burton, Evan; Murakami, Elaine

2015-12-29

Despite the significant effort and expense to collect high-resolution Global Positioning System (GPS) data in travel surveys, privacy concerns often lead to its underutilization. This paper describes development of the Transportation Secure Data Center (TSDC) to address this dilemma of providing data access while preserving privacy. Furthermore, the TSDC operating structure was developed in consultation with an advisory committee and includes: a secure enclave with no external access for backing up and processing raw data, a publicly accessible website for downloading cleansed data, and a secure portal environment through which approved users can work with detailed spatial data using amore » variety of tools and reference information.« less

10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Access to restricted data and national security... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

Secure access to patient's health records using SpeechXRays a mutli-channel biometrics platform for user authentication.

PubMed

Spanakis, Emmanouil G; Spanakis, Marios; Karantanas, Apostolos; Marias, Kostas

2016-08-01

The most commonly used method for user authentication in ICT services or systems is the application of identification tools such as passwords or personal identification numbers (PINs). The rapid development in ICT technology regarding smart devices (laptops, tablets and smartphones) has allowed also the advance of hardware components that capture several biometric traits such as fingerprints and voice. These components are aiming among others to overcome weaknesses and flaws of password usage under the prism of improved user authentication with higher level of security, privacy and usability. To this respect, the potential application of biometrics for secure user authentication regarding access in systems with sensitive data (i.e. patient's data from electronic health records) shows great potentials. SpeechXRays aims to provide a user recognition platform based on biometrics of voice acoustics analysis and audio-visual identity verification. Among others, the platform aims to be applied as an authentication tool for medical personnel in order to gain specific access to patient's electronic health records. In this work a short description of SpeechXrays implementation tool regarding eHealth is provided and analyzed. This study explores security and privacy issues, and offers a comprehensive overview of biometrics technology applications in addressing the e-Health security challenges. We present and describe the necessary requirement for an eHealth platform concerning biometric security.

75 FR 67363 - Notice of Public Information Collection(s) Being Reviewed by the Federal Communications...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-02

... proceeding were required to file system security statements under the Commission's rules. (Security systems..., including broadband Internet access and interconnected VoIP providers, must file updates to their systems... Commission's rules, the information in the CALEA security system filings and petitions will not be made...

33 CFR 105.255 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and facilities; (4) Granting access to only those responding to the security incident or threat... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.255 Security...

A Flexible Component based Access Control Architecture for OPeNDAP Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

2010-05-01

Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC. These components filter requests to the service they protect and apply the required authentication and authorisation schemes. Filters have been developed for OpenID and SSL client based authentication. The latter enabling access with MyProxy issued credentials. By preserving a clear separation between the security and application functionality, multiple authentication technologies may be supported without the need for modification to the underlying OPeNDAP application. The software has been developed in the Python programming language securing the Python based OPeNDAP implementation, PyDAP. This utilises the Python WSGI (Web Server Gateway Interface) specification to create distinct security filter components. Work is also currently underway to develop a parallel Java based filter implementation to secure the THREDDS Data Server. Whilst the ability to apply this flexible approach to the server side security layer is important, the development of compatible client software is vital to the take up of these services across a wide user base. To date PyDAP and wget based clients have been tested and work is planned to integrate the required security interface into the netCDF API. This forms part of ongoing collaboration with the OPeNDAP user and development community to ensure interoperability.

75 FR 37971 - Providing Stability and Security for Medicare Reimbursements

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-30

... disruption to, or administrative burden on, Medicare physicians and other affected providers and to minimize any disruption in the ability of Medicare beneficiaries to access necessary services: (a) Direct the... beneficiaries from any disruption to their access to services that may be occasioned by the reprocessing of...

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

DTIC Science & Technology

2010-07-01

Cloud computing , an emerging form of computing in which users have access to scalable, on-demand capabilities that are provided through Internet... cloud computing , (2) the information security implications of using cloud computing services in the Federal Government, and (3) federal guidance and...efforts to address information security when using cloud computing . The complete report is titled Information Security: Federal Guidance Needed to

Develop 3G Application with The J2ME SATSA API

NASA Astrophysics Data System (ADS)

JunWu, Xu; JunLing, Liang

This paper describes research in the use of the Security and Trust Services API for J2ME (SATSA) to develop mobile applications. for 3G networks. SATSA defines a set of APIs that allows J2ME applications to communicate with and access functionality, secure storage and cryptographic operations provided by security elements such as smart cards and Wireless Identification Modules (WIM). A Java Card application could also work as an authentication module in a J2ME-based e-bank application. The e-bank application would allow its users to access their bank accounts using their cell phones.

Threats and risks to information security: a practical analysis of free access wireless networks

NASA Astrophysics Data System (ADS)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

PubMed

Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

2018-04-28

Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

COPERNICUS - The European Union Earth Observation Programme - State of play and way ahead

NASA Astrophysics Data System (ADS)

Koch, Astrid-Christina

2015-04-01

Copernicus is the new name of the European Earth Observation Programme, GMES (Global Monitoring for Environment and Security). Copernicus or rather its predecessor was established as an EU programme. It covers all the activities for ensuring an uninterrupted provision of accurate and reliable data and information on environmental issues and security matters to users in charge of policy making, implementation and monitoring, in the EU and its Member States. Copernicus aims at providing Europe with a continuous, independent and reliable access to observation data and information. The EU investment aims at filling the observation gaps, providing access to existing assets and developing operational services. The data policy of the Copernicus programme supports an open, full and free of charge data access that is in line with the data sharing principles of the Group for Earth Observation (GEO). Copernicus is structured in six Services: Marine, Atmosphere, Land and Climate change monitoring as well as support to Emergency and Security. Copernicus uses data from satellites and in-situ sensors such as buoys, balloons or air sensors to provide timely and reliable added-value information and forecasting to support for example, agriculture and fisheries, land use and urban planning, the fight against forest fires, disaster response, maritime transport or air pollution monitoring. The need for continuing such observations is becoming critical, considering the increasing political pressure on public authorities to take informed decisions in the field of environment, security and climate change and the need to respect international agreements. Copernicus also contributes to economic stability and growth by boosting commercial applications (the so-called downstream services) in many different sectors through a full and open access to Copernicus observation data and information products. KEY WORDS: Sentinels, big data, data access, Emergency, Marine, Atmosphere.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, T.

SPI/U3.1 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Inspector Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, Tony

SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

NASA Astrophysics Data System (ADS)

Ahmad, Mushtaq

Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

76 FR 72227 - Order Extending Temporary Conditional Exemption for Nationally Recognized Statistical Rating...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-22

... interest: issuing or maintaining a credit rating for a security or money market instrument issued by an... the issuer, sponsor, or underwriter of the security or money market instrument. 17 CFR 240.17g-5(b)(9... represents the information provided to the hired NRSRO can be accessed by other NRSROs; Provide free and...

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Establishing a Secure Data Center with Remote Access: Preprint

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gonder, J.; Burton, E.; Murakami, E.

2012-04-01

Access to existing travel data is critical for many analysis efforts that lack the time or resources to support detailed data collection. High-resolution data sets provide particular value, but also present a challenge for preserving the anonymity of the original survey participants. To address this dilemma of providing data access while preserving privacy, the National Renewable Energy Laboratory and the U.S. Department of Transportation have launched the Transportation Secure Data Center (TSDC). TSDC data sets include those from regional travel surveys and studies that increasingly use global positioning system devices. Data provided by different collecting agencies varies with respect tomore » formatting, elements included and level of processing conducted in support of the original purpose. The TSDC relies on a number of geospatial and other analysis tools to ensure data quality and to generate useful information outputs. TSDC users can access the processed data in two different ways. The first is by downloading summary results and second-by-second vehicle speed profiles (with latitude/longitude information removed) from a publicly-accessible website. The second method involves applying for a remote connection account to a controlled-access environment where spatial analysis can be conducted, but raw data cannot be removed.« less

Access Control of Web and Java Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

Tao of Gateway: Providing Internet Access to Licensed Databases.

ERIC Educational Resources Information Center

McClellan, Gregory A.; Garrison, William V.

1997-01-01

Illustrates an approach for providing networked access to licensed databases over the Internet by positioning the library between patron and vendor. Describes how the gateway systems and database connection servers work and discusses how treatment of security has evolved with the introduction of the World Wide Web. Outlines plans to reimplement…

Food Security and Women's Access to Natural Resources workshop; a brief report.

PubMed

1997-01-01

This article describes the workshop on Food Security and Women's Access to Natural Resources, held in January 1997 in Mumbai, India. The workshop was organized jointly by the Tata Institute of Social Sciences and the Indian Association of Women's Studies. The aim was to examine the food security situation in Maharashtra and Gujarat states in the west, the initiative to build alternative institutions, legal changes augmenting industrialization, and how traditional rights to common property resources can be legalized and how the poor can have access to new resources. The workshop organizers were unable to obtain experts on some topics. Core discussion centered on changes in industrialization, natural resources, gender and food security; access to natural resources and poverty alleviation programs; initiatives to create food security; and laws related to access to land and water. Discussions revealed the alienation of small and marginal farmers, landless laborers, and artisans from their livelihoods and survival strategies for these disenfranchised groups. The design of drought eradication and water conservation programs did not permit women and men working at construction sites to have access to the program assets. Case studies revealed situations in which women won the right of access to community water and then negotiated for land in lease. The women used landowners to negotiate credit and access development program assets, but normal channels of the National Bank of Agricultural Research and Development could have provided these benefits. Participants discussed how governments can be held accountable and how public funds could be used to revamp poverty alleviation and asset creation programs. All agreed that macrolevel development should give priority to agricultural development and legal constraints or problems. Five follow-up activities are identified.

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

Turning Access into a web-enabled secure information system for clinical trials.

PubMed

Dongquan Chen; Chen, Wei-Bang; Soong, Mayhue; Soong, Seng-Jaw; Orthner, Helmuth F

2009-08-01

Organizations that have limited resources need to conduct clinical studies in a cost-effective, but secure way. Clinical data residing in various individual databases need to be easily accessed and secured. Although widely available, digital certification, encryption, and secure web server, have not been implemented as widely, partly due to a lack of understanding of needs and concerns over issues such as cost and difficulty in implementation. The objective of this study was to test the possibility of centralizing various databases and to demonstrate ways of offering an alternative to a large-scale comprehensive and costly commercial product, especially for simple phase I and II trials, with reasonable convenience and security. We report a working procedure to transform and develop a standalone Access database into a secure Web-based secure information system. For data collection and reporting purposes, we centralized several individual databases; developed, and tested a web-based secure server using self-issued digital certificates. The system lacks audit trails. The cost of development and maintenance may hinder its wide application. The clinical trial databases scattered in various departments of an institution could be centralized into a web-enabled secure information system. The limitations such as the lack of a calendar and audit trail can be partially addressed with additional programming. The centralized Web system may provide an alternative to a comprehensive clinical trial management system.

KSC-03PD-2451

NASA Technical Reports Server (NTRS)

2003-01-01

KENNEDY SPACE CENTER, FLA. Daniel L. Tweed, with the Facilities Division, NASA Spaceport Services, addresses attendees at the ribbon cutting for the KSC Security gates. Tweed was project manager. The two new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3) were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily. Others taking part in the ribbon cutting were Center Director Jim Kennedy; Chief, Protective & Safe Guards Office, Calvin L. Burch; SGS Deputy Program Manager William A. Sample; and Bobby Porter, with Oneida Construction.

Building the Digital Library Infrastructure: A Primer.

ERIC Educational Resources Information Center

Tebbetts, Diane R.

1999-01-01

Provides a framework for examining the complex infrastructure needed to successfully implement a digital library. Highlights include database development, online public-access catalogs, interactive technical services, full-text documents, hardware and wiring, licensing, access, and security issues. (Author/LRW)

Archiving Data from New Survey Technologies: Lessons Learned on Enabling Research with High-Precision Data While Preserving Participant Privacy: Preprint

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gonder, J.; Burton, E.; Murakami, E.

2014-11-01

During the past 15 years, increasing numbers of organizations and planning agencies have begun collecting high-resolution Global Positioning System (GPS) travel data. Despite the significant effort and expense to collect it, privacy concerns often lead to underutilization of the data. To address this dilemma of providing data access while preserving privacy, the National Renewable Energy Laboratory, with support from the U.S. Department of Transportation and U.S. Department of Energy, established the Transportation Secure Data Center (TSDC). Lessons drawn from best-practice examples from other data centers have helped shape the structure and operating procedures for the TSDC, which functions under themore » philosophy of first and foremost preserving privacy, but doing so in a way that balances security with accessibility and usability of the data for legitimate research. This paper provides details about the TSDC approach toward achieving these goals, which has included creating a secure enclave with no external access for backing up and processing raw data, a publicly accessible website for downloading cleansed data, and a secure portal environment through which approved users can work with detailed spatial data using a variety of tools and reference information. This paper also describes lessons learned from operating the TSDC with respect to improvements in GPS data handling, processing, and user support, along with plans for continual enhancements to better support the needs of both data providers and users and to thus advance the research value derived from such valuable data.« less

Security in the CernVM File System and the Frontier Distributed Database Caching System

NASA Astrophysics Data System (ADS)

Dykstra, D.; Blomer, J.

2014-06-01

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

36 CFR 1256.70 - What controls access to national security-classified information?

Code of Federal Regulations, 2010 CFR

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held December 9, 2010...

75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held March 10, 2011, from...

76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-21

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held February 8, 2011...

75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-06

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held November 2, 2010...

76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems DATES: The meeting will be held April 13, 2011, from...

Dye filled security seal

DOEpatents

Wilson, Dennis C. W.

1982-04-27

A security seal for providing an indication of unauthorized access to a sealed object includes an elongate member to be entwined in the object such that access is denied unless the member is removed. The elongate member has a hollow, pressurizable chamber extending throughout its length that is filled with a permanent dye under greater than atmospheric pressure. Attempts to cut the member and weld it together are revealed when dye flows through a rupture in the chamber wall and stains the outside surface of the member.

Global Access-controlled Transfer e-frame (GATe)

DOE Office of Scientific and Technical Information (OSTI.GOV)

2012-05-30

Global Access-controlled Transfer e-frame (GATe) was designed to take advantage of the patterns that occur during an electronic record transfer process. The e-frame (or electronic framework or platform) is the foundation for developing secure information transfer to meet classified and unclassified business processes and is particularly useful when there is a need to share information with various entities in a controlled and secure environment. It can share, search, upload, download and retrieve sensitive information, as well as provides reporting capabilities.

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

EEL hits provision of NRC's proposed security rules

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

1985-06-01

The Edison Electric Institute (EEI) opposes key provisions in the Nuclear Regulatory Commission's proposed rules for the security of nuclear plants. The objections focus on areas of nuclear plant access, physical protection of facilities, and personal searches. EEI feels that the nuclear industry has implemented effective access measures to provide reasonable assurance against insider threats. It objects to the proposal that workers denied access authorization could petition for a review of their case under conventional labor-management collective bargaining agreements. A counter-proposal by EEI exempts authorizes employees from pat-down searches on the grounds that such searches will make employees unhappy andmore » lower productivity.« less

Institutional Change for Improving Accessibility in the Design and Delivery of Distance Learning--The Role of Faculty Accessibility Specialists at the Open University

ERIC Educational Resources Information Center

Slater, Rachel; Pearson, Victoria K.; Warren, James P.; Forbes, Tina

2015-01-01

The Open University (OU) has an established infrastructure for supporting disabled students. Historically, the thrust of this has focused on providing accessible adjustments post-production. In 2012, the OU implemented securing greater accessibility (SeGA) to raise awareness and bring about an institutional change to curriculum design so that the…

New Advanced Technologies to Provide Decentralised and Secure Access to Medical Records: Case Studies in Oncology

PubMed Central

Quantin, Catherine; Coatrieux, Gouenou; Allaert, François André; Fassa, Maniane; Bourquard, Karima; Boire, Jean-Yves; de Vlieger, Paul; Maigne, Lydia; Breton, Vincent

2009-01-01

The main problem for health professionals and patients in accessing information is that this information is very often distributed over many medical records and locations. This problem is particularly acute in cancerology because patients may be treated for many years and undergo a variety of examinations. Recent advances in technology make it feasible to gain access to medical records anywhere and anytime, allowing the physician or the patient to gather information from an “ephemeral electronic patient record”. However, this easy access to data is accompanied by the requirement for improved security (confidentiality, traceability, integrity, ...) and this issue needs to be addressed. In this paper we propose and discuss a decentralised approach based on recent advances in information sharing and protection: Grid technologies and watermarking methodologies. The potential impact of these technologies for oncology is illustrated by the examples of two experimental cases: a cancer surveillance network and a radiotherapy treatment plan. It is expected that the proposed approach will constitute the basis of a future secure “google-like” access to medical records. PMID:19718446

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted Data...

Data Security: Locked Down, Not out

ERIC Educational Resources Information Center

Waters, John K.

2007-01-01

The problem with traditional, perimeterbased security methods is twofold: First, they can stifle the educational mission that district networks were created to encourage. Firewalls can thwart hackers, but they can also prevent staff and students from accessing online tools or information. Second, these approaches tend to provide inadequate…

Audited credential delegation: a usable security solution for the virtual physiological human toolkit.

PubMed

Haidar, Ali N; Zasada, Stefan J; Coveney, Peter V; Abdallah, Ali E; Beckles, Bruce; Jones, Mike A S

2011-06-06

We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username-password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale.

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

PubMed Central

Haidar, Ali N.; Zasada, Stefan J.; Coveney, Peter V.; Abdallah, Ali E.; Beckles, Bruce; Jones, Mike A. S.

2011-01-01

We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username–password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale. PMID:22670214

Access Requirement Analysis of E-Governance Systems

NASA Astrophysics Data System (ADS)

Kim, Tai-Hoon

The strategic and contemporary importance of e-governance has been recognized across the world. In India too, various ministries of Govt. of India and State Governments have taken e-governance initiatives to provide e-services to citizens and the business they serve. To achieve the mission objectives, and make such e-governance initiatives successful it would be necessary to improve the trust and confidence of the stakeholders. It is assumed that the delivery of government services will share the same public network information that is being used in the community at large. In particular, the Internet will be the principal means by which public access to government and government services will be achieved. To provide the security measures main aim is to identify user's access requirement for the stakeholders and then according to the models of Nath's approach. Based on this analysis, the Govt. can also make standards of security based on the e-governance models. Thus there will be less human errors and bias. This analysis leads to the security architecture of the specific G2C application.

Model Based User's Access Requirement Analysis of E-Governance Systems

NASA Astrophysics Data System (ADS)

Saha, Shilpi; Jeon, Seung-Hwan; Robles, Rosslin John; Kim, Tai-Hoon; Bandyopadhyay, Samir Kumar

The strategic and contemporary importance of e-governance has been recognized across the world. In India too, various ministries of Govt. of India and State Governments have taken e-governance initiatives to provide e-services to citizens and the business they serve. To achieve the mission objectives, and make such e-governance initiatives successful it would be necessary to improve the trust and confidence of the stakeholders. It is assumed that the delivery of government services will share the same public network information that is being used in the community at large. In particular, the Internet will be the principal means by which public access to government and government services will be achieved. To provide the security measures main aim is to identify user's access requirement for the stakeholders and then according to the models of Nath's approach. Based on this analysis, the Govt. can also make standards of security based on the e-governance models. Thus there will be less human errors and bias. This analysis leads to the security architecture of the specific G2C application.

44 CFR 16.149 - Program accessibility: Discrimination prohibited.

Code of Federal Regulations, 2012 CFR

2012-10-01

...: Discrimination prohibited. 16.149 Section 16.149 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL ENFORCEMENT OF NONDISCRIMINATION ON THE BASIS OF HANDICAP... accessibility: Discrimination prohibited. Except as otherwise provided in § 16.150, no qualified individual with...

Status of Optical Disk Standards and Copy Protection Technology

DTIC Science & Technology

2000-01-01

Technology (IT), the Consumer Electronics (CE) and the Content Providers such as the Motion Picture Association (MPA) and Secure Digital Music ...and Access Control. On audio recording, Secure Digital Music Initiative (SDMI) is leading the effort. 10 Besides these organizations, a world wide...coordinating orgainzation which ia working with the Information Technology Inductry Association (ITI), the Content Providers such as the Motion Picture

Authenticated IGMP for Controlling Access to Multicast Distribution Tree

NASA Astrophysics Data System (ADS)

Park, Chang-Seop; Kang, Hyun-Sun

A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

KENNEDY SPACE CENTER, FLA. - Key officials are poised to cut the ribbon officially dedicating the new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3). From left are Wally Schroeder, with Jones, Edmunds & Associates; Bobby Porter, with Oneida Construction; Daniel Tweed, NASA project manager; Jim Kennedy, Center director; and William Sample, SGS deputy program manager. The new gates were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily.

NASA Image and Video Library

2003-08-27

KENNEDY SPACE CENTER, FLA. - Key officials are poised to cut the ribbon officially dedicating the new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3). From left are Wally Schroeder, with Jones, Edmunds & Associates; Bobby Porter, with Oneida Construction; Daniel Tweed, NASA project manager; Jim Kennedy, Center director; and William Sample, SGS deputy program manager. The new gates were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily.

Network information security in a phase III Integrated Academic Information Management System (IAIMS).

PubMed

Shea, S; Sengupta, S; Crosswell, A; Clayton, P D

1992-01-01

The developing Integrated Academic Information System (IAIMS) at Columbia-Presbyterian Medical Center provides data sharing links between two separate corporate entities, namely Columbia University Medical School and The Presbyterian Hospital, using a network-based architecture. Multiple database servers with heterogeneous user authentication protocols are linked to this network. "One-stop information shopping" implies one log-on procedure per session, not separate log-on and log-off procedures for each server or application used during a session. These circumstances provide challenges at the policy and technical levels to data security at the network level and insuring smooth information access for end users of these network-based services. Five activities being conducted as part of our security project are described: (1) policy development; (2) an authentication server for the network; (3) Kerberos as a tool for providing mutual authentication, encryption, and time stamping of authentication messages; (4) a prototype interface using Kerberos services to authenticate users accessing a network database server; and (5) a Kerberized electronic signature.

76 FR 20783 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Order Granting Approval of...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-13

... rates and descriptive information about Auction Rate Securities (``ARS'') and Variable Rate Demand... interest rate setting mechanisms for ARS and liquidity facilities for VDROs, information about orders submitted for an ARS auction, and additional information about VRDOs.\\5\\ To provide subscribers with access...

76 FR 11547 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-02

... interest rates and descriptive information about Auction Rate Securities (``ARS'') and Variable Rate Demand... interest rate setting mechanisms for ARS and liquidity facilities for VRDOs, information about orders submitted for an ARS auction, and additional information about VRDOs.\\4\\ To provide subscribers with access...

Emerging Technology for School Security

ERIC Educational Resources Information Center

Doss, Kevin T.

2012-01-01

Locks and keys ring up huge costs for education institutions. No wonder many facility directors and public-safety directors have turned to automated access-control systems with magnetic-stripe cards, proximity cards and, most recently, smart cards. Smart cards can provide a host of on- and off-campus services beyond security. In addition to…

Designing, Implementing, and Evaluating Secure Web Browsers

ERIC Educational Resources Information Center

Grier, Christopher L.

2009-01-01

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

Are personal health records safe? A review of free web-accessible personal health record privacy policies.

PubMed

Carrión Señor, Inmaculada; Fernández-Alemán, José Luis; Toval, Ambrosio

2012-08-23

Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users' concerns regarding the privacy and security of their personal health information. To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users' accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low.

Are Personal Health Records Safe? A Review of Free Web-Accessible Personal Health Record Privacy Policies

PubMed Central

Fernández-Alemán, José Luis; Toval, Ambrosio

2012-01-01

Background Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users’ concerns regarding the privacy and security of their personal health information. Objective To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. Methods We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. Results The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users’ accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Conclusions Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low. PMID:22917868

Privacy & Security Notice | Argonne National Laboratory

Science.gov Websites

server logs: The Internet Protocol (IP) address of the domain from which you access the Internet (i.e service to authorized users, to access, obtain, alter, damage, or destroy information, or otherwise to . 123.456.789.012) whether yours individually or provided as a proxy by your Internet Service Provider (ISP), The

Globus Identity, Access, and Data Management: Platform Services for Collaborative Science

NASA Astrophysics Data System (ADS)

Ananthakrishnan, R.; Foster, I.; Wagner, R.

2016-12-01

Globus is software-as-a-service for research data management, developed at, and operated by, the University of Chicago. Globus, accessible at www.globus.org, provides high speed, secure file transfer; file sharing directly from existing storage systems; and data publication to institutional repositories. 40,000 registered users have used Globus to transfer tens of billions of files totaling hundreds of petabytes between more than 10,000 storage systems within campuses and national laboratories in the US and internationally. Web, command line, and REST interfaces support both interactive use and integration into applications and infrastructures. An important component of the Globus system is its foundational identity and access management (IAM) platform service, Globus Auth. Both Globus research data management and other applications use Globus Auth for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and a range of clients, including web, mobile, and desktop applications, and other services. Compliant with important standards such as OAuth, OpenID, and SAML, Globus Auth provides mechanisms required for an extensible, integrated ecosystem of services and clients for the research and education community. It underpins projects such as the US National Science Foundation's XSEDE system, NCAR's Research Data Archive, and the DOE Systems Biology Knowledge Base. Current work is extending Globus services to be compliant with FEDRAMP standards for security assessment, authorization, and monitoring for cloud services. We will present Globus IAM solutions and give examples of Globus use in various projects for federated access to resources. We will also describe how Globus Auth and Globus research data management capabilities enable rapid development and low-cost operations of secure data sharing platforms that leverage Globus services and integrate them with local policy and security.

Driving toward guiding principles: a goal for privacy, confidentiality, and security of health information.

PubMed

Buckovich, S A; Rippen, H E; Rozen, M J

1999-01-01

As health care moves from paper to electronic data collection, providing easier access and dissemination of health information, the development of guiding privacy, confidentiality, and security principles is necessary to help balance the protection of patients' privacy interests against appropriate information access. A comparative review and analysis was done, based on a compilation of privacy, confidentiality, and security principles from many sources. Principles derived from ten identified sources were compared with each of the compiled principles to assess support level, uniformity, and inconsistencies. Of 28 compiled principles, 23 were supported by at least 50 percent of the sources. Technology could address at least 12 of the principles. Notable consistencies among the principles could provide a basis for consensus for further legislative and organizational work. It is imperative that all participants in our health care system work actively toward a viable resolution of this information privacy debate.

33 CFR 104.265 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... security measures to: (1) Deter the unauthorized introduction of dangerous substances and devices...

Agent of opportunity risk mitigation: people, engineering, and security efficacy.

PubMed

Graham, Margaret E; Tunik, Michael G; Farmer, Brenna M; Bendzans, Carly; McCrillis, Aileen M; Nelson, Lewis S; Portelli, Ian; Smith, Silas; Goldberg, Judith D; Zhang, Meng; Rosenberg, Sheldon D; Goldfrank, Lewis R

2010-12-01

Agents of opportunity (AO) are potentially harmful biological, chemical, radiological, and pharmaceutical substances commonly used for health care delivery and research. AOs are present in all academic medical centers (AMC), creating vulnerability in the health care sector; AO attributes and dissemination methods likely predict risk; and AMCs are inadequately secured against a purposeful AO dissemination, with limited budgets and competing priorities. We explored health care workers' perceptions of AMC security and the impact of those perceptions on AO risk. Qualitative methods (survey, interviews, and workshops) were used to collect opinions from staff working in a medical school and 4 AMC-affiliated hospitals concerning AOs and the risk to hospital infrastructure associated with their uncontrolled presence. Secondary to this goal, staff perception concerning security, or opinions about security behaviors of others, were extracted, analyzed, and grouped into themes. We provide a framework for depicting the interaction of staff behavior and access control engineering, including the tendency of staff to "defeat" inconvenient access controls. In addition, 8 security themes emerged: staff security behavior is a significant source of AO risk; the wide range of opinions about "open" front-door policies among AMC staff illustrates a disparity of perceptions about the need for security; interviewees expressed profound skepticism concerning the effectiveness of front-door access controls; an AO risk assessment requires reconsideration of the security levels historically assigned to areas such as the loading dock and central distribution sites, where many AOs are delivered and may remain unattended for substantial periods of time; researchers' view of AMC security is influenced by the ongoing debate within the scientific community about the wisdom of engaging in bioterrorism research; there was no agreement about which areas of the AMC should be subject to stronger access controls; security personnel play dual roles of security and customer service, creating the negative perception that neither role is done well; and budget was described as an important factor in explaining the state of security controls. We determined that AMCs seeking to reduce AO risk should assess their institutionally unique AO risks, understand staff security perceptions, and install access controls that are responsive to the staff's tendency to defeat them. The development of AO attribute fact sheets is desirable for AO risk assessment; new funding and administrative or legislative tools to improve AMC security are required; and security practices and methods that are convenient and effective should be engineered.

46 CFR 160.010-3 - Inflatable buoyant apparatus.

Code of Federal Regulations, 2011 CFR

2011-10-01

... MATERIALS: SPECIFICATIONS AND APPROVAL LIFESAVING EQUIPMENT Buoyant Apparatus for Merchant Vessels § 160.010... container accessible to the occupants, or otherwise secured to the apparatus. Duplicate equipment must be provided, for each side of a reversible inflatable buoyant apparatus, if the equipment is not accessible...

46 CFR 160.010-3 - Inflatable buoyant apparatus.

Code of Federal Regulations, 2010 CFR

2010-10-01

... MATERIALS: SPECIFICATIONS AND APPROVAL LIFESAVING EQUIPMENT Buoyant Apparatus for Merchant Vessels § 160.010... container accessible to the occupants, or otherwise secured to the apparatus. Duplicate equipment must be provided, for each side of a reversible inflatable buoyant apparatus, if the equipment is not accessible...

A Policy Language for Modelling Recommendations

NASA Astrophysics Data System (ADS)

Abou El Kalam, Anas; Balbiani, Philippe

While current and emergent applications become more and more complex, most of existing security policies and models only consider a yes/no response to the access requests. Consequently, modelling, formalizing and implementing permissions, obligations and prohibitions do not cover the richness of all the possible scenarios. In fact, several applications have access rules with the recommendation access modality. In this paper we focus on the problem of formalizing security policies with recommendation needs. The aim is to provide a generic domain-independent formal system for modelling not only permissions, prohibitions and obligations, but also recommendations. In this respect, we present our logic-based language, the semantics, the truth conditions, our axiomatic as well as inference rules. We also give a representative use case with our specification of recommendation requirements. Finally, we explain how our logical framework could be used to query the security policy and to check its consistency.

MediaTracker system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sandoval, D. M.; Strittmatter, R. B.; Abeyta, J. D.

2004-01-01

The initial objectives of this effort were to provide a hardware and software platform that can address the requirements for the accountability of classified removable electronic media and vault access logging. The Media Tracker system software assists classified media custodian in managing vault access logging and Media Tracking to prevent the inadvertent violation of rules or policies for the access to a restricted area and the movement and use of tracked items. The MediaTracker system includes the software tools to track and account for high consequence security assets and high value items. The overall benefits include: (1) real-time access tomore » the disposition of all Classified Removable Electronic Media (CREM), (2) streamlined security procedures and requirements, (3) removal of ambiguity and managerial inconsistencies, (4) prevention of incidents that can and should be prevented, (5) alignment with the DOE's initiative to achieve improvements in security and facility operations through technology deployment, and (6) enhanced individual responsibility by providing a consistent method of dealing with daily responsibilities. In response to initiatives to enhance the control of classified removable electronic media (CREM), the Media Tracker software suite was developed, piloted and implemented at the Los Alamos National Laboratory beginning in July 2000. The Media Tracker software suite assists in the accountability and tracking of CREM and other high-value assets. One component of the MediaTracker software suite provides a Laboratory-approved media tracking system. Using commercial touch screen and bar code technology, the MediaTracker (MT) component of the MediaTracker software suite provides an efficient and effective means to meet current Laboratory requirements and provides new-engineered controls to help assure compliance with those requirements. It also establishes a computer infrastructure at vault entrances for vault access logging, and can accommodate several methods of positive identification including smart cards and biometrics. Currently, we have three mechanisms that provide added security for accountability and tracking purposes. One mechanism consists of a portable, hand-held inventory scanner, which allows the custodian to physically track the items that are not accessible within a particular area. The second mechanism is a radio frequency identification (RFID) consisting of a monitoring portal, which tracks and logs in a database all activity tagged of items that pass through the portals. The third mechanism consists of an electronic tagging of a flash memory device for automated inventory of CREM in storage. By modifying this USB device the user is provided with added assurance, limiting the data from being obtained from any other computer.« less

Adherence to antiretroviral therapy among a conflict-affected population in Northeastern Uganda: a qualitative study.

PubMed

Olupot-Olupot, Peter; Katawera, Andrew; Cooper, Curtis; Small, Will; Anema, Aranka; Mills, Edward

2008-09-12

We aimed to determine patient and health worker concerns regarding antiretroviral adherence in a conflict-affected population using focus groups (n = 40) and semi-structured interviews (n = 11). Patient concerns include security attending clinics, food security, distance to health centers and access to health providers. During periods of famine and flooding, the lack of food security and only single daily meals makes taking multiple doses impossible. Possible facilitating strategies included mobile teams, increased security and regularity of drug stocks.

17 CFR 200.510 - Access by historical researchers.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Access by historical researchers. 200.510 Section 200.510 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Security Information and Material § 200.510 Access by historical researchers. (a) Persons outside the...

17 CFR 200.510 - Access by historical researchers.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Access by historical researchers. 200.510 Section 200.510 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Security Information and Material § 200.510 Access by historical researchers. (a) Persons outside the...

17 CFR 200.510 - Access by historical researchers.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Access by historical researchers. 200.510 Section 200.510 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Security Information and Material § 200.510 Access by historical researchers. (a) Persons outside the...

Protection of data carriers using secure optical codes

NASA Astrophysics Data System (ADS)

Peters, John A.; Schilling, Andreas; Staub, René; Tompkin, Wayne R.

2006-02-01

Smartcard technologies, combined with biometric-enabled access control systems, are required for many high-security government ID card programs. However, recent field trials with some of the most secure biometric systems have indicated that smartcards are still vulnerable to well equipped and highly motivated counterfeiters. In this paper, we present the Kinegram Secure Memory Technology which not only provides a first-level visual verification procedure, but also reinforces the existing chip-based security measures. This security concept involves the use of securely-coded data (stored in an optically variable device) which communicates with the encoded hashed information stored in the chip memory via a smartcard reader device.

Consumer Attitudes and Perceptions on mHealth Privacy and Security: Findings From a Mixed-Methods Study.

PubMed

Atienza, Audie A; Zarcadoolas, Christina; Vaughon, Wendy; Hughes, Penelope; Patel, Vaishali; Chou, Wen-Ying Sylvia; Pritts, Joy

2015-01-01

This study examined consumers' attitudes and perceptions regarding mobile health (mHealth) technology use in health care. Twenty-four focus groups with 256 participants were conducted in 5 geographically diverse locations. Participants were also diverse in age, education, race/ethnicity, gender, and rural versus urban settings. Several key themes emerged from the focus groups. Findings suggest that consumer attitudes regarding mHealth privacy/security are highly contextualized, with concerns depending on the type of information being communicated, where and when the information is being accessed, who is accessing or seeing the information, and for what reasons. Consumers frequently considered the tradeoffs between the privacy/security of using mHealth technologies and the potential benefits. Having control over mHealth privacy/security features and trust in providers were important issues for consumers. Overall, this study found significant diversity in attitudes regarding mHealth privacy/security both within and between traditional demographic groups. Thus, to address consumers' concerns regarding mHealth privacy and security, a one-size-fits-all approach may not be adequate. Health care providers and technology developers should consider tailoring mHealth technology according to how various types of information are communicated in the health care setting, as well as according to the comfort, skills, and concerns individuals may have with mHealth technology.

In Internet-Based Visualization System Study about Breakthrough Applet Security Restrictions

NASA Astrophysics Data System (ADS)

Chen, Jie; Huang, Yan

In the process of realization Internet-based visualization system of the protein molecules, system needs to allow users to use the system to observe the molecular structure of the local computer, that is, customers can generate the three-dimensional graphics from PDB file on the client computer. This requires Applet access to local file, related to the Applet security restrictions question. In this paper include two realization methods: 1.Use such as signature tools, key management tools and Policy Editor tools provided by the JDK to digital signature and authentication for Java Applet, breakthrough certain security restrictions in the browser. 2. Through the use of Servlet agent implement indirect access data methods, breakthrough the traditional Java Virtual Machine sandbox model restriction of Applet ability. The two ways can break through the Applet's security restrictions, but each has its own strengths.

Improving the Automated Detection and Analysis of Secure Coding Violations

DTIC Science & Technology

2014-06-01

eliminating software vulnerabilities and other flaws. The CERT Division produces books and courses that foster a security mindset in developers, and...website also provides a virtual machine containing a complete build of the Rosecheckers project on Linux . The Rosecheckers project leverages the...Compass/ROSE6 project developed at Law- rence Livermore National Laboratory. This project provides a high-level API for accessing the abstract syntax tree

Roadmap for Teacher Access to Student-Level Longitudinal Data: Key Focus Areas to Ensure Quality Implementation. Data for Action

ERIC Educational Resources Information Center

Data Quality Campaign, 2014

2014-01-01

Teachers have access to information about the students in their classrooms each year, but schools and districts often cannot provide teachers with longitudinal data (or data linked over time). Given resource constraints in schools and districts, states are best positioned to ensure that teachers have secure access to their students' longitudinal…

10 CFR 1046.14 - Access authorization.

Code of Federal Regulations, 2010 CFR

2010-01-01

... authorization for the highest level of classified matter to which they potentially have access. Security police... by the site security organization and approved by the Head of the Field Element. Security police officers shall possess a minimum of an “L” or DOE Secret access authorization. Security police officers...

12 CFR Appendix F to Part 225 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2012 CFR

2012-01-01

... only to authorized individuals and controls to prevent employees from providing customer information to unauthorized individuals who may seek to obtain this information through fraudulent means. b. Access... records storage facilities to permit access only to authorized individuals; c. Encryption of electronic...

12 CFR Appendix F to Part 225 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2014 CFR

2014-01-01

... only to authorized individuals and controls to prevent employees from providing customer information to unauthorized individuals who may seek to obtain this information through fraudulent means. b. Access... records storage facilities to permit access only to authorized individuals; c. Encryption of electronic...

Climbing the Mountain: The Americans with Disabilities Act and Libraries.

ERIC Educational Resources Information Center

Lenn, Katy

1993-01-01

Provides suggestions for academic libraries to comply with the Americans with Disabilities Act. Topics addressed are planning, including patron surveys; physical access to buildings; signage; library security systems; furniture; library services; staff development; telephone access; library acquisitions; and equipment and software. A sidebar lists…

The Digital Divide and Patient Portals: Internet Access Explained Differences in Patient Portal Use for Secure Messaging by Age, Race, and Income.

PubMed

Graetz, Ilana; Gordon, Nancy; Fung, Vick; Hamity, Courtnee; Reed, Mary E

2016-08-01

Online access to health records and the ability to exchange secure messages with physicians can improve patient engagement and outcomes; however, the digital divide could limit access to web-based portals among disadvantaged groups. To understand whether sociodemographic differences in patient portal use for secure messaging can be explained by differences in internet access and care preferences. Cross-sectional survey to examine the association between patient sociodemographic characteristics and internet access and care preferences; then, the association between sociodemographic characteristics and secure message use with and without adjusting for internet access and care preference. One thousand forty-one patients with chronic conditions in a large integrated health care delivery system (76% response rate). Internet access, portal use for secure messaging, preference for in-person or online care, and sociodemographic and health characteristics. Internet access and preference mediated some of the differences in secure message use by age, race, and income. For example, using own computer to access the internet explained 52% of the association between race and secure message use and 60% of the association between income and use (Sobel-Goodman mediation test, P<0.001 for both). Education and sex-related differences in portal use remained statistically significant when controlling for internet access and preference. As the availability and use of patient portals increase, it is important to understand which patients have limited access and the barriers they may face. Improving internet access and making portals available across multiple platforms, including mobile, may reduce some disparities in secure message use.

A federated capability-based access control mechanism for internet of things (IoTs)

NASA Astrophysics Data System (ADS)

Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

2018-05-01

The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will...

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

75 FR 3743 - Medicare Program; Meeting of the Practicing Physicians Advisory Council, March 8, 2010

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-22

... will be provided on the Physician Regulatory Issues Team. In accordance with the Council charter, we... Building, the Hubert H. Humphrey Building, Federal security measures are applicable. In planning your arrival time, we recommend allowing additional time to clear security. To gain access to the building...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

The Transportation Secure Data Center (TSDC) at www.nrel.gov/tsdc provides free, web-based access to detailed transportation data from a variety of travel surveys conducted across the nation. While preserving the privacy of survey participants, this online repository makes vital transportation data broadly available to users from the comfort of their own desks via a secure online connection.

77 FR 71201 - Order Extending Temporary Conditional Exemption for Nationally Recognized Statistical Rating...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-29

... following conflict of interest: Issuing or maintaining a credit rating for a security or money market... that was paid for by the issuer, sponsor, or underwriter of the security or money market instrument. 17...; Provide free and unlimited access to such password- protected Internet Web site during the applicable...

Immigration and Schools: Supporting Success for Undocumented Unaccompanied Homeless Youth

ERIC Educational Resources Information Center

National Association for the Education of Homeless Children and Youth, 2010

2010-01-01

Attending school and securing lawful status in the United States are two keys to safety and security for undocumented unaccompanied homeless youth. This brief is designed to provide young people, immigration attorneys and advocates, McKinney-Vento liaisons and educators with basic information to help them access these keys. After describing some…

78 FR 76741 - Revisions to the Export Administration Regulations (EAR): Unverified List (UVL)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-19

... of Defense Trade Controls of the Department of State by: Precluding access to; refusing to provide... DEPARTMENT OF COMMERCE Bureau of Industry and Security 15 CFR Parts 730, 740, 744, 756, 758, and..., Bureau of Industry and Security, Department of Commerce, Phone: (202) 482-2385 or by email at Kevin...

Computer Security Systems Enable Access.

ERIC Educational Resources Information Center

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

Security of electronic medical information and patient privacy: what you need to know.

PubMed

Andriole, Katherine P

2014-12-01

The responsibility that physicians have to protect their patients from harm extends to protecting the privacy and confidentiality of patient health information including that contained within radiological images. The intent of HIPAA and subsequent HIPAA Privacy and Security Rules is to keep patients' private information confidential while allowing providers access to and maintaining the integrity of relevant information needed to provide care. Failure to comply with electronic protected health information (ePHI) regulations could result in financial or criminal penalties or both. Protected health information refers to anything that can reasonably be used to identify a patient (eg, name, age, date of birth, social security number, radiology examination accession number). The basic tools and techniques used to maintain medical information security and patient privacy described in this article include physical safeguards such as computer device isolation and data backup, technical safeguards such as firewalls and secure transmission modes, and administrative safeguards including documentation of security policies, training of staff, and audit tracking through system logs. Other important concepts related to privacy and security are explained, including user authentication, authorization, availability, confidentiality, data integrity, and nonrepudiation. Patient privacy and security of medical information are critical elements in today's electronic health care environment. Radiology has led the way in adopting digital systems to make possible the availability of medical information anywhere anytime, and in identifying and working to eliminate any risks to patients. Copyright © 2014 American College of Radiology. Published by Elsevier Inc. All rights reserved.

Aviation Security: Background and Policy Options for Screening and Securing Air Cargo

DTIC Science & Technology

2008-02-25

today, employees with unescorted access privileges to security identification display areas ( SIDAs ) may access secured areas and aircraft without...where all-cargo aircraft are loaded and unloaded, as security identification display areas ( SIDAs ). This effectively elevates the required security

32 CFR 2700.41 - General restrictions on access.

Code of Federal Regulations, 2011 CFR

2011-07-01

... NEGOTIATIONS SECURITY INFORMATION REGULATIONS Safeguarding § 2700.41 General restrictions on access. (a) Determination of need-to-know. Classified information shall be made available to a person only when the possessor of the classified information establishes in each instance, except as provided in section 4-3 of E...

32 CFR 701.100 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-07-01

... accessible DON Web sites and unclassified non-national security information systems. (a) Scope. Governs the... systems of records. (b) Guidance. Provides guidance on how to respond to individuals who seek access to information in a PA system of records that is retrieved by their name and/or personal identifier. (c) Verify...

Access America for Students. Strategic Plan.

ERIC Educational Resources Information Center

National Partnership for Reinventing Government, Washington, DC.

This report provides an overview of a federal initiative, entitled Access America for Students, which is designed to re-engineer the way training and educational services are delivered to students. Part of the National Partnership for Reinventing Government, the initiative's major objectives are to implement privacy and security processes for…

47 CFR 64.402 - Policies and procedures for the provision of priority access service by commercial mobile radio...

Code of Federal Regulations, 2011 CFR

2011-10-01

... 47 Telecommunication 3 2011-10-01 2011-10-01 false Policies and procedures for the provision of... Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) COMMON CARRIER SERVICES (CONTINUED) MISCELLANEOUS... National Security and Emergency Preparedness personnel shall provide priority access service in accordance...

--No Title--

Science.gov Websites

You may be trying to access this site from a secured browser on the server. Please enable scripts and utilizing to make their lives easier and access to information literally at their fingertips. To make information readily available, U. S. Fleet Forces developed mobile applications to provide the

41 CFR 105-62.103 - Access to GSA-originated materials.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Administration 62-DOCUMENT SECURITY AND DECLASSIFICATION 62.1-Classified Materials § 105-62.103 Access to GSA..., provided that: (1) A written determination is made by the Administrator of General Services that such... element having classification jurisdiction for such information or material makes a written determination...

12 CFR 7.5004 - Sale of excess electronic capacity and by-products.

Code of Federal Regulations, 2010 CFR

2010-01-01

... bank's needs for banking purposes include: (1) Data processing services; (2) Production and distribution of non-financial software; (3) Providing periodic back-up call answering services; (4) Providing full Internet access; (5) Providing electronic security system support services; (6) Providing long...

A systematic literature review on security and privacy of electronic health record systems: technical perspectives.

PubMed

Rezaeibagha, Fatemeh; Win, Khin Than; Susilo, Willy

Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.

Re-designing the PhEDEx Security Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Huang, C.-H.; Wildish, T.; Zhang, X.

2014-01-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintainingmore » code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.« less

Re-designing the PhEDEx Security Model

NASA Astrophysics Data System (ADS)

C-H, Huang; Wildish, T.; X, Zhang

2014-06-01

PhEDEx, the data-placement tool used by the CMS experiment at the LHC, was conceived in a more trusting time. The security model provided a safe environment for site agents and operators, but offerred little more protection than that. Data was not sufficiently protected against loss caused by operator error or software bugs or by deliberate manipulation of the database. Operators were given high levels of access to the database, beyond what was actually needed to accomplish their tasks. This exposed them to the risk of suspicion should an incident occur. Multiple implementations of the security model led to difficulties maintaining code, which can lead to degredation of security over time. In order to meet the simultaneous goals of protecting CMS data, protecting the operators from undue exposure to risk, increasing monitoring capabilities and improving maintainability of the security model, the PhEDEx security model was redesigned and re-implemented. Security was moved from the application layer into the database itself, fine-grained access roles were established, and tools and procedures created to control the evolution of the security model over time. In this paper we describe this work, we describe the deployment of the new security model, and we show how these enhancements improve security on several fronts simultaneously.

Catalog of War Games

DTIC Science & Technology

1992-10-09

PROGRAM CATALOG OF WAR GAMES 92-30805 U *3fl91\\k~o 9 2 SECURITY CLASSIFICATION OF THIS PAGE I ,i REPORT DOCUMENTATION PAGE la. REPORT SECURITY...4401 Ford Ave ELEMENT NO. NO. NO. ACCESSION NO. AIyxndriA. VA 229i2-14O1 --. 11. TITLE (Include Security Classification) Catalog of War Games 12...SCURITY CLASSIFICATiON OF THIS PAGE DECLARATION OF ACCORD 1. PURPOSE This catalog provides information on the primary war games , combat simulations

The Flask Security Architecture: System Support for Diverse Security Policies

DTIC Science & Technology

2006-01-01

Flask microkernel -based operating sys­ tem, that successfully overcomes these obstacles to pol- icy flexibility. The cleaner separation of mechanism and...other object managers in the system to en- force those access control decisions. Although the pro­ totype system is microkernel -based, the security...mecha­ nisms do not depend on a microkernel architecture and will easily generalize beyond it. The resulting system provides policy flexibility. It sup

10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 4 2011-01-01 2011-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security facility...

10 CFR 1016.8 - Approval for processing access permittees for security facility approval.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 4 2010-01-01 2010-01-01 false Approval for processing access permittees for security facility approval. 1016.8 Section 1016.8 Energy DEPARTMENT OF ENERGY (GENERAL PROVISIONS) SAFEGUARDING OF RESTRICTED DATA Physical Security § 1016.8 Approval for processing access permittees for security facility...

14 CFR 1203a.103 - Access to security areas.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 5 2010-01-01 2010-01-01 false Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees, and...

14 CFR 1203a.103 - Access to security areas.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 5 2011-01-01 2010-01-01 true Access to security areas. 1203a.103 Section 1203a.103 Aeronautics and Space NATIONAL AERONAUTICS AND SPACE ADMINISTRATION NASA SECURITY AREAS § 1203a.103 Access to security areas. (a) Only those NASA employees, NASA contractor employees, and...

76 FR 67019 - Tenth Meeting: RTCA Special Committee 224, Airport Security Access Control

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-28

... 224, Airport Security Access Control AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control. SUMMARY: The... (Pub. L. 92-463, 5 U.S.C., App.), notice is hereby given for a Special Committee 224, Airport Security...

OS friendly microprocessor architecture: Hardware level computer security

NASA Astrophysics Data System (ADS)

Jungwirth, Patrick; La Fratta, Patrick

2016-05-01

We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

PubMed

Gope, Prosanta; Amin, Ruhul

2016-11-01

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

Comprehensive security framework for the communication and storage of medical images

NASA Astrophysics Data System (ADS)

Slik, David; Montour, Mike; Altman, Tym

2003-05-01

Confidentiality, integrity verification and access control of medical imagery and associated metadata is critical for the successful deployment of integrated healthcare networks that extend beyond the department level. As medical imagery continues to become widely accessed across multiple administrative domains and geographically distributed locations, image data should be able to travel and be stored on untrusted infrastructure, including public networks and server equipment operated by external entities. Given these challenges associated with protecting large-scale distributed networks, measures must be taken to protect patient identifiable information while guarding against tampering, denial of service attacks, and providing robust audit mechanisms. The proposed framework outlines a series of security practices for the protection of medical images, incorporating Transport Layer Security (TLS), public and secret key cryptography, certificate management and a token based trusted computing base. It outlines measures that can be utilized to protect information stored within databases, online and nearline storage, and during transport over trusted and untrusted networks. In addition, it provides a framework for ensuring end-to-end integrity of image data from acquisition to viewing, and presents a potential solution to the challenges associated with access control across multiple administrative domains and institution user bases.

Giving rheumatology patients online home access to their electronic medical record (EMR): advantages, drawbacks and preconditions according to care providers.

PubMed

van der Vaart, Rosalie; Drossaert, Constance H C; Taal, Erik; van de Laar, Mart A F J

2013-09-01

Technology enables patients home access to their electronic medical record (EMR), via a patient portal. This study aims to analyse (dis)advantages, preconditions and suitable content for this service, according to rheumatology health professionals. A two-phase policy Delphi study was conducted. First, interviews were performed with nurses/nurse practitioners (n = 9) and rheumatologists (n = 13). Subsequently, collected responses were quantified, using a questionnaire among the interviewees. The following advantages of patient home access to the EMR were reported: (1) enhancement of patient participation in treatment, (2) increased knowledge and self-management, (3) improved patient-provider interaction, (4) increased patient safety, and (5) better communication with others. Foreseen disadvantages of the service included: (1) problems with interpretation of data, (2) extra workload, (3) a change in consultation content, and (4) disturbing the patient-provider interaction. Also, the following preconditions emerged from the data: (1) optimal security, (2) no extra record, but a patient-accessible section, (3) no access to clinical notes, and (4) a lag time on the release of lab data. Most respondents reported that data on diagnosis, medication, treatment plan and consultations could be released to patients. On releasing more complex data, such as bodily examinations, lab results and radiological images the opinions differed considerably. Providing patients home access to their medical record might be a valuable next step into patient empowerment and in service towards the patient, provided that security is optimal and content and presentation of data are carefully considered.

77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the seventeenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-24

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the nineteenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-12

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty first meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-30

... Committee 224, Airport Security Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the thirteenth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-15

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twelfth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

Detection and response to unauthorized access to a communication device

DOEpatents

Smith, Rhett; Gordon, Colin

2015-09-08

A communication gateway consistent with the present disclosure may detect unauthorized physical or electronic access and implement security actions in response thereto. A communication gateway may provide a communication path to an intelligent electronic device (IED) using an IED communications port configured to communicate with the IED. The communication gateway may include a physical intrusion detection port and a network port. The communication gateway may further include control logic configured to evaluate physical intrusion detection signal. The control logic may be configured to determine that the physical intrusion detection signal is indicative of an attempt to obtain unauthorized access to one of the communication gateway, the IED, and a device in communication with the gateway; and take a security action based upon the determination that the indication is indicative of the attempt to gain unauthorized access.

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2013 CFR

2013-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2012 CFR

2012-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2014 CFR

2014-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

A novel and lightweight system to secure wireless medical sensor networks.

PubMed

He, Daojing; Chan, Sammy; Tang, Shaohua

2014-01-01

Wireless medical sensor networks (MSNs) are a key enabling technology in e-healthcare that allows the data of a patient's vital body parameters to be collected by the wearable or implantable biosensors. However, the security and privacy protection of the collected data is a major unsolved issue, with challenges coming from the stringent resource constraints of MSN devices, and the high demand for both security/privacy and practicality. In this paper, we propose a lightweight and secure system for MSNs. The system employs hash-chain based key updating mechanism and proxy-protected signature technique to achieve efficient secure transmission and fine-grained data access control. Furthermore, we extend the system to provide backward secrecy and privacy preservation. Our system only requires symmetric-key encryption/decryption and hash operations and is thus suitable for the low-power sensor nodes. This paper also reports the experimental results of the proposed system in a network of resource-limited motes and laptop PCs, which show its efficiency in practice. To the best of our knowledge, this is the first secure data transmission and access control system for MSNs until now.

A Survey of Authentication Schemes in Telecare Medicine Information Systems.

PubMed

Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

2017-01-01

E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

15 CFR 744.11 - License requirements that apply to entities acting contrary to the national security or foreign...

Code of Federal Regulations, 2011 CFR

2011-01-01

... activity. (4) Preventing accomplishment of an end use check conducted by or on behalf of BIS or the Directorate of Defense Trade Controls of the Department of State by: precluding access to; refusing to provide...) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS CONTROL POLICY...

15 CFR 744.11 - License requirements that apply to entities acting contrary to the national security or foreign...

Code of Federal Regulations, 2012 CFR

2012-01-01

... activity. (4) Preventing accomplishment of an end use check conducted by or on behalf of BIS or the Directorate of Defense Trade Controls of the Department of State by: precluding access to; refusing to provide...) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS CONTROL POLICY...

15 CFR 744.11 - License requirements that apply to entities acting contrary to the national security or foreign...

Code of Federal Regulations, 2014 CFR

2014-01-01

... activity. (4) Preventing accomplishment of an end use check conducted by or on behalf of BIS or the Directorate of Defense Trade Controls of the Department of State by: precluding access to; refusing to provide...) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS CONTROL POLICY...

15 CFR 744.11 - License requirements that apply to entities acting contrary to the national security or foreign...

Code of Federal Regulations, 2010 CFR

2010-01-01

... activity. (4) Preventing accomplishment of an end use check conducted by or on behalf of BIS or the Directorate of Defense Trade Controls of the Department of State by: precluding access to; refusing to provide...) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE EXPORT ADMINISTRATION REGULATIONS CONTROL POLICY...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Dykstra, D.; Blomer, J.

Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFSmore » and Frontier.« less

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

PubMed Central

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Security analysis and improvements of authentication and access control in the Internet of Things.

PubMed

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

A Selective Group Authentication Scheme for IoT-Based Medical Information System.

PubMed

Park, YoHan; Park, YoungHo

2017-04-01

The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir's threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

Security and Efficiency Concerns With Distributed Collaborative Networking Environments

DTIC Science & Technology

2003-09-01

have the ability to access Web communications services of the WebEx MediaTone Network from a single login. [24] WebEx provides a range of secure...Web. WebEx services enable secure data, voice and video communications through the browser and are supported by the WebEx MediaTone Network, a global...designed to host large-scale, structured events and conferences, featuring a Q&A Manager that allows multiple moderators to handle questions while

77 FR 48199 - Privacy Act; System of Records: State-35, Information Access Programs Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-13

..., the Privacy Act, the Ethics in Government Act, the access provisions of Executive Order 13526 or a...; requester's name and requester's mailing and email address; Social Security number (if provided by the...: Hard copy and electronic media. RETRIEVABILITY: Individual name, case number. SAFEGUARDS: All users are...

Card Access Know-How.

ERIC Educational Resources Information Center

College Planning & Management, 2000

2000-01-01

Provides tips for expanding a school's card access system and making it more productive for all concerned. Tips include the use of electronic locks for better security; the need for state-of-the-art card reader system to save money in the long run; selecting vendors to one that manufactures, installs, and supports the card system; and having…

The Paperless Solution

NASA Technical Reports Server (NTRS)

2001-01-01

REI Systems, Inc. developed a software solution that uses the Internet to eliminate the paperwork typically required to document and manage complex business processes. The data management solution, called Electronic Handbooks (EHBs), is presently used for the entire SBIR program processes at NASA. The EHB-based system is ideal for programs and projects whose users are geographically distributed and are involved in complex management processes and procedures. EHBs provide flexible access control and increased communications while maintaining security for systems of all sizes. Through Internet Protocol- based access, user authentication and user-based access restrictions, role-based access control, and encryption/decryption, EHBs provide the level of security required for confidential data transfer. EHBs contain electronic forms and menus, which can be used in real time to execute the described processes. EHBs use standard word processors that generate ASCII HTML code to set up electronic forms that are viewed within a web browser. EHBs require no end-user software distribution, significantly reducing operating costs. Each interactive handbook simulates a hard-copy version containing chapters with descriptions of participants' roles in the online process.

Applying the Earth System Grid Security System in a Heterogeneous Environment of Data Access Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Lawrence, Bryan; Lowe, Dominic; Norton, Peter; Pascoe, Stephen

2010-05-01

CEDA (Centre for Environmental Data Archival) based at STFC Rutherford Appleton Laboratory is host to the BADC (British Atmospheric Data Centre) and NEODC (NERC Earth Observation Data Centre) with data holdings of over half a Petabyte. In the coming months this figure is set to increase by over one Petabyte through the BADC's role as one of three data centres to host the CMIP5 (Coupled Model Intercomparison Project Phase 5) core archive of climate model data. Quite apart from the problem of managing the storage of such large volumes there is the challenge of collating the data together from the modelling centres around the world and enabling access to these data for the user community. An infrastructure to support this is being developed under the US Earth System Grid (ESG) and related projects bringing together participating organisations together in a federation. The ESG architecture defines Gateways, the web interfaces that enable users to access data and data serving applications organised into Data Nodes. The BADC has been working in collaboration with US Earth System Grid team and other partners to develop a security system to restrict access to data. This provides single sign-on via both OpenID and PKI based means and uses role based authorisation facilitated by SAML and OpenID based interfaces for attribute retrieval. This presentation will provide an overview of the access control architecture and look at how this has been implemented for CEDA. CEDA has developed an expertise in data access and information services over several years through a number of projects to develop and enhance these capabilities. Participation in CMIP5 comes at a time when a number of other software development activities are coming to fruition. New services are in the process of being deployed alongside services making up the system for ESG. The security system must apply access control across this heterogeneous environment of different data services and technologies. One strand of the development efforts within CEDA has been the NDG (NERC Datagrid) Security system. This system has been extended to interoperate with ESG, greatly assisted by the standards based approach adopted for the ESG security architecture. Drawing from experience from previous projects the decision was taken to refactor the NDG Security software into a component based architecture to enable a separation of concerns between access control and the functionality of a given application being protected. Such an approach is only possible through a generic interface. At CEDA, this has been realised in the Python programming language using the WSGI (Web Server Gateway Interface) specification. A parallel Java filter based implementation is also under development with our US partners for use with the THREDDS Data Server. Using such technologies applications and middleware can be assembled into custom configurations to meet different requirements. In the case of access control, NDG Security middleware can be layered over the top of existing applications without the need to modify them. A RESTful approach to the application of authorisation policy has been key in this approach. We explore the practical implementation of such a scheme alongside the application of the ESG security architecture to CEDA's OGC web services implementation COWS.

Using K-12 Lessons Learned about How to Balance Accessibility and Test Security to Inform Licensure, Credentialing, and Certification Exam Policies

ERIC Educational Resources Information Center

Lazarus, Sheryl S.; van den Heuvel, Jill R.; Thurlow, Martha L.

2017-01-01

This paper explores how to balance test security and accessibility on licensure, credentialing, and certification exams. It examines K-12 test security policies related to educational assessments across states to discover lessons learned about how to meet accessibility needs of individuals with disabilities while minimizing test security risks. It…

32 CFR 154.67 - Access restrictions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 32 National Defense 1 2012-07-01 2012-07-01 false Access restrictions. 154.67 Section 154.67 National Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE... restrictions. Access to personnel security investigative reports and personnel security clearance determination...

Hierarchical data security in a Query-By-Example interface for a shared database.

PubMed

Taylor, Merwyn

2002-06-01

Whenever a shared database resource, containing critical patient data, is created, protecting the contents of the database is a high priority goal. This goal can be achieved by developing a Query-By-Example (QBE) interface, designed to access a shared database, and embedding within the QBE a hierarchical security module that limits access to the data. The security module ensures that researchers working in one clinic do not get access to data from another clinic. The security can be based on a flexible taxonomy structure that allows ordinary users to access data from individual clinics and super users to access data from all clinics. All researchers submit queries through the same interface and the security module processes the taxonomy and user identifiers to limit access. Using this system, two different users with different access rights can submit the same query and get different results thus reducing the need to create different interfaces for different clinics and access rights.

Security and confidentiality of health information systems: implications for physicians.

PubMed

Dorodny, V S

1998-01-01

Adopting and developing the new generation of information systems will be essential to remain competitive in a quality conscious health care environment. These systems enable physicians to document patient encounters and aggregate the information from the population they treat, while capturing detailed data on chronic medical conditions, medications, treatment plans, risk factors, severity of conditions, and health care resource utilization and management. Today, the knowledge-based information systems should offer instant, around-the-clock access for the provider, support simple order entry, facilitate data capture and retrieval, and provide eligibility verification, electronic authentication, prescription writing, security, and reporting that benchmarks outcomes management based upon clinical/financial decisions and treatment plans. It is an integral part of any information system to incorporate and integrate transactional (financial/administrative) information, as well as analytical (clinical/medical) data in a user-friendly, readily accessible, and secure form. This article explores the technical, financial, logistical, and behavioral obstacles on the way to the Promised Land.

49 CFR 8.31 - Industrial security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 1 2011-10-01 2011-10-01 false Industrial security. 8.31 Section 8.31.../ACCESS Access to Information § 8.31 Industrial security. (a) Background. The National Industrial Security... classified pursuant to Executive Order 12356 of April 2, 1982, National Security Information, or its...

49 CFR 8.31 - Industrial security.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 1 2012-10-01 2012-10-01 false Industrial security. 8.31 Section 8.31.../ACCESS Access to Information § 8.31 Industrial security. (a) Background. The National Industrial Security... classified pursuant to Executive Order 12356 of April 2, 1982, National Security Information, or its...

Interacting with a security system: The Argus user interface

DOE Office of Scientific and Technical Information (OSTI.GOV)

Behrin, E.; Davis, G.E.

1993-12-31

In the mid-1980s the Lawrence Livermore National Laboratory (LLNL) developed the Argus Security System. Key requirements were to eliminate the telephone as a verification device for opening and closing alarm stations and to allow need-to-know access through local enrollment at alarm stations. Resulting from these requirements was an LLNL-designed user interface called the Remote Access Panel (RAP). The Argus RAP interacts with Argus field processors to allow secure station mode changes and local station enrollment, provides user direction and response, and assists station maintenance personnel. It consists of a tamper-detecting housing containing a badge reader, a keypad with sight screen,more » special-purpose push buttons and a liquid-crystal display. This paper discusses Argus system concepts, RAP design, functional characteristics and its physical configurations. The paper also describes the RAP`s use in access-control booths, it`s integration with biometrics and its operation for multi-person-rule stations and compartmented facilities.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nelson, Cynthia Lee

There is a need in security systems to rapidly and accurately grant access of authorized personnel to a secure facility while denying access to unauthorized personnel. In many cases this role is filled by security personnel, which can be very costly. Systems that can perform this role autonomously without sacrificing accuracy or speed of throughput are very appealing. To address the issue of autonomous facility access through the use of technology, the idea of a ''secure portal'' is introduced. A secure portal is a defined zone where state-of-the-art technology can be implemented to grant secure area access or to allowmore » special privileges for an individual. Biometric technologies are of interest because they are generally more difficult to defeat than technologies such as badge swipe and keypad entry. The biometric technologies selected for this concept were facial and gait recognition. They were chosen since they require less user cooperation than other biometrics such as fingerprint, iris, and hand geometry and because they have the most potential for flexibility in deployment. The secure portal concept could be implemented within the boundaries of an entry area to a facility. As a person is approaching a badge and/or PIN portal, face and gait information can be gathered and processed. The biometric information could be fused for verification against the information that is gathered from the badge. This paper discusses a facial recognition technology that was developed for the purposes of providing high verification probabilities with low false alarm rates, which would be required of an autonomous entry control system. In particular, a 3-D facial recognition approach using Fisher Linear Discriminant Analysis is described. Gait recognition technology, based on Hidden Markov Models has been explored, but those results are not included in this paper. Fusion approaches for combining the results of the biometrics would be the next step in realizing the secure portal concept.« less

Autonomous Information Unit for Fine-Grain Data Access Control and Information Protection in a Net-Centric System

NASA Technical Reports Server (NTRS)

Chow, Edward T.; Woo, Simon S.; James, Mark; Paloulian, George K.

2012-01-01

As communication and networking technologies advance, networks will become highly complex and heterogeneous, interconnecting different network domains. There is a need to provide user authentication and data protection in order to further facilitate critical mission operations, especially in the tactical and mission-critical net-centric networking environment. The Autonomous Information Unit (AIU) technology was designed to provide the fine-grain data access and user control in a net-centric system-testing environment to meet these objectives. The AIU is a fundamental capability designed to enable fine-grain data access and user control in the cross-domain networking environments, where an AIU is composed of the mission data, metadata, and policy. An AIU provides a mechanism to establish trust among deployed AIUs based on recombining shared secrets, authentication and verify users with a username, X.509 certificate, enclave information, and classification level. AIU achieves data protection through (1) splitting data into multiple information pieces using the Shamir's secret sharing algorithm, (2) encrypting each individual information piece using military-grade AES-256 encryption, and (3) randomizing the position of the encrypted data based on the unbiased and memory efficient in-place Fisher-Yates shuffle method. Therefore, it becomes virtually impossible for attackers to compromise data since attackers need to obtain all distributed information as well as the encryption key and the random seeds to properly arrange the data. In addition, since policy can be associated with data in the AIU, different user access and data control strategies can be included. The AIU technology can greatly enhance information assurance and security management in the bandwidth-limited and ad hoc net-centric environments. In addition, AIU technology can be applicable to general complex network domains and applications where distributed user authentication and data protection are necessary. AIU achieves fine-grain data access and user control, reducing the security risk significantly, simplifying the complexity of various security operations, and providing the high information assurance across different network domains.

Breakfast-Skipping and Selecting Low-Nutritional-Quality Foods for Breakfast Are Common among Low-Income Urban Children, Regardless of Food Security Status.

PubMed

Dykstra, Holly; Davey, Adam; Fisher, Jennifer O; Polonsky, Heather; Sherman, Sandra; Abel, Michelle L; Dale, Lauren C; Foster, Gary D; Bauer, Katherine W

2016-03-01

Universal access to the School Breakfast Program (SBP) is intended to help low-income and food-insecure students overcome barriers to eating breakfast. However, SBP participation is often still low despite universal access. Further information is needed with regard to these children's breakfast behaviors, and in particular breakfast behaviors among youth from food-insecure families, to inform effective breakfast interventions. The objective of this study was to examine breakfast behaviors among a large sample of urban students with universal access to the SBP and to identify differences in breakfast behaviors among children from food-secure compared with food-insecure households. A cross-sectional study of 821 fourth- through sixth-grade students and their parents from 16 schools was conducted. Students reported the foods/drinks selected and location of obtaining food/drink on the morning of data collection, parents reported household food security status using the 6-item Food Security Survey Module, and the school district provided SBP participation data during the fall semester of 2013. Multivariable linear regression models accounting for school-level clustering were used to examine differences in breakfast behaviors across 3 levels of household food security: food secure, low food secure, and very low food secure. Students participated in the SBP 31.2% of possible days, with 13% never participating in the SBP. One-fifth (19.4%) of students purchased something from a corner store for breakfast, and 16.9% skipped breakfast. Forty-six percent of students were food insecure; few differences in breakfast behaviors were observed across levels of food security. Despite universal access to the SBP, participation in the SBP is low. Breakfast skipping and selection of foods of low nutritional quality in the morning are common, regardless of household food security status. Additional novel implementation of the SBP and addressing students' breakfast preferences may be necessary to further reduce barriers to students obtaining a free, healthful breakfast. This trial was registered at clinicaltrials.gov as NCT01924130. © 2016 American Society for Nutrition.

The Climate-G Portal: a Grid Enabled Scientifc Gateway for Climate Change

NASA Astrophysics Data System (ADS)

Fiore, Sandro; Negro, Alessandro; Aloisio, Giovanni

2010-05-01

Grid portals are web gateways aiming at concealing the underlying infrastructure through a pervasive, transparent, user-friendly, ubiquitous and seamless access to heterogeneous and geographical spread resources (i.e. storage, computational facilities, services, sensors, network, databases). Definitively they provide an enhanced problem-solving environment able to deal with modern, large scale scientific and engineering problems. Scientific gateways are able to introduce a revolution in the way scientists and researchers organize and carry out their activities. Access to distributed resources, complex workflow capabilities, and community-oriented functionalities are just some of the features that can be provided by such a web-based environment. In the context of the EGEE NA4 Earth Science Cluster, Climate-G is a distributed testbed focusing on climate change research topics. The Euro-Mediterranean Center for Climate Change (CMCC) is actively participating in the testbed providing the scientific gateway (Climate-G Portal) to access to the entire infrastructure. The Climate-G Portal has to face important and critical challenges as well as has to satisfy and address key requirements. In the following, the most relevant ones are presented and discussed. Transparency: the portal has to provide a transparent access to the underlying infrastructure preventing users from dealing with low level details and the complexity of a distributed grid environment. Security: users must be authenticated and authorized on the portal to access and exploit portal functionalities. A wide set of roles is needed to clearly assign the proper one to each user. The access to the computational grid must be completely secured, since the target infrastructure to run jobs is a production grid environment. A security infrastructure (based on X509v3 digital certificates) is strongly needed. Pervasivity and ubiquity: the access to the system must be pervasive and ubiquitous. This is easily true due to the nature of the needed web approach. Usability and simplicity: the portal has to provide simple, high level and user friendly interfaces to ease the access and exploitation of the entire system. Coexistence of general purpose and domain oriented services: along with general purpose services (file transfer, job submission, etc.), the portal has to provide domain based services and functionalities. Subsetting of data, visualization of 2D maps around a virtual globe, delivery of maps through OGC compliant interfaces (i.e. Web Map Service - WMS) are just some examples. Since april 2009, about 70 users (85% coming from the climate change community) got access to the portal. A key challenge of this work is the idea to provide users with an integrated working environment, that is a place where scientists can find huge amount of data, complete metadata support, a wide set of data access services, data visualization and analysis tools, easy access to the underlying grid infrastructure and advanced monitoring interfaces.

76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-26

... Control Systems (Update to DO-230B): Agenda October 20, 2011 Welcome/Introductions/Administrative Remarks... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-16

... Control Systems (Update to DO-230B): Agenda September 15, 2011 Welcome/Introductions/Administrative... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

MYSEA: The Monterey Security Architecture

DTIC Science & Technology

2009-01-01

Security and Protection, Organization and Design General Terms: Design; Security Keywords: access controls, authentication, information flow controls...Applicable environments include: mil- itary coalitions, agencies and organizations responding to security emergencies, and mandated sharing in business ...network architecture affords users the abil- ity to securely access information across networks at dif- ferent classifications using standardized

Computer User's Guide to the Protection of Information Resources. NIST Special Publication 500-171.

ERIC Educational Resources Information Center

Helsing, Cheryl; And Others

Computers have changed the way information resources are handled. Large amounts of information are stored in one central place and can be accessed from remote locations. Users have a personal responsibility for the security of the system and the data stored in it. This document outlines the user's responsibilities and provides security and control…

Measuring Global Water Security Towards Sustainable Development Goals

NASA Technical Reports Server (NTRS)

Gain, Animesh K.; Giupponi, Carlo; Wada, Yoshihide

2016-01-01

Water plays an important role in underpinning equitable, stable and productive societies and ecosystems. Hence, United Nations recognized ensuring water security as one (Goal 6) of the seventeen sustainable development goals (SDGs). Many international river basins are likely to experience 'low water security' over the coming decades. Water security is rooted not only in the physical availability of freshwater resources relative to water demand, but also on social and economic factors (e.g. sound water planning and management approaches, institutional capacity to provide water services, sustainable economic policies). Until recently, advanced tools and methods are available for the assessment of water scarcity. However, quantitative and integrated-physical and socio-economic-approaches for spatial analysis of water security at global level are not available yet. In this study, we present a spatial multi-criteria analysis framework to provide a global assessment of water security. The selected indicators are based on Goal 6 of SDGs. The term 'security' is conceptualized as a function of 'availability', 'accessibility to services', 'safety and quality', and 'management'. The proposed global water security index (GWSI) is calculated by aggregating indicator values on a pixel-by-pixel basis, using the ordered weighted average method, which allows for the exploration of the sensitivity of final maps to different attitudes of hypothetical policy makers. Our assessment suggests that countries of Africa, South Asia and Middle East experience very low water security. Other areas of high water scarcity, such as some parts of United States, Australia and Southern Europe, show better GWSI values, due to good performance of management, safety and quality, and accessibility. The GWSI maps show the areas of the world in which integrated strategies are needed to achieve water related targets of the SDGs particularly in the African and Asian continents.

An innovative middle tier design for protecting federal privacy act data

NASA Astrophysics Data System (ADS)

Allen, Thomas G. L.

2008-03-01

This paper identifies an innovative middle tier technique and design that provides a solid layer of network security for a single source of human resources (HR) data that falls under the Federal Privacy Act. The paper also discusses functionality for both retrieving data and updating data in a secure way. It will be shown that access to this information is limited by a security mechanism that authorizes all connections based on both application (client) and user information.

Perceived and geographic food access and food security status among households with children.

PubMed

Ma, Xiaoguang; Liese, Angela D; Bell, Bethany A; Martini, Lauren; Hibbert, James; Draper, Carrie; Burke, Michael P; Jones, Sonya J

2016-10-01

To examine the association of both perceived and geographic neighbourhood food access with food security status among households with children. This was a cross-sectional study in which participants' perceptions of neighbourhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. The Midlands Family Study included 544 households with children in eight counties in South Carolina, USA. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Compared with FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighbourhood access to affordable fruits and vegetables compared with FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables, and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Caregivers with children who experienced hunger perceived that they had less access to healthy affordable food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger.

Perceived and Geographic Food Access and Food Security Status among Households with Children

PubMed Central

Ma, Xiaoguang; Liese, Angela D.; Bell, Bethany; Martini, Lauren; Hibbert, James; Draper, Carrie; Jones, Sonya J.

2017-01-01

Objective To examine the association of both perceived and geographic neighborhood food access with food security status among households with children. Design This was a cross-sectional study in which participants’ perceptions of neighborhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. Subjects The Midlands Family Study included 544 households with children in eight counties in South Carolina. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Results Compared to FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighborhood access to affordable fruits and vegetables compared to FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Conclusions Caregivers with children that experienced hunger perceived that they had less access to healthy affordably food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger. PMID:27133939

Network Computing Infrastructure to Share Tools and Data in Global Nuclear Energy Partnership

NASA Astrophysics Data System (ADS)

Kim, Guehee; Suzuki, Yoshio; Teshima, Naoya

CCSE/JAEA (Center for Computational Science and e-Systems/Japan Atomic Energy Agency) integrated a prototype system of a network computing infrastructure for sharing tools and data to support the U.S. and Japan collaboration in GNEP (Global Nuclear Energy Partnership). We focused on three technical issues to apply our information process infrastructure, which are accessibility, security, and usability. In designing the prototype system, we integrated and improved both network and Web technologies. For the accessibility issue, we adopted SSL-VPN (Security Socket Layer-Virtual Private Network) technology for the access beyond firewalls. For the security issue, we developed an authentication gateway based on the PKI (Public Key Infrastructure) authentication mechanism to strengthen the security. Also, we set fine access control policy to shared tools and data and used shared key based encryption method to protect tools and data against leakage to third parties. For the usability issue, we chose Web browsers as user interface and developed Web application to provide functions to support sharing tools and data. By using WebDAV (Web-based Distributed Authoring and Versioning) function, users can manipulate shared tools and data through the Windows-like folder environment. We implemented the prototype system in Grid infrastructure for atomic energy research: AEGIS (Atomic Energy Grid Infrastructure) developed by CCSE/JAEA. The prototype system was applied for the trial use in the first period of GNEP.

17 CFR 242.610 - Access to quotations.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Access to quotations. 242.610...-Regulation of the National Market System § 242.610 Access to quotations. (a) Quotations of SRO trading... national securities exchange or national securities association to the quotations in an NMS stock displayed...

76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-01

... Control Systems (Update to DO-230B): Agenda July 15, 2011 Welcome/Introductions/Administrative Remarks... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to...

31 CFR 2.2 - Access to classified information by historical researchers, former Treasury Presidential and Vice...

Code of Federal Regulations, 2010 CFR

2010-07-01

... Treasury NATIONAL SECURITY INFORMATION § 2.2 Access to classified information by historical researchers... security; and (2) Receipt of the individual's written agreement to safeguard classified information... granting of a security clearance for access to classified information. (d) Treasury personnel will...

28 CFR 16.74 - Exemption of National Security Division Systems-limited access.

Code of Federal Regulations, 2010 CFR

2010-07-01

... National Security Division Systems—limited access. (a) The following system of records is exempted from... 28 Judicial Administration 1 2010-07-01 2010-07-01 false Exemption of National Security Division Systems-limited access. 16.74 Section 16.74 Judicial Administration DEPARTMENT OF JUSTICE PRODUCTION OR...

A forensic identification case and DPid - can it be a useful tool?

PubMed

Queiroz, Cristhiane Leão de; Bostock, Ellen Marie; Santos, Carlos Ferreira; Guimarães, Marco Aurélio; Silva, Ricardo Henrique Alves da

2017-01-01

The aim of this study was to show DPid as an important tool of potential application to solve cases with dental prosthesis, such as the forensic case reported, in which a skull, denture and dental records were received for analysis. Human identification is still challenging in various circumstances and Dental Prosthetics Identification (DPid) stores the patient's name and prosthesis information and provides access through an embedded code in dental prosthesis or an identification card. All of this information is digitally stored on servers accessible only by dentists, laboratory technicians and patients with their own level of secure access. DPid provides a complete single-source list of all dental prosthesis features (materials and components) under complete and secure documentation used for clinical follow-up and for human identification. If DPid tool was present in this forensic case, it could have been solved without requirement of DNA exam, which confirmed the dental comparison of antemortem and postmortem records, and concluded the case as a positive identification.

The INDIGO-Datacloud Authentication and Authorization Infrastructure

NASA Astrophysics Data System (ADS)

Ceccanti, A.; Hardt, M.; Wegh, B.; Millar, AP; Caberletti, M.; Vianello, E.; Licehammer, S.

2017-10-01

Contemporary distributed computing infrastructures (DCIs) are not easily and securely accessible by scientists. These computing environments are typically hard to integrate due to interoperability problems resulting from the use of different authentication mechanisms, identity negotiation protocols and access control policies. Such limitations have a big impact on the user experience making it hard for user communities to port and run their scientific applications on resources aggregated from multiple providers. The INDIGO-DataCloud project wants to provide the services and tools needed to enable a secure composition of resources from multiple providers in support of scientific applications. In order to do so, a common AAI architecture has to be defined that supports multiple authentication mechanisms, support delegated authorization across services and can be easily integrated in off-the-shelf software. In this contribution we introduce the INDIGO Authentication and Authorization Infrastructure, describing its main components and their status and how authentication, delegation and authorization flows are implemented across services.

An examination of electronic health information privacy in older adults.

PubMed

Le, Thai; Thompson, Hilaire; Demiris, George

2013-01-01

Older adults are the quickest growing demographic group and are key consumers of health services. As the United States health system transitions to electronic health records, it is important to understand older adult perceptions of privacy and security. We performed a secondary analysis of the Health Information National Trends Survey (2012, Cycle 1), to examine differences in perceptions of electronic health information privacy between older adults and the general population. We found differences in the level of importance placed on access to electronic health information (older adults placed greater emphasis on provider as opposed to personal access) and tendency to withhold information out of concerns for privacy and security (older adults were less likely to withhold information). We provide recommendations to alleviate some of these privacy concerns. This may facilitate greater use of electronic health communication between patient and provider, while promoting shared decision making.

Securing services in the cloud: an investigation of the threats and the mitigations

NASA Astrophysics Data System (ADS)

Farroha, Bassam S.; Farroha, Deborah L.

2012-05-01

The stakeholder's security concerns over data in the clouds (Voice, Video and Text) are a real concern to DoD, the IC and private sector. This is primarily due to the lack of physical isolation of data when migrating to shared infrastructure platforms. The security concerns are related to privacy and regulatory compliance required in many industries (healthcare, financial, law enforcement, DoD, etc) and the corporate knowledge databases. The new paradigm depends on the service provider to ensure that the customer's information is continuously monitored and is kept available, secure, access controlled and isolated from potential adversaries.

48 CFR 1837.203-70 - Providing contractors access to sensitive information.

Code of Federal Regulations, 2014 CFR

2014-10-01

... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SPECIAL CATEGORIES OF CONTRACTING SERVICE CONTRACTING... contract, as a compliance document. (e) If the service provider will be operating an information technology... 1852.204-76, Security Requirements for Unclassified Information Technology Resources, which requires...

48 CFR 1837.203-70 - Providing contractors access to sensitive information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SPECIAL CATEGORIES OF CONTRACTING SERVICE CONTRACTING... contract, as a compliance document. (e) If the service provider will be operating an information technology... 1852.204-76, Security Requirements for Unclassified Information Technology Resources, which requires...

48 CFR 1837.203-70 - Providing contractors access to sensitive information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... NATIONAL AERONAUTICS AND SPACE ADMINISTRATION SPECIAL CATEGORIES OF CONTRACTING SERVICE CONTRACTING... contract, as a compliance document. (e) If the service provider will be operating an information technology... 1852.204-76, Security Requirements for Unclassified Information Technology Resources, which requires...

Integrating QoS and security functions in an IP-VPN gateway

NASA Astrophysics Data System (ADS)

Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

2001-10-01

IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

32 CFR 154.18 - Certain positions not necessarily requiring access to classified information.

Code of Federal Regulations, 2011 CFR

2011-07-01

... contract employee (including commercial carrier) operating a vehicle or providing security to a vehicle... military, civilian personnel, consultants, and contractor personnel performing on unclassified automated...

6 CFR 5.23 - Responses to requests for access to records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Responses to requests for access to records. 5.23 Section 5.23 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.23 Responses to requests for access to records. (a...

77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the eleventh meeting of RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

Optical network security using unipolar Walsh code

NASA Astrophysics Data System (ADS)

Sikder, Somali; Sarkar, Madhumita; Ghosh, Shila

2018-04-01

Optical code-division multiple-access (OCDMA) is considered as a good technique to provide optical layer security. Many research works have been published to enhance optical network security by using optical signal processing. The paper, demonstrates the design of the AWG (arrayed waveguide grating) router-based optical network for spectral-amplitude-coding (SAC) OCDMA networks with Walsh Code to design a reconfigurable network codec by changing signature codes to against eavesdropping. In this paper we proposed a code reconfiguration scheme to improve the network access confidentiality changing the signature codes by cyclic rotations, for OCDMA system. Each of the OCDMA network users is assigned a unique signature code to transmit the information and at the receiving end each receiver correlates its own signature pattern a(n) with the receiving pattern s(n). The signal arriving at proper destination leads to s(n)=a(n).

Security and privacy in electronic health records: a systematic literature review.

PubMed

Fernández-Alemán, José Luis; Señor, Inmaculada Carrión; Lozoya, Pedro Ángel Oliver; Toval, Ambrosio

2013-06-01

To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems. Original articles written in English found in MEDLINE, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database. Only those articles dealing with the security and privacy of EHR systems. The extraction of 775 articles using a predefined search string, the outcome of which was reviewed by three authors and checked by a fourth. A total of 49 articles were selected, of which 26 used standards or regulations related to the privacy and security of EHR data. The most widely used regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the European Data Protection Directive 95/46/EC. We found 23 articles that used symmetric key and/or asymmetric key schemes and 13 articles that employed the pseudo anonymity technique in EHR systems. A total of 11 articles propose the use of a digital signature scheme based on PKI (Public Key Infrastructure) and 13 articles propose a login/password (seven of them combined with a digital certificate or PIN) for authentication. The preferred access control model appears to be Role-Based Access Control (RBAC), since it is used in 27 studies. Ten of these studies discuss who should define the EHR systems' roles. Eleven studies discuss who should provide access to EHR data: patients or health entities. Sixteen of the articles reviewed indicate that it is necessary to override defined access policies in the case of an emergency. In 25 articles an audit-log of the system is produced. Only four studies mention that system users and/or health staff should be trained in security and privacy. Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems. Copyright © 2013 Elsevier Inc. All rights reserved.

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

PubMed

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

PubMed Central

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

Defining Information Security.

PubMed

Lundgren, Björn; Möller, Niklas

2017-11-15

This article proposes a new definition of information security, the 'Appropriate Access' definition. Apart from providing the basic criteria for a definition-correct demarcation and meaning concerning the state of security-it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called 'soft issues' of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security-the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Access to cargo: Security threat assessments for...: Security threat assessments for cargo personnel in the United States. This section applies in the United...— (1) Each individual must successfully complete a security threat assessment or comparable security...

Identity and Access Management and Security in Higher Education.

ERIC Educational Resources Information Center

Bruhn, Mark; Gettes, Michael; West, Ann

2003-01-01

Discusses the drivers for an identity management system (IdM), components of this system, and its role within a school security strategy, focusing on: basic access management; requirements for access management; middleware support for an access management system; IdM implementation considerations (e.g., access eligibilities, authentication…

Stonix, Version 0.x

DOE Office of Scientific and Technical Information (OSTI.GOV)

2015-05-13

STONIX is a program for configuring UNIX and Linux computer operating systems. It applies configurations based on the guidance from publicly accessible resources such as: NSA Guides, DISA STIGs, the Center for Internet Security (CIS), USGCB and vendor security documentation. STONIX is written in the Python programming language using the QT4 and PyQT4 libraries to provide a GUI. The code is designed to be easily extensible and customizable.

Security system

DOEpatents

Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

2016-02-02

A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

Biomedical devices and systems security.

PubMed

Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

2011-01-01

Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

Detection and Prevention of Insider Threats in Database Driven Web Services

NASA Astrophysics Data System (ADS)

Chumash, Tzvi; Yao, Danfeng

In this paper, we take the first step to address the gap between the security needs in outsourced hosting services and the protection provided in the current practice. We consider both insider and outsider attacks in the third-party web hosting scenarios. We present SafeWS, a modular solution that is inserted between server side scripts and databases in order to prevent and detect website hijacking and unauthorized access to stored data. To achieve the required security, SafeWS utilizes a combination of lightweight cryptographic integrity and encryption tools, software engineering techniques, and security data management principles. We also describe our implementation of SafeWS and its evaluation. The performance analysis of our prototype shows the overhead introduced by security verification is small. SafeWS will allow business owners to significantly reduce the security risks and vulnerabilities of outsourcing their sensitive customer data to third-party providers.

32 CFR 1909.18 - Termination of access.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Requests for Historical Access § 1909.18 Termination of access. The Coordinator shall cancel any authorization whenever the Director of Personnel Security cancels the security clearance of a requester (or...

Child rights, right to water and sanitation, and human security.

PubMed

Pink, Ross

2012-06-15

The article explores the intersection between child rights, water scarcity, sanitation, and the human security paradigm. The recognition of child rights has been advanced through the 1989 Convention on the Rights of the Child and other international legal instruments, while water rights are increasingly affirmed in international law and through the historic July 2010 United Nations General Assembly resolution that strengthened the legal foundation for water security and human rights. Yet there remains a development gap in terms of child access to clean and secure water sources for basic human development needs. The human security paradigm provides a legal and humanitarian foundation for the extension of child rights related to water and sanitation. Copyright © 2012 Pink.

Processing multilevel secure test and evaluation information

NASA Astrophysics Data System (ADS)

Hurlburt, George; Hildreth, Bradley; Acevedo, Teresa

1994-07-01

The Test and Evaluation Community Network (TECNET) is building a Multilevel Secure (MLS) system. This system features simultaneous access to classified and unclassified information and easy access through widely available communications channels. It provides the necessary separation of classification levels, assured through the use of trusted system design techniques, security assessments and evaluations. This system enables cleared T&E users to view and manipulate classified and unclassified information resources either using a single terminal interface or multiple windows in a graphical user interface. TECNET is in direct partnership with the National Security Agency (NSA) to develop and field the MLS TECNET capability in the near term. The centerpiece of this partnership is a state-of-the-art Concurrent Systems Security Engineering (CSSE) process. In developing the MLS TECNET capability, TECNET and NSA are providing members, with various expertise and diverse backgrounds, to participate in the CSSE process. The CSSE process is founded on the concepts of both Systems Engineering and Concurrent Engineering. Systems Engineering is an interdisciplinary approach to evolve and verify an integrated and life cycle balanced set of system product and process solutions that satisfy customer needs (ASD/ENS-MIL STD 499B 1992). Concurrent Engineering is design and development using the simultaneous, applied talents of a diverse group of people with the appropriate skills. Harnessing diverse talents to support CSSE requires active participation by team members in an environment that both respects and encourages diversity.

A Novel Design of Reconfigurable Wavelength-Time Optical Codes to Enhance Security in Optical CDMA Networks

NASA Astrophysics Data System (ADS)

Nasaruddin; Tsujioka, Tetsuo

An optical CDMA (OCDMA) system is a flexible technology for future broadband multiple access networks. A secure OCDMA network in broadband optical access technologies is also becoming an issue of great importance. In this paper, we propose novel reconfigurable wavelength-time (W-T) optical codes that lead to secure transmission in OCDMA networks. The proposed W-T optical codes are constructed by using quasigroups (QGs) for wavelength hopping and one-dimensional optical orthogonal codes (OOCs) for time spreading; we call them QGs/OOCs. Both QGs and OOCs are randomly generated by a computer search to ensure that an eavesdropper could not improve its interception performance by making use of the coding structure. Then, the proposed reconfigurable QGs/OOCs can provide more codewords, and many different code set patterns, which differ in both wavelength and time positions for given code parameters. Moreover, the bit error probability of the proposed codes is analyzed numerically. To realize the proposed codes, a secure system is proposed by employing reconfigurable encoders/decoders based on array waveguide gratings (AWGs), which allow the users to change their codeword patterns to protect against eavesdropping. Finally, the probability of breaking a certain codeword in the proposed system is evaluated analytically. The results show that the proposed codes and system can provide a large codeword pattern, and decrease the probability of breaking a certain codeword, to enhance OCDMA network security.

Fermilab Security Site Access Request Database

Science.gov Websites

Fermilab Security Site Access Request Database Use of the online version of the Fermilab Security Site Access Request Database requires that you login into the ESH&Q Web Site. Note: Only Fermilab generated from the ESH&Q Section's Oracle database on May 27, 2018 05:48 AM. If you have a question

Cloud computing for context-aware enhanced m-Health services.

PubMed

Fernandez-Llatas, Carlos; Pileggi, Salvatore F; Ibañez, Gema; Valero, Zoe; Sala, Pilar

2015-01-01

m-Health services are increasing its presence in our lives due to the high penetration of new smartphone devices. This new scenario proposes new challenges in terms of information accessibility that require new paradigms which enable the new applications to access the data in a continuous and ubiquitous way, ensuring the privacy required depending on the kind of data accessed. This paper proposes an architecture based on cloud computing paradigms in order to empower new m-Health applications to enrich their results by providing secure access to user data.

Ontology based log content extraction engine for a posteriori security control.

PubMed

Azkia, Hanieh; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Coatrieux, Gouenou

2012-01-01

In a posteriori access control, users are accountable for actions they performed and must provide evidence, when required by some legal authorities for instance, to prove that these actions were legitimate. Generally, log files contain the needed data to achieve this goal. This logged data can be recorded in several formats; we consider here IHE-ATNA (Integrating the healthcare enterprise-Audit Trail and Node Authentication) as log format. The difficulty lies in extracting useful information regardless of the log format. A posteriori access control frameworks often include a log filtering engine that provides this extraction function. In this paper we define and enforce this function by building an IHE-ATNA based ontology model, which we query using SPARQL, and show how the a posteriori security controls are made effective and easier based on this function.

76 FR 12353 - Combined Notice of Filings #2

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-07

... PowerSecure Inc. at Washington, NC Walmart. Filed Date: 07/02/2010. Accession Number: 20100702-5029...: Self-Certification of PowerSecure Inc. at Laurinburg, NC Walmart. Filed Date: 07/02/2010. Accession...Secure, Inc. Description: Self-Certification of PowerSecure Inc. at Wilson, NC Walmart. Filed Date: 07/02...

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Information and Restricted Data. 95.35 Section 95.35 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a...

Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

PubMed

Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

2016-12-01

In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

Common Capabilities for Trust and Security in Service Oriented Infrastructures

NASA Astrophysics Data System (ADS)

Brossard, David; Colombo, Maurizio

In order to achieve agility of the enterprise and shorter concept-to-market timescales for new services, IT and communication providers and their customers increasingly use technologies and concepts which come together under the banner of the Service Oriented Infrastructure (SOI) approach. In this paper we focus on the challenges relating to SOI security. The solutions presented cover the following areas: i) identity federation, ii) distributed usage & access management, and iii) context-aware secure messaging, routing & transformation. We use a scenario from the collaborative engineering space to illustrate the challenges and the solutions.

Public/Private Partnerships with Hazardous Material Motor Carriers: Creating Incentives to Increase Security through Assessed Risk (STAR)

DTIC Science & Technology

2008-12-01

Program,” http://www.cbp.gov/xp/cgov/trade/cargo_security/ ctpat /fast/ (accessed October 14, 2008). 73 U.S. Customs and Border Protection, “What Is...Customs-Trade Partnership against Terrorism (C- TPAT)?” http://www.cbp.gov/xp/cgov/trade/cargo_security/ ctpat /what_ctpat/ (accessed October 14, 2008...cgov/trade/cargo_security/ ctpat / (accessed September 12, 2008). 69 1. National Park Service Historic Preservation Tax Incentives The U.S. government

A Web-Based Database for Nurse Led Outreach Teams (NLOT) in Toronto.

PubMed

Li, Shirley; Kuo, Mu-Hsing; Ryan, David

2016-01-01

A web-based system can provide access to real-time data and information. Healthcare is moving towards digitizing patients' medical information and securely exchanging it through web-based systems. In one of Ontario's health regions, Nurse Led Outreach Teams (NLOT) provide emergency mobile nursing services to help reduce unnecessary transfers from long-term care homes to emergency departments. Currently the NLOT team uses a Microsoft Access database to keep track of the health information on the residents that they serve. The Access database lacks scalability, portability, and interoperability. The objective of this study is the development of a web-based database using Oracle Application Express that is easily accessible from mobile devices. The web-based database will allow NLOT nurses to enter and access resident information anytime and from anywhere.

Meeting the health information needs of prostate cancer patients using personal health records.

PubMed

Pai, H H; Lau, F; Barnett, J; Jones, S

2013-12-01

There is interest in the use of health information technology in the form of personal health record (phr) systems to support patient needs for health information, care, and decision-making, particularly for patients with distressing, chronic diseases such as prostate cancer (pca). We sought feedback from pca patients who used a phr. For 6 months, 22 pca patients in various phases of care at the BC Cancer Agency (bcca) were given access to a secure Web-based phr called provider, which they could use to view their medical records and use a set of support tools. Feedback was obtained using an end-of-study survey on usability, satisfaction, and concerns with provider. Site activity was recorded to assess usage patterns. Of the 17 patients who completed the study, 29% encountered some minor difficulties using provider. No security breaches were known to have occurred. The two most commonly accessed medical records were laboratory test results and transcribed doctor's notes. Of survey respondents, 94% were satisfied with the access to their medical records, 65% said that provider helped to answer their questions, 77% felt that their privacy and confidentiality were preserved, 65% felt that using provider helped them to communicate better with their physicians, 83% found new and useful information that they would not have received by talking to their health care providers, and 88% said that they would continue to use provider. Our results support the notion that phrs can provide cancer patients with timely access to their medical records and health information, and can assist in communication with health care providers, in knowledge generation, and in patient empowerment.

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2013 CFR

2013-01-01

... dated February 14, 1984. (2) An established “need-to-know” for the matter (See Definitions, § 95.5). (3... 10 Energy 2 2013-01-01 2013-01-01 false Access to matter classified as National Security... Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a...

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2014 CFR

2014-01-01

... dated February 14, 1984. (2) An established “need-to-know” for the matter (See Definitions, § 95.5). (3... 10 Energy 2 2014-01-01 2014-01-01 false Access to matter classified as National Security... Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a...

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

Second Line of Defense: Electronic Maintenance Reports, Local Maintenance Provider User Guide, Rev. 3

DOE Office of Scientific and Technical Information (OSTI.GOV)

Leigh, Richard J.

2012-09-01

The Electronic Maintenance Report forms allow Local Maintenance Providers (LMP) and other program staff to enter maintenance information into a simple and secure system. This document describes the features and information required to complete the Maintenance Report forms. It is expected that all Corrective Maintenance Reports from LMPs will be submitted electronically into the SLD Portal. As an exception (e.g., when access to the SLD Portal is unavailable), Maintenance Reports can be submitted via a secure Adobe PDF form available through the Sustainability Manager assigned to each country.

A Secure Mobile-Based Authentication System for e-Banking

NASA Astrophysics Data System (ADS)

Rifà-Pous, Helena

Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable. We propose a challenge-response based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.

Discrete Event Simulation for the Analysis of Artillery Fired Projectiles from Shore

DTIC Science & Technology

2017-06-01

a designed experiment indicate artillery systems provide commanders a limited area denial capability, and should be employed where naval forces are... Design 15. NUMBER OF PAGES 85 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS PAGE Unclassified 19...to deny freedom of navigation (area denial) and stop an amphibious naval convoy (anti-access). Results from a designed experiment indicate artillery

Hospital Security and Force Protection: A Guide to Ensuring Patient and Employee Safety

DTIC Science & Technology

2006-04-28

leader and set up training camps for his recruits. Through these experiences, Osama Bin Laden was able to obtain money , weapons, and develop connections...options to deter counterfeits . Hospital Security 50 Membership within community collaboratives or community-based organizations provides excellent...iris or fingerprints scans are resistant to theft and counterfeit , assuring access to only authorized personnel. Many theme parks are utilizing this

A Network Access Control Framework for 6LoWPAN Networks

PubMed Central

Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

2013-01-01

Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

A Secure Architecture to Provide a Medical Emergency Dataset for Patients in Germany and Abroad.

PubMed

Storck, Michael; Wohlmann, Jan; Krudwig, Sarah; Vogel, Alexander; Born, Judith; Weber, Thomas; Dugas, Martin; Juhra, Christian

2017-01-01

The ongoing fragmentation of medical care and mobility of patients severely restrains exchange of lifesaving information about patient's medical history in case of emergencies. Therefore, the objective of this work is to offer a secure technical solution to supply medical professionals with emergency-relevant information concerning the current patient via mobile accessibility. To achieve this goal, the official national emergency data set was extended by additional features to form a patient summary for emergencies, a software architecture was developed and data security and data protection issues were taken into account. The patient has sovereignty over his/her data and can therefore decide who has access to or can change his/her stored data, but the treating physician composes the validated dataset. Building upon the introduced concept, future activities are the development of user-interfaces for the software components of the different user groups as well as functioning prototypes for upcoming field tests.

A secure EHR system based on hybrid clouds.

PubMed

Chen, Yu-Yi; Lu, Jun-Chao; Jan, Jinn-Ke

2012-10-01

Consequently, application services rendering remote medical services and electronic health record (EHR) have become a hot topic and stimulating increased interest in studying this subject in recent years. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. Sharing EHR information can provide professional medical programs with consultancy, evaluation, and tracing services can certainly improve accessibility to the public receiving medical services or medical information at remote sites. With the widespread use of EHR, building a secure EHR sharing environment has attracted a lot of attention in both healthcare industry and academic community. Cloud computing paradigm is one of the popular healthIT infrastructures for facilitating EHR sharing and EHR integration. In this paper, we propose an EHR sharing and integration system in healthcare clouds and analyze the arising security and privacy issues in access and management of EHRs.

28 CFR 17.1 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Administration DEPARTMENT OF JUSTICE CLASSIFIED NATIONAL SECURITY INFORMATION AND ACCESS TO CLASSIFIED... Comp., p. 391) and implementing directives from the Information Security Oversight Office of the... Security Information and the criteria for access to this information. Accordingly, this part is a revision...

28 CFR 17.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Administration DEPARTMENT OF JUSTICE CLASSIFIED NATIONAL SECURITY INFORMATION AND ACCESS TO CLASSIFIED... Comp., p. 391) and implementing directives from the Information Security Oversight Office of the... Security Information and the criteria for access to this information. Accordingly, this part is a revision...

Privacy, security and access with sensitive health information.

PubMed

Croll, Peter

2010-01-01

This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

Usability Assessment of Secure Messaging for Clinical Document Sharing between Health Care Providers and Patients.

PubMed

Jahn, Michelle A; Porter, Brian W; Patel, Himalaya; Zillich, Alan J; Simon, Steven R; Russ, Alissa L

2018-04-01

 Web-based patient portals feature secure messaging systems that enable health care providers and patients to communicate information. However, little is known about the usability of these systems for clinical document sharing.  This article evaluates the usability of a secure messaging system for providers and patients in terms of its ability to support sharing of electronic clinical documents.  We conducted usability testing with providers and patients in a human-computer interaction laboratory at a Midwestern U.S. hospital. Providers sent a medication list document to a fictitious patient via secure messaging. Separately, patients retrieved the clinical document from a secure message and returned it to a fictitious provider. We collected use errors, task completion, task time, and satisfaction.  Twenty-nine individuals participated: 19 providers (6 physicians, 6 registered nurses, and 7 pharmacists) and 10 patients. Among providers, 11 (58%) attached and sent the clinical document via secure messaging without requiring assistance, in a median (range) of 4.5 (1.8-12.7) minutes. No patients completed tasks without moderator assistance. Patients accessed the secure messaging system within 3.6 (1.2-15.0) minutes; retrieved the clinical document within 0.8 (0.5-5.7) minutes; and sent the attached clinical document in 6.3 (1.5-18.1) minutes. Although median satisfaction ratings were high, with 5.8 for providers and 6.0 for patients (scale, 0-7), we identified 36 different use errors. Physicians and pharmacists requested additional features to support care coordination via health information technology, while nurses requested features to support efficiency for their tasks.  This study examined the usability of clinical document sharing, a key feature of many secure messaging systems. Our results highlight similarities and differences between provider and patient end-user groups, which can inform secure messaging design to improve learnability and efficiency. The observations suggest recommendations for improving the technical aspects of secure messaging for clinical document sharing. Schattauer GmbH Stuttgart.

Access and accounting schemes of wireless broadband

NASA Astrophysics Data System (ADS)

Zhang, Jian; Huang, Benxiong; Wang, Yan; Yu, Xing

2004-04-01

In this paper, two wireless broadband access and accounting schemes were introduced. There are some differences in the client and the access router module between them. In one scheme, Secure Shell (SSH) protocol is used in the access system. The SSH server makes the authentication based on private key cryptography. The advantage of this scheme is the security of the user's information, and we have sophisticated access control. In the other scheme, Secure Sockets Layer (SSL) protocol is used the access system. It uses the technology of public privacy key. Nowadays, web browser generally combines HTTP and SSL protocol and we use the SSL protocol to implement the encryption of the data between the clients and the access route. The schemes are same in the radius sever part. Remote Authentication Dial in User Service (RADIUS), as a security protocol in the form of Client/Sever, is becoming an authentication/accounting protocol for standard access to the Internet. It will be explained in a flow chart. In our scheme, the access router serves as the client to the radius server.

1973 Rural Manpower Report. [North Dakota]. ES-225F.

ERIC Educational Resources Information Center

North Dakota State Employment Security Bureau, Bismarck. Employment Service Div.

The Rural Manpower Service's objective is to provide the State's rural people "equity of access" to all programs administered by the North Dakota Employment Security Bureau. It provides services to agriculture, business, government, and workers in meeting their employment and manpower needs. Functional supervision and direction to the…

Toward Improved Security and Privacy in Modern Healthcare

ERIC Educational Resources Information Center

Pagano, Matthew Wallach

2013-01-01

The conversion of paper-based medical records into electronic formats is set to bring many benefits to healthcare. This includes creating a more seamless exchange of electronic health records (EHRs) between providers, improving healthcare while lowering its costs, and providing patients with increased access to their EHRs. As more medical…

Interactive telemedicine solution based on a secure mHealth application.

PubMed

Eldeib, Ayman M

2014-01-01

In dynamic healthcare environments, caregivers and patients are constantly moving. To increase the healthcare quality when it is necessary, caregivers need the ability to reach each other and securely access medical information and services from wherever they happened to be. This paper presents an Interactive Telemedicine Solution (ITS) to facilitate and automate the communication within a healthcare facility via Voice over Internet Protocol (VOIP), regular mobile phones, and Wi-Fi connectivity. Our system has the capability to exchange/provide securely healthcare information/services across geographic barriers through 3G/4G wireless communication network. Our system assumes the availability of an Electronic Health Record (EHR) system locally in the healthcare organization and/or on the cloud network such as a nation-wide EHR system. This paper demonstrate the potential of our system to provide effectively and securely remote healthcare solution.

A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network.

PubMed

Lai, Yan-Ming; Cheng, Pu-Jen; Lee, Cheng-Chi; Ku, Chia-Yi

2016-01-01

Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.'s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.'s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client's privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay.

A New Ticket-Based Authentication Mechanism for Fast Handover in Mesh Network

PubMed Central

Lai, Yan-Ming; Cheng, Pu-Jen; Lee, Cheng-Chi; Ku, Chia-Yi

2016-01-01

Due to the ever-growing popularity mobile devices of various kinds have received worldwide, the demands on large-scale wireless network infrastructure development and enhancement have been rapidly swelling in recent years. A mobile device holder can get online at a wireless network access point, which covers a limited area. When the client leaves the access point, there will be a temporary disconnection until he/she enters the coverage of another access point. Even when the coverages of two neighboring access points overlap, there is still work to do to make the wireless connection smoothly continue. The action of one wireless network access point passing a client to another access point is referred to as the handover. During handover, for security concerns, the client and the new access point should perform mutual authentication before any Internet access service is practically gained/provided. If the handover protocol is inefficient, in some cases discontinued Internet service will happen. In 2013, Li et al. proposed a fast handover authentication mechanism for wireless mesh network (WMN) based on tickets. Unfortunately, Li et al.’s work came with some weaknesses. For one thing, some sensitive information such as the time and date of expiration is sent in plaintext, which increases security risks. For another, Li et al.’s protocol includes the use of high-quality tamper-proof devices (TPDs), and this unreasonably high equipment requirement limits its applicability. In this paper, we shall propose a new efficient handover authentication mechanism. The new mechanism offers a higher level of security on a more scalable ground with the client’s privacy better preserved. The results of our performance analysis suggest that our new mechanism is superior to some similar mechanisms in terms of authentication delay. PMID:27171160

A re-conceptualization of access for 21st century healthcare.

PubMed

Fortney, John C; Burgess, James F; Bosworth, Hayden B; Booth, Brenda M; Kaboli, Peter J

2011-11-01

Many e-health technologies are available to promote virtual patient-provider communication outside the context of face-to-face clinical encounters. Current digital communication modalities include cell phones, smartphones, interactive voice response, text messages, e-mails, clinic-based interactive video, home-based web-cams, mobile smartphone two-way cameras, personal monitoring devices, kiosks, dashboards, personal health records, web-based portals, social networking sites, secure chat rooms, and on-line forums. Improvements in digital access could drastically diminish the geographical, temporal, and cultural access problems faced by many patients. Conversely, a growing digital divide could create greater access disparities for some populations. As the paradigm of healthcare delivery evolves towards greater reliance on non-encounter-based digital communications between patients and their care teams, it is critical that our theoretical conceptualization of access undergoes a concurrent paradigm shift to make it more relevant for the digital age. The traditional conceptualizations and indicators of access are not well adapted to measure access to health services that are delivered digitally outside the context of face-to-face encounters with providers. This paper provides an overview of digital "encounterless" utilization, discusses the weaknesses of traditional conceptual frameworks of access, presents a new access framework, provides recommendations for how to measure access in the new framework, and discusses future directions for research on access.

Exploring the impact of the 2008 global food crisis on food security among vulnerable households in rural South Africa

PubMed Central

Nawrotzki, Raphael J.; Robson, Kristin; Gutilla, Margaret J.; Hunter, Lori M.; Twine, Wayne; Norlund, Petra

2015-01-01

Recurring food crises endanger the livelihoods of millions of households in developing countries around the globe. Owing to the importance of this issue, we explore recent changes in food security between the years 2004 and 2010 in a rural district in Northeastern South Africa. Our study window spans the time of the 2008 global food crises and allows the investigation of its impacts on rural South African populations. Grounded in the sustainable livelihood framework, we examine differences in food security trajectories among vulnerable sub populations. A unique panel data set of 8,147 households, provided by the Agincourt Health and Demographic Surveillance System (Agincourt HDSS), allows us to employ a longitudinal multilevel modeling approach to estimate adjusted growth curves for the differential change in food security across time. We observe an overall improvement in food security that leveled off after 2008, most likely resulting from the global food crisis. In addition, we discover significant differences in food security trajectories for various sub populations. For example, female-headed households and those living in areas with better access to natural resources differentially improved their food security situation, compared to male-headed households and those households with lower levels of natural resource access. However, former Mozambican refugees witnessed a decline in food security. Therefore, poverty alleviation programs for the Agincourt region should work to improve the food security of vulnerable households, such as former Mozambican refugees. PMID:26594259

Extended outlook: description, utilization, and daily applications of cloud technology in radiology.

PubMed

Gerard, Perry; Kapadia, Neil; Chang, Patricia T; Acharya, Jay; Seiler, Michael; Lefkovitz, Zvi

2013-12-01

The purpose of this article is to discuss the concept of cloud technology, its role in medical applications and radiology, the role of the radiologist in using and accessing these vast resources of information, and privacy concerns and HIPAA compliance strategies. Cloud computing is the delivery of shared resources, software, and information to computers and other devices as a metered service. This technology has a promising role in the sharing of patient medical information and appears to be particularly suited for application in radiology, given the field's inherent need for storage and access to large amounts of data. The radiology cloud has significant strengths, such as providing centralized storage and access, reducing unnecessary repeat radiologic studies, and potentially allowing radiologic second opinions more easily. There are significant cost advantages to cloud computing because of a decreased need for infrastructure and equipment by the institution. Private clouds may be used to ensure secure storage of data and compliance with HIPAA. In choosing a cloud service, there are important aspects, such as disaster recovery plans, uptime, and security audits, that must be considered. Given that the field of radiology has become almost exclusively digital in recent years, the future of secure storage and easy access to imaging studies lies within cloud computing technology.

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

17 CFR 240.15c3-5 - Risk management controls for brokers or dealers with market access.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Risk management controls for... Markets § 240.15c3-5 Risk management controls for brokers or dealers with market access. (a) For the... system provided by a broker-dealer operator of an alternative trading system to a non-broker-dealer. (2...

17 CFR 240.15c3-5 - Risk management controls for brokers or dealers with market access.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Risk management controls for... Markets § 240.15c3-5 Risk management controls for brokers or dealers with market access. (a) For the... system provided by a broker-dealer operator of an alternative trading system to a non-broker-dealer. (2...

Measuring global water security towards sustainable development goals

NASA Astrophysics Data System (ADS)

Gain, Animesh K.; Giupponi, Carlo; Wada, Yoshihide

2016-12-01

Water plays an important role in underpinning equitable, stable and productive societies and ecosystems. Hence, United Nations recognized ensuring water security as one (Goal 6) of the seventeen sustainable development goals (SDGs). Many international river basins are likely to experience ‘low water security’ over the coming decades. Water security is rooted not only in the physical availability of freshwater resources relative to water demand, but also on social and economic factors (e.g. sound water planning and management approaches, institutional capacity to provide water services, sustainable economic policies). Until recently, advanced tools and methods are available for the assessment of water scarcity. However, quantitative and integrated—physical and socio-economic—approaches for spatial analysis of water security at global level are not available yet. In this study, we present a spatial multi-criteria analysis framework to provide a global assessment of water security. The selected indicators are based on Goal 6 of SDGs. The term ‘security’ is conceptualized as a function of ‘availability’, ‘accessibility to services’, ‘safety and quality’, and ‘management’. The proposed global water security index (GWSI) is calculated by aggregating indicator values on a pixel-by-pixel basis, using the ordered weighted average method, which allows for the exploration of the sensitivity of final maps to different attitudes of hypothetical policy makers. Our assessment suggests that countries of Africa, South Asia and Middle East experience very low water security. Other areas of high water scarcity, such as some parts of United States, Australia and Southern Europe, show better GWSI values, due to good performance of management, safety and quality, and accessibility. The GWSI maps show the areas of the world in which integrated strategies are needed to achieve water related targets of the SDGs particularly in the African and Asian continents.

75 FR 8423 - Self-Regulatory Organizations; NASDAQ OMX BX, Inc.; Notice of Filing of Proposed Rule Change To...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-24

... below $1. For these securities, BX currently charges members accessing liquidity a fee equal to 0.1% (10 basis points) of the total transaction cost and provides no credit to members providing liquidity. Under... transaction cost, and members providing liquidity will be provided a credit equal to 0.25% (25 basis points...

Suicide Awareness

MedlinePlus

... Resources Resource Request System Contact Us Legal and Security Accessibility Accessibility Tools Disclaimer Privacy Act Statement & Security No Fear Act FOIA Inspector General Audits & Investigative ...

Telemedicine and security. Confidentiality, integrity, and availability: a Canadian perspective.

PubMed

Jennett, P; Watanabe, M; Igras, E; Premkumar, K; Hall, W

1996-01-01

The health care system is undergoing major reform, characterized by organized delivery systems (regionalization, decentralization, devolution, etc); shifts in care delivery sites; changing health provider roles; increasing consumer responsibilities; and accountability. Rapid advances in information technology and telecommunications have led to a new type of information infrastructure which can play a major role in this reform. Compatible health information systems are now being integrated and connected across institutional, regional, and sectorial boundaries. In the near future, these information systems will readily be accessed and shared by health providers, researchers, policy makers, health consumers, and the public. SECURITY is a critical characteristic of any health information system. This paper will address three fields associated with SECURITY: confidentiality, integrity, and availability. These will be defined and examined as they relate to specific aspects of Telemedicine, such as electronic integrated records and clinical databases; electronic transfer of documents; as well as data storage and disposal. The guiding principles, standards, and safeguards being considered and put in place to ensure that telemedicine information intrastructures can protect and benefit all stakeholders' rights and needs in both primary and secondary uses of information will be reviewed. Implemented, proposed, and tested institutional, System, and Network solutions will be discussed; for example, encryption-decryption methods; data transfer standards; individual and terminal access and entry I.D. and password levels; smart card access and PIN number control; data loss prevention strategies; interference alerts; information access keys; algorithm safeguards; and active marketing to users of standards and principles. Issues such as policy, implementation, and ownership will be addressed.

A review and a framework of handheld computer adoption in healthcare.

PubMed

Lu, Yen-Chiao; Xiao, Yan; Sears, Andrew; Jacko, Julie A

2005-06-01

Wide adoption of mobile computing technology can potentially improve information access, enhance workflow, and promote evidence-based practice to make informed and effective decisions at the point of care. Handheld computers or personal digital assistants (PDAs) offer portable and unobtrusive access to clinical data and relevant information at the point of care. This article reviews the literature on issues related to adoption of PDAs in health care and barriers to PDA adoption. Studies showed that PDAs were used widely in health care providers' practice, and the level of use is expected to rise rapidly. Most care providers found PDAs to be functional and useful in areas of documentation, medical reference, and access to patient data. Major barriers to adoption were identified as usability, security concerns, and lack of technical and organizational support. PDAs offer health care practitioners advantages to enhance their clinical practice. However, better designed PDA hardware and software applications, more institutional support, seamless integration of PDA technology with hospital information systems, and satisfactory security measures are necessary to increase acceptance and wide use of PDAs in healthcare.

A forensic identification case and DPid - can it be a useful tool?

PubMed Central

de QUEIROZ, Cristhiane Leão; BOSTOCK, Ellen Marie; SANTOS, Carlos Ferreira; GUIMARÃES, Marco Aurélio; da SILVA, Ricardo Henrique Alves

2017-01-01

Abstract Objective The aim of this study was to show DPid as an important tool of potential application to solve cases with dental prosthesis, such as the forensic case reported, in which a skull, denture and dental records were received for analysis. Material and Methods Human identification is still challenging in various circumstances and Dental Prosthetics Identification (DPid) stores the patient’s name and prosthesis information and provides access through an embedded code in dental prosthesis or an identification card. All of this information is digitally stored on servers accessible only by dentists, laboratory technicians and patients with their own level of secure access. DPid provides a complete single-source list of all dental prosthesis features (materials and components) under complete and secure documentation used for clinical follow-up and for human identification. Results and Conclusion If DPid tool was present in this forensic case, it could have been solved without requirement of DNA exam, which confirmed the dental comparison of antemortem and postmortem records, and concluded the case as a positive identification. PMID:28678955

TealLock 5.20 security software program for handheld devices.

PubMed

Tahil, Fatimah A

2004-07-01

The TealLock has a simple graphic interface, and the program is user-friendly with well thought out options to customize security settings. The program is inexpensive and works seamlessly with the Palm OS platform's built-in basic Security application. The developer offers a 30-day free trial version and there is no downside to trying it to see if it meets your needs. It seems to be an effective security software program for psychiatrists who keep confidential and sensitive patient information on their PDAs. In keeping with HIPAA regulations, the TealLock bolsters security for protected health information stored on PDAs or other handheld devices by providing safeguards that address authentication, access control, encryption, and selected aspects of transmission.

An updated look at document security: from initiation to storage or shredder.

PubMed

McConnell, Charles R

2014-01-01

In these days of close attention to security of information handled electronically, there is often a tendency to overlook the security of hard-copy documents. Document security can involve many areas of business, but the health care department manager's concerns are primarily for patient records and employee documentation. Document security is closely related to growing concerns for individual privacy; guidelines are furnished for protecting employee privacy by separating retention practices for business information from personal information. Sensitive documentation requires rules and procedures for processing, retaining, accessing, storing, and eventually destroying. Also, documents that are missing or incomplete at times present unique problems for the organization. The department manager is provided with some simple rules for safeguarding employee and patient documentation.

Security Protection on Trust Delegated Data in Public Mobile Networks

NASA Astrophysics Data System (ADS)

Weerasinghe, Dasun; Rajarajan, Muttukrishnan; Rakocevic, Veselin

This paper provides detailed solutions for trust delegation and security protection for medical records in public mobile communication networks. The solutions presented in this paper enable the development of software for mobile devices that can be used by emergency medical units in urgent need of sensitive personal information about unconscious patients. In today's world, technical improvements in mobile communication systems mean that users can expect to have access to data at any time regardless of their location. This paper presents a token-based procedure for the data security at a mobile device and delegation of trust between a requesting mobile unit and secure medical data storage. The data security at the mobile device is enabled using identity based key generation methodology.

10 CFR 10.5 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... SECURITY INFORMATION OR AN EMPLOYMENT CLEARANCE General Provisions § 10.5 Definitions. Access authorization... person designated by the Deputy Executive Director for Corporate Management and Chief Information Officer, is eligible for a security clearance for access to Restricted Data or National Security Information...

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2012 CFR

2012-10-01

... cargo enters an airport Security Identification Display Area or is transferred to another TSA-regulated... program accepts the cargo until the cargo— (A) Enters an airport Security Identification Display Area; (B... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo and cargo screening: Security...

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2014 CFR

2014-10-01

... cargo enters an airport Security Identification Display Area or is transferred to another TSA-regulated... program accepts the cargo until the cargo— (A) Enters an airport Security Identification Display Area; (B... 49 Transportation 9 2014-10-01 2014-10-01 false Access to cargo and cargo screening: Security...

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2013 CFR

2013-10-01

... cargo enters an airport Security Identification Display Area or is transferred to another TSA-regulated... program accepts the cargo until the cargo— (A) Enters an airport Security Identification Display Area; (B... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo and cargo screening: Security...

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2011 CFR

2011-10-01

... cargo enters an airport Security Identification Display Area or is transferred to another TSA-regulated... program accepts the cargo until the cargo— (A) Enters an airport Security Identification Display Area; (B... 49 Transportation 9 2011-10-01 2011-10-01 false Access to cargo and cargo screening: Security...

Security Issues in Cross-Organizational Peer-to-Peer Applications and Some Solutions

NASA Astrophysics Data System (ADS)

Gupta, Ankur; Awasthi, Lalit K.

Peer-to-Peer networks have been widely used for sharing millions of terabytes of content, for large-scale distributed computing and for a variety of other novel applications, due to their scalability and fault-tolerance. However, the scope of P2P networks has somehow been limited to individual computers connected to the internet. P2P networks are also notorious for blatant copyright violations and facilitating several kinds of security attacks. Businesses and large organizations have thus stayed away from deploying P2P applications citing security loopholes in P2P systems as the biggest reason for non-adoption. In theory P2P applications can help fulfill many organizational requirements such as collaboration and joint projects with other organizations, access to specialized computing infrastructure and finally accessing the specialized information/content and expert human knowledge available at other organizations. These potentially beneficial interactions necessitate that the research community attempt to alleviate the security shortcomings in P2P systems and ensure their acceptance and wide deployment. This research paper therefore examines the security issues prevalent in enabling cross-organizational P2P interactions and provides some technical insights into how some of these issues can be resolved.

Spatiotemporal access model based on reputation for the sensing layer of the IoT.

PubMed

Guo, Yunchuan; Yin, Lihua; Li, Chao; Qian, Junyan

2014-01-01

Access control is a key technology in providing security in the Internet of Things (IoT). The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC). STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM) and the election-based update mechanism (EUM). We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model.

22 CFR 9.13 - Safeguarding.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.13 Safeguarding. Specific controls on the use, processing, storage, reproduction, and transmittal of classified information within the Department to provide protection for such information and to prevent access by unauthorized...

22 CFR 9.13 - Safeguarding.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Relations DEPARTMENT OF STATE GENERAL SECURITY INFORMATION REGULATIONS § 9.13 Safeguarding. Specific controls on the use, processing, storage, reproduction, and transmittal of classified information within the Department to provide protection for such information and to prevent access by unauthorized...

Driving Toward Guiding Principles

PubMed Central

Buckovich, Suzy A.; Rippen, Helga E.; Rozen, Michael J.

1999-01-01

As health care moves from paper to electronic data collection, providing easier access and dissemination of health information, the development of guiding privacy, confidentiality, and security principles is necessary to help balance the protection of patients' privacy interests against appropriate information access. A comparative review and analysis was done, based on a compilation of privacy, confidentiality, and security principles from many sources. Principles derived from ten identified sources were compared with each of the compiled principles to assess support level, uniformity, and inconsistencies. Of 28 compiled principles, 23 were supported by at least 50 percent of the sources. Technology could address at least 12 of the principles. Notable consistencies among the principles could provide a basis for consensus for further legislative and organizational work. It is imperative that all participants in our health care system work actively toward a viable resolution of this information privacy debate. PMID:10094065

On the designing of a tamper resistant prescription RFID access control system.

PubMed

Safkhani, Masoumeh; Bagheri, Nasour; Naderi, Majid

2012-12-01

Recently, Chen et al. have proposed a novel tamper resistant prescription RFID access control system, published in the Journal of Medical Systems. In this paper we consider the security of the proposed protocol and identify some existing weaknesses. The main attack is a reader impersonation attack which allows an active adversary to impersonate a legitimate doctor, e.g. the patient's doctor, to access the patient's tag and change the patient prescription. The presented attack is quite efficient. To impersonate a doctor, the adversary should eavesdrop one session between the doctor and the patient's tag and then she can impersonate the doctor with the success probability of '1'. In addition, we present efficient reader-tag to back-end database impersonation, de-synchronization and traceability attacks against the protocol. Finally, we propose an improved version of protocol which is more efficient compared to the original protocol while provides the desired security against the presented attacks.

Preventing Abuse and Neglect

MedlinePlus

... Resources Resource Request System Contact Us Legal and Security Accessibility Accessibility Tools Disclaimer Privacy Act Statement & Security No Fear Act FOIA Inspector General Audits & Investigative ...

ML Crew Access Arm Move

NASA Image and Video Library

2017-11-09

The Orion crew access arm is secured in a storage location at NASA's Kennedy Space Center in Florida. The access arm will be prepared for its move to the mobile launcher (ML) tower near the Vehicle Assembly Building at the center. The crew access arm will be installed at about the 274-foot level on the tower. It will rotate from its retracted position and interface with the Orion crew hatch location to provide entry to the Orion crew module. The Ground Systems Development and Operations Program is overseeing installation of umbilicals and launch accessories on the ML tower.

Online database for documenting clinical pathology resident education.

PubMed

Hoofnagle, Andrew N; Chou, David; Astion, Michael L

2007-01-01

Training of clinical pathologists is evolving and must now address the 6 core competencies described by the Accreditation Council for Graduate Medical Education (ACGME), which include patient care. A substantial portion of the patient care performed by the clinical pathology resident takes place while the resident is on call for the laboratory, a practice that provides the resident with clinical experience and assists the laboratory in providing quality service to clinicians in the hospital and surrounding community. Documenting the educational value of these on-call experiences and providing evidence of competence is difficult for residency directors. An online database of these calls, entered by residents and reviewed by faculty, would provide a mechanism for documenting and improving the education of clinical pathology residents. With Microsoft Access we developed an online database that uses active server pages and secure sockets layer encryption to document calls to the clinical pathology resident. Using the data collected, we evaluated the efficacy of 3 interventions aimed at improving resident education. The database facilitated the documentation of more than 4 700 calls in the first 21 months it was online, provided archived resident-generated data to assist in serving clients, and demonstrated that 2 interventions aimed at improving resident education were successful. We have developed a secure online database, accessible from any computer with Internet access, that can be used to easily document clinical pathology resident education and competency.

Summary of ADTT Website Functionality and Features

NASA Technical Reports Server (NTRS)

Hawke, Veronica; Duong, Trang; Liang, Lawrence; Gage, Peter; Lawrence, Scott (Technical Monitor)

2001-01-01

This report summarizes development of the ADTT web-based design environment by the ELORET team in 2000. The Advanced Design Technology Testbed had been in development for several years, with demonstration applications restricted to aerodynamic analyses of subsonic aircraft. The key changes achieved this year were improvements in Web-based accessibility, evaluation of collaborative visualization, remote invocation of geometry updates and performance analysis, and application to aerospace system analysis. Significant effort was also devoted to post-processing of data, chiefly through comparison of similar data for alternative vehicle concepts. Such comparison is an essential requirement for designers to make informed choices between alternatives. The next section of this report provides more discussion of the goals for ADTT development. Section 3 provides screen shots from a sample session in the ADTT environment, including Login and navigation to the project of interest, data inspection, analysis execution and output evaluation. The following section provides discussion of implementation details and recommendations for future development of the software and information technologies that provide the key functionality of the ADTT system. Section 5 discusses the integration architecture for the system, which links machines running different operating systems and provides unified access to data stored in distributed locations. Security is a significant issue for this system, especially for remote access to NAS machines, so Section 6 discusses several architectural considerations with respect to security. Additional details of some aspects of ADTT development are included in Appendices.

Security Concepts for Satellite Links

NASA Astrophysics Data System (ADS)

Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.

2008-08-01

The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).

Forest service access to and use of the Germplasm Information Network (GRIN-Global) database and security backup at the National Laboratory for Genetic Resource Preservation

Treesearch

B. Loth; R.P. Karrfalt

2017-01-01

The U.S. Department of Agriculture Forest Service (USDA FS) National Seed Laboratory (NSL) began long term seed storage for genetic conservation, in 2005, for USDA FS units and cooperators. This program requires secure storage of both seeds and the data documenting the identification of the seeds. The Agricultural Research Service (ARS) has provided both of these...

The Operator Shell: A means of privilege distribution under Unix

DOE Office of Scientific and Technical Information (OSTI.GOV)

Neuman, M.; Christoph, G.

1994-03-01

The Operator Shell (Osh) is a setuid root, security enhanced, restricted shell for providing fine-grain distribution of system privileges for a wide range of usages and requirements. Osh offers a marked improvement over other Unix privilege distribution systems in its ability to specify access to both commands and files, auditing features, and familiar interface. This paper describes the design, features, security considerations, internals, and applications of the Operator Shell.

Security Tagged Architecture Co-Design (STACD)

DTIC Science & Technology

2015-09-01

components have access to all other system components whether they need it or not. Microkernels [8, 9, 10] seek to reduce the kernel size to improve...does not provide the fine-grained control to allow for formal verification. Microkernels reduce the size of the kernel enough to allow for a formal...verification of the kernel. Tanenbaum [14] documents many of the security virtues of microkernels and argues that the Ring 3 Ring 2 Ring 1

Innovative dressing and securement of tunneled central venous access devices in pediatrics: a pilot randomized controlled trial.

PubMed

Ullman, Amanda J; Kleidon, Tricia; Gibson, Victoria; McBride, Craig A; Mihala, Gabor; Cooke, Marie; Rickard, Claire M

2017-08-30

Central venous access device (CVAD) associated complications are a preventable source of patient harm, frequently resulting in morbidity and delays to vital treatment. Dressing and securement products are used to prevent infectious and mechanical complications, however current complication rates suggest customary practices are inadequate. The aim of this study was to evaluate the feasibility of launching a full-scale randomized controlled efficacy trial of innovative dressing and securement products for pediatric tunneled CVAD to prevent complication and failure. An external, pilot, four-group randomized controlled trial of standard care (bordered polyurethane dressing and suture), in comparison to integrated securement-dressing, suture-less securement device, and tissue adhesive was undertaken across two large, tertiary referral pediatric hospitals in Australia. Forty-eight pediatric participants with newly inserted tunneled CVADs were consecutively recruited. The primary outcome of study feasibility was established by elements of eligibility, recruitment, attrition, protocol adherence, missing data, parent and healthcare staff satisfaction and acceptability, and effect size estimates for CVAD failure (cessation of function prior to completion of treatment) and complication (associated bloodstream infection, thrombosis, breakage, dislodgement or occlusion). Dressing integrity, product costs and site complications were also examined. Protocol feasibility was established. CVAD failure was: 17% (2/12) integrated securement-dressing; 8% (1/13) suture-less securement device; 0% tissue adhesive (0/12); and, 0% standard care (0/11). CVAD complications were: 15% (2/13) suture-less securement device (CVAD associated bloodstream infection, and occlusion and partial dislodgement); 8% (1/12) integrated securement-dressing (partial dislodgement); 0% tissue adhesive (0/12); and, 0% standard care (0/11). One CVAD-associated bloodstream infection occurred, within the suture-less securement device group. Overall satisfaction was highest in the integrated securement-dressing (mean 8.5/10; standard deviation 1.2). Improved dressing integrity was evident in the intervention arms, with the integrated securement-dressing associated with prolonged time to first dressing change (mean days 3.5). Improving the security and dressing integrity of tunneled CVADs is likely to improve outcomes for pediatric patients. Further research is necessary to identify novel, effective CVAD securement to reduce complications, and provide reliable vascular access for children. ACTRN12614000280606 ; prospectively registered on 17/03/2014.

DIRAC distributed secure framework

NASA Astrophysics Data System (ADS)

Casajus, A.; Graciani, R.; LHCb DIRAC Team

2010-04-01

DIRAC, the LHCb community Grid solution, provides access to a vast amount of computing and storage resources to a large number of users. In DIRAC users are organized in groups with different needs and permissions. In order to ensure that only allowed users can access the resources and to enforce that there are no abuses, security is mandatory. All DIRAC services and clients use secure connections that are authenticated using certificates and grid proxies. Once a client has been authenticated, authorization rules are applied to the requested action based on the presented credentials. These authorization rules and the list of users and groups are centrally managed in the DIRAC Configuration Service. Users submit jobs to DIRAC using their local credentials. From then on, DIRAC has to interact with different Grid services on behalf of this user. DIRAC has a proxy management service where users upload short-lived proxies to be used when DIRAC needs to act on behalf of them. Long duration proxies are uploaded by users to a MyProxy service, and DIRAC retrieves new short delegated proxies when necessary. This contribution discusses the details of the implementation of this security infrastructure in DIRAC.

PKI-based secure mobile access to electronic health services and data.

PubMed

Kambourakis, G; Maglogiannis, I; Rouskas, A

2005-01-01

Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLAN and General Packet Radio Service (GPRS) networks.

A secure online image trading system for untrusted cloud environments.

PubMed

Munadi, Khairul; Arnia, Fitri; Syaryadhi, Mohd; Fujiyoshi, Masaaki; Kiya, Hitoshi

2015-01-01

In conventional image trading systems, images are usually stored unprotected on a server, rendering them vulnerable to untrusted server providers and malicious intruders. This paper proposes a conceptual image trading framework that enables secure storage and retrieval over Internet services. The process involves three parties: an image publisher, a server provider, and an image buyer. The aim is to facilitate secure storage and retrieval of original images for commercial transactions, while preventing untrusted server providers and unauthorized users from gaining access to true contents. The framework exploits the Discrete Cosine Transform (DCT) coefficients and the moment invariants of images. Original images are visually protected in the DCT domain, and stored on a repository server. Small representation of the original images, called thumbnails, are generated and made publicly accessible for browsing. When a buyer is interested in a thumbnail, he/she sends a query to retrieve the visually protected image. The thumbnails and protected images are matched using the DC component of the DCT coefficients and the moment invariant feature. After the matching process, the server returns the corresponding protected image to the buyer. However, the image remains visually protected unless a key is granted. Our target application is the online market, where publishers sell their stock images over the Internet using public cloud servers.

18 CFR 3a.41 - Access requirements.

Code of Federal Regulations, 2011 CFR

2011-04-01

... level of such clearance (Top Secret, Secret, Confidential). The Personnel Security Officer will maintain.... Additionally, when a staff member no longer needs access to a particular security classification category, the security clearance will be adjusted to the classification category required. In both cases, this action...

A user anonymity preserving three-factor authentication scheme for telecare medicine information systems.

PubMed

Tan, Zuowen

2014-03-01

The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2012 CFR

2012-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2012-10-01 2012-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2014 CFR

2014-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2014-10-01 2014-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2013 CFR

2013-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2013-10-01 2013-10-01 false Access to cargo: Security threat assessments for...

49 CFR 1546.213 - Access to cargo: Security threat assessments for cargo personnel in the United States.

Code of Federal Regulations, 2011 CFR

2011-10-01

... the cargo enters an airport Security Identification Display Area or is transferred to another TSA... under §§ 1546.101(a) or (b) accepts the cargo, until the cargo— (A) Enters an airport Security... 49 Transportation 9 2011-10-01 2011-10-01 false Access to cargo: Security threat assessments for...

Trustworthy data collection from implantable medical devices via high-speed security implementation based on IEEE 1363.

PubMed

Hu, Fei; Hao, Qi; Lukowiak, Marcin; Sun, Qingquan; Wilhelm, Kyle; Radziszowski, Stanisław; Wu, Yao

2010-11-01

Implantable medical devices (IMDs) have played an important role in many medical fields. Any failure in IMDs operations could cause serious consequences and it is important to protect the IMDs access from unauthenticated access. This study investigates secure IMD data collection within a telehealthcare [mobile health (m-health)] network. We use medical sensors carried by patients to securely access IMD data and perform secure sensor-to-sensor communications between patients to relay the IMD data to a remote doctor's server. To meet the requirements on low computational complexity, we choose N-th degree truncated polynomial ring (NTRU)-based encryption/decryption to secure IMD-sensor and sensor-sensor communications. An extended matryoshkas model is developed to estimate direct/indirect trust relationship among sensors. An NTRU hardware implementation in very large integrated circuit hardware description language is studied based on industry Standard IEEE 1363 to increase the speed of key generation. The performance analysis results demonstrate the security robustness of the proposed IMD data access trust model.

Security of medical multimedia.

PubMed

Tzelepi, S; Pangalos, G; Nikolacopoulou, G

2002-09-01

The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

PubMed

Amin, Ruhul; Biswas, G P

2015-08-01

Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

A scoping review of traditional food security in Alaska

PubMed Central

Walch, Amanda; Bersamin, Andrea; Loring, Philip; Johnson, Rhonda; Tholl, Melissa

2018-01-01

ABSTRACT Food insecurity is a public health concern. Food security includes the pillars of food access, availability and utilisation. For some indigenous peoples, this may also include traditional foods. To conduct a scoping review on traditional foods and food security in Alaska. Google Scholar and the High North Research Documents were used to search for relevant primary research using the following terms: “traditional foods”, “food security”, “access”, “availability”, “utilisation”, “Alaska”, “Alaska Native” and “indigenous”. Twenty four articles from Google Scholar and four articles from the High North Research Documents were selected. The articles revealed three types of research approaches, those that quantified traditional food intake (n=18), those that quantified food security (n=2), and qualitative articles that addressed at least one pillar of food security (n=8). Limited primary research is available on food security in Alaskan. Few studies directly measure food security while most provide a review of food security factors. Research investigating dietary intake of traditional foods is more prevalent, though many differences exist among participant age groups and geographical areas. Future research should include direct measurements of traditional food intake and food security to provide a more complete picture of traditional food security in Alaska. PMID:29292675

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security and HIPAA Compliance: Part II

PubMed Central

Watzlaf, Valerie J.M.; Moeini, Sohrab; Matusow, Laura; Firouzan, Patti

2011-01-01

In a previous publication the authors developed a privacy and security checklist to evaluate Voice over Internet Protocol (VoIP) videoconferencing software used between patients and therapists to provide telerehabilitation (TR) therapy. In this paper, the privacy and security checklist that was previously developed is used to perform a risk analysis of the top ten VoIP videoconferencing software to determine if their policies provide answers to the privacy and security checklist. Sixty percent of the companies claimed they do not listen into video-therapy calls unless maintenance is needed. Only 50% of the companies assessed use some form of encryption, and some did not specify what type of encryption was used. Seventy percent of the companies assessed did not specify any form of auditing on their servers. Statistically significant differences across company websites were found for sharing information outside of the country (p=0.010), encryption (p=0.006), and security evaluation (p=0.005). Healthcare providers considering use of VoIP software for TR services may consider using this privacy and security checklist before deciding to incorporate a VoIP software system for TR. Other videoconferencing software that is specific for TR with strong encryption, good access controls, and hardware that meets privacy and security standards should be considered for use with TR. PMID:25945177

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security and HIPAA Compliance: Part II.

PubMed

Watzlaf, Valerie J M; Moeini, Sohrab; Matusow, Laura; Firouzan, Patti

2011-01-01

In a previous publication the authors developed a privacy and security checklist to evaluate Voice over Internet Protocol (VoIP) videoconferencing software used between patients and therapists to provide telerehabilitation (TR) therapy. In this paper, the privacy and security checklist that was previously developed is used to perform a risk analysis of the top ten VoIP videoconferencing software to determine if their policies provide answers to the privacy and security checklist. Sixty percent of the companies claimed they do not listen into video-therapy calls unless maintenance is needed. Only 50% of the companies assessed use some form of encryption, and some did not specify what type of encryption was used. Seventy percent of the companies assessed did not specify any form of auditing on their servers. Statistically significant differences across company websites were found for sharing information outside of the country (p=0.010), encryption (p=0.006), and security evaluation (p=0.005). Healthcare providers considering use of VoIP software for TR services may consider using this privacy and security checklist before deciding to incorporate a VoIP software system for TR. Other videoconferencing software that is specific for TR with strong encryption, good access controls, and hardware that meets privacy and security standards should be considered for use with TR.

Enterprise systems security management: a framework for breakthrough protection

NASA Astrophysics Data System (ADS)

Farroha, Bassam S.; Farroha, Deborah L.

2010-04-01

Securing the DoD information network is a tremendous task due to its size, access locations and the amount of network intrusion attempts on a daily basis. This analysis investigates methods/architecture options to deliver capabilities for secure information sharing environment. Crypto-binding and intelligent access controls are basic requirements for secure information sharing in a net-centric environment. We introduce many of the new technology components to secure the enterprise. The cooperative mission requirements lead to developing automatic data discovery and data stewards granting access to Cross Domain (CD) data repositories or live streaming data. Multiple architecture models are investigated to determine best-of-breed approaches including SOA and Private/Public Clouds.

Solving problems of disclosure risk in an academic setting: using a combination of restricted data and restricted access methods.

PubMed

Rodgers, Willard; Nolte, Michael

2006-09-01

THE HEALTH AND RETIREMENT STUDY collects a vast amount of information about a sample of the U.S. population over age 50 from biennial interviews, supplemental questionnaires, and through linkages with administrative data including Social Security earnings and benefits records and Medicare claims records. To h onor i ts p ledge to t he r espondents that their data will be kept confidential, but at the same time meet its objective of providing useful data to researchers, it has develop ed procedures for stripping sensitive information (i.e., information that could facilitate re-identification of sample members) from data sets that are publicly released, and also for providing mechanisms for qualified researchers to gain access to a variety of restricted-access data files. These mechanisms include a procedure whereby highly qualified researchersin particular, only those who have a current grant from a federal agencycan apply to obtain restricted-access data sets for a limited amount of time, with the understanding that they will make no attempt to r e-identify s amp le m embers and t hat they w ill be audited to ensure that they have adhered to the agreedupon safeguards. For those who meet some but not all of the requirements for receiving these data, the files can be analyzed in a data enclave (a controlled, secure environment in which eligible researchers can perform analyses). This paper focuses on approaches to restricting data access that may need to be considered by investigators who plan to share their data, and by their institutional officials who will need to support that effort with appropriate infrastructure and policies. It also provides guidance to investigators and institutional review boards (IRBs) who seek access to restricted data generated and archived elsewhere.

HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation

NASA Astrophysics Data System (ADS)

Jin, Jin; Zhang, Jianguo; Chen, Xiaomeng; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Feng, Jie; Sheng, Liwei; Huang, H. K.

2006-03-01

As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails can be used for surveillance purposes, to detect when interesting events might be happening that warrant further investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong and who or what was at fault. In order to provide security control services and to achieve the high and continuous availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the Monitor Server gathers all audit messages and processes them to provide security information in three levels: system resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server. This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation, and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.

Secure privacy-preserving biometric authentication scheme for telecare medicine information systems.

PubMed

Li, Xuelei; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

2014-11-01

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient's medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

Risk assessment of integrated electronic health records.

PubMed

Bjornsson, Bjarni Thor; Sigurdardottir, Gudlaug; Stefansson, Stefan Orri

2010-01-01

The paper describes the security concerns related to Electronic Health Records (EHR) both in registration of data and integration of systems. A description of the current state of EHR systems in Iceland is provided, along with the Ministry of Health's future vision and plans. New legislation provides the opportunity for increased integration of EHRs and further collaboration between institutions. Integration of systems, along with greater availability and access to EHR data, requires increased security awareness since additional risks are introduced. The paper describes the core principles of information security as it applies to EHR systems and data. The concepts of confidentiality, integrity, availability, accountability and traceability are introduced and described. The paper discusses the legal requirements and importance of performing risk assessment for EHR data. Risk assessment methodology according to the ISO/IEC 27001 information security standard is described with examples on how it is applied to EHR systems.

SDIO (Strategic Defense Initiative Office) Technical Information Management Center Bibliography of Unclassified Reports: January - December 1986.

DTIC Science & Technology

1986-12-01

Classification. U Security Marks, Accession *:U00298 AD *. ADA096538 TITLE: Assessment of the Crossed Porro Prism Resonator AUTHOR. Seea, B.A.; Fueloep, K...Laser Range Finder Mechanical Property Stability Resonator Porro Prism Standord Mirror Examine Pgs: 16 Classification: U Security Marks: Accession...Gamma-Ray Laser Graser Mossbauer Effect Borrman Superradiance Nuclear-Magnetic Resonance Pgs: 26 Classification: U Security Marks: Accession *:U00484 AD

Information-Flow-Based Access Control for Web Browsers

NASA Astrophysics Data System (ADS)

Yoshihama, Sachiko; Tateishi, Takaaki; Tabuchi, Naoshi; Matsumoto, Tsutomu

The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.

Use of a secure Internet Web site for collaborative medical research.

PubMed

Marshall, W W; Haley, R W

2000-10-11

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849.

Neoinfundibulotomy for the management of symptomatic caliceal diverticula.

PubMed

Auge, Brian K; Munver, Ravi; Kourambas, John; Newman, Glenn E; Wu, Ning Z; Preminger, Glenn M

2002-04-01

Direct percutaneous access provides effective treatment for complex caliceal diverticula. Yet, access into the diverticulum alone is usually tenuous and passage of a guide wire across a stenotic infundibulum is often impossible. An alternative technique is described which creates a "neoinfundibulum" to assist in the management of symptomatic caliceal diverticula. During a 6-year period 22 patients with symptomatic caliceal diverticula were treated via a percutaneous approach, of whom 21 had calculi within the diverticula. After accessing the diverticulum directly, it was impossible to pass a guide wire through the stenotic infundibulum in 18 (82%) patients, prompting advancement of the access needle through the diverticular wall into the renal pelvis. Once secure access was established, balloon dilation was performed to 30Fr to create the "neoinfundibulum." Percutaneous ultrasonic lithotripsy was performed in the usual fashion. A 22Fr Councill catheter was placed to keep the infundibular tract open for 5 to 7 days to allow complete epithelialization and drainage. Stone-free, symptom-free and complication rates were assessed. Pain, recurrent urinary tract infections and hematuria were the presenting complaints in the subgroup of patients undergoing "neoinfundibulotomy." Average stone burden was 11.7 x 12 mm. and average hospital stay was 2.8 days. Of the patients 94% were symptom-free at 6-week followup, and 80% were stone-free on followup excretory urography. The remaining patients had residual stone fragments less than 3 mm. in diameter. Complications related to access were identified in 2 patients who sustained a pneumothorax after a supra-11th rib access, which was successfully managed with tube thoracostomy. Percutaneous management of complex caliceal diverticula provides a safe and effective option for symptomatic patients. When the stenotic infundibulum cannot be traversed with a guide wire, creation of a new infundibulum offers a secure alternative for accessing the collecting system, while providing equally effective results.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

DOE Office of Scientific and Technical Information (OSTI.GOV)

McDonald, K; Curran, B

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusionmore » Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.« less

Access to cancer screening for women with mobility disabilities.

PubMed

Angus, Jan; Seto, Lisa; Barry, Nancy; Cechetto, Naomi; Chandani, Samira; Devaney, Julie; Fernando, Sharmini; Muraca, Linda; Odette, Fran

2012-03-01

Women with mobility disabilities are less likely to access cancer screening, even when they have a primary care provider. The Gateways to Cancer Screening project was initiated to document the challenges for women with disabilities in their access and experiences of screening for breast, cervical and colorectal cancer. The study followed the tenets of participatory action research. Five peer-led focus groups were held with 24 women with mobility disabilities. Study participants identified multiple and interacting institutional barriers to cancer screening. Their discussions highlighted the complex work of (1) arranging and attending health-related appointments, (2) confronting normative assumptions about women's bodies and (3) securing reliable health care and information. These overlapping, mutually reinforcing issues interact to shape how women with disabilities access and experience cancer screening. We explore implications for redesign of cancer screening services and education of health providers, providing specific recommendations suggested by our participants and the findings.

IT Challenges for Space Medicine or How do We Protect Medical Information and Still Get Useful Work Done?

NASA Technical Reports Server (NTRS)

Johnson-Throop, Kathy A.

2010-01-01

Space Medicine provides healthcare services of various types for astronauts throughout their lifetime starting from the time they are selected as astronauts. IT challenges include: protection of private medical information, access from locations both inside and outside NASA, nearly 24x7 access, access during disasters, international partner access, data archiving, off-region backup, secure communication of medical data to people outside the NASA system (e.g. expert consultants), efficient movement of medical record information between locations, search and retrieval of relevant information, and providing all of these services/capabilities within a limited budget. In Space Medicine, we have provided for these in various ways: limit the amount of private medical information stored locally, utilize encryption mechanisms that the international partners can also use, utilize 2-factor authentication, virtualize servers, employ concept-based search, and use of standardized terminologies (SNOMED) and messaging (HL7).

KSC-03PD-2453

NASA Technical Reports Server (NTRS)

2003-01-01

KENNEDY SPACE CENTER, FLA. Key officials are poised to cut the ribbon officially dedicating the new Security gates on Kennedy Parkway (Gate 2) and NASA Parkway (Gate 3). From left are Wally Schroeder, with Jones, Edmunds & Associates; Bobby Porter, with Oneida Construction; Daniel Tweed, NASA project manager; Jim Kennedy, Center director; and William Sample, SGS deputy program manager. The new gates were activated Aug. 1, allowing the general public to have access to the new Space Commerce Way, which will provide access to the Research Park and KSC Visitor Complex, and providing an alternate route for the general public between Titusville and Merritt Island that is accessible 24 hours a day. The gates are staffed 24 hours daily.

Remote Library Access for Pharmacy Preceptors

PubMed Central

Soltis, Denise; Schott, Kathy

2010-01-01

Objective To institute and evaluate the response to a program providing access to electronic library resources for pharmacy preceptors. Design The pharmacy experiential office and the library collaborated using existing programs and technology to provide and market secure remote access for preceptors. Assessment Preceptor participation was tracked in the experiential office, and response to the program was assessed using an online survey instrument that included questions about use of and preference for specific library resources. Three hundred thirty-four adjunct faculty members registered, representing 34% of all preceptors with active e-mail accounts. Conclusion Preceptor participation in the program exceeded expectations. Some minor flaws in the logistics of delivering the service were identified and remedied. PMID:21179247

Key exchange using biometric identity based encryption for sharing encrypted data in cloud environment

NASA Astrophysics Data System (ADS)

Hassan, Waleed K.; Al-Assam, Hisham

2017-05-01

The main problem associated with using symmetric/ asymmetric keys is how to securely store and exchange the keys between the parties over open networks particularly in the open environment such as cloud computing. Public Key Infrastructure (PKI) have been providing a practical solution for session key exchange for loads of web services. The key limitation of PKI solution is not only the need for a trusted third partly (e.g. certificate authority) but also the absent link between data owner and the encryption keys. The latter is arguably more important where accessing data needs to be linked with identify of the owner. Currently available key exchange protocols depend on using trusted couriers or secure channels, which can be subject to man-in-the-middle attack and various other attacks. This paper proposes a new protocol for Key Exchange using Biometric Identity Based Encryption (KE-BIBE) that enables parties to securely exchange cryptographic keys even an adversary is monitoring the communication channel between the parties. The proposed protocol combines biometrics with IBE in order to provide a secure way to access symmetric keys based on the identity of the users in unsecure environment. In the KE-BIOBE protocol, the message is first encrypted by the data owner using a traditional symmetric key before migrating it to a cloud storage. The symmetric key is then encrypted using public biometrics of the users selected by data owner to decrypt the message based on Fuzzy Identity-Based Encryption. Only the selected users will be able to decrypt the message by providing a fresh sample of their biometric data. The paper argues that the proposed solution eliminates the needs for a key distribution centre in traditional cryptography. It will also give data owner the power of finegrained sharing of encrypted data by control who can access their data.

Reviews on Security Issues and Challenges in Cloud Computing

NASA Astrophysics Data System (ADS)

An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

2016-11-01

Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

ML Crew Access Arm Move

NASA Image and Video Library

2017-11-09

The Orion crew access arm, secured on a stand, is being prepared for its move from a storage location at NASA's Kennedy Space Center in Florida, to the mobile launcher (ML) tower near the Vehicle Assembly Building at the center. The crew access arm will be installed at about the 274-foot level on the tower. It will rotate from its retracted position and interface with the Orion crew hatch location to provide entry to the Orion crew module. The Ground Systems Development and Operations Program is overseeing installation of umbilicals and launch accessories on the ML tower.

Quantified Trust Levels for Authentication

NASA Astrophysics Data System (ADS)

Thomas, Ivonne; Menzel, Michael; Meinel, Christoph

Service-oriented Architectures (SOAs) facilitate applications to integrate seamlessly services from collaborating business partners regardless of organizational borders. In order to secure access to these services, mechanisms for authentication and authorisation must be deployed that control the access based on identity-related information. To enable a business partners’ users to access the provided services, an identity federation is often established that enables the brokering of identity information across organisational borders. The establishment of such a federation requires complex agreements and contracts that define common policies, obligations and procedures. Generally, this includes obligations on the authentication process as well.

28 CFR 17.46 - Access by persons outside the Executive Branch.

Code of Federal Regulations, 2010 CFR

2010-07-01

... subject to the National Industrial Security Program require access to classified information originated by... Branch. 17.46 Section 17.46 Judicial Administration DEPARTMENT OF JUSTICE CLASSIFIED NATIONAL SECURITY... propriety of such action, in the interest of the national security, and must approve the release. Prior to...

Bridging the Gap in Port Security; Network Centric Theory Applied to Public/Private Collaboration

DTIC Science & Technology

2007-03-01

commercial_enforcement/ ctpat /security_guideline/guideline_port.xml [Accessed January 2, 2007] 16 The four core elements of CSI include:36 • Identify high...www.cbp.gov/xp/cgov/import/commercial_enforcement/ ctpat /security_guideline/guideline_port.xml [Accessed January 2, 2007]. 17 Connecting them

33 CFR 165.500 - Safety/Security Zones; Chesapeake Bay, Maryland.

Code of Federal Regulations, 2010 CFR

2010-07-01

... designated representative. (3) Persons desiring to transit the area of the security zone may contact the COTP... HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Fifth Coast Guard District § 165.500...

33 CFR 165.767 - Security Zone; Manbirtee Key, Port of Manatee, Florida.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Seventh Coast Guard District § 165.767 Security Zone; Manbirtee Key, Port of Manatee, Florida. (a) Regulated area. The following area...

33 CFR 165.1108 - Security Zones; Cruise Ships, Port of San Diego, California.

Code of Federal Regulations, 2010 CFR

2010-07-01

... to transit the area of the security zones may contact the Captain of the Port at telephone number..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eleventh Coast Guard District...

The Necessity for Smart Power: How a SWIFT Kick Hurts

DTIC Science & Technology

2013-03-01

South America. Among other investments, the Chinese are providing subsidized financing to the telecommunication company Huawei , “an opaque...April 03, 2012. http://voices.halabol.com/2012/04/02/dollar%E2%80%99s-authority-rip (accessed March 11, 2013). 14Malcolm Maiden, “ Huawei a Security...Risk By Any Gauge,” Sydney Morning Herald, March 28, 2012, http://www.smh.com.au/business/ huawei -a-security-risk-by-any-gauge-20120327- 1vwnu.html

The old age health security in rural China: where to go?

PubMed

Dai, Baozhen

2015-11-04

The huge number of rural elders and the deepening health problems (e.g. growing threats of infectious diseases and chronic diseases etc.) place enormous pressure on old age health security in rural China. This study aims to provide information for policy-makers to develop effective measures for promoting rural elders' health care service access by examining the current developments and challenges confronted by the old age health security in rural China. Search resources are electronic databases, web pages of the National Bureau of Statistics of China and the National Health and Family Planning Commission of China on the internet, China Population and Employment Statistics Yearbook, China Civil Affairs' Statistical Yearbook and China Health Statistics Yearbooks etc. Articles were identified from Elsevier, Wiley, EBSCO, EMBASE, PubMed, SCI Expanded, ProQuest, and National Knowledge Infrastructure of China (CNKI) which is the most informative database in Chinese. Search terms were "rural", "China", "health security", "cooperative medical scheme", "social medical assistance", "medical insurance" or "community based medical insurance", "old", or "elder", "elderly", or "aged", "aging". Google scholar was searched with the same combination of keywords. The results showed that old age health security in rural China had expanded to all rural elders and substantially improved health care service utilization among rural elders. Increasing chronic disease prevalence rates, pressing public health issues, inefficient rural health care service provision system and lack of sufficient financing challenged the old age health security in rural China. Increasing funds from the central and regional governments for old age health security in rural China will contribute to reducing urban-rural disparities in provision of old age health security and increasing health equity among rural elders between different regions. Meanwhile, initiating provider payment reform may contribute to improving the efficiency of rural health care service provision system and promoting health care service access among rural elders.

Privacy-Aware Relevant Data Access with Semantically Enriched Search Queries for Untrusted Cloud Storage Services.

PubMed

Pervez, Zeeshan; Ahmad, Mahmood; Khattak, Asad Masood; Lee, Sungyoung; Chung, Tae Choong

2016-01-01

Privacy-aware search of outsourced data ensures relevant data access in the untrusted domain of a public cloud service provider. Subscriber of a public cloud storage service can determine the presence or absence of a particular keyword by submitting search query in the form of a trapdoor. However, these trapdoor-based search queries are limited in functionality and cannot be used to identify secure outsourced data which contains semantically equivalent information. In addition, trapdoor-based methodologies are confined to pre-defined trapdoors and prevent subscribers from searching outsourced data with arbitrarily defined search criteria. To solve the problem of relevant data access, we have proposed an index-based privacy-aware search methodology that ensures semantic retrieval of data from an untrusted domain. This method ensures oblivious execution of a search query and leverages authorized subscribers to model conjunctive search queries without relying on predefined trapdoors. A security analysis of our proposed methodology shows that, in a conspired attack, unauthorized subscribers and untrusted cloud service providers cannot deduce any information that can lead to the potential loss of data privacy. A computational time analysis on commodity hardware demonstrates that our proposed methodology requires moderate computational resources to model a privacy-aware search query and for its oblivious evaluation on a cloud service provider.

Privacy-Aware Relevant Data Access with Semantically Enriched Search Queries for Untrusted Cloud Storage Services

PubMed Central

Pervez, Zeeshan; Ahmad, Mahmood; Khattak, Asad Masood; Lee, Sungyoung; Chung, Tae Choong

2016-01-01

Privacy-aware search of outsourced data ensures relevant data access in the untrusted domain of a public cloud service provider. Subscriber of a public cloud storage service can determine the presence or absence of a particular keyword by submitting search query in the form of a trapdoor. However, these trapdoor-based search queries are limited in functionality and cannot be used to identify secure outsourced data which contains semantically equivalent information. In addition, trapdoor-based methodologies are confined to pre-defined trapdoors and prevent subscribers from searching outsourced data with arbitrarily defined search criteria. To solve the problem of relevant data access, we have proposed an index-based privacy-aware search methodology that ensures semantic retrieval of data from an untrusted domain. This method ensures oblivious execution of a search query and leverages authorized subscribers to model conjunctive search queries without relying on predefined trapdoors. A security analysis of our proposed methodology shows that, in a conspired attack, unauthorized subscribers and untrusted cloud service providers cannot deduce any information that can lead to the potential loss of data privacy. A computational time analysis on commodity hardware demonstrates that our proposed methodology requires moderate computational resources to model a privacy-aware search query and for its oblivious evaluation on a cloud service provider. PMID:27571421

National Vulnerability Database (NVD)

National Institute of Standards and Technology Data Gateway

National Vulnerability Database (NVD) (Web, free access)   NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on and synchronized with the CVE vulnerability naming standard.

Remote Sensing Information Gateway (RSIG3D) Fact Sheet

EPA Pesticide Factsheets

The Remote Sensing Information Gateway-3D (RSIG3D) is a free and downloadable application that provides easy and secure access to petabytes (millions of gigabytes) of atmospheric data that can be used to study complex air quality issues.

GIO benefits the USGS

USGS Publications Warehouse

McDermott, M.P.

2004-01-01

The Geographic Information Office (GIO) benefits the U.S. Geological Survey (USGS) by providing access to and delivery of USGS information and services, safety and security of USGS data and information, support for USGS science, and coordination of partnerships through Federal interagency data committees.

77 FR 27097 - LaCrosse Boiling Water Reactor, Exemption From Certain Requirements, Vernon County, WI

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-08

... status of LACBWR means that there are no longer interconnected operating systems which require security... System (ADAMS), which provides text and image files of NRC's public documents. If you do not have access...

10 CFR 10.21 - Suspension of access authorization and/or employment clearance.

Code of Federal Regulations, 2014 CFR

2014-01-01

... ELIGIBILITY FOR ACCESS TO RESTRICTED DATA OR NATIONAL SECURITY INFORMATION OR AN EMPLOYMENT CLEARANCE... access authorization and/or an employment clearance, the Director, Division of Facilities and Security... Corporate Management and Chief Information Officer or other Deputy Executive Director, his or her...

10 CFR 10.21 - Suspension of access authorization and/or employment clearance.

Code of Federal Regulations, 2013 CFR

2013-01-01

... ELIGIBILITY FOR ACCESS TO RESTRICTED DATA OR NATIONAL SECURITY INFORMATION OR AN EMPLOYMENT CLEARANCE... access authorization and/or an employment clearance, the Director, Division of Facilities and Security... Corporate Management and Chief Information Officer or other Deputy Executive Director, his or her...

78 FR 23969 - Ewan 1, INC. n/k/a AccessKey IP, Inc.; Order of Suspension of Trading

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-23

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Ewan 1, INC. n/k/a AccessKey IP, Inc.; Order of Suspension of Trading April 19, 2013. It appears to the Securities and Exchange Commission that... AccessKey IP, Inc. (``AccessKey'') because it has not filed a periodic report since it filed its...

Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pollet, J.

2006-07-01

This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-criticalmore » networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)« less

Fine-Grained Access Control for Electronic Health Record Systems

NASA Astrophysics Data System (ADS)

Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

Secure and Trustable Electronic Medical Records Sharing using Blockchain.

PubMed

Dubovitskaya, Alevtina; Xu, Zhigang; Ryu, Samuel; Schumacher, Michael; Wang, Fusheng

2017-01-01

Electronic medical records (EMRs) are critical, highly sensitive private information in healthcare, and need to be frequently shared among peers. Blockchain provides a shared, immutable and transparent history of all the transactions to build applications with trust, accountability and transparency. This provides a unique opportunity to develop a secure and trustable EMR data management and sharing system using blockchain. In this paper, we present our perspectives on blockchain based healthcare data management, in particular, for EMR data sharing between healthcare providers and for research studies. We propose a framework on managing and sharing EMR data for cancer patient care. In collaboration with Stony Brook University Hospital, we implemented our framework in a prototype that ensures privacy, security, availability, and fine-grained access control over EMR data. The proposed work can significantly reduce the turnaround time for EMR sharing, improve decision making for medical care, and reduce the overall cost.

Secure and Trustable Electronic Medical Records Sharing using Blockchain

PubMed Central

Dubovitskaya, Alevtina; Xu, Zhigang; Ryu, Samuel; Schumacher, Michael; Wang, Fusheng

2017-01-01

Electronic medical records (EMRs) are critical, highly sensitive private information in healthcare, and need to be frequently shared among peers. Blockchain provides a shared, immutable and transparent history of all the transactions to build applications with trust, accountability and transparency. This provides a unique opportunity to develop a secure and trustable EMR data management and sharing system using blockchain. In this paper, we present our perspectives on blockchain based healthcare data management, in particular, for EMR data sharing between healthcare providers and for research studies. We propose a framework on managing and sharing EMR data for cancer patient care. In collaboration with Stony Brook University Hospital, we implemented our framework in a prototype that ensures privacy, security, availability, and fine-grained access control over EMR data. The proposed work can significantly reduce the turnaround time for EMR sharing, improve decision making for medical care, and reduce the overall cost. PMID:29854130

Rebuilding northern foodsheds, sustainable food systems, community well-being, and food security.

PubMed

Gerlach, S Craig; Loring, Philip A

2013-01-01

Multiple climatic, environmental and socio-economic pressures have accumulated to the point where they interfere with the ability of remote rural Alaska Native communities to achieve food security with locally harvestable food resources. The harvest of wild foods has been the historical norm, but most Alaska Native villages are transitioning to a cash economy, with increasing reliance on industrially produced, store-bought foods, and with less reliable access to and reliance on wild, country foods. While commercially available market foods provide one measure of food security, the availability and quality of market foods are subject to the vagaries and vulnerabilities of the global food system; access is dependent on one's ability to pay, is limited to what is available on the shelves of small rural stores, and, store-bought foods do not fulfill the important roles that traditional country foods play in rural communities and cultures. Country food access is also constrained by rising prices of fuel and equipment, a federal and state regulatory framework that sometimes hinders rather than helps rural subsistence users who need to access traditional food resources, a regulatory framework that is often not responsive to changes in climate, weather and seasonality, and a shifting knowledge base in younger generations about how to effectively harvest, process and store wild foods. The general objective is to provide a framework for understanding the social, cultural, ecological and political dimensions of rural Alaska Native food security, and to provide information on the current trends in rural Alaska Native food systems. This research is based on our long-term ethnographic, subsistence and food systems work in coastal and interior Alaska. This includes research about the land mammal harvest, the Yukon River and coastal fisheries, community and village gardens, small livestock production and red meat systems that are scaled appropriately to village size and capacity, and food-system intervention strategies designed to rebuild local and rural foodsheds and to restore individual and community health. The contemporary cultural, economic and nutrition transition has severe consequences for the health of people and for the viability of rural communities, and in ways that are not well tracked by the conventional food security methodologies and frameworks. This article expands the discussion of food security and is premised on a holistic model that integrates the social, cultural, ecological, psychological and biomedical aspects of individual and community health. We propose a new direction for food-system design that prioritizes the management of place-based food portfolios above the more conventional management of individual resources, one with a commitment to as much local and regional food production and/or harvest for local and regional consumption as is possible, and to community self-reliance and health for rural Alaska Natives.

19 CFR 122.187 - Revocation or suspension of access.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Revocation or suspension of access. 122.187 Section 122.187 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.187 Revocation or...

19 CFR 122.187 - Revocation or suspension of access.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Revocation or suspension of access. 122.187 Section 122.187 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.187 Revocation or...

19 CFR 122.187 - Revocation or suspension of access.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 19 Customs Duties 1 2011-04-01 2011-04-01 false Revocation or suspension of access. 122.187 Section 122.187 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.187 Revocation or...

19 CFR 122.187 - Revocation or suspension of access.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Revocation or suspension of access. 122.187 Section 122.187 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.187 Revocation or...

EntrezAJAX: direct web browser access to the Entrez Programming Utilities.

PubMed

Loman, Nicholas J; Pallen, Mark J

2010-06-21

Web applications for biology and medicine often need to integrate data from Entrez services provided by the National Center for Biotechnology Information. However, direct access to Entrez from a web browser is not possible due to 'same-origin' security restrictions. The use of "Asynchronous JavaScript and XML" (AJAX) to create rich, interactive web applications is now commonplace. The ability to access Entrez via AJAX would be advantageous in the creation of integrated biomedical web resources. We describe EntrezAJAX, which provides access to Entrez eUtils and is able to circumvent same-origin browser restrictions. EntrezAJAX is easily implemented by JavaScript developers and provides identical functionality as Entrez eUtils as well as enhanced functionality to ease development. We provide easy-to-understand developer examples written in JavaScript to illustrate potential uses of this service. For the purposes of speed, reliability and scalability, EntrezAJAX has been deployed on Google App Engine, a freely available cloud service. The EntrezAJAX webpage is located at http://entrezajax.appspot.com/

Status and determinants of small farming households' food security and role of market access in enhancing food security in rural Pakistan

PubMed Central

Ying, Liu; Bashir, Muhammad Khalid; Abid, Muhammad; Zulfiqar, Farhad

2017-01-01

In most of the developing countries, lack of resources and little market accessibility are among the major factors that affect small farming household food security. This study aims to investigate the status of small farming households’ food security, and its determinants including the role of market accessibility factors in enhancing food security at household level. In addition, this study also determines the households’ perception about different kinds of livelihoods risks. This study is based on a household survey of 576 households conducted through face-to-face interviews using structured interviews in Punjab, Pakistan. Food security status is calculated using dietary intake method. The study findings show that one-fourth of the households are food insecure. The study findings reveal that farm households perceive increase in food prices, crop diseases, lack of irrigation water and increase in health expenses as major livelihood risks. Further, the results of logistic regression show that family size, monthly income, food prices, health expenses and debt are main factors influencing the food security status of rural households. Furthermore, the market accessibility factors (road distance and transportation cost) do significantly affect the small farming household food security. The results suggest that local food security can be enhanced by creating off-farm employment opportunities, improved transportation facilities and road infrastructure. PMID:29077719

Status and determinants of small farming households' food security and role of market access in enhancing food security in rural Pakistan.

PubMed

Ahmed, Umar Ijaz; Ying, Liu; Bashir, Muhammad Khalid; Abid, Muhammad; Zulfiqar, Farhad

2017-01-01

In most of the developing countries, lack of resources and little market accessibility are among the major factors that affect small farming household food security. This study aims to investigate the status of small farming households' food security, and its determinants including the role of market accessibility factors in enhancing food security at household level. In addition, this study also determines the households' perception about different kinds of livelihoods risks. This study is based on a household survey of 576 households conducted through face-to-face interviews using structured interviews in Punjab, Pakistan. Food security status is calculated using dietary intake method. The study findings show that one-fourth of the households are food insecure. The study findings reveal that farm households perceive increase in food prices, crop diseases, lack of irrigation water and increase in health expenses as major livelihood risks. Further, the results of logistic regression show that family size, monthly income, food prices, health expenses and debt are main factors influencing the food security status of rural households. Furthermore, the market accessibility factors (road distance and transportation cost) do significantly affect the small farming household food security. The results suggest that local food security can be enhanced by creating off-farm employment opportunities, improved transportation facilities and road infrastructure.

Cheating in OSCEs: The Impact of Simulated Security Breaches on OSCE Performance.

PubMed

Gotzmann, Andrea; De Champlain, André; Homayra, Fahmida; Fotheringham, Alexa; de Vries, Ingrid; Forgie, Melissa; Pugh, Debra

2017-01-01

Construct: Valid score interpretation is important for constructs in performance assessments such as objective structured clinical examinations (OSCEs). An OSCE is a type of performance assessment in which a series of standardized patients interact with the student or candidate who is scored by either the standardized patient or a physician examiner. In high-stakes examinations, test security is an important issue. Students accessing unauthorized test materials can create an unfair advantage and lead to examination scores that do not reflect students' true ability level. The purpose of this study was to assess the impact of various simulated security breaches on OSCE scores. Seventy-six 3rd-year medical students participated in an 8-station OSCE and were randomized to either a control group or to 1 of 2 experimental conditions simulating test security breaches: station topic (i.e., providing a list of station topics prior to the examination) or egregious security breach (i.e., providing detailed content information prior to the examination). Overall total scores were compared for the 3 groups using both a one-way between-subjects analysis of variance and a repeated measure analysis of variance to compare the checklist, rating scales, and oral question subscores across the three conditions. Overall total scores were highest for the egregious security breach condition (81.8%), followed by the station topic condition (73.6%), and they were lowest for the control group (67.4%). This trend was also found with checklist subscores only (79.1%, 64.9%, and 60.3%, respectively for the security breach, station topic, and control conditions). Rating scale subscores were higher for both the station topic and egregious security breach conditions compared to the control group (82.6%, 83.1%, and 77.6%, respectively). Oral question subscores were significantly higher for the egregious security breach condition (88.8%) followed by the station topic condition (64.3%), and they were the lowest for the control group (48.6%). This simulation of different OSCE security breaches demonstrated that student performance is greatly advantaged by having prior access to test materials. This has important implications for medical educators as they develop policies and procedures regarding the safeguarding and reuse of test content.

7 CFR 331.10 - Restricting access to select agents and toxins; security risk assessments.

Code of Federal Regulations, 2010 CFR

2010-01-01

...; security risk assessments. 331.10 Section 331.10 Agriculture Regulations of the Department of Agriculture (Continued) ANIMAL AND PLANT HEALTH INSPECTION SERVICE, DEPARTMENT OF AGRICULTURE POSSESSION, USE, AND TRANSFER OF SELECT AGENTS AND TOXINS § 331.10 Restricting access to select agents and toxins; security risk...

6 CFR 5.22 - Responsibility for responding to requests for access to records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Responsibility for responding to requests for access to records. 5.22 Section 5.22 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.22 Responsibility for responding to requests...

49 CFR 1544.228 - Access to cargo and cargo screening: Security threat assessments for cargo personnel in the...

Code of Federal Regulations, 2010 CFR

2010-10-01

... threat assessments for cargo personnel in the United States. 1544.228 Section 1544.228 Transportation... COMMERCIAL OPERATORS Operations § 1544.228 Access to cargo and cargo screening: Security threat assessments... paragraph (b) of this section— (1) Each individual must successfully complete a security threat assessment...

15. Front security entrance to the perimeter acquisition radar building, ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

15. Front security entrance to the perimeter acquisition radar building, showing rotogates 1 and 2 and entrance door to security operations control center (SOCC), room #108 - Stanley R. Mickelsen Safeguard Complex, Perimeter Acquisition Radar Building, Limited Access Area, between Limited Access Patrol Road & Service Road A, Nekoma, Cavalier County, ND

19 CFR 122.187 - Revocation or suspension of access.

Code of Federal Regulations, 2010 CFR

2010-04-01

... that continued access might pose an unacceptable risk to public health, interest or safety, national security, aviation safety, the revenue, or the security of the area. In this case the port director will... health, safety, or security is involved and, in such a case, a final notice of revocation or suspension...

33 CFR 165.1101 - Security Zone: San Diego Bay, CA.

Code of Federal Regulations, 2010 CFR

2010-07-01

... to transit the area of the security zone may contact the Captain of the Port at telephone number 619... (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eleventh Coast Guard District § 165.1101 Security Zone: San Diego...

33 CFR 165.776 - Security Zone; Coast Guard Base San Juan, San Juan Harbor, Puerto Rico

Code of Federal Regulations, 2010 CFR

2010-07-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Seventh Coast...) Location. The following area is a security zone: All waters from surface to bottom, encompassed by an...

The Battle to Secure Our Public Access Computers

ERIC Educational Resources Information Center

Sendze, Monique

2006-01-01

Securing public access workstations should be a significant part of any library's network and information-security strategy because of the sensitive information patrons enter on these workstations. As the IT manager for the Johnson County Library in Kansas City, Kan., this author is challenged to make sure that thousands of patrons get the access…

76 FR 58852 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-22

... of Rule Change To Extend the Effective Date of the Amendment to the Continuing Disclosure Service of EMMA To Provide for the Posting of Credit Rating and Related Information on the EMMA Public Web Site... service of the MSRB's Electronic Municipal Market Access system (``EMMA'') to provide for the posting of...

To direct the Attorney General to provide State officials with access to criminal history information with respect to certain financial service providers required to undergo State criminal background checks, and for other purposes.

THOMAS, 113th Congress

Rep. Bachus, Spencer [R-AL-6

2014-07-31

House - 09/26/2014 Referred to the Subcommittee on Crime, Terrorism, Homeland Security, and Investigations. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs

NASA Astrophysics Data System (ADS)

Elahi, Golnaz; Yu, Eric

In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Recently, there is increasing acknowledgement that security is ultimately about trade-offs. One can only aim for "good enough" security, given the competing demands from many parties. In this paper, we examine how conceptual modeling can provide explicit and systematic support for analyzing security trade-offs. After considering the desirable criteria for conceptual modeling methods, we examine several existing approaches for dealing with security trade-offs. From analyzing the limitations of existing methods, we propose an extension to the i* framework for security trade-off analysis, taking advantage of its multi-agent and goal orientation. The method was applied to several case studies used to exemplify existing approaches.

Experimental realization of an entanglement access network and secure multi-party computation

NASA Astrophysics Data System (ADS)

Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

2016-07-01

To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

Experimental realization of an entanglement access network and secure multi-party computation

NASA Astrophysics Data System (ADS)

Chang, Xiuying; Deng, Donglin; Yuan, Xinxing; Hou, Panyu; Huang, Yuanyuan; Duan, Luming; Department of Physics, University of Michigan Collaboration; CenterQuantum Information in Tsinghua University Team

2017-04-01

To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

The DNA Bank: High-Security Bank Accounts to Protect and Share Your Genetic Identity.

PubMed

den Dunnen, Johan T

2015-07-01

With the cost of genome sequencing decreasing every day, DNA information has the potential of affecting the lives of everyone. Surprisingly, an individual has little knowledge about his own DNA information, can rarely access it, and has hardly any control over its use. This may result in preventable, life-threatening situations, and also significantly inhibits scientific progress. What we urgently need is a "DNA bank," a resource providing a secure personal account where, similar to a financial institution, you can store your DNA sequence. Using this private and secure DNA bank account, you govern your sequence-related business. For any genetic study performed, the data generated must be transferred (paid) to your DNA account. Using your account, you regulate access, knowing for what purpose (informed consent) and only for the genetic data you are willing to share. The DNA account ensures you are in the driver's seat, know what is known, and control what is happening with it. © 2015 WILEY PERIODICALS, INC.

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

Spatiotemporal Access Model Based on Reputation for the Sensing Layer of the IoT

PubMed Central

Guo, Yunchuan; Yin, Lihua; Li, Chao

2014-01-01

Access control is a key technology in providing security in the Internet of Things (IoT). The mainstream security approach proposed for the sensing layer of the IoT concentrates only on authentication while ignoring the more general models. Unreliable communications and resource constraints make the traditional access control techniques barely meet the requirements of the sensing layer of the IoT. In this paper, we propose a model that combines space and time with reputation to control access to the information within the sensing layer of the IoT. This model is called spatiotemporal access control based on reputation (STRAC). STRAC uses a lattice-based approach to decrease the size of policy bases. To solve the problem caused by unreliable communications, we propose both nondeterministic authorizations and stochastic authorizations. To more precisely manage the reputation of nodes, we propose two new mechanisms to update the reputation of nodes. These new approaches are the authority-based update mechanism (AUM) and the election-based update mechanism (EUM). We show how the model checker UPPAAL can be used to analyze the spatiotemporal access control model of an application. Finally, we also implement a prototype system to demonstrate the efficiency of our model. PMID:25177731

Electronic Journal Market Overview in 1997: Part 1--The Publishers.

ERIC Educational Resources Information Center

Machovec, George S.

1997-01-01

Provides an overview of the electronic journal market and focuses on publishers doing innovative projects. Discusses predominate market models; publishers and the Internet; issues surrounding electronic journals: pricing, security, electronic page layout, copyright, backfile availability, reliability, and accessibility. Highlights selected…

Integrating Clarus data in traffic signal system operation : a survivable real-time weather-responsive system.

DOT National Transportation Integrated Search

2011-07-11

This report presents a prototype of a secure, dependable, real-time weather-responsive traffic signal system. The prototype executes two tasks: 1) accesses weather information that provides near real-time atmospheric and pavement surface condition ob...

The Document Management Alliance.

ERIC Educational Resources Information Center

Fay, Chuck

1998-01-01

Describes the Document Management Alliance, a standards effort for document management systems that manages and tracks changes to electronic documents created and used by collaborative teams, provides secure access, and facilitates online information retrieval via the Internet and World Wide Web. Future directions are also discussed. (LRW)

Paradigm Paralysis and the Plight of the PC in Education.

ERIC Educational Resources Information Center

O'Neil, Mick

1998-01-01

Examines the varied factors involved in providing Internet access in K-12 education, including expense, computer installation and maintenance, and security, and explores how the network computer could be useful in this context. Operating systems and servers are discussed. (MSE)

30 CFR 1227.103 - What must a State's delegation proposal contain?

Code of Federal Regulations, 2013 CFR

2013-07-01

... processing, including compatibility with ONRR automated systems, electronic commerce capabilities, and data storage capabilities; (B) Accessing reference data; (C) Contacting production or royalty reporters; (D...) Maintaining security of confidential and proprietary information; and (H) Providing data to other Federal...

30 CFR 1227.103 - What must a State's delegation proposal contain?

Code of Federal Regulations, 2014 CFR

2014-07-01

... processing, including compatibility with ONRR automated systems, electronic commerce capabilities, and data storage capabilities; (B) Accessing reference data; (C) Contacting production or royalty reporters; (D...) Maintaining security of confidential and proprietary information; and (H) Providing data to other Federal...

30 CFR 1227.103 - What must a State's delegation proposal contain?

Code of Federal Regulations, 2012 CFR

2012-07-01

... processing, including compatibility with ONRR automated systems, electronic commerce capabilities, and data storage capabilities; (B) Accessing reference data; (C) Contacting production or royalty reporters; (D...) Maintaining security of confidential and proprietary information; and (H) Providing data to other Federal...

Consumers Are Ready to Accept the Transition to Online and Electronic Records If They Can Be Assured of the Security Measures

PubMed Central

Chhanabhai, Prajesh; Holt, Alec

2007-01-01

Background Healthcare has entered the electronic domain. This domain has improved data collection and storage abilities while allowing almost instantaneous access and results to data queries. Furthermore, it allows direct communication between healthcare providers and health consumers. The development of privacy, confidentiality, and security principles are necessary to protect consumers' interests against inappropriate access. Studies have shown that the health consumer is the important stakeholder in this process. With the international push toward electronic health records (EHRs), this article presents the importance of secure EHR systems from the public's perspective. Objective To examine the public's perception of the security of electronic systems and report on how their perceptions can shape the building of stronger systems. Methods A cross-sectional survey (September-November 2005) of people attending healthcare providers (n = 400) was conducted in the 4 major cities in New Zealand. Participants were surveyed on computer use, knowledge of EHR-proposed benefits and issues, security issues, and demographics. Results A total of 300 surveys were completed and returned (a 75% response rate), with 180 (60%) being women. One hundred eighty-eight (62.6%) had not heard of EHRs, with those who had heard of them indicating that they were a positive innovation in the health sector. However, 202 (73.3%) participants were highly concerned about the security and privacy of their health records. This feeling was further accentuated when participants were asked about security of electronic systems. Participants were worried about hackers (79.4%), vendor access (72.7%), and malicious software (68%). Participants were also introduced to various security systems, and in each case, over 80% of participants believed that these would make EHR systems more secure. A number of chi-square tests were carried out with each variable, and it was found that there were strong relationships between age, location, computer use, EHR knowledge, and the concern for privacy and the security of medical records (P < .05). The survey also showed that there was a very small difference (9.8%) between health consumers who believed that paper records are more secure than EHRs and those who believed otherwise. Conclusions The findings showed that for the EHR to be fully integrating in the health sector, there are 2 main issues that need to be addressed: The security of the EHR system has to be of the highest level, and needs to be constantly monitored and updated.The involvement of the health consumer in the ownership and maintenance of their health record needs to be more proactive. The EHR aims to collect information to allow for “cradle to the grave” treatment; thus, the health consumer has to be seen as a major player in ensuring that this can happen correctly. The results from this study indicated that the consumer is ready to accept the transition, as long as one can be assured of the security of the system. PMID:17435617

Consumers are ready to accept the transition to online and electronic records if they can be assured of the security measures.

PubMed

Chhanabhai, Prajesh; Holt, Alec

2007-01-11

Healthcare has entered the electronic domain. This domain has improved data collection and storage abilities while allowing almost instantaneous access and results to data queries. Furthermore, it allows direct communication between healthcare providers and health consumers. The development of privacy, confidentiality, and security principles are necessary to protect consumers' interests against inappropriate access. Studies have shown that the health consumer is the important stakeholder in this process. With the international push toward electronic health records (EHRs), this article presents the importance of secure EHR systems from the public's perspective. To examine the public's perception of the security of electronic systems and report on how their perceptions can shape the building of stronger systems. A cross-sectional survey (September-November 2005) of people attending healthcare providers (n = 400) was conducted in the 4 major cities in New Zealand. Participants were surveyed on computer use, knowledge of EHR-proposed benefits and issues, security issues, and demographics. A total of 300 surveys were completed and returned (a 75% response rate), with 180 (60%) being women. One hundred eighty-eight (62.6%) had not heard of EHRs, with those who had heard of them indicating that they were a positive innovation in the health sector. However, 202 (73.3%) participants were highly concerned about the security and privacy of their health records. This feeling was further accentuated when participants were asked about security of electronic systems. Participants were worried about hackers (79.4%), vendor access (72.7%), and malicious software (68%). Participants were also introduced to various security systems, and in each case, over 80% of participants believed that these would make EHR systems more secure. A number of chi-square tests were carried out with each variable, and it was found that there were strong relationships between age, location, computer use, EHR knowledge, and the concern for privacy and the security of medical records (P < .05). The survey also showed that there was a very small difference (9.8%) between health consumers who believed that paper records are more secure than EHRs and those who believed otherwise. The findings showed that for the EHR to be fully integrating in the health sector, there are 2 main issues that need to be addressed: The security of the EHR system has to be of the highest level, and needs to be constantly monitored and updated. The involvement of the health consumer in the ownership and maintenance of their health record needs to be more proactive. The EHR aims to collect information to allow for "cradle to the grave" treatment; thus, the health consumer has to be seen as a major player in ensuring that this can happen correctly. The results from this study indicated that the consumer is ready to accept the transition, as long as one can be assured of the security of the system.

Device Data Protection in Mobile Healthcare Applications

NASA Astrophysics Data System (ADS)

Weerasinghe, Dasun; Rajarajan, Muttukrishnan; Rakocevic, Veselin

The rapid growth in mobile technology makes the delivery of healthcare data and services on mobile phones a reality. However, the healthcare data is very sensitive and has to be protected against unauthorized access. While most of the development work on security of mobile healthcare today focuses on the data encryption and secure authentication in remote servers, protection of data on the mobile device itself has gained very little attention. This paper analyses the requirements and the architecture for a secure mobile capsule, specially designed to protect the data that is already on the device. The capsule is a downloadable software agent with additional functionalities to enable secure external communication with healthcare service providers, network operators and other relevant communication parties.

77 FR 22835 - Notice of Passenger Facility Charge (PFC) Approvals and Disapprovals

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-17

... Description of Projects Approved for Collection and Use: Install primary crash network. Security enhancements--access control 1. Acquire computer based interactive training system. Security enhancements--access...

Is Provider Secure Messaging Associated With Patient Messaging Behavior? Evidence From the US Army.

PubMed

Wolcott, Vickee; Agarwal, Ritu; Nelson, D Alan

2017-04-06

Secure messaging with health care providers offers the promise of improved patient-provider relationships, potentially facilitating outcome improvements. But, will patients use messaging technology in the manner envisioned by policy-makers if their providers do not actively use it? We hypothesized that the level and type of secure messaging usage by providers might be associated with messaging initiation by their patients. The study employed a dataset of health care and secure messaging records of more than 81,000 US Army soldiers and nearly 3000 clinicians with access to a patient portal system. We used a negative binomial regression model on over 25 million observations to determine the adjusted association between provider-initiated and provider-response messaging and subsequent messaging by their patients in this population over a 4-year period. Prior provider-initiated and response messaging levels were associated with new patient messaging when controlling for the patient's health care utilization and diagnoses, with the strongest association for high provider-response messaging level. Patients whose providers were highly responsive to the messages of other patients initiated 334% more secure messages (P<.001) than patients with providers who did not personally respond to other patients' messages. Our results indicate that provider messaging usage levels and types thereof predict their patients' subsequent communication behavior. The findings suggest the need for more study into the factors associated with provider messaging to fully understand the mechanisms of this relationship. ©Vickee Wolcott, Ritu Agarwal, D. Alan Nelson. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 06.04.2017.

Implementation of Certified EHR, Patient Portal, and "Direct" Messaging Technology in a Radiology Environment Enhances Communication of Radiology Results to Both Referring Physicians and Patients.

PubMed

Reicher, Joshua Jay; Reicher, Murray Aaron

2016-06-01

Since 2009, the Federal government distributed over $29 billion to providers who were adopting compliant electronic health record (EHR) technology. With a focus on radiology, we explore how EHR technology impacts interoperability with referring clinicians' EHRs and patient engagement. We also discuss the high-level details of contributing supporting frameworks, specifically Direct messaging and health information service provider (HISP) technology. We characterized Direct messaging, a secure e-mail-like protocol built to allow exchange of encrypted health information online, and the new supporting HISP infrastructure. Statistics related to both the testing and active use of this framework were obtained from DirectTrust.org, an organization whose framework supports Direct messaging use by healthcare organizations. To evaluate patient engagement, we obtained usage data from a radiology-centric patient portal between 2014 and 2015, which in some cases included access to radiology reports. Statistics from 2013 to 2015 showed a rise in issued secure Direct addresses from 8724 to 752,496; a rise in the number of participating healthcare organizations from 667 to 39,751; and a rise in the secure messages sent from 122,842 to 27,316,438. Regarding patient engagement, an average of 234,679 patients per month were provided portal access, with 86,400 patients per month given access to radiology reports. Availability of radiology reports online was strongly associated with increased system usage, with a likelihood ratio of 2.63. The use of certified EHR technology and Direct messaging in the practice of radiology allows for the communication of patient information and radiology results with referring clinicians and increases patient use of patient portal technology, supporting bidirectional radiologist-patient communication.

El Salvador and Guatemala: Security Sector Reform and Political Party System Effects on Organized Crime

DTIC Science & Technology

2009-06-01

violence_injury_prevention/violence/national_activities/gtm/ en /index.html (accessed December 03, 2008). 2 Overseas Security Advisory Council, "San Salvador, El Salvador... deportation as key causes of crime in both countries. 11 It is commonly noted that, “Guatemala and El Salvador are internationally among the most...activity in both countries provide evidence that U.S. deportation policy may indeed be a major contributor to the increase in gang activity in both El

National Computer Security Conference Proceedings (10th): Computer Security--From Principles to Practices, 21-24 September 1987

DTIC Science & Technology

1987-09-24

Some concerns take on rating (e.g., ’Zl’) that adequately reflects increased significance in the network how well the system provides each service...to how well a M.•.imum, Fair, Good); however, in specific spicific approach may be expected to achieve cases, ratings such as "plesent" or "approved...established thresholds, Supportive policies include idertification and and for detecting the fact that access to a authentication policies as well as

Marine Forces Africa: A SPMAGTF Is a Key Element for Securing Strategic Access and Partnership with African Nations

DTIC Science & Technology

2012-12-01

order, SPMAGTF–12.1 con - ducted staff planning and developed several courses of action in support of anticipated scenarios. Though the need for U.S...response capability is limited to providing evacuation con - trol center support for a noncombatant evacuation, and security in support to foreign...Vision and Strategy 2025, The Long War operational employment con - cept, and AfriCom Theater Campaign Plan (May 2009) and submitted it to Headquarters

A Study on the Commercialization of Space-Based Remote Sensing in the Twenty-First Century and Its Implications to United States National Security

DTIC Science & Technology

2011-06-01

Remote sensing from space provides critical data for many commercial space applications. Due to global market demand, it has undergone tremendous...commercial space imaging capability in the future, remote sensing policy makers, systems engineers, and industry analysts must be aware of the implications to United States National Security....available dissemination and accessibility. The analysis results, together with the findings from a review of commercial programs, initiatives, and remote

Interoperable PKI Data Distribution in Computational Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pala, Massimiliano; Cholia, Shreyas; Rea, Scott A.

One of the most successful working examples of virtual organizations, computational grids need authentication mechanisms that inter-operate across domain boundaries. Public Key Infrastructures(PKIs) provide sufficient flexibility to allow resource managers to securely grant access to their systems in such distributed environments. However, as PKIs grow and services are added to enhance both security and usability, users and applications must struggle to discover available resources-particularly when the Certification Authority (CA) is alien to the relying party. This article presents how to overcome these limitations of the current grid authentication model by integrating the PKI Resource Query Protocol (PRQP) into the Gridmore » Security Infrastructure (GSI).« less

Electronic medical archives: a different approach to applying re-signing mechanisms to digital signatures.

PubMed

Chen, Tzer-Long; Lin, Frank Y S

2011-08-01

Electronic medical records can be defined as a digital format of the traditionally paper-based anamneses, which contains the history of a patient such as his somewhat illness, current health problems, and his chronic treatments. An electronic anamnesis is meant to make the patient's health information more conveniently accessible and transferable between different medical institutions and also easier to be kept quite a long time. Because of such transferability and accessibility of electronic anamneses, we can use less resource than before on storing the patients' medical information. This also means that medical care providers could save more funds on record-keeping and access a patient's medical background directly since shown on the computer screen more quickly and easily. Overall, the service quality has seemingly improved greatly. However, the usage of electronic anamneses involves in some concerned issues such as its related law declaration, and the security of the patient's confidential information. Because of these concerns, a secure medical networking scheme is taking into consideration. Nowadays, the administrators at the medical institutions are facing more challenges on monitoring computers and network systems, because of dramatic advances in this field. For instance, a trusted third party is authorized to access some medical records for a certain period of time. In regard to the security purpose, all the electronic medical records are embedded with both of the public-key infrastructure (PKI) cryptography and the digital signature technique so as to ensure the records well-protected. Since the signatures will be invalid due to the revocation or time expiration, the security of records under this premise would turn into vulnerable. Hence, we propose a re-signing scheme, whose purpose is to make a going-expired digital signature been resigned in time, in keeping with the premise of not conflicting with the laws, morals, and privacy while maintaining the security of the electronic medical records.

A study on agent-based secure scheme for electronic medical record system.

PubMed

Chen, Tzer-Long; Chung, Yu-Fang; Lin, Frank Y S

2012-06-01

Patient records, including doctors' diagnoses of diseases, trace of treatments and patients' conditions, nursing actions, and examination results from allied health profession departments, are the most important medical records of patients in medical systems. With patient records, medical staff can instantly understand the entire medical information of a patient so that, according to the patient's conditions, more accurate diagnoses and more appropriate in-depth treatments can be provided. Nevertheless, in such a modern society with booming information technologies, traditional paper-based patient records have faced a lot of problems, such as lack of uniform formats, low data mobility, slow data transfer, illegible handwritings, enormous and insufficient storage space, difficulty of conservation, being easily damaged, and low transferability. To improve such drawbacks, reduce medical costs, and advance medical quality, paper-based patient records are modified into electronic medical records and reformed into electronic patient records. However, since electronic patient records used in various hospitals are diverse and different, in consideration of cost, it is rather difficult to establish a compatible and complete integrated electronic patient records system to unify patient records from heterogeneous systems in hospitals. Moreover, as the booming of the Internet, it is no longer necessary to build an integrated system. Instead, doctors can instantly look up patients' complete information through the Internet access to electronic patient records as well as avoid the above difficulties. Nonetheless, the major problem of accessing to electronic patient records cross-hospital systems exists in the security of transmitting and accessing to the records in case of unauthorized medical personnels intercepting or stealing the information. This study applies the Mobile Agent scheme to cope with the problem. Since a Mobile Agent is a program, which can move among hosts and automatically disperse arithmetic processes, and moves from one host to another in heterogeneous network systems with the characteristics of autonomy and mobility, decreasing network traffic, reducing transfer lag, encapsulating protocol, availability on heterogeneous platforms, fault-tolerance, high flexibility, and personalization. However, since a Mobile Agent contacts and exchanges information with other hosts or agents on the Internet for rapid exchange and access to medical information, the security is threatened. In order to solve the problem, this study proposes a key management scheme based on Lagrange interpolation formulas and hierarchical management structure to make Mobile Agents a more secure and efficient access control scheme for electronic patient record systems when applied to the access of patients' personal electronic patient records cross hospitals. Meanwhile, with the comparison of security and efficacy analyses being the feasibility of validation scheme and the basis of better efficiency, the security of Mobile Agents in the process of operation can be guaranteed, key management efficacy can be advanced, and the security of the Mobile Agent system can be protected.

Flexible and Transparent User Authentication for Mobile Devices

NASA Astrophysics Data System (ADS)

Clarke, Nathan; Karatzouni, Sevasti; Furnell, Steven

The mobile device has become a ubiquitous technology that is capable of supporting an increasingly large array of services, applications and information. Given their increasing importance, it is imperative to ensure that such devices are not misused or abused. Unfortunately, a key enabling control to prevent this, user authentication, has not kept up with the advances in device technology. This paper presents the outcomes of a 2 year study that proposes the use of transparent and continuous biometric authentication of the user: providing more comprehensive identity verification; minimizing user inconvenience; and providing security throughout the period of use. A Non-Intrusive and Continuous Authentication (NICA) system is described that maintains a continuous measure of confidence in the identity of the user, removing access to sensitive services and information with low confidence levels and providing automatic access with higher confidence levels. An evaluation of the framework is undertaken from an end-user perspective via a trial involving 27 participants. Whilst the findings raise concerns over education, privacy and intrusiveness, overall 92% of users felt the system offered a more secure environment when compared to existing forms of authentication.

31 CFR 363.16 - How do I access my account?

Code of Federal Regulations, 2010 CFR

2010-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN TREASURYDIRECT General Provisions Governing Securities Held in TreasuryDirect § 363.16 How do I access my account? You may access your account online using your account number, password, and any other form(s) of...

19 CFR 122.188 - Issuance of temporary Customs access seal.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Issuance of temporary Customs access seal. 122.188 Section 122.188 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.188 Issuance of...

19 CFR 122.188 - Issuance of temporary Customs access seal.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Issuance of temporary Customs access seal. 122.188 Section 122.188 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.188 Issuance of...

19 CFR 122.188 - Issuance of temporary Customs access seal.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Issuance of temporary Customs access seal. 122.188 Section 122.188 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY AIR COMMERCE REGULATIONS Access to Customs Security Areas § 122.188 Issuance of...

75 FR 485 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-05

... Municipal Market Access System (EMMA[supreg]) December 23, 2009. On July 14, 2009, the Municipal Securities... Municipal Market Access System (EMMA[supreg]). The proposed rule change was published for comment in the... Municipal Market Access system (``EMMA'') (as amended, the ``proposed rule change''). The proposed rule...

Privacy authentication using key attribute-based encryption in mobile cloud computing

NASA Astrophysics Data System (ADS)

Mohan Kumar, M.; Vijayan, R.

2017-11-01

Mobile Cloud Computing is becoming more popular in nowadays were users of smartphones are getting increased. So, the security level of cloud computing as to be increased. Privacy Authentication using key-attribute based encryption helps the users for business development were the data sharing with the organization using the cloud in a secured manner. In Privacy Authentication the sender of data will have permission to add their receivers to whom the data access provided for others the access denied. In sender application, the user can choose the file which is to be sent to receivers and then that data will be encrypted using Key-attribute based encryption using AES algorithm. In which cipher created, and that stored in Amazon Cloud along with key value and the receiver list.

Intelligent Facial Recognition Systems: Technology advancements for security applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beer, C.L.

1993-07-01

Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g.,more » fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.« less

33 CFR 165.505 - Security Zone; Calvert Cliffs Nuclear Power Plant, Chesapeake Bay, Calvert County, Maryland.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Persons desiring to transit the area of the security zone may contact the Captain of the Port at telephone... REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Fifth Coast Guard District § 165.505 Security Zone; Calvert Cliffs Nuclear Power Plant, Chesapeake...

A secure data outsourcing scheme based on Asmuth-Bloom secret sharing

NASA Astrophysics Data System (ADS)

Idris Muhammad, Yusuf; Kaiiali, Mustafa; Habbal, Adib; Wazan, A. S.; Sani Ilyasu, Auwal

2016-11-01

Data outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users' queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients' data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth-Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing.

Securing Cyber Acquisitions

DTIC Science & Technology

2015-02-01

networking provides 24-hour access to data and information between friends and strangers alike. Technology also has played a significant role in the world’s...economic environment, many or- ganizations look at cyber budgets as areas to cut back. And many top-level managers and members of the acquisition

Keeping Campuses Safe.

ERIC Educational Resources Information Center

Kennedy, Mike

1999-01-01

Describes how colleges and universities are using technology, as well as traditional methods, to keep campuses safe and reduce crime. Topics include using free pizza in a successful contest to teach students about campus safety, installing security cameras, using access-control cards, providing adequate lighting, and creating a bicycle patrol…

20 CFR 401.95 - Fees.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Fees. 401.95 Section 401.95 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION The... in order to provide access to the record (e.g., computer printout where no screen reading is...

20 CFR 401.95 - Fees.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Fees. 401.95 Section 401.95 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION The... in order to provide access to the record (e.g., computer printout where no screen reading is...

20 CFR 401.95 - Fees.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Fees. 401.95 Section 401.95 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION The... in order to provide access to the record (e.g., computer printout where no screen reading is...

20 CFR 401.95 - Fees.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Fees. 401.95 Section 401.95 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION The... in order to provide access to the record (e.g., computer printout where no screen reading is...

78 FR 69289 - Privacy Act; Implementation

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-19

... for Disclosures) because release of the accounting of disclosures could alert the subject of an... efforts to preserve national security. Disclosure of the accounting would also permit the individual who... individual will be provided access to the information exempt to the extent that disclosure would reveal the...

The AIST Managed Cloud Environment

NASA Astrophysics Data System (ADS)

Cook, S.

2016-12-01

ESTO is currently in the process of developing and implementing the AIST Managed Cloud Environment (AMCE) to offer cloud computing services to ESTO-funded PIs to conduct their project research. AIST will provide projects access to a cloud computing framework that incorporates NASA security, technical, and financial standards, on which project can freely store, run, and process data. Currently, many projects led by research groups outside of NASA do not have the awareness of requirements or the resources to implement NASA standards into their research, which limits the likelihood of infusing the work into NASA applications. Offering this environment to PIs will allow them to conduct their project research using the many benefits of cloud computing. In addition to the well-known cost and time savings that it allows, it also provides scalability and flexibility. The AMCE will facilitate infusion and end user access by ensuring standardization and security. This approach will ultimately benefit ESTO, the science community, and the research, allowing the technology developments to have quicker and broader applications.

The AMCE (AIST Managed Cloud Environment)

NASA Astrophysics Data System (ADS)

Cook, S.

2017-12-01

ESTO has developed and implemented the AIST Managed Cloud Environment (AMCE) to offer cloud computing services to SMD-funded PIs to conduct their project research. AIST will provide projects access to a cloud computing framework that incorporates NASA security, technical, and financial standards, on which project can freely store, run, and process data. Currently, many projects led by research groups outside of NASA do not have the awareness of requirements or the resources to implement NASA standards into their research, which limits the likelihood of infusing the work into NASA applications. Offering this environment to PIs allows them to conduct their project research using the many benefits of cloud computing. In addition to the well-known cost and time savings that it allows, it also provides scalability and flexibility. The AMCE facilitates infusion and end user access by ensuring standardization and security. This approach will ultimately benefit ESTO, the science community, and the research, allowing the technology developments to have quicker and broader applications.

Access to health care and social protection.

PubMed

Martin, Philippe

2012-06-01

In France, the access to healthcare has been conceived as a social right and is mainly managed through the coverage of the population by the National Health Insurance, which is a part of the whole French social security scheme. This system was based on the so-called Bismarckian model, which implies that it requires full employment and solid family links, as the insured persons are the workers and their dependents. This paper examines the typical problems that this system has to face as far as the right to healthcare is concerned. First, it addresses the need to introduce some universal coverage programs, in order to integrate the excluded population. Then, it addresses the issue of financial sustainability as the structural weakness of the French system--in which healthcare is still mainly provided by private practice physicians and governed by the principle of freedom--leads to conceive and implement complex forms of regulations between the State, the Social security institutions and the healthcare providers.

Equity in access to health care provision under the medicare security for small scale entrepreneurs in Dar es Salaam.

PubMed

Urassa, J A E

2012-03-01

The main objective of this study was to assess equity in access to health care provision under the Medicare Security for Small Scale Entrepreneurs (SSE). Methodological triangulation was used to an exploratory and randomized cross- sectional study in order to supplement information on the topic under investigation. Questionnaires were administered to 281 respondents and 6 Focus Group Discussions (FGDs) were held with males and females. Documentary review was also used. For quantitative aspect of the study, significant associations were measured using confidence intervals (95% CI) testing. Qualitative data were analyzed with assistance of Open code software. The results show that inequalities in access to health care services were found in respect to affordability of medical care costs, distance from home to health facilities, availability of drugs as well as medical equipments and supplies. As the result of existing inequalities some of clients were not satisfied with the provided health services. The study concludes by drawing policy and research implications of the findings.

Patients' willingness to pay for electronic communication with their general practitioner.

PubMed

Bergmo, Trine Strand; Wangberg, Silje Camilla

2007-06-01

Despite the common use of electronic communication in other aspects of everyday life, its use between patients and health care providers has been slow to diffuse. Possible explanations are security issues and lack of payment mechanisms. This study investigated how patients value secure electronic access to their general practitioner (GP). One hundred and ninety-nine patients were asked an open-ended willingness-to-pay (WTP) question as part of a randomised controlled trial. We compared the WTP values between two groups of respondents; one group had had the opportunity to communicate electronically with their GP for a year and the other group had not. Fifty-two percent of the total sample was willing to pay for electronic GP contact. The group of patients with access revealed a significantly lower WTP than the group without such access. Possible explanations are that the system had fewer benefits than expected, a presence of hypothetical bias or simply a preference for face-to-face encounters.

GMES Space Component: Programme overview

NASA Astrophysics Data System (ADS)

Aschbacher, J.; Milagro-Perez, M. P.

2012-04-01

The European Union (EU) and the European Space Agency (ESA) have developed the Global Monitoring for Environment and Security (GMES) programme as Europe's answer to the vital need for joined-up data about our climate, environment and security. Through a unique combination of satellite, atmospheric and Earth-based monitoring systems, the initiative will provide new insight into the state of the land, sea and air, providing policymakers, scientists, businesses and the public with accurate and timely information. GMES capabilities include monitoring and forecasting of climatic change, flood risks, soil and coastal erosion, crop and fish resources, air pollution, greenhouse gases, iceberg distribution and snow cover, among others. To accomplish this, GMES has been divided into three main components: Space, In-situ and Services. The Space Component, led by ESA, comprises five types of new satellites called Sentinels that are being developed by ESA specifically to meet the needs of GMES, the first of which to be launched in 2013. These missions carry a range of technologies, such as radar and multi-spectral imaging instruments for land, ocean and atmospheric monitoring. In addition, access to data from the so-called Contributing Missions guarantees that European space infrastructure is fully used for GMES. An integrated Ground Segment ensures access to Sentinels and Contributing Missions data. The in-situ component, under the coordination of the European Environment Agency (EEA), is composed of atmospheric and Earth based monitoring systems, and based on established networks and programmes at European and international levels. The European Commission is in charge of implementing the services component of GMES and of leading GMES overall. GMES services, fed with data from the Space and In-situ components, will provide essential information in five main domains, atmosphere, ocean and land monitoring as well as emergency response and security. Climate change has been added as a new GMES service and cross-cuts all these domains. Even if GMES is built to primarily serve operational services, there is a large benefit for science users as well. In addition, science will be crucial to advance services and provide critical input to the definition of new observation systems. Access to Sentinel data is governed by the Sentinel data policy, which is part of a wider GMES data and information access policy. The Sentinel data policy envisages free and open access, subject to restrictions only if security or other European interests need to be preserved. The programme will enter the operational phase in 2014, when the first dedicated spacecraft, the Sentinel missions, will be in orbit. The main programmatic challenge is to ensure the programme's long-term sustainability. This session aims at informing users about the current programme's overall status and its potential for users in the services and scientific fields.

Emergency access to protected health records.

PubMed

Künzi, Julien; Koster, Paul; Petković, Milan

2009-01-01

Digital Rights Management (DRM) schemes are receiving increased attention in the healthcare domain for the protection of sensitive health records as they offer security against insider attacks and advance protection features such as usage control. However, to be accepted by health care providers, a DRM solution has to fulfill specific healthcare requirements including emergency access. In this paper, we propose such DRM solution that can be deployed in highly distributed environments of electronic or personal health record infrastructures.

Tools for Administration of a UNIX-Based Network

NASA Technical Reports Server (NTRS)

LeClaire, Stephen; Farrar, Edward

2004-01-01

Several computer programs have been developed to enable efficient administration of a large, heterogeneous, UNIX-based computing and communication network that includes a variety of computers connected to a variety of subnetworks. One program provides secure software tools for administrators to create, modify, lock, and delete accounts of specific users. This program also provides tools for users to change their UNIX passwords and log-in shells. These tools check for errors. Another program comprises a client and a server component that, together, provide a secure mechanism to create, modify, and query quota levels on a network file system (NFS) mounted by use of the VERITAS File SystemJ software. The client software resides on an internal secure computer with a secure Web interface; one can gain access to the client software from any authorized computer capable of running web-browser software. The server software resides on a UNIX computer configured with the VERITAS software system. Directories where VERITAS quotas are applied are NFS-mounted. Another program is a Web-based, client/server Internet Protocol (IP) address tool that facilitates maintenance lookup of information about IP addresses for a network of computers.

A data protection scheme for a remote vital signs monitoring healthcare service.

PubMed

Gritzalis, D; Lambrinoudakis, C

2000-01-01

Personal and medical data processed by Healthcare Information Systems must be protected against unauthorized access, modification and withholding. Security measures should be selected to provide the required level of protection in a cost-efficient manner. This is only feasible if specific characteristics of the information system are examined on a basis of a risk analysis methodology. This paper presents the results of a risk analysis, based on the CRAMM methodology, for a healthcare organization offering a patient home-monitoring service through the transmission of vital signs, focusing on the identified security needs and the proposed countermeasures. The architectural and functional models of this service were utilized for identifying and valuating the system assets, the associated threats and vulnerabilities, as well as for assessing the impact on the patients and on the service provider, should the security of any of these assets is affected. A set of adequate organizational, administrative and technical countermeasures is described for the remote vital signs monitoring service, thus providing the healthcare organization with a data protection framework that can be utilized for the development of its own security plan.

78 FR 17781 - Transportation Worker Identification Credential (TWIC)-Reader Requirements

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-22

...In this Notice of Proposed Rulemaking (NPRM), the Coast Guard proposes to require owners and operators of certain vessels and facilities regulated by the Coast Guard to use electronic readers designed to work with the Transportation Worker Identification Credential (TWIC) as an access control measure. This NPRM also proposes additional requirements associated with electronic TWIC readers, including recordkeeping requirements for those owners and operators required to use an electronic TWIC reader, and security plan amendments to incorporate TWIC requirements. The TWIC program, including the proposed TWIC reader requirements in this rule, is an important component of the Coast Guard's multi-layered system of access control requirements and other measures designed to enhance maritime security. This rulemaking action, once final, would build upon existing Coast Guard regulations designed to ensure that only individuals who hold a TWIC are granted unescorted access to secure areas at those locations. The Coast Guard has already promulgated regulations pursuant to the Maritime Transportation Security Act of 2002 (MTSA) that require mariners and other individuals to obtain a TWIC and present it for inspection by security personnel prior to gaining access to such secure areas. By requiring certain vessels and facilities to perform TWIC inspections using electronic TWIC readers, this rulemaking would further enhance security at those locations. This rulemaking would also implement the Security and Accountability For Every Port Act of 2006 electronic TWIC reader requirements.

Extending key sharing: how to generate a key tightly coupled to a network security policy

NASA Astrophysics Data System (ADS)

Kazantzidis, Matheos

2006-04-01

Current state of the art security policy technologies, besides the small scale limitation and largely manual nature of accompanied management methods, are lacking a) in real-timeliness of policy implementation and b) vulnerabilities and inflexibility stemming from the centralized policy decision making; even if, for example, a policy description or access control database is distributed, the actual decision is often a centralized action and forms a system single point of failure. In this paper we are presenting a new fundamental concept that allows implement a security policy by a systematic and efficient key distribution procedure. Specifically, we extend the polynomial Shamir key splitting. According to this, a global key is split into n parts, any k of which can re-construct the original key. In this paper we present a method that instead of having "any k parts" be able to re-construct the original key, the latter can only be reconstructed if keys are combined as any access control policy describes. This leads into an easily deployable key generation procedure that results a single key per entity that "knows" its role in the specific access control policy from which it was derived. The system is considered efficient as it may be used to avoid expensive PKI operations or pairwise key distributions as well as provides superior security due to its distributed nature, the fact that the key is tightly coupled to the policy, and that policy change may be implemented easier and faster.

Vascular Access System for Continuous Arterial Infusion of a Protease Inhibitor in Acute Necrotizing Pancreatitis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ganaha, Fumikiyo; Yamada, Tetsuhisa; Yorozu, Naoya

1999-09-15

We used a vascular access system (VAS) for continuous arterial infusion (CAI) of a protease inhibitor in two patients with acute necrotizing pancreatitis. The infusion catheter was placed into the dorsal pancreatic artery in the first patient and into the gastroduodenal artery in the second, via a femoral artery approach. An implantable port was then connected to the catheter and was secured in a subcutaneous pocket prepared in the right lower abdomen. No complications related to the VAS were encountered. This system provided safe and uncontaminated vascular access for successful CAI for acute pancreatitis.

ML Crew Access Arm Move

NASA Image and Video Library

2017-11-10

The Orion crew access arm is secured on a flatbed transporter for its move from a storage location at NASA's Kennedy Space Center in Florida to the mobile launcher (ML) tower near the Vehicle Assembly Building at the center. The crew access arm will be installed at about the 274-foot level on the mobile launcher tower. It will rotate from its retracted position and interface with the Orion crew hatch location to provide entry to the Orion crew module. The Ground Systems Development and Operations Program is overseeing installation of umbilicals and launch accessories on the ML tower to prepare for Exploration Mission-1.

A biometric access personal optical storage device

NASA Astrophysics Data System (ADS)

Davies, David H.; Ray, Steve; Gurkowski, Mark; Lee, Lane

2007-01-01

A portable USB2.0 personal storage device that uses built-in encryption and allows data access through biometric scanning of a finger print is described. Biometric image derived templates are stored on the removable 32 mm write once (WO) media. The encrypted templates travel with the disc and allow access to the data providing the biometric feature (e.g. the finger itself) is present. The device also allows for export and import of the templates under secure key exchange protocols. The storage system is built around the small form factor optical engine that uses a tilt arm rotary actuator and front surface media.

Health information security: a case study of three selected medical centers in iran.

PubMed

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-03-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients' electronic records and health information systems have become a source for hackers. This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts' points of view. Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of "verification and system design, user access management, access control system", Al Zahra Hospital in two indicators of "access management and network access control" and Amin Hospital in "equipment safety and system design". In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place.

Health Information Security: A Case Study of Three Selected Medical Centers in Iran

PubMed Central

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-01-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients’ electronic records and health information systems have become a source for hackers. Methods This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts’ points of view. Results and discussion Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of “verification and system design, user access management, access control system”, Al Zahra Hospital in two indicators of “access management and network access control” and Amin Hospital in “equipment safety and system design”. In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place. PMID:23572861

Smart cards--the key to trustworthy health information systems.

PubMed Central

Neame, R.

1997-01-01

Some 20 years after they were first developed, "smart cards" are set to play a crucial part in healthcare systems. Last year about a billion were supplied, mainly for use in the financial sector, but their special features make them of particular strategic importance for the health sector, where they offer a ready made solution to some key problems of security and confidentiality. This article outlines what smart cards are and why they are so important in managing health information. I discuss some of the unique features of smart cards that are of special importance in the development of secure and trustworthy health information systems. Smart cards would enable individuals' identities to be authenticated and communications to be secured and would provide the mechanisms for implementing strong security, differential access to data, and definitive audit trails. Patient cards can also with complete security carry personal details, data on current health problems and medications, emergency care data, and pointers to where medical records for the patient can be found. Provider cards can in addition carry authorisations and information on computer set up. PMID:9055719

Experimental realization of an entanglement access network and secure multi-party computation

PubMed Central

Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

2016-01-01

To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography. PMID:27404561

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

Vulnerability and Agency: Beyond an Irreconcilable Dichotomy for Social Service Providers Working with Young Refugees in the UK

ERIC Educational Resources Information Center

O'Higgins, Aoife

2012-01-01

Many young refugees face significant difficulties in securing support from social services providers. This study invited 21 young refugees aged 16 to 21 to take part in focus groups and follow-up interviews about their experiences of accessing this support. The findings reveal that young refugees may deliberately conform to expectations about…

Practical device-independent quantum cryptography via entropy accumulation.

PubMed

Arnon-Friedman, Rotem; Dupuis, Frédéric; Fawzi, Omar; Renner, Renato; Vidick, Thomas

2018-01-31

Device-independent cryptography goes beyond conventional quantum cryptography by providing security that holds independently of the quality of the underlying physical devices. Device-independent protocols are based on the quantum phenomena of non-locality and the violation of Bell inequalities. This high level of security could so far only be established under conditions which are not achievable experimentally. Here we present a property of entropy, termed "entropy accumulation", which asserts that the total amount of entropy of a large system is the sum of its parts. We use this property to prove the security of cryptographic protocols, including device-independent quantum key distribution, while achieving essentially optimal parameters. Recent experimental progress, which enabled loophole-free Bell tests, suggests that the achieved parameters are technologically accessible. Our work hence provides the theoretical groundwork for experimental demonstrations of device-independent cryptography.

A joint signal processing and cryptographic approach to multimedia encryption.

PubMed

Mao, Yinian; Wu, Min

2006-07-01

In recent years, there has been an increasing trend for multimedia applications to use delegate service providers for content distribution, archiving, search, and retrieval. These delegate services have brought new challenges to the protection of multimedia content confidentiality. This paper discusses the importance and feasibility of applying a joint signal processing and cryptographic approach to multimedia encryption, in order to address the access control issues unique to multimedia applications. We propose two atomic encryption operations that can preserve standard compliance and are friendly to delegate processing. Quantitative analysis for these operations is presented to demonstrate that a good tradeoff can be made between security and bitrate overhead. In assisting the design and evaluation of media security systems, we also propose a set of multimedia-oriented security scores to quantify the security against approximation attacks and to complement the existing notion of generic data security. Using video as an example, we present a systematic study on how to strategically integrate different atomic operations to build a video encryption system. The resulting system can provide superior performance over both generic encryption and its simple adaptation to video in terms of a joint consideration of security, bitrate overhead, and friendliness to delegate processing.

33 CFR 165.809 - Security Zones; Port of Port Lavaca-Point Comfort, Point Comfort, TX and Port of Corpus Christi...

Code of Federal Regulations, 2010 CFR

2010-07-01

... (CONTINUED) PORTS AND WATERWAYS SAFETY REGULATED NAVIGATION AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eighth Coast Guard District § 165.809 Security Zones; Port of Port...) Location. The following area is designated as a security zone: all waters of the Corpus Christi Inner...

33 CFR 165.820 - Security Zone; Ohio River Mile, 34.6 to 35.1, Shippingport, Pennsylvania.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AREAS AND LIMITED ACCESS AREAS Specific Regulated Navigation Areas and Limited Access Areas Eighth Coast...) Location. The following area is a security zone: The waters of the Ohio River, extending 200 feet from the... Captain of the Port, Pittsburgh. (2) Persons and vessels desiring to transit the area of the security zone...

Information Assurance and Cyber Defence (Assurance de l’information et cyberdefense)

DTIC Science & Technology

2010-11-01

project is that knowledge exchange in a timely fashion is highly significant. Authentication and Authorisation of Users and Services in Federated...Detection, Protection and Countermeasures; • Security Models and Architectures; • Security Policies, Evaluation, Authorisation and Access Control; and...Evaluation, Authorisation and Access Control • Network and Information Security Awareness The topics for the symposium had been established

Secure Web-based Ground System User Interfaces over the Open Internet

NASA Technical Reports Server (NTRS)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

NASA Astrophysics Data System (ADS)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

High End Computer Network Testbedding at NASA Goddard Space Flight Center

NASA Technical Reports Server (NTRS)

Gary, James Patrick

1998-01-01

The Earth & Space Data Computing (ESDC) Division, at the Goddard Space Flight Center, is involved in development and demonstrating various high end computer networking capabilities. The ESDC has several high end super computers. These are used to run: (1) computer simulation of the climate systems; (2) to support the Earth and Space Sciences (ESS) project; (3) to support the Grand Challenge (GC) Science, which is aimed at understanding the turbulent convection and dynamos in stars. GC research occurs in many sites throughout the country, and this research is enabled by, in part, the multiple high performance network interconnections. The application drivers for High End Computer Networking use distributed supercomputing to support virtual reality applications, such as TerraVision, (i.e., three dimensional browser of remotely accessed data), and Cave Automatic Virtual Environments (CAVE). Workstations can access and display data from multiple CAVE's with video servers, which allows for group/project collaborations using a combination of video, data, voice and shared white boarding. The ESDC is also developing and demonstrating the high degree of interoperability between satellite and terrestrial-based networks. To this end, the ESDC is conducting research and evaluations of new computer networking protocols and related technologies which improve the interoperability of satellite and terrestrial networks. The ESDC is also involved in the Security Proof of Concept Keystone (SPOCK) program sponsored by National Security Agency (NSA). The SPOCK activity provides a forum for government users and security technology providers to share information on security requirements, emerging technologies and new product developments. Also, the ESDC is involved in the Trans-Pacific Digital Library Experiment, which aims to demonstrate and evaluate the use of high performance satellite communications and advanced data communications protocols to enable interactive digital library data access between the U. S. Library of Congress, the National Library of Japan and other digital library sites at 155 MegaBytes Per Second. The ESDC participation in this program is the Trans-Pacific access to GLOBE visualizations in real time. ESDC is participating in the Department of Defense's ATDNet with Multiwavelength Optical Network (MONET) a fully switched Wavelength Division Networking testbed. This presentation is in viewgraph format.

Food capacities and satisfaction in participants in food security community interventions in Montreal, Canada.

PubMed

Roncarolo, Federico; Adam, Caroline; Bisset, Sherri; Potvin, Louise

2016-12-01

Food insecurity is steadily increasing in Canada. The objective of this paper is to determine if food capacities and satisfaction of recently enrolled participants in food security interventions are associated with the intervention having either a traditional or an alternative type of approach. Participants having recently accessed traditional (n = 711) or alternative community interventions (n = 113) in the Montreal metropolitan area, Canada, were interviewed with a questionnaire. The categorizing variable was participation in a community organization providing either traditional interventions, aimed to help people cope with the urgent need of food, or alternative interventions, aimed at first assistance, in addition to the creation of long-term solutions such as social integration and skills development. Participants' food and nutrition-related capacities and food satisfaction are studied. Multilevel regression models were used to assess whether participants took part in a traditional or alternative interventions. These interventions do not reach the same population. Relative to participants in alternative food security interventions, participants in traditional interventions demonstrated less capacity for accessing information about food safety and healthiness, and perceived their diet as less healthy. Traditional food security participants also paid less attention to the nutritional properties of food and reported less satisfaction with quantity, variety and taste of the food they accessed. The reasons why individuals who may benefit the most from alternative interventions were unlikely to participate should be investigated. The potential that food security interventions may inadvertently reinforce social inequalities in health should be considered in future intervention research. © The Author 2015. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

Patient privacy protection using anonymous access control techniques.

PubMed

Weerasinghe, D; Rajarajan, M; Elmufti, K; Rakocevic, V

2008-01-01

The objective of this study is to develop a solution to preserve security and privacy in a healthcare environment where health-sensitive information will be accessed by many parties and stored in various distributed databases. The solution should maintain anonymous medical records and it should be able to link anonymous medical information in distributed databases into a single patient medical record with the patient identity. In this paper we present a protocol that can be used to authenticate and authorize patients to healthcare services without providing the patient identification. Healthcare service can identify the patient using separate temporary identities in each identification session and medical records are linked to these temporary identities. Temporary identities can be used to enable record linkage and reverse track real patient identity in critical medical situations. The proposed protocol provides main security and privacy services such as user anonymity, message privacy, message confidentiality, user authentication, user authorization and message replay attacks. The medical environment validates the patient at the healthcare service as a real and registered patient for the medical services. Using the proposed protocol, the patient anonymous medical records at different healthcare services can be linked into one single report and it is possible to securely reverse track anonymous patient into the real identity. The protocol protects the patient privacy with a secure anonymous authentication to healthcare services and medical record registries according to the European and the UK legislations, where the patient real identity is not disclosed with the distributed patient medical records.

45 CFR 164.308 - Administrative safeguards.

Code of Federal Regulations, 2012 CFR

2012-10-01

...)(i) Standard: Security management process. Implement policies and procedures to prevent, detect... this subpart for the entity. (3)(i) Standard: Workforce security. Implement policies and procedures to...) Standard: Information access management. Implement policies and procedures for authorizing access to...