49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

Specification and Verification of Secure Concurrent and Distributed Software Systems

DTIC Science & Technology

1992-02-01

primitive search strategies work for operating systems that contain relatively few operations . As the number of operations increases, so does the the...others have granted him access to, etc . The burden of security falls on the operating system , although appropriate hardware support can minimize the...Guttag, J. Horning, and R. Levin. Synchronization primitives for a multiprocessor: a formal specification. Symposium on Operating System Principles

Cyber Threat Assessment of Uplink and Commanding System for Mission Operation

NASA Technical Reports Server (NTRS)

Ko, Adans Y.; Tan, Kymie M. C.; Cilloniz-Bicchi, Ferner; Faris, Grant

2014-01-01

Most of today's Mission Operations Systems (MOS) rely on Ground Data System (GDS) segment to mitigate cyber security risks. Unfortunately, IT security design is done separately from the design of GDS' mission operational capabilities. This incoherent practice leaves many security vulnerabilities in the system without any notice. This paper describes a new way to system engineering MOS, to include cyber threat risk assessments throughout the MOS development cycle, without this, it is impossible to design a dependable and reliable MOS to meet today's rapid changing cyber threat environment.

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

33 CFR 127.705 - Security systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false Security systems. 127.705 Section 127.705 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Waterfront Facilities Handling Liquefied Natural Gas Security § 127.705 Security systems. The operator shall...

77 FR 32111 - Privacy Act System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-31

... or fraud, or harm to the security or integrity of this system or other systems or programs (whether... to comment. FCC/MB-2 System Name: Broadcast Station Public Inspection Files. Security Classification: The FCC's Security Operations Center (SOC) has not assigned a security classification to this system...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

Concept of Operations for the Next Generation Air Transportation System. Version 3.2

DTIC Science & Technology

2011-01-01

Airside. Security Identification Display Area/Airport ( SIDA ) operations area, terminal perimeter, terminal airspace (security) • Landside. Terminal...Definition RTSS Remote Terminal Security Screening SAA Special Activity Airspace SIDA Security Identification Display Area SM Separation Management

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

49 CFR 1580.201 - Rail security coordinator.

Code of Federal Regulations, 2010 CFR

2010-10-01

... system that is not operating on track that is part of the general railroad system of transportation... SECURITY Passenger Rail Including Passenger Railroad Carriers, Rail Transit Systems, Tourist, Scenic.... This section applies to: (1) Each passenger railroad carrier, including each carrier operating light...

A Joint Force Medical Command is Required to Fix Combat Casualty Care

DTIC Science & Technology

2017-10-05

that poses an operations security risk. Author: ☒ PA: ☒ 13. SUPPLEMENTARY NOTES Word Count: 10,665 14. ABSTRACT The Military Health System...15. SUBJECT TERMS Military Health System, Joint Trauma System, Defense Health Agency, PROFIS 16. SECURITY CLASSIFICATION OF: 17...The Military Health System (MHS) is required to provide medical operational forces for military and contingency operations while also providing

77 FR 33605 - Privacy Act of 1974: Implementation of Exemptions; Department of Homeland Security Office of...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-07

... operations center for the Department of Homeland Security.'' Through the NOC, OPS provides real-time...-003 Operations Collection, Planning, Coordination, Reporting, Analysis, and Fusion System of Records... System of Records.'' The DHS/OPS-003 Operations Collection, Planning, Coordination, Reporting, Analysis...

76 FR 25385 - Self-Regulatory Organizations; Financial Industry Regulatory Authority, Inc.; Order Granting...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-04

... Operations regarding a TRACE-Eligible Security when such security is not in the TRACE system, and to... using any facility or system that FINRA operates or controls.\\8\\ The fee is similar to the Computer-to... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-64364; File No. SR-FINRA-2011-012] Self...

Multicore Architectures for Multiple Independent Levels of Security Applications

DTIC Science & Technology

2012-09-01

to bolster the MILS effort. However, current MILS operating systems are not designed for multi-core platforms. They do not have the hardware support...current MILS operating systems are not designed for multi‐core platforms. They do not have the hardware support to ensure that the separation...the availability of information at different security classification levels while increasing the overall security of the computing system . Due to the

Security Controls in the Stockpoint Logistics Integrated Communications Environment (SPLICE).

DTIC Science & Technology

1985-03-01

call programs as authorized after checks by the Terminal Management Subsystem on SAS databases . SAS overlays the TANDEM GUARDIAN operating system to...Security Access Profile database (SAP) and a query capability generating various security reports. SAS operates with the System Monitor (SMON) subsystem...system to DDN and other components. The first SAS component to be reviewed is the SAP database . SAP is organized into two types of files. Relational

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

33 CFR 127.1305 - Operations Manual.

Code of Federal Regulations, 2010 CFR

2010-07-01

... personnel of the facility; (e) A description for each security system provided for the transfer area; (f) A... Section 127.1305 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED... Operations Manual must contain— (a) A description of each liquid-transfer system and vapor transfer system...

Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS)

DTIC Science & Technology

2012-05-01

protect, and secure the United States and its interests. • AOF is the United States, Alaska, Canada, Mexico, Bahamas, Puerto Rico , and the U.S. Virgin...Criteria (UFC) for Smart Microgrid Cyber design guides for Industrial Control Systems (ICS) Residual systems Operations and Maintenance Operator...Training Sustainment Commercial Transition Cooperation with NIST for microgrid security standards Working with industry associations and

Concept of Operations for the Next Generation Air Transportation System, Version 2.0

DTIC Science & Technology

2007-06-13

SIDA )/airport operations area (AOA), [R-110] terminal perimeter, terminal airspace (security) • Landside. Terminal public and commercial roadways and...Required Surveillance Performance RTSS Remote Terminal Security Screening SAA Special Activity Airspace SIDA Security Identification Display Area SM...impede airside operations? R-110 Research 6.4.2/C. 4.4.1 Airside: Security Identification Display Area ( SIDA )/AOA R&D needed to develop and

On determining specifications and selections of alternative technologies for airport checked-baggage security screening.

PubMed

Feng, Qianmei

2007-10-01

Federal law mandates that every checked bag at all commercial airports be screened by explosive detection systems (EDS), explosive trace detection systems (ETD), or alternative technologies. These technologies serve as critical components of airport security systems that strive to reduce security risks at both national and global levels. To improve the operational efficiency and airport security, emerging image-based technologies have been developed, such as dual-energy X-ray (DX), backscatter X-ray (BX), and multiview tomography (MVT). These technologies differ widely in purchasing cost, maintenance cost, operating cost, processing rate, and accuracy. Based on a mathematical framework that takes into account all these factors, this article investigates two critical issues for operating screening devices: setting specifications for continuous security responses by different technologies; and selecting technology or combination of technologies for efficient 100% baggage screening. For continuous security responses, specifications or thresholds are used for classifying threat items from nonthreat items. By investigating the setting of specifications on system security responses, this article assesses the risk and cost effectiveness of various technologies for both single-device and two-device systems. The findings provide the best selection of image-based technologies for both single-device and two-device systems. Our study suggests that two-device systems outperform single-device systems in terms of both cost effectiveness and accuracy. The model can be readily extended to evaluate risk and cost effectiveness of multiple-device systems for airport checked-baggage security screening.

The Management and Security Expert (MASE)

NASA Technical Reports Server (NTRS)

Miller, Mark D.; Barr, Stanley J.; Gryphon, Coranth D.; Keegan, Jeff; Kniker, Catherine A.; Krolak, Patrick D.

1991-01-01

The Management and Security Expert (MASE) is a distributed expert system that monitors the operating systems and applications of a network. It is capable of gleaning the information provided by the different operating systems in order to optimize hardware and software performance; recognize potential hardware and/or software failure, and either repair the problem before it becomes an emergency, or notify the systems manager of the problem; and monitor applications and known security holes for indications of an intruder or virus. MASE can eradicate much of the guess work of system management.

A security/safety survey of long term care facilities.

PubMed

Acorn, Jonathan R

2010-01-01

What are the major security/safety problems of long term care facilities? What steps are being taken by some facilities to mitigate such problems? Answers to these questions can be found in a survey of IAHSS members involved in long term care security conducted for the IAHSS Long Term Care Security Task Force. The survey, the author points out, focuses primarily on long term care facilities operated by hospitals and health systems. However, he believes, it does accurately reflect the security problems most long term facilities face, and presents valuable information on security systems and practices which should be also considered by independent and chain operated facilities.

[Development of operation patient security detection system].

PubMed

Geng, Shu-Qin; Tao, Ren-Hai; Zhao, Chao; Wei, Qun

2008-11-01

This paper describes a patient security detection system developed with two dimensional bar codes, wireless communication and removal storage technique. Based on the system, nurses and correlative personnel check code wait operation patient to prevent the defaults. The tests show the system is effective. Its objectivity and currency are more scientific and sophisticated than current traditional method in domestic hospital.

Review of the Literature Related to Screening Airline Passenger Baggage.

DTIC Science & Technology

1994-10-01

11 billion passengers and their carry-on items have passed through airport security checkpoints. According to the Federal Aviation Administration...Aviation Security establishes security requirements, inspects airline and airport security operations, and issues civil penalties for noncompliance with...operations areas and provide law enforcement support for the screening system and overall airport security requirements (FAA, 1991). The FAA’s role in aviation

A secure file manager for UNIX

DOE Office of Scientific and Technical Information (OSTI.GOV)

DeVries, R.G.

1990-12-31

The development of a secure file management system for a UNIX-based computer facility with supercomputers and workstations is described. Specifically, UNIX in its usual form does not address: (1) Operation which would satisfy rigorous security requirements. (2) Online space management in an environment where total data demands would be many times the actual online capacity. (3) Making the file management system part of a computer network in which users of any computer in the local network could retrieve data generated on any other computer in the network. The characteristics of UNIX can be exploited to develop a portable, secure filemore » manager which would operate on computer systems ranging from workstations to supercomputers. Implementation considerations making unusual use of UNIX features, rather than requiring extensive internal system changes, are described, and implementation using the Cray Research Inc. UNICOS operating system is outlined.« less

24 CFR 350.7 - Authority of Federal Reserve Banks as Depositories.

Code of Federal Regulations, 2010 CFR

2010-04-01

... applies, in accordance with the Securities Documentation, Federal Reserve Bank Operating Circulars, this..., Security Entitlements, and the operation of the book-entry system under this part. ...) Each Federal Reserve Bank is hereby authorized as Depository for Book-entry Ginnie Mae Securities to...

31 CFR 354.6 - Authority of Federal Reserve Banks.

Code of Federal Regulations, 2010 CFR

2010-07-01

... accordance with the Securities Documentation, and Federal Reserve Bank Operating Circulars; to service and..., Security Entitlements, and the operation of the Book-entry System under this part. ... SECURITIES OF THE STUDENT LOAN MARKETING ASSOCIATION (SALLIE MAE) § 354.6 Authority of Federal Reserve Banks...

48 CFR 3036.570 - Special precautions for work at operating airports.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Special precautions for work at operating airports. 3036.570 Section 3036.570 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) SPECIAL CATEGORIES OF...

Security Systems Consideration: A Total Security Approach

NASA Astrophysics Data System (ADS)

Margariti, S. V.; Meletiou, G.; Stergiou, E.; Vasiliadis, D. C.; Rizos, G. E.

2007-12-01

The "safety" problem for protection systems is to determine in a given situation whether a subject can acquire a particular right to an object. Security and audit operation face the process of securing the application on computing and network environment; however, storage security has been somewhat overlooked due to other security solutions. This paper identifies issues for data security, threats and attacks, summarizes security concepts and relationships, and also describes storage security strategies. It concludes with recommended storage security plan for a total security solution.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

12 CFR 615.5560 - Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... OPERATIONS Farm Credit System Financial Assistance Corporation Securities § 615.5560 Book-entry Procedure for Farm Credit System Financial Assistance Corporation Securities. (a) The Farm Credit System Financial... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Book-entry Procedure for Farm Credit System...

Research on information security system of waste terminal disposal process

NASA Astrophysics Data System (ADS)

Zhou, Chao; Wang, Ziying; Guo, Jing; Guo, Yajuan; Huang, Wei

2017-05-01

Informatization has penetrated the whole process of production and operation of electric power enterprises. It not only improves the level of lean management and quality service, but also faces severe security risks. The internal network terminal is the outermost layer and the most vulnerable node of the inner network boundary. It has the characteristics of wide distribution, long depth and large quantity. The user and operation and maintenance personnel technical level and security awareness is uneven, which led to the internal network terminal is the weakest link in information security. Through the implementation of security of management, technology and physics, we should establish an internal network terminal security protection system, so as to fully protect the internal network terminal information security.

Applying New Network Security Technologies to SCADA Systems.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hurd, Steven A; Stamp, Jason Edwin; Duggan, David P

2006-11-01

Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure "traditional" IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators.more » 4This page intentionally left blank.« less

Development and Demonstration of a Security Core Component

DOE Office of Scientific and Technical Information (OSTI.GOV)

Turke, Andy

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more datamore » about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.« less

Security Management Strategies for Protecting Your Library's Network.

ERIC Educational Resources Information Center

Ives, David J.

1996-01-01

Presents security procedures for protecting a library's computer system from potential threats by patrons or personnel, and describes how security can be breached. A sidebar identifies four areas of concern in security management: the hardware, the operating system, the network, and the user interface. A selected bibliography of sources on…

Making Our Buildings Safer: Security Management and Equipment Issues.

ERIC Educational Resources Information Center

Clark, James H.

1997-01-01

Discusses three major components of library security: physical security of the environment; operating procedures for library staff, the public, and security personnel; and a contract security force (or campus security in academic institutions.) Topics include risk management; maintenance; appropriate technology, including security systems and…

Security Policy for a Generic Space Exploration Communication Network Architecture

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Sheehe, Charles J.; Vaden, Karl R.

2016-01-01

This document is one of three. It describes various security mechanisms and a security policy profile for a generic space-based communication architecture. Two other documents accompany this document- an Operations Concept (OpsCon) and a communication architecture document. The OpsCon should be read first followed by the security policy profile described by this document and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

12 CFR 615.5502 - Issuance of global debt securities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Issuance of global debt securities. 615.5502 Section 615.5502 Banks and Banking FARM CREDIT ADMINISTRATION FARM CREDIT SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Global Debt Securities § 615.5502 Issuance...

HOW TO SELECT THE PROPER SECURITY AND EQUIPMENT SURVEILLANCE SYSTEMS TO PROTECT YOUR FACILITIES.

ERIC Educational Resources Information Center

Honeywell, Inc., Minneapolis, Minn.

IN PRESENTING A SURVEY OF MODERN SECURITY SYSTEMS, THIS BOOKLET DISCUSSES THE REQUIREMENTS FOR SURVEILLANCE AND PROTECTION OF AREAS, PERIMETER, AND OBJECTS. A VARIETY OF EQUIPMENT IS DESCRIBED WITH DISCUSSION OF OPERATING PROCEDURES, COSTS, AND RECENT DEVELOPMENTS IN SECURITY SYSTEMS. (JT)

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

A Common Criteria-Based Team Project for High Assurance Secure Systems

DTIC Science & Technology

2005-01-01

experience in the FHM, full system documentation, and plenty of time. The students had little experience and little time. The MINIX operating... MINIX is a very appropriate target for student enhancements. Since the principle objective of Secure Systems is to teach the concepts of...to construct a system when one of the developmental threats is subversion. Because students were studying MINIX in a prerequisite operating systems

InkTag: Secure Applications on an Untrusted Operating System

PubMed Central

Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

2014-01-01

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

InkTag: Secure Applications on an Untrusted Operating System.

PubMed

Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

2013-01-01

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

Security aspects of space operations data

NASA Technical Reports Server (NTRS)

Schmitz, Stefan

1993-01-01

This paper deals with data security. It identifies security threats to European Space Agency's (ESA) In Orbit Infrastructure Ground Segment (IOI GS) and proposes a method of dealing with its complex data structures from the security point of view. It is part of the 'Analysis of Failure Modes, Effects Hazards and Risks of the IOI GS for Operations, including Backup Facilities and Functions' carried out on behalf of the European Space Operations Center (ESOC). The security part of this analysis has been prepared with the following aspects in mind: ESA's large decentralized ground facilities for operations, the multiple organizations/users involved in the operations and the developments of ground data systems, and the large heterogeneous network structure enabling access to (sensitive) data which does involve crossing organizational boundaries. An IOI GS data objects classification is introduced to determine the extent of the necessary protection mechanisms. The proposal of security countermeasures is oriented towards the European 'Information Technology Security Evaluation Criteria (ITSEC)' whose hierarchically organized requirements can be directly mapped to the security sensitivity classification.

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2003-01-01

Traditionally, security is viewed as an organizational and Information Technology (IIJ systems function comprising of Firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Addressing software security and mitigations in the life cycle

NASA Technical Reports Server (NTRS)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duren, Mike; Aldridge, Hal; Abercrombie, Robert K

2013-01-01

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution andmore » management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.« less

Operational Concepts for a Generic Space Exploration Communication Network Architecture

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Vaden, Karl R.; Jones, Robert E.; Roberts, Anthony M.

2015-01-01

This document is one of three. It describes the Operational Concept (OpsCon) for a generic space exploration communication architecture. The purpose of this particular document is to identify communication flows and data types. Two other documents accompany this document, a security policy profile and a communication architecture document. The operational concepts should be read first followed by the security policy profile and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes: subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

75 FR 62592 - Applications and Amendments to Facility Operating Licenses Involving Proposed No Significant...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-12

... Operating Licenses include: (1) The proposed Cyber Security Plan for CCNPP, Ginna, and NMPNS, (2) an... provisions of the Nuclear Regulatory Commission-approved Cyber Security Plan for CCNPP, Ginna, and NMPNS as... Communication Systems and Networks,'' establish the requirements for a cyber security program. This regulation...

Federal Security Laboratory Governance Panels: Observations and Recommendations

DTIC Science & Technology

2013-01-01

operates under a sole-source, cost-plus-fixed-fee contract administered by the U.S. Navy’s Naval Sea Systems Command. There are currently 14 UARCs, 13... system of research organizations that support science and technology for U.S. national security. Within this system , the Departments of Defense, Energy...and Homeland Security support about 80 laboratories that focus predominantly on national security matters. These laboratories have different

Stable operation of a Secure QKD system in the real-world setting

NASA Astrophysics Data System (ADS)

Tomita, Akihisa

2007-06-01

Quantum Key Distribution (QKD) now steps forward from the proof of principle to the validation of the practical feasibility. Nevertheless, the QKD technology should respond to the challenges from the real-world such as stable operation against the fluctuating environment, and security proof under the practical setting. We report our recent progress on stable operation of a QKD system, and key generation with security assurance. A QKD system should robust to temperature fluctuation in a common office environment. We developed a loop-mirror, a substitution of a Faraday mirror, to allow easy compensation for the temperature dependence of the device. Phase locking technique was also employed to synchronize the system clock to the quantum signals. This technique is indispensable for the transmission system based on the installed fiber cables, which stretch and shrink due to the temperature change. The security proof of QKD, however, has assumed the ideal conditions, such as the use of a genuine single photon source and/or unlimited computational resources. It has been highly desirable to give an assurance of security for practical systems, where the ideal conditions are no longer satisfied. We have constructed a theory to estimate the leakage information on the transmitted key under the practically attainable conditions, and have developed a QKD system equipped with software for secure key distillation. The QKD system generates the final key at the rate of 2000 bps after 20 km fiber transmission. Eavesdropper's information on the final key is guaranteed to be less than 2-7 per bit. This is the first successful generation of the secure key with quantitative assurance of the upper bound of the leakage information. It will put forth the realization of highly secure metropolitan optical communication network against any types of eavesdropping.

The role of an open-space CCTV system in limiting alcohol-related assault injuries in a late-night entertainment precinct in a tropical Queensland city, Australia.

PubMed

Pointing, Shane; Hayes-Jonkers, Charmaine; Bohanna, India; Clough, Alan

2012-02-01

Closed circuit television (CCTV) systems which incorporate real-time communication links between camera room operators and on-the-ground security may limit injuries resulting from alcohol-related assault. This pilot study examined CCTV footage and operator records of security responses for two periods totalling 22 days in 2010-2011 when 30 alcohol-related assaults were recorded. Semistructured discussions were conducted with camera room operators during 18 h of observation. Camera operators were proactive, efficiently directing street security to assault incidents. The system intervened in 40% (n=12) of alcohol-related assaults, limiting possible injury. This included three incidents judged as potentially preventable. A further five (17%) assault incidents were also judged as potentially preventable, while 43% (n=13) happened too quickly for intervention. Case studies describe security intervention in each category. Further research is recommended, particularly to evaluate the effects on preventing injuries through targeted awareness training to improve responsiveness and enhance the preventative capacity of similar CCTV systems.

Mechanical code comparator

DOEpatents

Peter, Frank J.; Dalton, Larry J.; Plummer, David W.

2002-01-01

A new class of mechanical code comparators is described which have broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electromechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. These devices provide extremely high levels of robust security. Being totally mechanical in operation, an access control system properly based on such devices cannot be circumvented by software attack alone.

Matching food security analysis to context: the experience of the Somalia food security assessment unit.

PubMed

Hemrich, Günter

2005-06-01

This case study reviews the experience of the Somalia Food Security Assessment Unit (FSAU) of operating a food security information system in the context of a complex emergency. In particular, it explores the linkages between selected features of the protracted crisis environment in Somalia and conceptual and operational aspects of food security information work. The paper specifically examines the implications of context characteristics for the establishment and operations of the FSAU field monitoring component and for the interface with information users and their diverse information needs. It also analyses the scope for linking food security and nutrition analysis and looks at the role of conflict and gender analysis in food security assessment work. Background data on the food security situation in Somalia and an overview of some key features of the FSAU set the scene for the case study. The paper is targeted at those involved in designing, operating and funding food security information activities.

Restricted access processor - An application of computer security technology

NASA Technical Reports Server (NTRS)

Mcmahon, E. M.

1985-01-01

This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

Real time test bed development for power system operation, control and cyber security

NASA Astrophysics Data System (ADS)

Reddi, Ram Mohan

The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

Optimization of power systems with voltage security constraints

NASA Astrophysics Data System (ADS)

Rosehart, William Daniel

As open access market principles are applied to power systems, significant changes in their operation and control are occurring. In the new marketplace, power systems are operating under higher loading conditions as market influences demand greater attention to operating cost versus stability margins. Since stability continues to be a basic requirement in the operation of any power system, new tools are being considered to analyze the effect of stability on the operating cost of the system, so that system stability can be incorporated into the costs of operating the system. In this thesis, new optimal power flow (OPF) formulations are proposed based on multi-objective methodologies to optimize active and reactive power dispatch while maximizing voltage security in power systems. The effects of minimizing operating costs, minimizing reactive power generation and/or maximizing voltage stability margins are analyzed. Results obtained using the proposed Voltage Stability Constrained OPF formulations are compared and analyzed to suggest possible ways of costing voltage security in power systems. When considering voltage stability margins the importance of system modeling becomes critical, since it has been demonstrated, based on bifurcation analysis, that modeling can have a significant effect of the behavior of power systems, especially at high loading levels. Therefore, this thesis also examines the effects of detailed generator models and several exponential load models. Furthermore, because of its influence on voltage stability, a Static Var Compensator model is also incorporated into the optimization problems.

Derived virtual devices: a secure distributed file system mechanism

NASA Technical Reports Server (NTRS)

VanMeter, Rodney; Hotz, Steve; Finn, Gregory

1996-01-01

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

Roles for international military medical services in stability operations (security sector reform).

PubMed

Bricknell, M C M; Thompson, D

2007-06-01

This is the second in a series of three papers that examine the role of international military medical services in stability operations in unstable countries. The paper discusses security sector reform in general terms and highlights the interdependency of the armed forces, police, judiciary and penal systems in creating a 'secure environment'. The paper then looks at components of a local military medical system for a counter-insurgency campaign operating on interior lines and the contribution and challenges faced by the international military medical community in supporting the development of this system. Finally the paper highlights the importance of planning the medical support of the international military personnel who will be supporting wider aspects of security sector reform. The paper is based on background research and my personal experience as Medical Director in the Headquarters of the NATO International Stability Assistance Force in Afghanistan in 2006.

The Double-System Architecture for Trusted OS

NASA Astrophysics Data System (ADS)

Zhao, Yong; Li, Yu; Zhan, Jing

With the development of computer science and technology, current secure operating systems failed to respond to many new security challenges. Trusted operating system (TOS) is proposed to try to solve these problems. However, there are no mature, unified architectures for the TOS yet, since most of them cannot make clear of the relationship between security mechanism and the trusted mechanism. Therefore, this paper proposes a double-system architecture (DSA) for the TOS to solve the problem. The DSA is composed of the Trusted System (TS) and the Security System (SS). We constructed the TS by establishing a trusted environment and realized related SS. Furthermore, we proposed the Trusted Information Channel (TIC) to protect the information flow between TS and SS. In a word, the double system architecture we proposed can provide reliable protection for the OS through the SS with the supports provided by the TS.

A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

NASA Astrophysics Data System (ADS)

Mohammadi, Hadi

Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to create and design a Security and Critical Patch Management Process (SCPMP) framework based on Systems Engineering (SE) principles. This framework will assist Information Technology Department Staff (ITDS) to reduce IT operating time and costs and mitigate the risk of security and vulnerability attacks. Further, this study evaluates implementation of the SCPMP in the networked computing systems of an academic environment in order to: 1. Meet patch management requirements by applying SE principles. 2. Reduce the cost of IT operations and PVM cycles. 3. Improve the current PVM methodologies to prevent networked computing systems from becoming the targets of security vulnerability attacks. 4. Embed a Maintenance Optimization Tool (MOT) in the proposed framework. The MOT allows IT managers to make the most practicable choice of methods for deploying and installing released patches and vulnerability remediation. In recent years, there has been a variety of frameworks for security practices in every networked computing system to protect computer workstations from becoming compromised or vulnerable to security attacks, which can expose important information and critical data. I have developed a new mechanism for implementing PVM for maximizing security-vulnerability maintenance, protecting OS and software packages, and minimizing SCPMP cost. To increase computing system security in any diverse environment, particularly in academia, one must apply SCPMP. I propose an optimal maintenance policy that will allow ITDS to measure and estimate the variation of PVM cycles based on their department's requirements. My results demonstrate that MOT optimizes the process of implementing SCPMP in academic workstations.

Computer simulation of functioning of elements of security systems

NASA Astrophysics Data System (ADS)

Godovykh, A. V.; Stepanov, B. P.; Sheveleva, A. A.

2017-01-01

The article is devoted to issues of development of the informational complex for simulation of functioning of the security system elements. The complex is described from the point of view of main objectives, a design concept and an interrelation of main elements. The proposed conception of the computer simulation provides an opportunity to simulate processes of security system work for training security staff during normal and emergency operation.

NASA Electronic Library System (NELS): The system impact of security

NASA Technical Reports Server (NTRS)

Mcgregor, Terry L.

1993-01-01

This paper discusses security issues as they relate to the NASA Electronic Library System which is currently in use as the repository system for AdaNET System Version 3 (ASV3) being operated by MountainNET, Inc. NELS was originally designed to provide for public, development, and secure collections and objects. The secure feature for collections and objects was deferred in the initial system for implementation at a later date. The NELS system is now 9 months old and many lessons have been learned about the use and maintenance of library systems. MountainNET has 9 months of experience in operating the system and gathering feedback from the ASV3 user community. The user community has expressed an interest in seeing security features implemented in the current system. The time has come to take another look at the whole issue of security for the NELS system. Two requirements involving security have been put forth by MountainNET for the ASV3 system. The first is to incorporate at the collection level a security scheme to allow restricted access to collections. This should be invisible to end users and be controlled by librarians. The second is to allow inclusion of applications which can be executed only by a controlled group of users; for example, an application which can be executed by librarians only. The requirements provide a broad framework in which to work. These requirements raise more questions than answers. To explore the impact of these requirements a top down approach will be used.

The Operator Shell: A means of privilege distribution under Unix

DOE Office of Scientific and Technical Information (OSTI.GOV)

Neuman, M.; Christoph, G.

1994-03-01

The Operator Shell (Osh) is a setuid root, security enhanced, restricted shell for providing fine-grain distribution of system privileges for a wide range of usages and requirements. Osh offers a marked improvement over other Unix privilege distribution systems in its ability to specify access to both commands and files, auditing features, and familiar interface. This paper describes the design, features, security considerations, internals, and applications of the Operator Shell.

33 CFR 104.215 - Vessel Security Officer (VSO).

Code of Federal Regulations, 2011 CFR

2011-07-01

... procedures, including scenario-based response training; (4) Crowd management and control techniques; (5) Operations of security equipment and systems; and (6) Testing and calibration of security equipment and...

Increasing operational command and control security by the implementation of device independent quantum key distribution

NASA Astrophysics Data System (ADS)

Bovino, Fabio Antonio; Messina, Angelo

2016-10-01

In a very simplistic way, the Command and Control functions can be summarized as the need to provide the decision makers with an exhaustive, real-time, situation picture and the capability to convey their decisions down to the operational forces. This two-ways data and information flow is vital to the execution of current operations and goes far beyond the border of military operations stretching to Police and disaster recovery as well. The availability of off-the shelf technology has enabled hostile elements to endanger the security of the communication networks by violating the traditional security protocols and devices and hacking sensitive databases. In this paper an innovative approach based to implementing Device Independent Quantum Key Distribution system is presented. The use of this technology would prevent security breaches due to a stolen crypto device placed in an end-to-end communication chain. The system, operating with attenuated laser, is practical and provides the increasing of the distance between the legitimate users.

Network Centric Warfare Case Study: U.S. V Corps and 3rd Infantry Division (Mechanized) During Operation Iraqi Freedom Combat Operations (Mar-Apr 2003). Volume 3. Network Centric Warfare Insights

DTIC Science & Technology

2003-01-01

OPSEC), military deception, psychological operations (PSYOPS), special information operations (IO), information assurance, physical security...nonlethal effects, such as operational 8 Network Centric Warfare Case Study security (OPSEC), military deception, psychological operations (PSYOP...Support Operations Group ASR Alternate Supply Route; or, Ammunition Supply Rate ATACMS Army Tactical Missile System ATARS Advanced

SHI(EL)DS: A Novel Hardware-Based Security Backplane to Enhance Security with Minimal Impact to System Operation

DTIC Science & Technology

2008-03-01

executables. The current roadblock to detecting Type I Malware consistantly is the practice of legitimate software , such as antivirus programs, using this... Software Security Systems . . 31 3.2.2 Advantages of Hardware . . . . . . . . . . . . . 32 3.2.3 Trustworthiness of Information . . . . . . . . . 33...Towards a Hardware Security Backplane . . . . . . . . . 42 IV. Review of State of the Art Computer Security Solutions . . . . . 46 4.1 Software

Network Security Is Manageable

ERIC Educational Resources Information Center

Roberts, Gary

2006-01-01

An effective systems librarian must understand security vulnerabilities and be proactive in preventing problems. Specifics of future attacks or security challenges cannot possibly be anticipated, but this paper suggests some simple measures that can be taken to make attacks less likely to occur: program the operating system to get automatic…

Wide Area Security Region Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Makarov, Yuri V.; Lu, Shuai; Guo, Xinxin

2010-03-31

This report develops innovative and efficient methodologies and practical procedures to determine the wide-area security region of a power system, which take into consideration all types of system constraints including thermal, voltage, voltage stability, transient and potentially oscillatory stability limits in the system. The approach expands the idea of transmission system nomograms to a multidimensional case, involving multiple system limits and parameters such as transmission path constraints, zonal generation or load, etc., considered concurrently. The security region boundary is represented using its piecewise approximation with the help of linear inequalities (so called hyperplanes) in a multi-dimensional space, consisting of systemmore » parameters that are critical for security analyses. The goal of this approximation is to find a minimum set of hyperplanes that describe the boundary with a given accuracy. Methodologies are also developed to use the security hyperplanes, pre-calculated offline, to determine system security margins in real-time system operations, to identify weak elements in the system, and to calculate key contributing factors and sensitivities to determine the best system controls in real time and to assist in developing remedial actions and transmission system enhancements offline . A prototype program that automates the simulation procedures used to build the set of security hyperplanes has also been developed. The program makes it convenient to update the set of security hyperplanes necessitated by changes in system configurations. A prototype operational tool that uses the security hyperplanes to assess security margins and to calculate optimal control directions in real time has been built to demonstrate the project success. Numerical simulations have been conducted using the full-size Western Electricity Coordinating Council (WECC) system model, and they clearly demonstrated the feasibility and the effectiveness of the developed technology. Recommendations for the future work have also been formulated.« less

Retro-Future

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ferrell, Paul; Hanson, Paige; Ardi, Calvin

2016-11-04

A system for processing network packet capture streams, extracting metadata and generating flow records (via Argus). The system can be used by network security operators and analysts to enable forensic investigations for network security events.

Use of the Trusted Computer System Evaluation Criteria (TCSEC) for Complex, Evolving, Multipolicy Systems.

DTIC Science & Technology

1994-07-01

incorporate the Bell-La Padula rules for implementing the DoD security policy. The policy from which we begin here is the organization’s operational...security policy, which assumes the Bell-La Padula model and assigns the required security variables to elements of the system. A way to ensure a

Secure video communications system

DOEpatents

Smith, Robert L.

1991-01-01

A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.

12 CFR 615.5500 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... and Banking FARM CREDIT ADMINISTRATION FARM CREDIT SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Global Debt Securities § 615.5500 Definitions. In this subpart, unless the context otherwise requires or indicates: (a) Global debt securities means consolidated...

17 CFR 200.310 - Fees.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Regulations Pertaining to the Privacy of Individuals and Systems of Records... Information and Privacy Act Operations, SEC, Operations Center, 6432 General Green Way, Alexandria, VA 22312...

17 CFR 200.310 - Fees.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Regulations Pertaining to the Privacy of Individuals and Systems of Records... Information and Privacy Act Operations, SEC, Operations Center, 6432 General Green Way, Alexandria, VA 22312...

Brief analysis of Jiangsu grid security and stability based on multi-infeed DC index in power system

NASA Astrophysics Data System (ADS)

Zhang, Wenjia; Wang, Quanquan; Ge, Yi; Huang, Junhui; Chen, Zhengfang

2018-02-01

The impact of Multi-infeed HVDC has gradually increased to security and stability operating in Jiangsu power grid. In this paper, an appraisal method of Multi-infeed HVDC power grid security and stability is raised with Multi-Infeed Effective Short Circuit Ratio, Multi-Infeed Interaction Factor and Commutation Failure Immunity Index. These indices are adopted in security and stability simulating calculation of Jiangsu Multi-infeed HVDC system. The simulation results indicate that Jiangsu power grid is operating with a strong DC system. It has high level of power grid security and stability, and meet the safety running requirements. Jinpin-Suzhou DC system is located in the receiving end with huge capacity, which is easily leading to commutation failure of the transmission line. In order to resolve this problem, dynamic reactive power compensation can be applied in power grid near Jinpin-Suzhou DC system. Simulation result shows this method is feasible to commutation failure.

Feasibility studies on explosive detection and homeland security applications using a neutron and x-ray combined computed tomography system

NASA Astrophysics Data System (ADS)

Sinha, V.; Srivastava, A.; Lee, H. K.; Liu, X.

2013-05-01

The successful creation and operation of a neutron and X-ray combined computed tomography (NXCT) system has been demonstrated by researchers at the Missouri University of Science and Technology. The NXCT system has numerous applications in the field of material characterization and object identification in materials with a mixture of atomic numbers represented. Presently, the feasibility studies have been performed for explosive detection and homeland security applications, particularly in concealed material detection and determination of the light atomic number materials. These materials cannot be detected using traditional X-ray imaging. The new system has the capability to provide complete structural and compositional information due to the complementary nature of X-ray and neutron interactions with materials. The design of the NXCT system facilitates simultaneous and instantaneous imaging operation, promising enhanced detection capabilities of explosive materials, low atomic number materials and illicit materials for homeland security applications. In addition, a sample positioning system allowing the user to remotely and automatically manipulate the sample makes the system viable for commercial applications. Several explosives and weapon simulants have been imaged and the results are provided. The fusion algorithms which combine the data from the neutron and X-ray imaging produce superior images. This paper is a compete overview of the NXCT system for feasibility studies of explosive detection and homeland security applications. The design of the system, operation, algorithm development, and detection schemes are provided. This is the first combined neutron and X-ray computed tomography system in operation. Furthermore, the method of fusing neutron and X-ray images together is a new approach which provides high contrast images of the desired object. The system could serve as a standardized tool in nondestructive testing of many applications, especially in explosives detection and homeland security research.

Architecture of security management unit for safe hosting of multiple agents

NASA Astrophysics Data System (ADS)

Gilmont, Tanguy; Legat, Jean-Didier; Quisquater, Jean-Jacques

1999-04-01

In such growing areas as remote applications in large public networks, electronic commerce, digital signature, intellectual property and copyright protection, and even operating system extensibility, the hardware security level offered by existing processors is insufficient. They lack protection mechanisms that prevent the user from tampering critical data owned by those applications. Some devices make exception, but have not enough processing power nor enough memory to stand up to such applications (e.g. smart cards). This paper proposes an architecture of secure processor, in which the classical memory management unit is extended into a new security management unit. It allows ciphered code execution and ciphered data processing. An internal permanent memory can store cipher keys and critical data for several client agents simultaneously. The ordinary supervisor privilege scheme is replaced by a privilege inheritance mechanism that is more suited to operating system extensibility. The result is a secure processor that has hardware support for extensible multitask operating systems, and can be used for both general applications and critical applications needing strong protection. The security management unit and the internal permanent memory can be added to an existing CPU core without loss of performance, and do not require it to be modified.

A joint signal processing and cryptographic approach to multimedia encryption.

PubMed

Mao, Yinian; Wu, Min

2006-07-01

In recent years, there has been an increasing trend for multimedia applications to use delegate service providers for content distribution, archiving, search, and retrieval. These delegate services have brought new challenges to the protection of multimedia content confidentiality. This paper discusses the importance and feasibility of applying a joint signal processing and cryptographic approach to multimedia encryption, in order to address the access control issues unique to multimedia applications. We propose two atomic encryption operations that can preserve standard compliance and are friendly to delegate processing. Quantitative analysis for these operations is presented to demonstrate that a good tradeoff can be made between security and bitrate overhead. In assisting the design and evaluation of media security systems, we also propose a set of multimedia-oriented security scores to quantify the security against approximation attacks and to complement the existing notion of generic data security. Using video as an example, we present a systematic study on how to strategically integrate different atomic operations to build a video encryption system. The resulting system can provide superior performance over both generic encryption and its simple adaptation to video in terms of a joint consideration of security, bitrate overhead, and friendliness to delegate processing.

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2012 CFR

2012-01-01

... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792... 12 Banks and Banking 7 2012-01-01 2012-01-01 false Security of systems of records. 792.67 Section 792.67 Banks and Banking NATIONAL CREDIT UNION ADMINISTRATION REGULATIONS AFFECTING THE OPERATIONS OF...

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2011 CFR

2011-01-01

... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792... 12 Banks and Banking 6 2011-01-01 2011-01-01 false Security of systems of records. 792.67 Section 792.67 Banks and Banking NATIONAL CREDIT UNION ADMINISTRATION REGULATIONS AFFECTING THE OPERATIONS OF...

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2014 CFR

2014-01-01

... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792... 12 Banks and Banking 7 2014-01-01 2014-01-01 false Security of systems of records. 792.67 Section 792.67 Banks and Banking NATIONAL CREDIT UNION ADMINISTRATION REGULATIONS AFFECTING THE OPERATIONS OF...

12 CFR 792.67 - Security of systems of records.

Code of Federal Regulations, 2013 CFR

2013-01-01

... AND PRIVACY ACT, AND BY SUBPOENA; SECURITY PROCEDURES FOR CLASSIFIED INFORMATION The Privacy Act § 792... 12 Banks and Banking 7 2013-01-01 2013-01-01 false Security of systems of records. 792.67 Section 792.67 Banks and Banking NATIONAL CREDIT UNION ADMINISTRATION REGULATIONS AFFECTING THE OPERATIONS OF...

Advanced visualization platform for surgical operating room coordination: distributed video board system.

PubMed

Hu, Peter F; Xiao, Yan; Ho, Danny; Mackenzie, Colin F; Hu, Hao; Voigt, Roger; Martz, Douglas

2006-06-01

One of the major challenges for day-of-surgery operating room coordination is accurate and timely situation awareness. Distributed and secure real-time status information is key to addressing these challenges. This article reports on the design and implementation of a passive status monitoring system in a 19-room surgical suite of a major academic medical center. Key design requirements considered included integrated real-time operating room status display, access control, security, and network impact. The system used live operating room video images and patient vital signs obtained through monitors to automatically update events and operating room status. Images were presented on a "need-to-know" basis, and access was controlled by identification badge authorization. The system delivered reliable real-time operating room images and status with acceptable network impact. Operating room status was visualized at 4 separate locations and was used continuously by clinicians and operating room service providers to coordinate operating room activities.

76 FR 9356 - Intent To Request Approval From OMB of One New Public Collection of Information: Baseline...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-17

... during site visits with security and operating officials of transit systems. The STSIs capture and... assessments during site visits with security and operating officials of transit agencies. DATES: Send your... distance passenger railroad providers operate in the United States.\\1\\ Mass transit and passenger rail...

12 CFR 615.5452 - Law governing rights and obligations of Federal Reserve Banks, Farm Credit banks, and Funding...

Code of Federal Regulations, 2010 CFR

2010-01-01

... FUNDING OPERATIONS Book-Entry Procedures for Farm Credit Securities § 615.5452 Law governing rights and... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Law governing rights and obligations of Federal...: (i) A book-entry security or security entitlement, and (ii) The operation of the Book-entry System as...

Common Operating Picture: UAV Security Study

NASA Technical Reports Server (NTRS)

2004-01-01

This initial communication security study is a top-level assessment of basic security issues related to the operation of Unmanned Aerial Vehicles (UAVs) in the National Airspace System (NAS). Security considerations will include information relating to the use of International Civil Aviation Organization (ICAO) Aeronautical Telecommunications Network (ATN) protocols and applications identifying their maturity, as well as the use of IPV4 and a version of mobile IPV6. The purpose of this assessment is to provide an initial analysis of the security implications of introducing UAVs into the NAS.

77 FR 71430 - New Agency Information Collection Activity Under OMB Review: Public Transportation Baseline...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration New Agency Information Collection Activity Under OMB Review: Public Transportation Baseline Assessment for Security Enhancement... voluntary site visits with security and operating officials of public transportation systems. This program...

Governing for Enterprise Security (Briefing Charts)

DTIC Science & Technology

2005-01-01

governance/stakeholder.html © 2005 by Carnegie Mellon University page 16 Adequate Security and Operational Risk “Appropriate business security is that which...Sherwood 03] Sherwood, John; Clark; Andrew; Lynas, David. “Systems and Business Security Architecture.” SABSA Limited, 17 September 2003. Available at

46 CFR 62.10-1 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-10-01

... control means a function of an automatic control system to restrict operation to a specified operating... automatic or manual control. Safety trip control system means a manually or automatically operated system... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Terms Used...

46 CFR 62.10-1 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... control means a function of an automatic control system to restrict operation to a specified operating... automatic or manual control. Safety trip control system means a manually or automatically operated system... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Terms Used...

46 CFR 62.10-1 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... control means a function of an automatic control system to restrict operation to a specified operating... automatic or manual control. Safety trip control system means a manually or automatically operated system... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Terms Used...

46 CFR 62.10-1 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... control means a function of an automatic control system to restrict operation to a specified operating... automatic or manual control. Safety trip control system means a manually or automatically operated system... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Terms Used...

46 CFR 62.10-1 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... control means a function of an automatic control system to restrict operation to a specified operating... automatic or manual control. Safety trip control system means a manually or automatically operated system... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING VITAL SYSTEM AUTOMATION Terms Used...

Analyzing the security of an existing computer system

NASA Technical Reports Server (NTRS)

Bishop, M.

1986-01-01

Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2010 CFR

2010-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2014 CFR

2014-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2011 CFR

2011-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2013 CFR

2013-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

32 CFR 310.33 - New and altered record systems.

Code of Federal Regulations, 2012 CFR

2012-07-01

... system will be reinstated or reused, the system may not be operated (i.e., information collected or used... direct access is an alteration. (ii) Software applications, such as operating systems and system... capacity of the current operating system and existing security is preserved. (vi) The connecting of two or...

C2 Link Security for UAS: Technical Literature Study and Preliminary Functional Requirements. Version 0.9 (Working Draft)

NASA Technical Reports Server (NTRS)

2005-01-01

This document provides a study of the technical literature related to Command and Control (C2) link security for Unmanned Aircraft Systems (UAS) for operation in the National Airspace System (NAS). Included is a preliminary set of functional requirements for C2 link security.

Security Considerations of Doing Business via the Internet: Cautions To Be Considered.

ERIC Educational Resources Information Center

Aldridge, Alicia; White, Michele; Forcht, Karen

1997-01-01

Lack of security is perceived as a major roadblock to doing business online. This article examines system, user, and commercial transaction privacy on the World Wide Web and discusses methods of protection: operating systems security, file and data protection, user education, access restrictions, data authentication, perimeter and transaction…

Operation and Maintenance Manual, Ultrasonic Fish Deterrent System

DTIC Science & Technology

1991-07-01

PAGES Fishery management--Instruments 61 Ultrsonic transducers 16. PRICE CODE 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 19. SECURITY...compatible computer with a communications software package will be most convenient; however, any terminal will work. To begin operation, connect the...D. Next connect the communications cable (TC-4) between the RFPG and the terminal. An ONSET TC-4 cable must be used due to level shifting

National Computer Security Conference Proceedings (11th): A Postscript: Computer Security--Into the Future, 17-20 October 1988

DTIC Science & Technology

1988-10-20

The LOCK project , from its very beginnings as an implementation study for the Provably Secure Operating System in 1979...to the security field, can study to gain insight into the evaluation process. The project has developed an innovative format for the DTLS and FTLS...management tern becomes available, the Al Secure DBMS will be system (DBMS) that is currently being developed un- ported to it . der the Advanced

Applications of superconducting bolometers in security imaging

NASA Astrophysics Data System (ADS)

Luukanen, A.; Leivo, M. M.; Rautiainen, A.; Grönholm, M.; Toivanen, H.; Grönberg, L.; Helistö, P.; Mäyrä, A.; Aikio, M.; Grossman, E. N.

2012-12-01

Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ~ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

Transportation Security : federal action needed to enhance security efforts : statement of Peter Guerrero, Director, Physical Infrastructure Issues

DOT National Transportation Integrated Search

2003-09-09

Mr. Guerrero's testimony examines (1) challenges in securing the nation's transportation system; (2) actions transportation operators, as well as state and local governments, have taken since September 11 to enhance security; (3) the federal role in ...

Research on offense and defense technology for iOS kernel security mechanism

NASA Astrophysics Data System (ADS)

Chu, Sijun; Wu, Hao

2018-04-01

iOS is a strong and widely used mobile device system. It's annual profits make up about 90% of the total profits of all mobile phone brands. Though it is famous for its security, there have been many attacks on the iOS operating system, such as the Trident apt attack in 2016. So it is important to research the iOS security mechanism and understand its weaknesses and put forward targeted protection and security check framework. By studying these attacks and previous jailbreak tools, we can see that an attacker could only run a ROP code and gain kernel read and write permissions based on the ROP after exploiting kernel and user layer vulnerabilities. However, the iOS operating system is still protected by the code signing mechanism, the sandbox mechanism, and the not-writable mechanism of the system's disk area. This is far from the steady, long-lasting control that attackers expect. Before iOS 9, breaking these security mechanisms was usually done by modifying the kernel's important data structures and security mechanism code logic. However, after iOS 9, the kernel integrity protection mechanism was added to the 64-bit operating system and none of the previous methods were adapted to the new versions of iOS [1]. But this does not mean that attackers can not break through. Therefore, based on the analysis of the vulnerability of KPP security mechanism, this paper implements two possible breakthrough methods for kernel security mechanism for iOS9 and iOS10. Meanwhile, we propose a defense method based on kernel integrity detection and sensitive API call detection to defense breakthrough method mentioned above. And we make experiments to prove that this method can prevent and detect attack attempts or invaders effectively and timely.

76 FR 49511 - Self-Regulatory Organizations; The National Securities Clearing Corporation; Order Granting...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-10

... accounting system operated by NSCC which nets today's settling trades with yesterday's closing positions in... mechanism of a national system for the prompt and accurate clearance and settlement of securities...

A demonstration of a low cost approach to security at shipping facilities and ports

NASA Astrophysics Data System (ADS)

Huck, Robert C.; Al Akkoumi, Mouhammad K.; Herath, Ruchira W.; Sluss, James J., Jr.; Radhakrishnan, Sridhar; Landers, Thomas L.

2010-04-01

Government funding for the security at shipping facilities and ports is limited so there is a need for low cost scalable security systems. With over 20 million sea, truck, and rail containers entering the United States every year, these facilities pose a large risk to security. Securing these facilities and monitoring the variety of traffic that enter and leave is a major task. To accomplish this, the authors have developed and fielded a low cost fully distributed building block approach to port security at the inland Port of Catoosa in Oklahoma. Based on prior work accomplished in the design and fielding of an intelligent transportation system in the United States, functional building blocks, (e.g. Network, Camera, Sensor, Display, and Operator Console blocks) can be assembled, mixed and matched, and scaled to provide a comprehensive security system. The following functions are demonstrated and scaled through analysis and demonstration: Barge tracking, credential checking, container inventory, vehicle tracking, and situational awareness. The concept behind this research is "any operator on any console can control any device at any time."

Impacts of Base-Case and Post-Contingency Constraint Relaxations on Static and Dynamic Operational Security

NASA Astrophysics Data System (ADS)

Salloum, Ahmed

Constraint relaxation by definition means that certain security, operational, or financial constraints are allowed to be violated in the energy market model for a predetermined penalty price. System operators utilize this mechanism in an effort to impose a price-cap on shadow prices throughout the market. In addition, constraint relaxations can serve as corrective approximations that help in reducing the occurrence of infeasible or extreme solutions in the day-ahead markets. This work aims to capture the impact constraint relaxations have on system operational security. Moreover, this analysis also provides a better understanding of the correlation between DC market models and AC real-time systems and analyzes how relaxations in market models propagate to real-time systems. This information can be used not only to assess the criticality of constraint relaxations, but also as a basis for determining penalty prices more accurately. Constraint relaxations practice was replicated in this work using a test case and a real-life large-scale system, while capturing both energy market aspects and AC real-time system performance. System performance investigation included static and dynamic security analysis for base-case and post-contingency operating conditions. PJM peak hour loads were dynamically modeled in order to capture delayed voltage recovery and sustained depressed voltage profiles as a result of reactive power deficiency caused by constraint relaxations. Moreover, impacts of constraint relaxations on operational system security were investigated when risk based penalty prices are used. Transmission lines in the PJM system were categorized according to their risk index and each category was as-signed a different penalty price accordingly in order to avoid real-time overloads on high risk lines. This work also extends the investigation of constraint relaxations to post-contingency relaxations, where emergency limits are allowed to be relaxed in energy market models. Various scenarios were investigated to capture and compare between the impacts of base-case and post-contingency relaxations on real-time system performance, including the presence of both relaxations simultaneously. The effect of penalty prices on the number and magnitude of relaxations was investigated as well.

Secure Remote Access Issues in a Control Center Environment

NASA Technical Reports Server (NTRS)

Pitts, Lee; McNair, Ann R. (Technical Monitor)

2002-01-01

The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

Secure Payload Access to the International Space Station

NASA Technical Reports Server (NTRS)

Pitts, R. Lee; Reid, Chris

2002-01-01

The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

Power grid operation risk management: V2G deployment for sustainable development

NASA Astrophysics Data System (ADS)

Haddadian, Ghazale J.

The production, transmission, and delivery of cost--efficient energy to supply ever-increasing peak loads along with a quest for developing a low-carbon economy require significant evolutions in the power grid operations. Lower prices of vast natural gas resources in the United States, Fukushima nuclear disaster, higher and more intense energy consumptions in China and India, issues related to energy security, and recent Middle East conflicts, have urged decisions makers throughout the world to look into other means of generating electricity locally. As the world look to combat climate changes, a shift from carbon-based fuels to non-carbon based fuels is inevitable. However, the variability of distributed generation assets in the electricity grid has introduced major reliability challenges for power grid operators. While spearheading sustainable and reliable power grid operations, this dissertation develops a multi-stakeholder approach to power grid operation design; aiming to address economic, security, and environmental challenges of the constrained electricity generation. It investigates the role of Electric Vehicle (EV) fleets integration, as distributed and mobile storage assets to support high penetrations of renewable energy sources, in the power grid. The vehicle-to-grid (V2G) concept is considered to demonstrate the bidirectional role of EV fleets both as a provider and consumer of energy in securing a sustainable power grid operation. The proposed optimization modeling is the application of Mixed-Integer Linear Programing (MILP) to large-scale systems to solve the hourly security-constrained unit commitment (SCUC) -- an optimal scheduling concept in the economic operation of electric power systems. The Monte Carlo scenario-based approach is utilized to evaluate different scenarios concerning the uncertainties in the operation of power grid system. Further, in order to expedite the real-time solution of the proposed approach for large-scale power systems, it considers a two-stage model using the Benders Decomposition (BD). The numerical simulation demonstrate that the utilization of smart EV fleets in power grid systems would ensure a sustainable grid operation with lower carbon footprints, smoother integration of renewable sources, higher security, and lower power grid operation costs. The results, additionally, illustrate the effectiveness of the proposed MILP approach and its potentials as an optimization tool for sustainable operation of large scale electric power systems.

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

Securing the Global Airspace System Via Identity-Based Security

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

Science and Technology Resources on the Internet: Computer Security.

ERIC Educational Resources Information Center

Kinkus, Jane F.

2002-01-01

Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

46 CFR 113.35-13 - Mechanical engine order telegraph systems; operation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Mechanical engine order telegraph systems; operation. 113.35-13 Section 113.35-13 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED...-13 Mechanical engine order telegraph systems; operation. If more than one transmitter operates a...

7 CFR 1730.22 - Borrower analysis.

Code of Federal Regulations, 2011 CFR

2011-01-01

... which could indicate deterioration in the physical or cyber condition or the operational effectiveness of the system or suggest a need for changes in security, operations or maintenance policies... AGRICULTURE ELECTRIC SYSTEM OPERATIONS AND MAINTENANCE Operations and Maintenance Requirements § 1730.22...

7 CFR 1730.22 - Borrower analysis.

Code of Federal Regulations, 2012 CFR

2012-01-01

... which could indicate deterioration in the physical or cyber condition or the operational effectiveness of the system or suggest a need for changes in security, operations or maintenance policies... AGRICULTURE ELECTRIC SYSTEM OPERATIONS AND MAINTENANCE Operations and Maintenance Requirements § 1730.22...

7 CFR 1730.22 - Borrower analysis.

Code of Federal Regulations, 2013 CFR

2013-01-01

... which could indicate deterioration in the physical or cyber condition or the operational effectiveness of the system or suggest a need for changes in security, operations or maintenance policies... AGRICULTURE ELECTRIC SYSTEM OPERATIONS AND MAINTENANCE Operations and Maintenance Requirements § 1730.22...

7 CFR 1730.22 - Borrower analysis.

Code of Federal Regulations, 2014 CFR

2014-01-01

... which could indicate deterioration in the physical or cyber condition or the operational effectiveness of the system or suggest a need for changes in security, operations or maintenance policies... AGRICULTURE ELECTRIC SYSTEM OPERATIONS AND MAINTENANCE Operations and Maintenance Requirements § 1730.22...

Security in the management of information systems.

PubMed

Huston, T L; Huston, J L

1998-06-01

Although security technology exists in abundance in health information management systems, the implementation of that technology is often lacking. This lack of implementation can be heavily affected by the attitudes and perceptions of users and management, the "people part" of systems. Particular operational, organizational, and economic factors must be addressed along with employment of security objectives and accountability. Unique threats, as well as controls, pervade the use of microcomputer-based systems as these systems permeate health care information management.

Security warning method and system for worker safety during live-line working

NASA Astrophysics Data System (ADS)

Jiang, Chilong; Zou, Dehua; Long, Chenhai; Yang, Miao; Zhang, Zhanlong; Mei, Daojun

2017-09-01

Live-line working is an essential part in the operations in an electric power system. Live-line workers are required to wear shielding clothing. Shielding clothing, however, acts as a closed environment for the human body. Working in a closed environment for a long time can change the physiological responses of the body and even endanger personal safety. According to the typical conditions of live-line working, this study synthesizes environmental factors related to shielding clothing and the physiological factors of the body to establish the heart rate variability index RMSSD and the comprehensive security warning index SWI. On the basis of both indices, this paper proposes a security warning method and system for the safety live-line workers. The system can monitor the real-time status of workers during live-line working to provide security warning and facilitate the effective safety supervision by the live operation center during actual live-line working.

An Encryption Scheme for Communication Internet SCADA Components

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network. SCADA is considered a critical infrastructure, and connecting to the internet is putting the society on jeopardy, some operators hold back on connecting it to the internet. But since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Supervisory Control and Data Acquisition Systems (SCADA) through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Analysis of Vehicle-Based Security Operations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carter, Jason M; Paul, Nate R

Vehicle-to-vehicle (V2V) communications promises to increase roadway safety by providing each vehicle with 360 degree situational awareness of other vehicles in proximity, and by complementing onboard sensors such as radar or camera in detecting imminent crash scenarios. In the United States, approximately three hundred million automobiles could participate in a fully deployed V2V system if Dedicated Short-Range Communication (DSRC) device use becomes mandatory. The system s reliance on continuous communication, however, provides a potential means for unscrupulous persons to transmit false data in an attempt to cause crashes, create traffic congestion, or simply render the system useless. V2V communications mustmore » be highly scalable while retaining robust security and privacy preserving features to meet the intra-vehicle and vehicle-to-infrastructure communication requirements for a growing vehicle population. Oakridge National Research Laboratory is investigating a Vehicle-Based Security System (VBSS) to provide security and privacy for a fully deployed V2V and V2I system. In the VBSS an On-board Unit (OBU) generates short-term certificates and signs Basic Safety Messages (BSM) to preserve privacy and enhance security. This work outlines a potential VBSS structure and its operational concepts; it examines how a vehicle-based system might feasibly provide security and privacy, highlights remaining challenges, and explores potential mitigations to address those challenges. Certificate management alternatives that attempt to meet V2V security and privacy requirements have been examined previously by the research community including privacy-preserving group certificates, shared certificates, and functional encryption. Due to real-world operational constraints, adopting one of these approaches for VBSS V2V communication is difficult. Timely misbehavior detection and revocation are still open problems for any V2V system. We explore the alternative approaches that may be applicable to a VBSS, and suggest some additional research directions in order to find a practical solution that appropriately addresses security and privacy.« less

The Flask Security Architecture: System Support for Diverse Security Policies

DTIC Science & Technology

2006-01-01

Flask microkernel -based operating sys­ tem, that successfully overcomes these obstacles to pol- icy flexibility. The cleaner separation of mechanism and...other object managers in the system to en- force those access control decisions. Although the pro­ totype system is microkernel -based, the security...mecha­ nisms do not depend on a microkernel architecture and will easily generalize beyond it. The resulting system provides policy flexibility. It sup

SPAN security policies and guidelines

NASA Technical Reports Server (NTRS)

Sisson, Patricia L.; Green, James L.

1989-01-01

A guide is provided to system security with emphasis on requirements and guidelines that are necessary to maintain an acceptable level of security on the network. To have security for the network, each node on the network must be secure. Therefore, each system manager, must strictly adhere to the requirements and must consider implementing the guidelines discussed. There are areas of vulnerability within the operating system that may not be addressed. However, when a requirement or guideline is discussed, implementation techniques are included. Information related to computer and data security is discussed to provide information on implementation options. The information is presented as it relates to a VAX computer environment.

OS friendly microprocessor architecture: Hardware level computer security

NASA Astrophysics Data System (ADS)

Jungwirth, Patrick; La Fratta, Patrick

2016-05-01

We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

CAS. Controlled Access Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Martinez, B.; Pomeroy, G.

1989-12-01

The Security Alarm System is a data acquisition and control system which collects data from intrusion sensors and displays the information in a real-time environment for operators. The Access Control System monitors and controls the movement of personnel with the use of card readers and biometrics hand readers.

7 CFR 1730.20 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

..., individually or regionally performing a system security Vulnerability and Risk Assessment (VRA), establishing... electrical condition and security of its electric system and for the quality of services provided to its... sufficient resources to operate and maintain its system and annually exercise its ERP in accordance with the...

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, Hsien-Hsin S

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniquesmore » and system software for achieving a robust, secure, and reliable computing system toward our goal.« less

HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation

NASA Astrophysics Data System (ADS)

Jin, Jin; Zhang, Jianguo; Chen, Xiaomeng; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Feng, Jie; Sheng, Liwei; Huang, H. K.

2006-03-01

As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails can be used for surveillance purposes, to detect when interesting events might be happening that warrant further investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong and who or what was at fault. In order to provide security control services and to achieve the high and continuous availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the Monitor Server gathers all audit messages and processes them to provide security information in three levels: system resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server. This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation, and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.

Surveillance systems for intermodal transportation

NASA Astrophysics Data System (ADS)

Jakovlev, Sergej; Voznak, Miroslav; Andziulis, Arunas

2015-05-01

Intermodal container monitoring is considered a major security issue in many major logistic companies and countries worldwide. Current representation of the problem, we face today, originated in 2002, right after the 9/11 attacks. Then, a new worldwide Container Security Initiative (CSI, 2002) was considered that shaped the perception of the transportation operations. Now more than 80 larger ports all over the world contribute to its further development and integration into everyday transportation operations and improve the regulations for the developing regions. Although, these new improvements allow us to feel safer and secure, constant management of transportation operations has become a very difficult problem for conventional data analysis methods and information systems. The paper deals with a proposal of a whole new concept for the improvement of the Containers Security Initiative (CSI) by virtually connecting safety, security processes and systems. A conceptual middleware approach with deployable intelligent agent modules is proposed to be used with possible scenarios and a testbed is used to test the solution. Middleware examples are visually programmed using National Instruments LabView software packages and Wireless sensor network hardware modules. An experimental software is used to evaluate he solution. This research is a contribution to the intermodal transportation and is intended to be used as a means or the development of intelligent transport systems.

Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orvis, W J; Krystosek, P; Smith, J

2002-11-27

With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does notmore » consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these items do not take a lot of work, but require an awareness of the risks involved in not doing them or doing them incorrectly. The security of home networks and communications with company networks can be significantly improved by adding an appropriate software or hardware firewall to the home network and using a protected protocol such as Secure Sockets Layer (SSL), a Virtual Private Network (VPN), or Secure Shell (SSH) for connecting to the company network.« less

A Fundamental Key to Next-Generation Directed-Energy Systems

DTIC Science & Technology

2012-01-01

and be inherently safe to operate. By design, they must minimize or eliminate the risk of hostile attack or collateral damage especially during...bile Construction Battalion (NMCB) 7’s convoy security element are secured following an escort mission from a forward operating base. The Cougar -type...profile, small, lightweight DE systems means: • Less vulnerability to attack • Greater mobility and maneuverability • Simplified logistics with

Non-developmental item computer systems and the malicious software threat

NASA Technical Reports Server (NTRS)

Bown, Rodney L.

1991-01-01

The following subject areas are covered: a DOD development system - the Army Secure Operating System; non-development commercial computer systems; security, integrity, and assurance of service (SI and A); post delivery SI and A and malicious software; computer system unique attributes; positive feedback to commercial computer systems vendors; and NDI (Non-Development Item) computers and software safety.

Secure Naming and Addressing Operations for Store, Carry and Forward Networks

NASA Technical Reports Server (NTRS)

Eddy, Wesley M.; Ivancic, William D.; Iannicca, Dennis C.; Ishac, Joseph; Hylton, Alan G.

2014-01-01

This paper describes concepts for secure naming and addressing directed at Store, Carry and Forward (SCF) distributed applications, where disconnection and intermittent connectivity between forwarding systems is the norm. The paper provides a brief overview of store, carry and forward distributed applications followed by an in depth discussion of how to securely: create a namespace; allocate names within the namespace; query for names known within a local processing system or connected subnetwork; validate ownership of a given name; authenticate data from a given name; and, encrypt data to a given name. Critical issues such as revocation of names, mobility and the ability to use various namespaces to secure operations or for Quality-of-Service are also presented. Although the concepts presented for naming and addressing have been developed for SCF, they are directly applicable to fully connected systems.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

Security for decentralized health information systems.

PubMed

Bleumer, G

1994-02-01

Health care information systems must reflect at least two basic characteristics of the health care community: the increasing mobility of patients and the personal liability of everyone giving medical treatment. Open distributed information systems bear the potential to reflect these requirements. But the market for open information systems and operating systems hardly provides secure products today. This 'missing link' is approached by the prototype SECURE Talk that provides secure transmission and archiving of files on top of an existing operating system. Its services may be utilized by existing medical applications. SECURE Talk demonstrates secure communication utilizing only standard hardware. Its message is that cryptography (and in particular asymmetric cryptography) is practical for many medical applications even if implemented in software. All mechanisms are software implemented in order to be executable on standard-hardware. One can investigate more or less decentralized forms of public key management and the performance of many different cryptographic mechanisms. That of, e.g. hybrid encryption and decryption (RSA+DES-PCBC) is about 300 kbit/s. That of signing and verifying is approximately the same using RSA with a DES hash function. The internal speed, without disk accesses etc., is about 1.1 Mbit/s. (Apple Quadra 950 (MC 68040, 33 MHz, RAM: 20 MB, 80 ns. Length of RSA modulus is 512 bit).

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2010 CFR

2010-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2012 CFR

2012-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

32 CFR Appendix B to Part 323 - Criteria for New and Altered Record Systems

Code of Federal Regulations, 2011 CFR

2011-07-01

... as operating systems and system utilities that provide for easier access are considered alterations... terminals does not extend the capacity of the current operating system and existing security is preserved. f... not operate a system of records until the waiting periods have expired. E. Outside review of new and...

A New Operating System for Security Tagged Architecture Hardware in Support of Multiple Independent Levels of Security (MILS) Compliant System

DTIC Science & Technology

2014-04-01

important data structures of RTEMS are introduced. Section 3.2.2 discusses the problems we found in RTEMS that may cause security vulnerabilities...the important data structures in RTEMS: Object, which is a critical data structure in the SCORE, tasks threads. Approved for Public Release...these important system codes. The example code shows a possibility that a user can delete a system thread. Therefore, in order to protect system

The systems approach to airport security: The FAA (Federal Aviation Administration)/BWI (Baltimore-Washington International) Airport demonstration project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Caskey, D.L.; Olascoaga, M.T.

1990-01-01

Sandia National Laboratories has been involved in designing, installing and evaluating security systems for various applications during the past 15 years. A systems approach to security that evolved from this experience was applied to aviation security for the Federal Aviation Administration. A general systems study of aviation security in the United States was concluded in 1987. One result of the study was a recommendation that an enhanced security system concept designed to meet specified objectives be demonstrated at an operational airport. Baltimore-Washington International Airport was selected as the site for the demonstration project which began in 1988 and will bemore » completed in 1992. This article introduced the systems approach to airport security and discussed its application at Baltimore-Washington International Airport. Examples of design features that could be included in an enhanced security concept also were presented, including details of the proposed Ramps Area Intrusion Detection System (RAIDS).« less

Engineering Safety- and Security-Related Requirements for Software-Intensive Systems

DTIC Science & Technology

2010-04-27

Requirements Negative (shall not) Requirements Hardware Requirements equ remen s System / Documentation Requirements eve oper Requirements Operational ...Validation Actual / Proposed Defensibility C li Operational Vulnerability Analysis VulnerabilityVulnerability Safety Vulnerability performs System ...including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson

DOE DISS/ET pilot system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Strait, R.S.; Wagner, E.E.

1994-07-01

The US Department of Energy (DOE) Office of Safeguards and Security initiated the DOE Integrated Security System / Electronic Transfer (DISS/ET) for the purpose of reducing the time required to process security clearance requests. DISS/ET will be an integrated system using electronic commerce technologies for the collection and processing of personnel security clearance data, and its transfer between DOE local security clearance offices, DOE Operations Offices, and the Office of Personnel Management. The system will use electronic forms to collect clearance applicant data. The forms data will be combined with electronic fingerprint images and packaged in a secure encrypted electronicmore » mail envelope for transmission across the Internet. Information provided by the applicant will be authenticated using digital signatures. All processing will be done electronically.« less

Anatomy of a Security Operations Center

NASA Technical Reports Server (NTRS)

Wang, John

2010-01-01

Many agencies and corporations are either contemplating or in the process of building a cyber Security Operations Center (SOC). Those Agencies that have established SOCs are most likely working on major revisions or enhancements to existing capabilities. As principle developers of the NASA SOC; this Presenters' goals are to provide the GFIRST community with examples of some of the key building blocks of an Agency scale cyber Security Operations Center. This presentation viII include the inputs and outputs, the facilities or shell, as well as the internal components and the processes necessary to maintain the SOC's subsistence - in other words, the anatomy of a SOC. Details to be presented include the SOC architecture and its key components: Tier 1 Call Center, data entry, and incident triage; Tier 2 monitoring, incident handling and tracking; Tier 3 computer forensics, malware analysis, and reverse engineering; Incident Management System; Threat Management System; SOC Portal; Log Aggregation and Security Incident Management (SIM) systems; flow monitoring; IDS; etc. Specific processes and methodologies discussed include Incident States and associated Work Elements; the Incident Management Workflow Process; Cyber Threat Risk Assessment methodology; and Incident Taxonomy. The Evolution of the Cyber Security Operations Center viII be discussed; starting from reactive, to proactive, and finally to proactive. Finally, the resources necessary to establish an Agency scale SOC as well as the lessons learned in the process of standing up a SOC viII be presented.

46 CFR 151.40-10 - Operational requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... shall operate when either the pressure or the temperature exceeds the operating limits of the system... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES BARGES... Operational requirements. Control systems, required by Table 151.05 shall be provided with an audible or...

Development of a medical information system that minimizes staff workload and secures system safety at a small medical institution

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Koyama, Tadashi

2005-04-01

We developed a secure system that minimizes staff workload and secures safety of a medical information system. In this study, we assess the legal security requirements and risks occurring from the use of digitized data. We then analyze the security measures for ways of reducing these risks. In the analysis, not only safety, but also costs of security measures and ease of operability are taken into consideration. Finally, we assess the effectiveness of security measures by employing our system in small-sized medical institution. As a result of the current study, we developed and implemented several security measures, such as authentications, cryptography, data back-up, and secure sockets layer protocol (SSL) in our system. In conclusion, the cost for the introduction and maintenance of a system is one of the primary difficulties with its employment by a small-sized institution. However, with recent reductions in the price of computers, and certain advantages of small-sized medical institutions, the development of an efficient system configuration has become possible.

Desktop Security ... Now More than Ever

ERIC Educational Resources Information Center

Huber, Joe

2005-01-01

Desktop security is the foundation of your overall security plan in K-12 education. National Educational Technology Standards (NETS) mainly states that students at all grade levels should know to make changes in the default settings for the operating system and its applications.

The Slow Control System of the Auger Fluorescence Detectors

NASA Astrophysics Data System (ADS)

Barenthien, N.; Bethge, C.; Daumiller, K.; Gemmeke, H.; Kampert, K.-H.; Wiebusch, C.

2003-07-01

The fluorescence detector (FD) of the Pierre Auger experiment [1] comprises 24 telescopes that will be situated in 4 remote buildings in the Pampa Amarilla. It is planned to run the fluorescence detectors in absence of operators on site. Therefore, the main task of the Slow Control System (SCS) is to ensure a secure remote operation of the FD system. The Slow Control System works autonomously and continuously monitors those parameters which may disturb a secure operation. Commands from the data-acquisition system or the remote operator are accepted only if they do not violate safety rules that depend on the actual experimental conditions (e.g. high-voltage, wind-sp eed, light, etc.). In case of malfunctions (power failure, communication breakdown, ...) the SCS performs an orderly shutdown and subsequent startup of the fluorescence detector system. The concept and the implementation of the Slow Control System are presented.

Development of DSRC device and communication system performance measures recommendations for DSRC OBE performance and security requirements.

DOT National Transportation Integrated Search

2016-05-22

This report presents recommendations for minimum DSRC device communication performance and security requirements to ensure effective operation of the DSRC system. The team identified recommended DSRC communications requirements aligned to use cases, ...

Economic Evaluation of the Information Security Levels Achieved by Electric Energy Providers in North Arctic Region

NASA Astrophysics Data System (ADS)

Sushko, O. P.; Kaznin, A. A.; Babkin, A. V.; Bogdanov, D. A.

2017-10-01

The study we are conducting involves the analysis of information security levels achieved by energy providers operating in the North Arctic Region. We look into whether the energy providers’ current information security levels meet reliability standards and determine what further actions may be needed for upgrading information security in the context of the digital transformation that the world community is undergoing. When developing the information security systems for electric energy providers or selecting the protection means for them, we are governed by the fact that the assets to be protected are process technologies. While information security risk can be assessed using different methods, the evaluation of the economic damage from these risks appears to be a difficult task. The most probable and harmful risks we have identified when evaluating the electric energy providers’ information security will be used by us as variables. To provide the evaluation, it is necessary to calculate the costs relating to elimination of the risks identified. The final stage of the study will involve the development of an operation algorithm for the North Arctic Region’s energy provider’s business information protection security system - a set of information security services, and security software and hardware.

49 CFR 1572.13 - State responsibilities for issuance of hazardous materials endorsement.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Information System (CDLIS) operator of the results of the security threat assessment. (3) Revoke or deny the... TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Procedures and General Standards § 1572.13... security threat assessment in 49 CFR 1572.5 and issues an Initial Determination of Threat Assessment and...

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor development kid and Embedded Linux operation system.

Daylight operation of a free space, entanglement-based quantum key distribution system

NASA Astrophysics Data System (ADS)

Peloso, Matthew P.; Gerhardt, Ilja; Ho, Caleb; Lamas-Linares, Antía; Kurtsiefer, Christian

2009-04-01

Many quantum key distribution (QKD) implementations using a free space transmission path are restricted to operation at night time in order to distinguish the signal photons used for a secure key establishment from the background light. Here, we present a lean entanglement-based QKD system overcoming that limitation. By implementing spectral, spatial and temporal filtering techniques, we establish a secure key continuously over several days under varying light and weather conditions.

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

The Design and Implementation of a Low Cost and High Security Smart Home System Based on Wi-Fi and SSL Technologies

NASA Astrophysics Data System (ADS)

Xu, Chong-Yao; Zheng, Xin; Xiong, Xiao-Ming

2017-02-01

With the development of Internet of Things (IoT) and the popularity of intelligent mobile terminals, smart home system has come into people’s vision. However, due to the high cost, complex installation and inconvenience, as well as network security issues, smart home system has not been popularized. In this paper, combined with Wi-Fi technology, Android system, cloud server and SSL security protocol, a new set of smart home system is designed, with low cost, easy operation, high security and stability. The system consists of Wi-Fi smart node (WSN), Android client and cloud server. In order to reduce system cost and complexity of the installation, each Wi-Fi transceiver, appliance control logic and data conversion in the WSN is setup by a single chip. In addition, all the data of the WSN can be uploaded to the server through the home router, without having to transit through the gateway. All the appliance status information and environmental information are preserved in the cloud server. Furthermore, to ensure the security of information, the Secure Sockets Layer (SSL) protocol is used in the WSN communication with the server. What’s more, to improve the comfort and simplify the operation, Android client is designed with room pattern to control home appliances more realistic, and more convenient.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

[Modern foreign car safety systems and their forensic-medical significance].

PubMed

Iakunin, S A

2007-01-01

The author gives a characteristic of active and passive security systems installed in cars of foreign production. These security systems significantly modify the classic car trauma character decreasing frequency of occurrence and dimensions of specific and typical injuries. A new approach based on the theory of probability to estimate these injuries is required. The most common active and passive security systems are described in the article; their principles of operation and influence on the trauma character are estimated.

12 CFR 615.5454 - Creation of participant's security entitlement; security interests.

Code of Federal Regulations, 2013 CFR

2013-01-01

... SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Book-Entry...) The Farm Credit Banks, the Funding Corporation, and the Federal Reserve Banks have no obligation to... Reserve Bank, a Farm Credit Bank, the Funding Corporation, or a person may be created and perfected by a...

12 CFR 615.5454 - Creation of participant's security entitlement; security interests.

Code of Federal Regulations, 2011 CFR

2011-01-01

... SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Book-Entry...) The Farm Credit Banks, the Funding Corporation, and the Federal Reserve Banks have no obligation to... Reserve Bank, a Farm Credit Bank, the Funding Corporation, or a person may be created and perfected by a...

Information Operations Primer

DTIC Science & Technology

2010-11-01

altering drugs ) but must be influenced indirectly through the physical and information dimensions. c. Information Operations modify the three dimensions...restoration of information systems by incorporating protection, detection, and reaction capabilities. (2) Physical Security is that part of security...wargamed using the traditional friendly action, expected enemy reaction , and friendly counteraction methodology. The wargaming process must also occur

33 CFR 96.300 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems... international certification for the company's and vessel's safety management system. ...

33 CFR 96.380 - How will the Coast Guard handle compliance and enforcement of these regulations?

Code of Federal Regulations, 2010 CFR

2010-07-01

... safety management system while operating the vessel or transferring cargoes. (b) A foreign vessel that... GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and Enforced...

76 FR 44057 - Sunshine Act Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-22

... SECURITIES AND EXCHANGE COMMISSION Sunshine Act Meeting Notice is hereby given, pursuant to the provisions of the Government in the Sunshine Act, Public Law 94-409, that the Securities and Exchange... (DTC). DTC operates an automated, centralized system for book-entry movement of securities positions in...

50 CFR 37.14 - Bonding.

Code of Federal Regulations, 2012 CFR

2012-10-01

... WILDLIFE REFUGE SYSTEM GEOLOGICAL AND GEOPHYSICAL EXPLORATION OF THE COASTAL PLAIN, ARCTIC NATIONAL... a surety bond of not less than $100,000, or other security satisfactory to the Service, to secure... needed to secure performance of its exploration plan and plan(s) of operation and compliance with the...

77 FR 11145 - Intent to Request Renewal From OMB of One Current Public Collection of Information: Air Cargo...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-24

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), OMB control number 1652-0040, abstracted below that we will submit to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. This ICR involves five broad categories of affected populations: airports, passenger aircraft operators, foreign air carriers, indirect air carriers operating under a security program, and all-cargo carriers. The collections of information that make up this ICR are security programs, security threat assessments (STA), known shipper data via the Known Shipper Management System (KSMS), Air Cargo Data Management System (ACDMS), Cargo Reporting Tool for cargo screening reporting, and evidence of compliance recordkeeping. TSA seeks continued OMB approval in order to secure passenger aircraft carrying cargo as authorized in the Aviation and Transportation Security Act.

Macintosh Computer Classroom and Laboratory Security: Preventing Unwanted Changes to the System.

ERIC Educational Resources Information Center

Senn, Gary J.; Smyth, Thomas J. C.

Because of the graphical interface and "openness" of the operating system, Macintosh computers are susceptible to undesirable changes by the user. This presentation discusses the advantages and disadvantages of software packages that offer protection for the Macintosh system. The two basic forms of software security packages include a…

25 CFR 900.70 - What elements are included in the compensation for a lease entered into between the Secretary and...

Code of Federal Regulations, 2010 CFR

2010-04-01

...) Fire safety system; (vii) Security system; and (viii) Roof, foundation, walls, floors. (12) Unscheduled...) Monitoring and preventive maintenance of building structures and systems, including but not limited to: (i..., repainting); (14) Security services; (15) Management fees; and (16) Other reasonable and necessary operation...

State Cancer Profiles

MedlinePlus

... the site again. The following web browsers and operating systems are sufficiently secure and advanced. These version numbers ... also acceptable. Microsoft Internet Explorer 7, if your operating system is Windows Vista or later. No version of ...

5 CFR 9701.322 - Setting and adjusting rate ranges.

Code of Federal Regulations, 2010 CFR

2010-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Setting and Adjusting Rate Ranges... operational reasons, these adjustments will become effective on or about the date of the annual General...

Restraint system for ergometer

NASA Technical Reports Server (NTRS)

Gause, R. L.; Spier, R. A. (Inventor)

1973-01-01

A restraint system for securing a person to an ergometer while exercising under zero gravity conditions or while operating the ergometer in earth environment in a position other than the upright position. A padded, form-fitting body belt fits around the operator's waist and suspenders are attached to the body belt. The body belt is secured to the ergometer forwardly and rearwardly of the ergometer seat by adjustable belts joined to the body belt and releasably hooked to the ergometer frame.

Development of national standards related to the integrated safety and security of high-rise buildings

NASA Astrophysics Data System (ADS)

Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

2018-03-01

The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

The Interagency Cometh: Is the National Security System of 1947 Capable of Handling the Challenges of 2009?

DTIC Science & Technology

2009-01-01

command system.2 The United States Southern Command, responsible for Department of Defense planning, coordination, and operations in Central America ...South America and i waters, formed its Joint Interagency Task Force South to enable it to conduct coordinated illicit trafficking operations. ts y...Collin Powell and Secretary of Defense Donald Rumsfeld, the National Security Council has at times been a place for policy to come to die under the

The Naval Postgraduate School SECURE ARCHIVAL STORAGE SYSTEM. Part II. Segment and Process Management Implementation.

DTIC Science & Technology

1981-03-01

Research Instructor of Computer Scienr-. Reviewed by: Released by: WILLIAM M. TOLLES Department puter Science Dean of Research 4c t SECURITY...Lyle A. Cox, Roger R. Schell, and Sonja L. Perdue 9. PERFORMING ORGANIZATION NAME ANO ADDRESS 10. PROGRAM ELEMENT. PROJECT. TASK AREA A WORK UNIT... Computer Networks, Operating Systems, Computer Security 20. AftUrCT (Cnthm, w v re eae old* It n..*p and idm 0 F W blk ..m.m.o’) ",A_;he security

The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

ERIC Educational Resources Information Center

Clarke, Marlon

2011-01-01

As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors…

KSOS Computer Program Development Specifications (Type B-5). (Kernelized Secure Operating System). I. Security Kernel (CDRL 0002AF). II. UNIX Emulator (CDRL 0002AG). III. Security-Related Software (CDRL 0002AH).

DTIC Science & Technology

1980-12-01

Commun- ications Corporation, Palo Alto, CA (March 1978). g. [Walter at al. 74] Walter, K.G. et al., " Primitive Models for Computer .. Security", ESD-TR...discussion is followed by a presenta- tion of the Kernel primitive operations upon these objects. All Kernel objects shall be referenced by a common...set of sizes. All process segments, regardless of domain, shall be manipulated by the same set of Kernel segment primitives . User domain segments

Fast Computation and Assessment Methods in Power System Analysis

NASA Astrophysics Data System (ADS)

Nagata, Masaki

Power system analysis is essential for efficient and reliable power system operation and control. Recently, online security assessment system has become of importance, as more efficient use of power networks is eagerly required. In this article, fast power system analysis techniques such as contingency screening, parallel processing and intelligent systems application are briefly surveyed from the view point of their application to online dynamic security assessment.

Comparing Two Tools for Mobile-Device Forensics

DTIC Science & Technology

2017-09-01

baseline standard. 2.4 Mobile Operating Systems "A mobile operating system is an operating system that is specifically designed to run on mobile devices... run on mobile devices" [7]. There are many different types of mobile operating systems and they are constantly changing, which means an operating...to this is that the security features make forensic analysis more difficult [11]. 2.4.2 iPhone "The iPhone runs an operating system called iOS. It is a

US-CERT Control System Center Input/Output (I/O) Conceputal Design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2005-02-01

This document was prepared for the US-CERT Control Systems Center of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs the federal departments to identify and prioritize critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the NCSD to address the control system security component addressed in the National Strategy to Secure Cyberspace andmore » the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems; the I/O upgrade described in this document supports these goals. The vulnerability assessment Test Bed, located in the Information Operations Research Center (IORC) facility at Idaho National Laboratory (INL), consists of a cyber test facility integrated with multiple test beds that simulate the nation's critical infrastructure. The fundamental mission of the Test Bed is to provide industry owner/operators, system vendors, and multi-agency partners of the INL National Security Division a platform for vulnerability assessments of control systems. The Input/Output (I/O) upgrade to the Test Bed (see Work Package 3.1 of the FY-05 Annual Work Plan) will provide for the expansion of assessment capabilities within the IORC facility. It will also provide capabilities to connect test beds within the Test Range and other Laboratory resources. This will allow real time I/O data input and communication channels for full replications of control systems (Process Control Systems [PCS], Supervisory Control and Data Acquisition Systems [SCADA], and components). This will be accomplished through the design and implementation of a modular infrastructure of control system, communications, networking, computing and associated equipment, and measurement/control devices. The architecture upgrade will provide a flexible patching system providing a quick ''plug and play''configuration through various communication paths to gain access to live I/O running over specific protocols. This will allow for in-depth assessments of control systems in a true-to-life environment. The full I/O upgrade will be completed through a two-phased approach. Phase I, funded by DHS, expands the capabilities of the Test Bed by developing an operational control system in two functional areas, the Science & Technology Applications Research (STAR) Facility and the expansion of various portions of the Test Bed. Phase II (see Appendix A), funded by other programs, will complete the full I/O upgrade to the facility.« less

Research of Trust Chain of Operating System

NASA Astrophysics Data System (ADS)

Li, Hongjiao; Tian, Xiuxia

Trust chain is one of the key technologies in designing secure operating system based on TC technology. Constructions of trust chain and trust models are analyzed. Future works in these directions are discussed.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Bit-level quantum color image encryption scheme with quantum cross-exchange operation and hyper-chaotic system

NASA Astrophysics Data System (ADS)

Zhou, Nanrun; Chen, Weiwei; Yan, Xinyu; Wang, Yunqian

2018-06-01

In order to obtain higher encryption efficiency, a bit-level quantum color image encryption scheme by exploiting quantum cross-exchange operation and a 5D hyper-chaotic system is designed. Additionally, to enhance the scrambling effect, the quantum channel swapping operation is employed to swap the gray values of corresponding pixels. The proposed color image encryption algorithm has larger key space and higher security since the 5D hyper-chaotic system has more complex dynamic behavior, better randomness and unpredictability than those based on low-dimensional hyper-chaotic systems. Simulations and theoretical analyses demonstrate that the presented bit-level quantum color image encryption scheme outperforms its classical counterparts in efficiency and security.

Methodology for Designing Operational Banking Risks Monitoring System

NASA Astrophysics Data System (ADS)

Kostjunina, T. N.

2018-05-01

The research looks at principles of designing an information system for monitoring operational banking risks. A proposed design methodology enables one to automate processes of collecting data on information security incidents in the banking network, serving as the basis for an integrated approach to the creation of an operational risk management system. The system can operate remotely ensuring tracking and forecasting of various operational events in the bank network. A structure of a content management system is described.

Information Security Management - Part Of The Integrated Management System

NASA Astrophysics Data System (ADS)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

Towards improving software security by using simulation to inform requirements and conceptual design

DOE PAGES

Nutaro, James J.; Allgood, Glenn O.; Kuruganti, Teja

2015-06-17

We illustrate the use of modeling and simulation early in the system life-cycle to improve security and reduce costs. The models that we develop for this illustration are inspired by problems in reliability analysis and supervisory control, for which similar models are used to quantify failure probabilities and rates. In the context of security, we propose that models of this general type can be used to understand trades between risk and cost while writing system requirements and during conceptual design, and thereby significantly reduce the need for expensive security corrections after a system enters operation

78 FR 25740 - Meridian Energy USA, Inc. v. California Independent System Operator Corporation; Notice of Filing

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-02

... Energy USA, Inc. v. California Independent System Operator Corporation; Notice of Filing Take notice that... Appendix Y of the California Independent System Operator Corp. (CAISO) tariff to defer the second posting of Interconnection Financial Security for the Jacobs Canal Solar Farm, Laurel West Solar Farm, and...

Systems and Methods for Secure Transaction Management and Electronic Rights Protection

DTIC Science & Technology

2002-07-30

4305131 Dec., 1981 Best. 4306289 Dec., 1981 Lumley. 4309569 Jan., 1982 Merkle . 4319079 Mar., 1982 Best. 4323921 Apr., 1982 Guillou. 4328544 May...Operating System Security, (USC/Information Science Institute, Marina Del Rey, CA), Oct. 1973, pp. 666-675. Rolf Blom, Robert Forchheimer, et al

46 CFR 112.43-11 - Illumination for launching operations.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 112.43-11 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Emergency Lighting Systems § 112.43-11 Illumination for launching operations. Branch circuits supplying power to lights for survival craft launching operations must supply no...

46 CFR 112.43-11 - Illumination for launching operations.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 112.43-11 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Emergency Lighting Systems § 112.43-11 Illumination for launching operations. Branch circuits supplying power to lights for survival craft launching operations must supply no...

46 CFR 112.43-11 - Illumination for launching operations.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 112.43-11 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Emergency Lighting Systems § 112.43-11 Illumination for launching operations. Branch circuits supplying power to lights for survival craft launching operations must supply no...

46 CFR 112.43-11 - Illumination for launching operations.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 112.43-11 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Emergency Lighting Systems § 112.43-11 Illumination for launching operations. Branch circuits supplying power to lights for survival craft launching operations must supply no...

46 CFR 112.43-11 - Illumination for launching operations.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 112.43-11 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Emergency Lighting Systems § 112.43-11 Illumination for launching operations. Branch circuits supplying power to lights for survival craft launching operations must supply no...

49 CFR 1580.200 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... service on track that is part of the general railroad system of transportation, each carrier operating or.... (e) Each operator of a rail transit system that is not operating on track that is part of the general... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION...

A Systems Engineering Framework for Implementing a Security and Critical Patch Management Process in Diverse Environments (Academic Departments' Workstations)

ERIC Educational Resources Information Center

Mohammadi, Hadi

2014-01-01

Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

A review of physical security robotics at Sandia National Laboratories

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roerig, S.C.

1990-01-01

As an outgrowth of research into physical security technologies, Sandia is investigating the role of robotics in security systems. Robotics may allow more effective utilization of guard forces, especially in scenarios where personnel would be exposed to harmful environments. Robots can provide intrusion detection and assessment functions for failed sensors or transient assets, can test existing fixed site sensors, and can gather additional intelligence and dispense delaying elements. The Robotic Security Vehicle (RSV) program for DOE/OSS is developing a fieldable prototype for an exterior physical security robot based upon a commercial four wheel drive vehicle. The RSV will be capablemore » of driving itself, being driven remotely, or being driven by an onboard operator around a site and will utilize its sensors to alert an operator to unusual conditions. The Remote Security Station (RSS) program for the Defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior security systems. The RSS consists of an independent sensor pod, a mobile sensor platform and a control and display console. Sensor data fusion is used to optimize the system's intrusion detection performance. These programs are complementary, the RSV concentrates on developing autonomous mobility, while the RSS thrust is on mobile sensor employment. 3 figs.« less

A simplification of the fractional Hartley transform applied to image security system in phase

NASA Astrophysics Data System (ADS)

Jimenez, Carlos J.; Vilardy, Juan M.; Perez, Ronal

2017-01-01

In this work we develop a new encryption system for encoded image in phase using the fractional Hartley transform (FrHT), truncation operations and random phase masks (RPMs). We introduce a simplification of the FrHT with the purpose of computing this transform in an efficient and fast way. The security of the encryption system is increased by using nonlinear operations, such as the phase encoding and the truncation operations. The image to encrypt (original image) is encoded in phase and the truncation operations applied in the encryption-decryption system are the amplitude and phase truncations. The encrypted image is protected by six keys, which are the two fractional orders of the FrHTs, the two RPMs and the two pseudorandom code images generated by the amplitude and phase truncation operations. All these keys have to be correct for a proper recovery of the original image in the decryption system. We present digital results that confirm our approach.

Secure FAST: Security Enhancement in the NATO Time Sensitive Targeting Tool

DTIC Science & Technology

2010-11-01

designed to aid in the tracking and prosecuting of Time Sensitive Targets. The FAST tool provides user level authentication and authorisation in terms...level authentication and authorisation in terms of security. It uses operating system level security but does not provide application level security for...and collaboration tool, designed to aid in the tracking and prosecuting of Time Sensitive Targets. The FAST tool provides user level authentication and

Cyber Security Testing and Training Programs for Industrial Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Daniel Noyes

2012-03-01

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall securitymore » posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.« less

33 CFR 96.220 - What makes up a safety management system?

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.220 What makes up a safety management system? (a) The safety management system must document the responsible person's— (1) Safety and pollution prevention...

Computer security: a necessary element of integrated information systems.

PubMed Central

Butzen, F; Furler, F

1986-01-01

The Matheson Report sees the medical library as playing a key role in a network of interlocking information bases that will extend from central repositories of medical information to each physician's personal records. It appears, however, that the role of security in this vision has not been fully delineated. This paper discusses problems in maintaining the security of confidential medical information, the state of the applicable law, and techniques for security (with special emphasis on the UNIX operating system). It is argued that the absence of security threatens any plan to build an information network, as there will be resistance to any system that may give intruders access to confidential data. PMID:3742113

75 FR 8508 - Computerized Tribal IV-D Systems and Office Automation

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-25

...This rule enables Tribes and Tribal organizations currently operating comprehensive Tribal Child Support Enforcement programs under Title IV-D of the Social Security Act (the Act) to apply for and receive direct Federal funding for the costs of automated data processing. This rule addresses the Secretary's commitment to provide instructions and guidance to Tribes and Tribal organizations on requirements for applying for, and upon approval, securing Federal Financial Participation (FFP) in the costs of installing, operating, maintaining, and enhancing automated data processing systems.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

2015-01-01

NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

32 CFR 64.2 - Applicability and scope.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Homeland Security), the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the... Military Departments and the Secretary of Homeland Security for the Coast Guard when it is not operating as..., such as the Department of Homeland Security and the Selective Service System, and non-DoD organizations...

32 CFR 64.2 - Applicability and scope.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Homeland Security), the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the... Military Departments and the Secretary of Homeland Security for the Coast Guard when it is not operating as..., such as the Department of Homeland Security and the Selective Service System, and non-DoD organizations...

32 CFR 64.2 - Applicability and scope.

Code of Federal Regulations, 2012 CFR

2012-07-01

... Homeland Security), the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the... Military Departments and the Secretary of Homeland Security for the Coast Guard when it is not operating as..., such as the Department of Homeland Security and the Selective Service System, and non-DoD organizations...

32 CFR 64.2 - Applicability and scope.

Code of Federal Regulations, 2013 CFR

2013-07-01

... Homeland Security), the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the... Military Departments and the Secretary of Homeland Security for the Coast Guard when it is not operating as..., such as the Department of Homeland Security and the Selective Service System, and non-DoD organizations...

32 CFR 64.2 - Applicability and scope.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Homeland Security), the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the... Military Departments and the Secretary of Homeland Security for the Coast Guard when it is not operating as..., such as the Department of Homeland Security and the Selective Service System, and non-DoD organizations...

40 CFR 280.210 - Participation in management.

Code of Federal Regulations, 2011 CFR

2011-07-01

... or facility or property on which the UST or UST system is located, liquidate, wind up operations, and... the security interest includes all debt and costs incurred by the security interest holder, and is... value of the security interest also includes all reasonable and necessary costs, fees, or other charges...

Managing Campus Security: Issues for Police Officers at Public Institutions.

ERIC Educational Resources Information Center

Dwyer, William O.; And Others

1994-01-01

To maximize the effectiveness of their campus security systems while minimizing the institution's exposure to liability, campus administrators must understand the legal context in which their police or security personnel are operating as agents of authority. Some of these policy and behavior issues are explained. (MSE)

75 FR 10633 - Privacy Act of 1974: Implementation of Exemptions; Department of Homeland Security United States...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-09

... of 1974: Implementation of Exemptions; Department of Homeland Security United States Immigration and Customs Enforcement-- 011 Immigration and Enforcement Operational Records System of Records AGENCY... rule to amend its regulations to exempt portions of a Department of Homeland Security/U.S. Immigration...

International Earth Science Constellation Mission Operations Working Group: Constellation Coordination System (CCS) Status. [Constellation Coordination System (CCS) Status

NASA Technical Reports Server (NTRS)

Skeberdis, Daniel

2016-01-01

This is a presentation at the MOWG fall meeting that will discuss CCS purpose, future status, security enhancements, arbitrary ephemeris mission features, overview of CCS 7.3, approach for the use of NORAD TLEs, account and data security, CCS System virtualization, control box visualization modification and other enhancements.

30 CFR 75.312 - Main mine fan examinations and records.

Code of Federal Regulations, 2012 CFR

2012-07-01

... fan and the fan monitoring system are operating properly. No review is required on any day when no one... initials and date in a computer system so as to be secure and not susceptible to alteration. (g)(1... alteration or electronically in a computer system so as to be secure and not susceptible to alteration. (2...

30 CFR 75.312 - Main mine fan examinations and records.

Code of Federal Regulations, 2013 CFR

2013-07-01

... fan and the fan monitoring system are operating properly. No review is required on any day when no one... initials and date in a computer system so as to be secure and not susceptible to alteration. (g)(1... alteration or electronically in a computer system so as to be secure and not susceptible to alteration. (2...

30 CFR 75.312 - Main mine fan examinations and records.

Code of Federal Regulations, 2014 CFR

2014-07-01

... fan and the fan monitoring system are operating properly. No review is required on any day when no one... initials and date in a computer system so as to be secure and not susceptible to alteration. (g)(1... alteration or electronically in a computer system so as to be secure and not susceptible to alteration. (2...

30 CFR 75.312 - Main mine fan examinations and records.

Code of Federal Regulations, 2011 CFR

2011-07-01

... fan and the fan monitoring system are operating properly. No review is required on any day when no one... initials and date in a computer system so as to be secure and not susceptible to alteration. (g)(1... alteration or electronically in a computer system so as to be secure and not susceptible to alteration. (2...

30 CFR 75.312 - Main mine fan examinations and records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... fan and the fan monitoring system are operating properly. No review is required on any day when no one... initials and date in a computer system so as to be secure and not susceptible to alteration. (g)(1... alteration or electronically in a computer system so as to be secure and not susceptible to alteration. (2...

Open-area concealed-weapon detection system

NASA Astrophysics Data System (ADS)

Pati, P.; Mather, P.

2011-06-01

Concealed Weapon Detection (CWD) has become a significant challenge to present day security needs; individuals carrying weapons into airplanes, schools, and secured establishments are threat to public security. Although controlled screening, of people for concealed weapons, has been employed in many establishments, procedures and equipment are designed to work in restricted environments like airport passport control, military checkpoints, hospitals, school and university entrance. Furthermore, screening systems do not effectively decipher between threat and non-threat metal objects, thus leading to high rate of false alarms which can become a liability to daily operational needs of establishments. Therefore, the design and development of a new CWD system to operate in a large open area environment with large numbers of people reduced incidences of false alarms and increased location accuracy is essential.

46 CFR 111.97-1 - Applicability.

Code of Federal Regulations, 2014 CFR

2014-10-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-1 Applicability. This subpart applies to electric power-operated watertight door systems required under Subpart H of Part 170 of this chapter. [CGD...

46 CFR 111.97-1 - Applicability.

Code of Federal Regulations, 2013 CFR

2013-10-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-1 Applicability. This subpart applies to electric power-operated watertight door systems required under Subpart H of Part 170 of this chapter. [CGD...

46 CFR 111.97-1 - Applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-1 Applicability. This subpart applies to electric power-operated watertight door systems required under Subpart H of Part 170 of this chapter. [CGD...

46 CFR 111.97-1 - Applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-1 Applicability. This subpart applies to electric power-operated watertight door systems required under Subpart H of Part 170 of this chapter. [CGD...

46 CFR 111.97-1 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-1 Applicability. This subpart applies to electric power-operated watertight door systems required under Subpart H of Part 170 of this chapter. [CGD...

Constraints and System Primitives in Achieving Multilevel Security in Real Time Distributed System Environment

DTIC Science & Technology

1994-04-18

because they represent a microkernel and monolithic kernel approach to MLS operating system issues. TMACH is I based on MACH, a distributed operating...the operating system is [L.sed on a microkernel design or a monolithic kernel design. This distinction requires some caution since monolithic operating...are provided by 3 user-level processes, in contrast to standard UNIX, which has a large monolithic kernel that pro- I - 22 - Distributed O)perating

Human-Robot Interaction Literature Review

DTIC Science & Technology

2012-03-01

coordination, operation of non-simulated UVs, and mixed UAV and UGV systems . Recommendations THRIL should focus on studies that look at operating non...Security, 2012). UAVs were continued to be developed in operations such as Desert Storm, where the Pioneer UAV system provided intelligence and fire... systems . One of the programs that was part of the initial fielding of UGVs in military operations was the Vehicle Teleoperation Capability (VTC). The

Afghan National Security Forces Facilities: Concerns with Funding, Oversight, and Sustainability for Operation and Maintenance

DTIC Science & Technology

2012-10-01

facilities, such as water supply, waste water treatment , and power generation.  The Ministry of Defense’s procurement process is unable to provide the...the Joint Regional Afghanistan Security Forces Compound Water Treatment System...Ministry of Interior NTM-A North Atlantic Treaty Organization Training Mission-Afghanistan O&M operation and maintenance PCO Primary Contracting Officer

Interconnection, Integration, and Interactive Impact Analysis of Microgrids and Distribution Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kang, Ning; Wang, Jianhui; Singh, Ravindra

2017-01-01

Distribution management systems (DMSs) are increasingly used by distribution system operators (DSOs) to manage the distribution grid and to monitor the status of both power imported from the transmission grid and power generated locally by a distributed energy resource (DER), to ensure that power flows and voltages along the feeders are maintained within designed limits and that appropriate measures are taken to guarantee service continuity and energy security. When microgrids are deployed and interconnected to the distribution grids, they will have an impact on the operation of the distribution grid. The challenge is to design this interconnection in such amore » way that it enhances the reliability and security of the distribution grid and the loads embedded in the microgrid, while providing economic benefits to all stakeholders, including the microgrid owner and operator and the distribution system operator.« less

The Department of Homeland Security’s Pursuit of Data-Driven Decision Making

DTIC Science & Technology

2015-12-01

agencies’ information management systems pertaining to mission support and business operations 1 KT...Directorate’s operating environment. xviii managed . Meanwhile, adding to the intrinsic organizational change management challenges is the idea that...a timely manner. The lack of a single, enterprise-wide information management system has resulted in numerous, disparate systems operating within

Maritime Cyber Security University Research: Phase 1

DTIC Science & Technology

2016-05-01

the global economy . The vulnerabilities associated with reliance on digital systems in the maritime environment must be continuously examined. System...Report: Modern maritime systems are highly complex digital systems to ensure the safety and efficient operation of the shipping traffic so vital to...entrances to our " digital ports" and work to develop practical cyber security solutions to protect the nation’s maritime infrastructure. 17. Key

33 CFR 96.240 - What functional requirements must a safety management system meet?

Code of Federal Regulations, 2010 CFR

2010-07-01

... a safety management system meet? 96.240 Section 96.240 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.240 What functional...

33 CFR 96.230 - What objectives must a safety management system meet?

Code of Federal Regulations, 2010 CFR

2010-07-01

... management system meet? 96.230 Section 96.230 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.230 What objectives must a safety...

Distributed Energy Systems: Security Implications of the Grid of the Future

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stamber, Kevin L.; Kelic, Andjelka; Taylor, Robert A.

2017-01-01

Distributed Energy Resources (DER) are being added to the nation's electric grid, and as penetration of these resources increases, they have the potential to displace or offset large-scale, capital-intensive, centralized generation. Integration of DER into operation of the traditional electric grid requires automated operational control and communication of DER elements, from system measurement to control hardware and software, in conjunction with a utility's existing automated and human-directed control of other portions of the system. Implementation of DER technologies suggests a number of gaps from both a security and a policy perspective. This page intentionally left blank.

49 CFR 1544.231 - Airport-approved and exclusive area personnel identification systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 9 2012-10-01 2012-10-01 false Airport-approved and exclusive area personnel... AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.231 Airport-approved... carry out a personnel identification system for identification media that are airport-approved, or...

49 CFR 1544.231 - Airport-approved and exclusive area personnel identification systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 9 2011-10-01 2011-10-01 false Airport-approved and exclusive area personnel... AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.231 Airport-approved... carry out a personnel identification system for identification media that are airport-approved, or...

49 CFR 1544.231 - Airport-approved and exclusive area personnel identification systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Airport-approved and exclusive area personnel... AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.231 Airport-approved... carry out a personnel identification system for identification media that are airport-approved, or...

A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system.

PubMed

Das, Ashok Kumar

2015-03-01

An integrated EPR (Electronic Patient Record) information system of all the patients provides the medical institutions and the academia with most of the patients' information in details for them to make corrective decisions and clinical decisions in order to maintain and analyze patients' health. In such system, the illegal access must be restricted and the information from theft during transmission over the insecure Internet must be prevented. Lee et al. proposed an efficient password-based remote user authentication scheme using smart card for the integrated EPR information system. Their scheme is very efficient due to usage of one-way hash function and bitwise exclusive-or (XOR) operations. However, in this paper, we show that though their scheme is very efficient, their scheme has three security weaknesses such as (1) it has design flaws in password change phase, (2) it fails to protect privileged insider attack and (3) it lacks the formal security verification. We also find that another recently proposed Wen's scheme has the same security drawbacks as in Lee at al.'s scheme. In order to remedy these security weaknesses found in Lee et al.'s scheme and Wen's scheme, we propose a secure and efficient password-based remote user authentication scheme using smart cards for the integrated EPR information system. We show that our scheme is also efficient as compared to Lee et al.'s scheme and Wen's scheme as our scheme only uses one-way hash function and bitwise exclusive-or (XOR) operations. Through the security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks.

Operational Management of Area Environment.

ERIC Educational Resources Information Center

Sprague, George W.

Three phases leading to the automation of the mechanical building systems on the Harvard campus are described. The systems allow a single operator to monitor and control all the mechanical systems, plus fire, flood, and security alarms, for all buildings in a large area of the campus. (JT)

Multiple operating system rotation environment moving target defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Evans, Nathaniel; Thompson, Michael

Systems and methods for providing a multiple operating system rotation environment ("MORE") moving target defense ("MTD") computing system are described. The MORE-MTD system provides enhanced computer system security through a rotation of multiple operating systems. The MORE-MTD system increases attacker uncertainty, increases the cost of attacking the system, reduces the likelihood of an attacker locating a vulnerability, and reduces the exposure time of any located vulnerability. The MORE-MTD environment is effectuated by rotation of the operating systems at a given interval. The rotating operating systems create a consistently changing attack surface for remote attackers.

76 FR 17143 - Advisory Committee on Commercial Operations of Customs and Border Protection (COAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-28

... Data System 5. Enhancing Air Cargo Security 6. National Strategy Global Supply Chain Security and the...: Committee Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Advisory Committee on...

Modelling operations and security of cloud systems using Z-notation and Chinese Wall security policy

NASA Astrophysics Data System (ADS)

Basu, Srijita; Sengupta, Anirban; Mazumdar, Chandan

2016-11-01

Enterprises are increasingly using cloud computing for hosting their applications. Availability of fast Internet and cheap bandwidth are causing greater number of people to use cloud-based services. This has the advantage of lower cost and minimum maintenance. However, ensuring security of user data and proper management of cloud infrastructure remain major areas of concern. Existing techniques are either too complex, or fail to properly represent the actual cloud scenario. This article presents a formal cloud model using the constructs of Z-notation. Principles of the Chinese Wall security policy have been applied to design secure cloud-specific operations. The proposed methodology will enable users to safely host their services, as well as process sensitive data, on cloud.

Secure provision of reactive power ancillary services in competitive electricity markets

NASA Astrophysics Data System (ADS)

El-Samahy, Ismael

The research work presented in this thesis discusses various complex issues associated with reactive power management and pricing in the context of new operating paradigms in deregulated power systems, proposing appropriate policy solutions. An integrated two-level framework for reactive power management is set forth, which is both suitable for a competitive market and ensures a secure and reliable operation of the associated power system. The framework is generic in nature and can be adopted for any electricity market structure. The proposed hierarchical reactive power market structure comprises two stages: procurement of reactive power resources on a seasonal basis, and real-time reactive power dispatch. The main objective of the proposed framework is to provide appropriate reactive power support from service providers at least cost, while ensuring a secure operation of the power system. The proposed procurement procedure is based on a two-step optimization model. First, the marginal benefits of reactive power supply from each provider, with respect to system security, are obtained by solving a loadability-maximization problem subject to transmission security constraints imposed by voltage and thermal limits. Second, the selected set of generators is determined by solving an optimal power flow (OPF)-based auction. This auction maximizes a societal advantage function comprising generators' offers and their corresponding marginal benefits with respect to system security, and considering all transmission system constraints. The proposed procedure yields the selected set of generators and zonal price components, which would form the basis for seasonal contracts between the system operator and the selected reactive power service providers. The main objective of the proposed reactive power dispatch model is to minimize the total payment burden on the Independent System Operator (ISO), which is associated with reactive power dispatch. The real power generation is decoupled and assumed to be fixed during the reactive power dispatch procedures; however, the effect of reactive power on real power is considered in the model by calculating the required reduction in real power output of a generator due to an increase in its reactive power supply. In this case, real power generation is allowed to be rescheduled, within given limits, from the already dispatched levels obtained from the energy market clearing process. The proposed dispatch model achieves the main objective of an ISO in a competitive electricity market, which is to provide the required reactive power support from generators at least cost while ensuring a secure operation of the power system. The proposed reactive power procurement and dispatch models capture both the technical and economic aspects of power system operation in competitive electricity markets; however, from an optimization point of view, these models represent non-convex mixed integer non-linear programming (MINLP) problems due to the presence of binary variables associated with the different regions of reactive power operation in a synchronous generator. Such MINLP optimization problems are difficult to solve, especially for an actual power system. A novel Generator Reactive Power Classification (GRPC) algorithm is proposed in this thesis to address this issue, with the advantage of iteratively solving the optimization models as a series of non-linear programming (NLP) sub-problems. The proposed reactive power procurement and dispatch models are implemented and tested on the CIGRE 32-bus system, with several case studies that represent different practical operating scenarios. The developed models are also compared with other approaches for reactive power provision, and the results demonstrate the robustness and effectiveness of the proposed model. The results clearly reveal the main features of the proposed models for optimal provision of reactive power ancillary service, in order to suit the requirements of an ISO under today's stressed system conditions in a competitive market environment.

Integrating Programming Language and Operating System Information Security Mechanisms

DTIC Science & Technology

2016-08-31

suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

Cyber Safety and Security for Reduced Crew Operations (RCO)

NASA Technical Reports Server (NTRS)

Driscoll, Kevin

2017-01-01

NASA and the Aviation Industry is looking into reduced crew operations (RCO) that would cut today's required two-person flight crews down to a single pilot with support from ground-based crews. Shared responsibility across air and ground personnel will require highly reliable and secure data communication and supporting automation, which will be safety-critical for passenger and cargo aircraft. This paper looks at the different types and degrees of authority delegation given from the air to the ground and the ramifications of each, including the safety and security hazards introduced, the mitigation mechanisms for these hazards, and other demands on an RCO system architecture which would be highly invasive into (almost) all safety-critical avionics. The adjacent fields of unmanned aerial systems and autonomous ground vehicles are viewed to find problems that RCO may face and related aviation accident scenarios are described. The paper explores possible data communication architectures to meet stringent performance and information security (INFOSEC) requirements of RCO. Subsequently, potential challenges for RCO data communication authentication, encryption and non-repudiation are identified. The approach includes a comprehensive safety-hazard analysis of the RCO system to determine top level INFOSEC requirements for RCO and proposes an option for effective RCO implementation. This paper concludes with questioning the economic viability of RCO in light of the expense of overcoming the operational safety and security hazards it would introduce.

Developing a Standard Method for Link-Layer Security of CCSDS Space Communications

NASA Technical Reports Server (NTRS)

Biggerstaff, Craig

2009-01-01

Communications security for space systems has been a specialized field generally far removed from considerations of mission interoperability and cross-support in fact, these considerations often have been viewed as intrinsically opposed to security objectives. The space communications protocols defined by the Consultative Committee for Space Data Systems (CCSDS) have a twenty-five year history of successful use in over 400 missions. While the CCSDS Telemetry, Telecommand, and Advancing Orbiting Systems protocols for use at OSI Layer 2 are operationally mature, there has been no direct support within these protocols for communications security techniques. Link-layer communications security has been successfully implemented in the past using mission-unique methods, but never before with an objective of facilitating cross-support and interoperability. This paper discusses the design of a standard method for cryptographic authentication, encryption, and replay protection at the data link layer that can be integrated into existing CCSDS protocols without disruption to legacy communications services. Integrating cryptographic operations into existing data structures and processing sequences requires a careful assessment of the potential impediments within spacecraft, ground stations, and operations centers. The objective of this work is to provide a sound method for cryptographic encapsulation of frame data that also facilitates Layer 2 virtual channel switching, such that a mission may procure data transport services as needed without involving third parties in the cryptographic processing, or split independent data streams for separate cryptographic processing.

Chemical Sniffing Instrumentation for Security Applications.

PubMed

Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

2016-07-27

Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

Examining the Relationship of Business Operations and the Information Security Culture in the United States

ERIC Educational Resources Information Center

Wynn, Cynthia L.

2017-01-01

An increase in information technology has caused and increased in threats towards information security. Threats are malware, viruses, sabotage from employees, and hacking into computer systems. Organizations have to find new ways to combat vulnerabilities and threats of internal and external threats to protect their information security and…

The Employee Retirement Income Security Act of 1974: Policies and Problems

ERIC Educational Resources Information Center

Alperin, Stuart N.; And Others

1975-01-01

Congress enacted the Employment Retirement Income Security Act of 1974 (ERISA) to help assure economic security in retirement. This analysis includes description of the growth, operation, and inequities within the private pension system and analysis of ERISA: (1) participation, vesting and joint and survivor annuities; (2) funding and plan…

TENOR Follow-on

DTIC Science & Technology

2002-04-01

Training environments; Distance learning; Information sharing; System architecture; 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT Public... security , and the team members generally originate from different geographical locations and different units with varied operational mission and...Use of a server provides security and flexibility in the development and updating of training material. The lessons are created in HTML, a widely

Smashing the Stovepipe: Leveraging the GMSEC Open Architecture and Advanced IT Automation to Rapidly Prototype, Develop and Deploy Next-Generation Multi-Mission Ground Systems

NASA Technical Reports Server (NTRS)

Swenson, Paul

2017-01-01

Satellite/Payload Ground Systems - Typically highly-customized to a specific mission's use cases - Utilize hundreds (or thousands!) of specialized point-to-point interfaces for data flows / file transfers Documentation and tracking of these complex interfaces requires extensive time to develop and extremely high staffing costs Implementation and testing of these interfaces are even more cost-prohibitive, and documentation often lags behind implementation resulting in inconsistencies down the road With expanding threat vectors, IT Security, Information Assurance and Operational Security have become key Ground System architecture drivers New Federal security-related directives are generated on a daily basis, imposing new requirements on current / existing ground systems - These mandated activities and data calls typically carry little or no additional funding for implementation As a result, Ground System Sustaining Engineering groups and Information Technology staff continually struggle to keep up with the rolling tide of security Advancing security concerns and shrinking budgets are pushing these large stove-piped ground systems to begin sharing resources - I.e. Operational / SysAdmin staff, IT security baselines, architecture decisions or even networks / hosting infrastructure Refactoring these existing ground systems into multi-mission assets proves extremely challenging due to what is typically very tight coupling between legacy components As a result, many "Multi-Mission" ops. environments end up simply sharing compute resources and networks due to the difficulty of refactoring into true multi-mission systems Utilizing continuous integration / rapid system deployment technologies in conjunction with an open architecture messaging approach allows System Engineers and Architects to worry less about the low-level details of interfaces between components and configuration of systems GMSEC messaging is inherently designed to support multi-mission requirements, and allows components to aggregate data across multiple homogeneous or heterogeneous satellites or payloads - The highly-successful Goddard Science and Planetary Operations Control Center (SPOCC) utilizes GMSEC as the hub for it's automation and situational awareness capability Shifts focus towards getting GS to a final configuration-managed baseline, as well as multi-mission / big-picture capabilities that help increase situational awareness, promote cross-mission sharing and establish enhanced fleet management capabilities across all levels of the enterprise.

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

Cyber security issues in online games

NASA Astrophysics Data System (ADS)

Zhao, Chen

2018-04-01

With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

Communication security in open health care networks.

PubMed

Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

1999-01-01

Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

77 FR 19680 - Extension of Agency Information Collection Activity Under OMB Review: Rail Transportation Security

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-02

... receivers of certain hazardous materials; and passenger railroad carriers, including each carrier operating light rail or heavy rail transit service on track that is part of the general railroad system of transportation and rail transit systems. Also, these persons are required to report significant security concerns...

Free Space Optical Communication for Tactical Operations

DTIC Science & Technology

2016-09-01

communications. Military communications further require secure connections for data transfer . The Free Space Optical (FSO) communication system, with its...communications. Military communications further require secure connections for data transfer . The Free Space Optical (FSO) communication system...13. Percentage of Frame Loss at Location 1A .................................... 34 Figure 14. Received Power at Location 1A

Software To Secure Distributed Propulsion Simulations

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

Distributed-object computing systems are presented with many security threats, including network eavesdropping, message tampering, and communications middleware masquerading. NASA Glenn Research Center, and its industry partners, has taken an active role in mitigating the security threats associated with developing and operating their proprietary aerospace propulsion simulations. In particular, they are developing a collaborative Common Object Request Broker Architecture (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines

Secure Network-Centric Aviation Communication (SNAC)

NASA Technical Reports Server (NTRS)

Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

2017-01-01

The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

A Quantitative Socio-hydrological Characterization of Water Security in Large-Scale Irrigation Systems

NASA Astrophysics Data System (ADS)

Siddiqi, A.; Muhammad, A.; Wescoat, J. L., Jr.

2017-12-01

Large-scale, legacy canal systems, such as the irrigation infrastructure in the Indus Basin in Punjab, Pakistan, have been primarily conceived, constructed, and operated with a techno-centric approach. The emerging socio-hydrological approaches provide a new lens for studying such systems to potentially identify fresh insights for addressing contemporary challenges of water security. In this work, using the partial definition of water security as "the reliable availability of an acceptable quantity and quality of water", supply reliability is construed as a partial measure of water security in irrigation systems. A set of metrics are used to quantitatively study reliability of surface supply in the canal systems of Punjab, Pakistan using an extensive dataset of 10-daily surface water deliveries over a decade (2007-2016) and of high frequency (10-minute) flow measurements over one year. The reliability quantification is based on comparison of actual deliveries and entitlements, which are a combination of hydrological and social constructs. The socio-hydrological lens highlights critical issues of how flows are measured, monitored, perceived, and experienced from the perspective of operators (government officials) and users (famers). The analysis reveals varying levels of reliability (and by extension security) of supply when data is examined across multiple temporal and spatial scales. The results shed new light on evolution of water security (as partially measured by supply reliability) for surface irrigation in the Punjab province of Pakistan and demonstrate that "information security" (defined as reliable availability of sufficiently detailed data) is vital for enabling water security. It is found that forecasting and management (that are social processes) lead to differences between entitlements and actual deliveries, and there is significant potential to positively affect supply reliability through interventions in the social realm.

48 CFR 3439.702 - Department security requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... ACQUISITION REGULATION SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Department Requirements for Acquisition of Information Technology 3439.702 Department security requirements. The...) involves the design, operation, repair, or maintenance of information systems and access to sensitive but...

48 CFR 3439.702 - Department security requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... ACQUISITION REGULATION SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Department Requirements for Acquisition of Information Technology 3439.702 Department security requirements. The...) involves the design, operation, repair, or maintenance of information systems and access to sensitive but...

48 CFR 3439.702 - Department security requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... ACQUISITION REGULATION SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Department Requirements for Acquisition of Information Technology 3439.702 Department security requirements. The...) involves the design, operation, repair, or maintenance of information systems and access to sensitive but...

Avoid Disaster: Use Firewalls for Inter-Intranet Security.

ERIC Educational Resources Information Center

Charnetski, J. R.

1998-01-01

Discusses the use of firewalls for library intranets, highlighting the move from mainframes to PCs, security issues and firewall architecture, and operating systems. Provides a glossary of basic networking terms and a bibliography of suggested reading. (PEN)

Analysis Of The Effects Of Marine Corps M1A1 Abram’s Tank Age On Operational Availability

DTIC Science & Technology

2014-06-01

effects of age, as measured by the time since the last depot- level rebuild, on equipment operational availability for the M1A1 MBT in the Marine Corps...prior M1A1 reliability studies. We reviewed depot- and unit- level maintenance records within the USMC’s System Operational Effectiveness database to... Level Maintenance 15. NUMBER OF PAGES 67 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF

Automating security monitoring and analysis for Space Station Freedom's electric power system

NASA Technical Reports Server (NTRS)

Dolce, James L.; Sobajic, Dejan J.; Pao, Yoh-Han

1990-01-01

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A new approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

Automating security monitoring and analysis for Space Station Freedom's electric power system

NASA Technical Reports Server (NTRS)

Dolce, James L.; Sobajic, Dejan J.; Pao, Yoh-Han

1990-01-01

Operating a large, space power system requires classifying the system's status and analyzing its security. Conventional algorithms are used by terrestrial electric utilities to provide such information to their dispatchers, but their application aboard Space Station Freedom will consume too much processing time. A novel approach for monitoring and analysis using adaptive pattern techniques is presented. This approach yields an on-line security monitoring and analysis algorithm that is accurate and fast; and thus, it can free the Space Station Freedom's power control computers for other tasks.

33 CFR 96.200 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.200 Purpose. This subpart establishes the minimum standards that the safety...

30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

Code of Federal Regulations, 2013 CFR

2013-07-01

... electrical system failure. (g) Electrically operated detection and actuation circuits shall be monitored and... operated, a means shall be provided to indicate the functional readiness status of the detection system. (h... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to...

30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

Code of Federal Regulations, 2012 CFR

2012-07-01

... electrical system failure. (g) Electrically operated detection and actuation circuits shall be monitored and... operated, a means shall be provided to indicate the functional readiness status of the detection system. (h... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to...

30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

Code of Federal Regulations, 2011 CFR

2011-07-01

... electrical system failure. (g) Electrically operated detection and actuation circuits shall be monitored and... operated, a means shall be provided to indicate the functional readiness status of the detection system. (h... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to...

30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

Code of Federal Regulations, 2014 CFR

2014-07-01

... electrical system failure. (g) Electrically operated detection and actuation circuits shall be monitored and... operated, a means shall be provided to indicate the functional readiness status of the detection system. (h... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to...

30 CFR 75.1912 - Fire suppression systems for permanent underground diesel fuel storage facilities.

Code of Federal Regulations, 2010 CFR

2010-07-01

... electrical system failure. (g) Electrically operated detection and actuation circuits shall be monitored and... operated, a means shall be provided to indicate the functional readiness status of the detection system. (h... susceptible to alteration or recorded electronically in a secured computer system that is not susceptible to...

46 CFR 27.205 - What are the requirements for internal communication systems on towing vessels?

Code of Federal Regulations, 2010 CFR

2010-10-01

... systems on towing vessels? 27.205 Section 27.205 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY... fitted with a communication system between the engine room and the operating station that— (1) Consists... required to have internal communication systems. (c) When the operating-station's engine controls and the...

33 CFR 96.220 - What makes up a safety management system?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false What makes up a safety management... SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.220 What makes up a safety management system? (a) The...

Security and Privacy in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.

As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them acrossmore » application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.« less

Ultra Safe And Secure Blasting System

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hart, M M

2009-07-27

The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tappingmore » into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.« less

Portable weighing system with alignment features

DOEpatents

Abercrombie, Robert Knox; Richardson, Gregory David; Scudiere, Matthew Bligh; Sheldon, Frederick T.

2012-11-06

A system for weighing a load is disclosed. The weighing system includes a pad having at least one transducer for weighing a load disposed on the pad. In some embodiments the pad has a plurality of foot members and the weighing system may include a plate that disposed underneath the pad for receiving the plurality of foot member and for aligning the foot members when the weighing system is installed. The weighing system may include a spacer disposed adjacent the pad and in some embodiments, a spacer anchor operatively secures the spacer to a support surface, such as a plate, a railway bed, or a roadway. In some embodiments the spacer anchor operatively secures both the spacer and the pad to a roadway.

Security Policies for Mitigating the Risk of Load Altering Attacks on Smart Grid Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ryutov, Tatyana; AlMajali, Anas; Neuman, Clifford

2015-04-01

While demand response programs implement energy efficiency and power quality objectives, they bring potential security threats to the Smart Grid. The ability to influence load in a system enables attackers to cause system failures and impacts the quality and integrity of power delivered to customers. This paper presents a security mechanism to monitor and control load according to a set of security policies during normal system operation. The mechanism monitors, detects, and responds to load altering attacks. We examined the security requirements of Smart Grid stakeholders and constructed a set of load control policies enforced by the mechanism. We implementedmore » a proof of concept prototype and tested it using the simulation environment. By enforcing the proposed policies in this prototype, the system is maintained in a safe state in the presence of load drop attacks.« less

46 CFR 111.97-3 - General requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-3 General requirements. Each watertight door operating system must meet Subpart H, § 170.270 of this chapter. [CGD 74-125A, 47 FR 15236, Apr. 8...

46 CFR 111.97-3 - General requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-3 General requirements. Each watertight door operating system must meet Subpart H, § 170.270 of this chapter. [CGD 74-125A, 47 FR 15236, Apr. 8...

46 CFR 111.97-3 - General requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-3 General requirements. Each watertight door operating system must meet Subpart H, § 170.270 of this chapter. [CGD 74-125A, 47 FR 15236, Apr. 8...

46 CFR 111.97-3 - General requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-3 General requirements. Each watertight door operating system must meet Subpart H, § 170.270 of this chapter. [CGD 74-125A, 47 FR 15236, Apr. 8...

46 CFR 111.97-3 - General requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Electric Power-Operated Watertight Door Systems § 111.97-3 General requirements. Each watertight door operating system must meet Subpart H, § 170.270 of this chapter. [CGD 74-125A, 47 FR 15236, Apr. 8...

Analysis of Access Control Policies in Operating Systems

ERIC Educational Resources Information Center

Chen, Hong

2009-01-01

Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

Security in Full-Force

NASA Technical Reports Server (NTRS)

2002-01-01

When fully developed for NASA, Vanguard Enforcer(TM) software-which emulates the activities of highly technical security system programmers, auditors, and administrators-was among the first intrusion detection programs to restrict human errors from affecting security, and to ensure the integrity of a computer's operating systems, as well as the protection of mission critical resources. Vanguard Enforcer was delivered in 1991 to Johnson Space Center and has been protecting systems and critical data there ever since. In August of 1999, NASA granted Vanguard exclusive rights to commercialize the Enforcer system for the private sector. In return, Vanguard continues to supply NASA with ongoing research, development, and support of Enforcer. The Vanguard Enforcer 4.2 is one of several surveillance technologies that make up the Vanguard Security Solutions line of products. Using a mainframe environment, Enforcer 4.2 achieves previously unattainable levels of automated security management.

INcreasing Security and Protection through Infrastructure REsilience: The INSPIRE Project

NASA Astrophysics Data System (ADS)

D'Antonio, Salvatore; Romano, Luigi; Khelil, Abdelmajid; Suri, Neeraj

The INSPIRE project aims at enhancing the European potential in the field of security by ensuring the protection of critical information infrastructures through (a) the identification of their vulnerabilities and (b) the development of innovative techniques for securing networked process control systems. To increase the resilience of such systems INSPIRE will develop traffic engineering algorithms, diagnostic processes and self-reconfigurable architectures along with recovery techniques. Hence, the core idea of the INSPIRE project is to protect critical information infrastructures by appropriately configuring, managing, and securing the communication network which interconnects the distributed control systems. A working prototype will be implemented as a final demonstrator of selected scenarios. Controls/Communication Experts will support project partners in the validation and demonstration activities. INSPIRE will also contribute to standardization process in order to foster multi-operator interoperability and coordinated strategies for securing lifeline systems.

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2013 CFR

2013-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2013-10-01 2013-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2010 CFR

2010-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2010-10-01 2010-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2011 CFR

2011-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2011-10-01 2011-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2012 CFR

2012-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2012-10-01 2012-10-01 false Security of the air operations area (AOA). 1542...

49 CFR 1542.203 - Security of the air operations area (AOA).

Code of Federal Regulations, 2014 CFR

2014-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.203 Security of the air operations area (AOA). (a) Each airport operator required to have a... 49 Transportation 9 2014-10-01 2014-10-01 false Security of the air operations area (AOA). 1542...

Secure Embedded System Design Methodologies for Military Cryptographic Systems

DTIC Science & Technology

2016-03-31

Fault- Tree Analysis (FTA); Built-In Self-Test (BIST) Introduction Secure access-control systems restrict operations to authorized users via methods...failures in the individual software/processor elements, the question of exactly how unlikely is difficult to answer. Fault- Tree Analysis (FTA) has a...Collins of Sandia National Laboratories for years of sharing his extensive knowledge of Fail-Safe Design Assurance and Fault- Tree Analysis

Maritime Cyber Security University Research

DTIC Science & Technology

2016-05-01

traffic so vital to the global economy . The vulnerabilities associated with reliance on digital systems in the maritime environment must be continuously...Abstract (MAXIMUM 200 WORDS) Modern maritime systems are highly complex digital systems to ensure the safety and efficient operation of the shipping...integrity of the entrances to our " digital ports" and work to develop practical cyber security solutions to protect the nation’s maritime

Information security of power enterprises of North-Arctic region

NASA Astrophysics Data System (ADS)

Sushko, O. P.

2018-05-01

The role of information technologies in providing technological security for energy enterprises is a component of the economic security for the northern Arctic region in general. Applying instruments and methods of information protection modelling of the energy enterprises' business process in the northern Arctic region (such as Arkhenergo and Komienergo), the authors analysed and identified most frequent risks of information security. With the analytic hierarchy process based on weighting factor estimations, information risks of energy enterprises' technological processes were ranked. The economic estimation of the information security within an energy enterprise considers weighting factor-adjusted variables (risks). Investments in information security systems of energy enterprises in the northern Arctic region are related to necessary security elements installation; current operating expenses on business process protection systems become materialized economic damage.

76 FR 51082 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-17

...., International Securities Exchange LLC, The NASDAQ Stock Market LLC, New York Stock Exchange LLC, NYSE Amex LLC... include all remaining National Market System (``NMS'') stocks (``Phase III Securities'').\\9\\ The new pilot... executions, so that the rule will continue to operate in the same manner after changes to the single stock...

2008 Stability, Security, Transition and Reconstruction Operations Conference

DTIC Science & Technology

2008-09-04

Facilitator Power of Public-Private Partnerships • Health Professional Education • Greater Access to Care China Diabetes Education Program Dominican Republic...Argentina Canada Chile Colombia Ecuador Peru Uruguay Interagency, multinational, inter-institutional partnerships State Department Homeland Security...Disaster Preparedness Disaster Response Regional Response Capacity OFDA-LAC / MDROs Regional Security System (RSS) UNCLASSIFIED ECUADOR / KY PERU / WV

A novel and lightweight system to secure wireless medical sensor networks.

PubMed

He, Daojing; Chan, Sammy; Tang, Shaohua

2014-01-01

Wireless medical sensor networks (MSNs) are a key enabling technology in e-healthcare that allows the data of a patient's vital body parameters to be collected by the wearable or implantable biosensors. However, the security and privacy protection of the collected data is a major unsolved issue, with challenges coming from the stringent resource constraints of MSN devices, and the high demand for both security/privacy and practicality. In this paper, we propose a lightweight and secure system for MSNs. The system employs hash-chain based key updating mechanism and proxy-protected signature technique to achieve efficient secure transmission and fine-grained data access control. Furthermore, we extend the system to provide backward secrecy and privacy preservation. Our system only requires symmetric-key encryption/decryption and hash operations and is thus suitable for the low-power sensor nodes. This paper also reports the experimental results of the proposed system in a network of resource-limited motes and laptop PCs, which show its efficiency in practice. To the best of our knowledge, this is the first secure data transmission and access control system for MSNs until now.

Guidelines for contingency planning NASA (National Aeronautics and Space Administration) ADP security risk reduction decision studies

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

Guidance is presented to NASA Computer Security Officials for determining the acceptability or unacceptability of ADP security risks based on the technical, operational and economic feasibility of potential safeguards. The risk management process is reviewed as a specialized application of the systems approach to problem solving and information systems analysis and design. Reporting the results of the risk reduction analysis to management is considered. Report formats for the risk reduction study are provided.

Systemic Operational Design: An Alternative to Estimate Planning

DTIC Science & Technology

2009-05-04

relationships found in the COE. Framing and campaign design, with emphasis on systems theory , have therefore made their way to the forefront of doctrinal...short explanation of the systems theory behind SOD, examines how the SOD process happens, and compares SOD with the time proven “Commander’s Estimate... Theory , Campaign planning, Contemporary Operating Environment, Commander’s Estimate Process, Operational design 16. SECURITY CLASSIFICATION OF

33 CFR 117.42 - Remotely operated and automated drawbridges.

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY BRIDGES DRAWBRIDGE OPERATION REGULATIONS General Requirements § 117.42 Remotely operated and... authorize a drawbridge to operate under an automated system or from a remote location. (b) If the request is... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Remotely operated and automated...

Securing Sensitive Flight and Engine Simulation Data Using Smart Card Technology

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

NASA Glenn Research Center has developed a smart card prototype capable of encrypting and decrypting disk files required to run a distributed aerospace propulsion simulation. Triple Data Encryption Standard (3DES) encryption is used to secure the sensitive intellectual property on disk pre, during, and post simulation execution. The prototype operates as a secure system and maintains its authorized state by safely storing and permanently retaining the encryption keys only on the smart card. The prototype is capable of authenticating a single smart card user and includes pre simulation and post simulation tools for analysis and training purposes. The prototype's design is highly generic and can be used to protect any sensitive disk files with growth capability to urn multiple simulations. The NASA computer engineer developed the prototype on an interoperable programming environment to enable porting to other Numerical Propulsion System Simulation (NPSS) capable operating system environments.

Crosstalk: The Journal of Defense Software Engineering. Volume 22, Number 3

DTIC Science & Technology

2009-04-01

international standard for information security management systems like ISO /IEC 27001 :2005 [1] existed. Since that time, the organization has developed control...of ISO /IEC 27001 and the desire to make decisions based on business value and risk has prompted Ford’s IT Security and Controls organi- zation to begin...their conventional application security operation.u References 1. ISO /IEC 27001 :2005. “Information Technology – Security Techniques – Information

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2010 CFR

2010-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2011 CFR

2011-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2012 CFR

2012-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

49 CFR 1542.201 - Security of the secured area.

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.201 Security of the secured area. (a) Each airport operator required to have a security... posted by each airport operator in accordance with its security program not later than November 14, 2003. ...

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

NASA Astrophysics Data System (ADS)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

Resource Optimization Techniques and Security Levels for Wireless Sensor Networks Based on the ARSy Framework.

PubMed

Parenreng, Jumadi Mabe; Kitagawa, Akio

2018-05-17

Wireless Sensor Networks (WSNs) with limited battery, central processing units (CPUs), and memory resources are a widely implemented technology for early warning detection systems. The main advantage of WSNs is their ability to be deployed in areas that are difficult to access by humans. In such areas, regular maintenance may be impossible; therefore, WSN devices must utilize their limited resources to operate for as long as possible, but longer operations require maintenance. One method of maintenance is to apply a resource adaptation policy when a system reaches a critical threshold. This study discusses the application of a security level adaptation model, such as an ARSy Framework, for using resources more efficiently. A single node comprising a Raspberry Pi 3 Model B and a DS18B20 temperature sensor were tested in a laboratory under normal and stressful conditions. The result shows that under normal conditions, the system operates approximately three times longer than under stressful conditions. Maintaining the stability of the resources also enables the security level of a network's data output to stay at a high or medium level.

Resource Optimization Techniques and Security Levels for Wireless Sensor Networks Based on the ARSy Framework

PubMed Central

Kitagawa, Akio

2018-01-01

Wireless Sensor Networks (WSNs) with limited battery, central processing units (CPUs), and memory resources are a widely implemented technology for early warning detection systems. The main advantage of WSNs is their ability to be deployed in areas that are difficult to access by humans. In such areas, regular maintenance may be impossible; therefore, WSN devices must utilize their limited resources to operate for as long as possible, but longer operations require maintenance. One method of maintenance is to apply a resource adaptation policy when a system reaches a critical threshold. This study discusses the application of a security level adaptation model, such as an ARSy Framework, for using resources more efficiently. A single node comprising a Raspberry Pi 3 Model B and a DS18B20 temperature sensor were tested in a laboratory under normal and stressful conditions. The result shows that under normal conditions, the system operates approximately three times longer than under stressful conditions. Maintaining the stability of the resources also enables the security level of a network’s data output to stay at a high or medium level. PMID:29772773

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2010 CFR

2010-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2011 CFR

2011-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2013 CFR

2013-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2012 CFR

2012-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

17 CFR 249.821 - Form PILOT, information required of self-regulatory organizations operating pilot trading systems...

Code of Federal Regulations, 2014 CFR

2014-04-01

... required of self-regulatory organizations operating pilot trading systems pursuant to § 240.19b-5 of this... (CONTINUED) FORMS, SECURITIES EXCHANGE ACT OF 1934 Forms for Self-Regulatory Organization Rule Changes and... Associations § 249.821 Form PILOT, information required of self-regulatory organizations operating pilot...

33 CFR 96.370 - What are the requirements for vessels of countries not party to Chapter IX of SOLAS?

Code of Federal Regulations, 2010 CFR

2010-07-01

... Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and... vessel, or self-propelled mobile offshore drilling unit of 500 gross tons or more, operated in U.S...

33 CFR 96.370 - What are the requirements for vessels of countries not party to Chapter IX of SOLAS?

Code of Federal Regulations, 2011 CFR

2011-07-01

... vessel, or self-propelled mobile offshore drilling unit of 500 gross tons or more, operated in U.S... Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and...

49 CFR 1580.101 - Rail security coordinator.

Code of Federal Regulations, 2010 CFR

2010-10-01

... system of transportation, when notified by TSA in writing, that a threat exists concerning that operation.... This section applies to: (1) Each freight railroad carrier that operates rolling equipment on track that is part of the general railroad system of transportation. (2) Each rail hazardous materials...

12 CFR 615.5045 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... and Banking FARM CREDIT ADMINISTRATION FARM CREDIT SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Collateral § 615.5045 Definitions. (a) Cost means the actual... accrued interest owed. (d) Secured interbank loan means a loan from one Farm Credit System bank to another...

Secure ICCP Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rice, Mark J.; Bonebrake, Christopher A.; Dayley, Greg K.

Inter-Control Center Communications Protocol (ICCP), defined by the IEC 60870-6 TASE.2 standard, was developed to enable data exchange over wide area networks between electric system entities, including utility control centers, Independent System Operators (ISOs), Regional Transmission Operators (RTOs) and Independent Power Producers (IPP) also known as Non-Utility Generators (NUG). ICCP is an unprotected protocol, and as a result is vulnerable to such actions as integrity violation, interception or alteration, spoofing, and eavesdropping. Because of these vulnerabilities with unprotected ICCP communication, security enhancements, referred to as Secure ICCP, have been added and are included in the ICCP products that utilities havemore » received since 2003 when the standard was defined. This has resulted in an ICCP product whose communication can be encrypted and authenticated to address these vulnerabilities.« less

46 CFR 185.320 - Steering gear, controls, and communication system tests.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 7 2013-10-01 2013-10-01 false Steering gear, controls, and communication system tests. 185.320 Section 185.320 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SMALL PASSENGER VESSELS (UNDER 100 GROSS TONS) OPERATIONS Miscellaneous Operating Requirements § 185.320 Steering gear, controls, and communication system...

33 CFR 150.619 - What are the fall arrest system requirements?

Code of Federal Regulations, 2012 CFR

2012-07-01

... 33 Navigation and Navigable Waters 2 2012-07-01 2012-07-01 false What are the fall arrest system... SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Fall Arrest § 150.619 What are the fall arrest system requirements? (a) The deepwater port operator must ensure that...

33 CFR 150.619 - What are the fall arrest system requirements?

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false What are the fall arrest system... SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Fall Arrest § 150.619 What are the fall arrest system requirements? (a) The deepwater port operator must ensure that...

33 CFR 150.619 - What are the fall arrest system requirements?

Code of Federal Regulations, 2014 CFR

2014-07-01

... 33 Navigation and Navigable Waters 2 2014-07-01 2014-07-01 false What are the fall arrest system... SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Fall Arrest § 150.619 What are the fall arrest system requirements? (a) The deepwater port operator must ensure that...

33 CFR 150.619 - What are the fall arrest system requirements?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false What are the fall arrest system... SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Fall Arrest § 150.619 What are the fall arrest system requirements? (a) The deepwater port operator must ensure that...

33 CFR 150.619 - What are the fall arrest system requirements?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false What are the fall arrest system... SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Workplace Safety and Health Fall Arrest § 150.619 What are the fall arrest system requirements? (a) The deepwater port operator must ensure that...

46 CFR 15.817 - Global Maritime Distress and Safety System (GMDSS) radio operator.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 1 2014-10-01 2014-10-01 false Global Maritime Distress and Safety System (GMDSS) radio operator. 15.817 Section 15.817 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MERCHANT MARINE OFFICERS AND SEAMEN MANNING REQUIREMENTS Computations § 15.817 Global Maritime Distress and Safety System...

Optimizing Security of Cloud Computing within the DoD

DTIC Science & Technology

2010-12-01

information security governance and risk management; application security; cryptography; security architecture and design; operations security; business ...governance and risk management; application security; cryptography; security architecture and design; operations security; business continuity...20 7. Operational Security (OPSEC).........................................................20 8. Business Continuity Planning (BCP) and Disaster

78 FR 57402 - Privacy Act of 1974; Department of Homeland Security/U.S. Customs and Border Protection-019 Air...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-18

... forth in this system of records notice. AMOSS also has users from the Department of Defense (DOD... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2013-0021] Privacy Act of 1974; Department of Homeland Security/U.S. Customs and Border Protection--019 Air and Marine Operations...

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

NASA Astrophysics Data System (ADS)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

Quantum key distribution with hacking countermeasures and long term field trial.

PubMed

Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

2017-05-16

Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

UNIX security in a supercomputing environment

NASA Technical Reports Server (NTRS)

Bishop, Matt

1989-01-01

The author critiques some security mechanisms in most versions of the Unix operating system and suggests more effective tools that either have working prototypes or have been implemented, for example in secure Unix systems. Although no computer (not even a secure one) is impenetrable, breaking into systems with these alternate mechanisms will cost more, require more skill, and be more easily detected than penetrations of systems without these mechanisms. The mechanisms described fall into four classes (with considerable overlap). User authentication at the local host affirms the identity of the person using the computer. The principle of least privilege dictates that properly authenticated users should have rights precisely sufficient to perform their tasks, and system administration functions should be compartmentalized; to this end, access control lists or capabilities should either replace or augment the default Unix protection system, and mandatory access controls implementing multilevel security models and integrity mechanisms should be available. Since most users access supercomputing environments using networks, the third class of mechanisms augments authentication (where feasible). As no security is perfect, the fourth class of mechanism logs events that may indicate possible security violations; this will allow the reconstruction of a successful penetration (if discovered), or possibly the detection of an attempted penetration.

Identifying changing aviation threat environments within an adaptive Homeland Security Advisory System.

PubMed

Lee, Adrian J; Jacobson, Sheldon H

2012-02-01

A critical component of aviation security consists of screening passengers and baggage to protect airports and aircraft from terrorist threats. Advancements in screening device technology have increased the ability to detect these threats; however, specifying the operational configurations of these devices in response to changes in the threat environment can become difficult. This article proposes to use Fisher information as a statistical measure for detecting changes in the threat environment. The perceived risk of passengers, according to prescreening information and behavior analysis, is analyzed as the passengers sequentially enter the security checkpoint. The alarm responses from the devices used to detect threats are also analyzed to monitor significant changes in the frequency of threat items uncovered. The key results are that this information-based measure can be used within the Homeland Security Advisory System to indicate changes in threat conditions in real time, and provide the flexibility of security screening detection devices to responsively and automatically adapt operational configurations to these changing threat conditions. © 2012 Society for Risk Analysis. All rights reserved.

Cops, cameras, and enclosures : a synthesis of the effectiveness of methods to provide enhanced security for bus operators

DOT National Transportation Integrated Search

2001-05-31

The safety of operators and passengers is a primary concern of transit systems and has become an increasingly important issue to transit bus operators themselves. Many transit agencies have experienced incidents of assaults against their bus operator...

46 CFR 112.39-3 - Operation.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Operation. 112.39-3 Section 112.39-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Battery Operated Lanterns § 112.39-3 Operation. (a) The lanterns must be capable of providing...

46 CFR 112.39-3 - Operation.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Operation. 112.39-3 Section 112.39-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Battery Operated Lanterns § 112.39-3 Operation. (a) The lanterns must be capable of providing...

46 CFR 112.39-3 - Operation.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Operation. 112.39-3 Section 112.39-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Battery Operated Lanterns § 112.39-3 Operation. (a) The lanterns must be capable of providing...

46 CFR 112.39-3 - Operation.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Operation. 112.39-3 Section 112.39-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Battery Operated Lanterns § 112.39-3 Operation. (a) The lanterns must be capable of providing...

46 CFR 112.39-3 - Operation.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Operation. 112.39-3 Section 112.39-3 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING EMERGENCY LIGHTING AND POWER SYSTEMS Battery Operated Lanterns § 112.39-3 Operation. (a) The lanterns must be capable of providing...

DICOM image secure communications with Internet protocols IPv6 and IPv4.

PubMed

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krishnamurthy, Dheepak

This paper is an overview of Power System Simulation Toolbox (psst). psst is an open-source Python application for the simulation and analysis of power system models. psst simulates the wholesale market operation by solving a DC Optimal Power Flow (DCOPF), Security Constrained Unit Commitment (SCUC) and a Security Constrained Economic Dispatch (SCED). psst also includes models for the various entities in a power system such as Generator Companies (GenCos), Load Serving Entities (LSEs) and an Independent System Operator (ISO). psst features an open modular object oriented architecture that will make it useful for researchers to customize, expand, experiment beyond solvingmore » traditional problems. psst also includes a web based Graphical User Interface (GUI) that allows for user friendly interaction and for implementation on remote High Performance Computing (HPCs) clusters for parallelized operations. This paper also provides an illustrative application of psst and benchmarks with standard IEEE test cases to show the advanced features and the performance of toolbox.« less

Security Operations Curriculum Package: BS in Global Security and Intelligence Studies, Security Operations Management Track, Embry-Riddle Aeronautical University, Prescott, AZ. BS in Security Operations Management, Model Curriculum

DTIC Science & Technology

2011-10-24

Operations Management Track in the established B.S. in Global Security and Intelligence Studies Degree offered at Embry-Riddle Aeronautical University...and a model 4 -year college curriculum for a BS degree in Security Operations Management

Secure ADS-B: Towards Airborne Communications Security in the Federal Aviation Administration’s Next Generation Air Transportation System

DTIC Science & Technology

2014-03-01

76 5.2 Impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 5.3 Recommendations for Future Work...Global Positioning System ICAO International Civil Aviation Organization IFF Identification Friend or Foe IFR Instrument Flight Rules IMO...Instrument Flight Rules ( IFR ). Under VFR, typically used by General Aviation (GA) aircraft operating under 18,000 feet, the pilot is primarily responsible

Obfuscated authentication systems, devices, and methods

DOEpatents

Armstrong, Robert C; Hutchinson, Robert L

2013-10-22

Embodiments of the present invention are directed toward authentication systems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

Sandia National Laboratories: National Security Missions: Defense Systems

Science.gov Websites

Technology Partnerships Business, Industry, & Non-Profits Government Universities Center for Development Agreement (CRADA) Strategic Partnership Projects, Non-Federal Entity (SPP/NFE) Agreements New leadership for the national security community by delivering cutting-edge experimental and operational sensor

Enhancing Security by System-Level Virtualization in Cloud Computing Environments

NASA Astrophysics Data System (ADS)

Sun, Dawei; Chang, Guiran; Tan, Chunguang; Wang, Xingwei

Many trends are opening up the era of cloud computing, which will reshape the IT industry. Virtualization techniques have become an indispensable ingredient for almost all cloud computing system. By the virtual environments, cloud provider is able to run varieties of operating systems as needed by each cloud user. Virtualization can improve reliability, security, and availability of applications by using consolidation, isolation, and fault tolerance. In addition, it is possible to balance the workloads by using live migration techniques. In this paper, the definition of cloud computing is given; and then the service and deployment models are introduced. An analysis of security issues and challenges in implementation of cloud computing is identified. Moreover, a system-level virtualization case is established to enhance the security of cloud computing environments.

From a Proven Correct Microkernel to Trustworthy Large Systems

NASA Astrophysics Data System (ADS)

Andronick, June

The seL4 microkernel was the world's first general-purpose operating system kernel with a formal, machine-checked proof of correctness. The next big step in the challenge of building truly trustworthy systems is to provide a framework for developing secure systems on top of seL4. This paper first gives an overview of seL4's correctness proof, together with its main implications and assumptions, and then describes our approach to provide formal security guarantees for large, complex systems.

Secure it now or secure it later: the benefits of addressing cyber-security from the outset

NASA Astrophysics Data System (ADS)

Olama, Mohammed M.; Nutaro, James

2013-05-01

The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

How Space - The Fourth Operational Medium - Supports Operational Maneuver.

DTIC Science & Technology

1987-05-17

51981 87-3044 87 9 18 014 UNCLASSIFIED SECURITY CLASSIFICATION OF THIS PAGE Form Approved REPORT DOCUMENTATION PAGE OMB No. 0704-0188 la. REPORT...P. J anecek (14213 AT L_ aCd) ZL-wI DO Form 1473, JUN 86 Previous editions are obsolete. SECURITY CLASSIFICATION OF THIS PAGE UNCLASSIFIED . ~18...Space technology, superior and enhanced weapons, and space systems combine to form spacepower that can be exploited to enhance ground force mission

Secure and QoS-Managed Information Exchange Between Enterprise and Constrained Environments

DTIC Science & Technology

2014-01-01

systems and enterprise services during mission operation can enable greater situational awareness and empowerment for the tactical user . For example...April 01, 2007. [17] Robbins, D., Unmanned Aircraft Operational Integration using MITRE’s Cursor on Target, The Edge, Volume 10, Number 2, MITRE...appropriate level of security protection and quality of service (QoS) for the tactical users is one possibility. Such an approach is not cost ef

Recommendations for Secure Initialization Routines in Operating Systems

DTIC Science & Technology

2004-12-01

monolithic design is used. This term is often used to distinguish the operating system from supporting software, e.g. “The Linux kernel does not specify...give the operating system structure and organization. Yet the overall monolithic design of the kernel still falls under Tannenbaum and Woodhull’s “Big...modules that handle initialization tasks. Any further subdivision would complicate interdependencies that are a result of having a monolithic kernel

7 CFR 1730.21 - Inspections and tests.

Code of Federal Regulations, 2010 CFR

2010-01-01

... reliability and security of the electric power grid, cause significant risk to the safety and health of the... AGRICULTURE ELECTRIC SYSTEM OPERATIONS AND MAINTENANCE Operations and Maintenance Requirements § 1730.21... parts of its electric system, annually exercise its ERP, and maintain records of such inspections and...

49 CFR 1544.205 - Acceptance and screening of cargo.

Code of Federal Regulations, 2013 CFR

2013-10-01

... provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, or a physical...) Preventing or deterring the carriage of any explosive or incendiary. Each aircraft operator operating under a...

49 CFR 1544.205 - Acceptance and screening of cargo.

Code of Federal Regulations, 2011 CFR

2011-10-01

... provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, or a physical...) Preventing or deterring the carriage of any explosive or incendiary. Each aircraft operator operating under a...

49 CFR 1544.205 - Acceptance and screening of cargo.

Code of Federal Regulations, 2012 CFR

2012-10-01

... provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, or a physical...) Preventing or deterring the carriage of any explosive or incendiary. Each aircraft operator operating under a...

49 CFR 1544.205 - Acceptance and screening of cargo.

Code of Federal Regulations, 2014 CFR

2014-10-01

... provided in its security program. Such methods may include TSA-approved x-ray systems, explosives detection systems, explosives trace detection, explosives detection canine teams certified by TSA, or a physical...) Preventing or deterring the carriage of any explosive or incendiary. Each aircraft operator operating under a...

Mobile detection assessment and response systems (MDARS): a force protection physical security operational success

NASA Astrophysics Data System (ADS)

Shoop, Brian; Johnston, Michael; Goehring, Richard; Moneyhun, Jon; Skibba, Brian

2006-05-01

MDARS is a Semi-autonomous unmanned ground vehicle with intrusion detection & assessment, product & barrier assessment payloads. Its functions include surveillance, security, early warning, incident first response and product and barrier status primarily focused on a depot/munitions security mission at structured/semi-structured facilities. MDARS is in Systems Development and Demonstration (SDD) under the Product Manager for Force Protection Systems (PM-FPS). MDARS capabilities include semi-autonomous navigation, obstacle avoidance, motion detection, day and night imagers, radio frequency tag inventory/barrier assessment and audio challenge and response. Four SDD MDARS Patrol Vehicles have been undergoing operational evaluation at Hawthorne Army Depot, NV (HWAD) since October 2004. Hawthorne personnel were trained to administer, operate and maintain the system in accordance with the US Army Military Police School (USAMPS) Concept of Employment and the PM-FPS MDARS Integrated Logistic Support Plan. The system was subjected to intensive periods of evaluation under the guidance and control of the Army Test and Evaluation Center (ATEC) and PM-FPS. Significantly, in terms of User acceptance, the system has been under the "operational control" of the installation performing security and force protection missions in support of daily operations. This evaluation is intended to assess MDARS operational effectiveness in an operational environment. Initial observations show that MDARS provides enhanced force protection, can potentially reduce manpower requirements by conducting routine tasks within its design capabilities and reduces Soldier exposure in the initial response to emerging incidents and situations. Success of the MDARS program has been instrumental in the design and development of two additional robotic force protection programs. The first was the USAF Force Protection Battle Lab sponsored Remote Detection Challenge & Response (REDCAR) concept demonstration executed by the Air Force Robotics Lab (AFRL). The REDCAR used an MDARS PUV as the central robotic technology and expanded the concept to incorporate a smaller high speed platform (SCOUT) equipped with lethal, non-lethal and challenge components as an engagement platform and, in a marsupial configuration on the MDARS, a small UGV that can be deployed to investigate close quarters areas. The Family of Integrated Rapid Response Equipment (FIRRE) program further expands these concepts by incorporating and adapting other mobile/tactical force protection equipment with a more robust Unmanned Ground Vehicle into an "Expeditionary" configuration to provide the current force with a rapidly deployable force protection system that can operate in austere less structured and protected environments. A USAMPS/ MANCEN sponsored "FIRRE System Demonstration" in Iraq is scheduled to begin in FY '07.

Mission operations concepts for Earth Observing System (EOS)

NASA Technical Reports Server (NTRS)

Kelly, Angelita C.; Taylor, Thomas D.; Hawkins, Frederick J.

1991-01-01

Mission operation concepts are described which are being used to evaluate and influence space and ground system designs and architectures with the goal of achieving successful, efficient, and cost-effective Earth Observing System (EOS) operations. Emphasis is given to the general characteristics and concepts developed for the EOS Space Measurement System, which uses a new series of polar-orbiting observatories. Data rates are given for various instruments. Some of the operations concepts which require a total system view are also examined, including command operations, data processing, data accountability, data archival, prelaunch testing and readiness, launch, performance monitoring and assessment, contingency operations, flight software maintenance, and security.

DOE`s nation-wide system for access control can solve problems for the federal government

DOE Office of Scientific and Technical Information (OSTI.GOV)

Callahan, S.; Tomes, D.; Davis, G.

1996-07-01

The U.S. Department of Energy`s (DOE`s) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by manymore » different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location`s level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals.« less

Upgrade to the control system of the reflectometry diagnostic of ASDEX upgrade

NASA Astrophysics Data System (ADS)

Graça, S.; Santos, J.; Manso, M. E.

2004-10-01

The broadband frequency modulation-continuous wave microwave/millimeter wave reflectometer of ASDEX upgrade tokamak (Institut für Plasma Physik (IPP), Garching, Germany) developed by Centro de Fusão Nuclear (Lisboa, Portugal) with the collaboration of IPP, is a complex system with 13 channels (O and X modes) and two types of operation modes (swept and fixed frequency). The control system that ensures remote operation of the diagnostic incorporates VME and CAMAC bus based acquisition/timing systems. Microprocessor input/output boards are used to control and monitor the microwave circuitry and associated electronic devices. The implementation of the control system is based on an object-oriented client/server model: a centralized server manages the hardware and receives input from remote clients. Communication is handled through transmission control protocol/internet protocol sockets. Here we describe recent upgrades of the control system aiming to: (i) accommodate new channels; (ii) adapt to the heterogeneity of computing platforms and operating systems; and (iii) overcome remote access restrictions. Platform and operating system independence was achieved by redesigning the graphical user interface in JAVA. As secure shell is the standard remote access protocol adopted in major fusion laboratories, secure shell tunneling was implemented to allow remote operation of the diagnostic through the existing firewalls.

SPring-8 beamline control system.

PubMed

Ohata, T; Konishi, H; Kimura, H; Furukawa, Y; Tamasaku, K; Nakatani, T; Tanabe, T; Matsumoto, N; Ishii, M; Ishikawa, T

1998-05-01

The SPring-8 beamline control system is now taking part in the control of the insertion device (ID), front end, beam transportation channel and all interlock systems of the beamline: it will supply a highly standardized environment of apparatus control for collaborative researchers. In particular, ID operation is very important in a third-generation synchrotron light source facility. It is also very important to consider the security system because the ID is part of the storage ring and is therefore governed by the synchrotron ring control system. The progress of computer networking systems and the technology of security control require the development of a highly flexible control system. An interlock system that is independent of the control system has increased the reliability. For the beamline control system the so-called standard model concept has been adopted. VME-bus (VME) is used as the front-end control system and a UNIX workstation as the operator console. CPU boards of the VME-bus are RISC processor-based board computers operated by a LynxOS-based HP-RT real-time operating system. The workstation and the VME are linked to each other by a network, and form the distributed system. The HP 9000/700 series with HP-UX and the HP 9000/743rt series with HP-RT are used. All the controllable apparatus may be operated from any workstation.

Dynamic and adaptive policy models for coalition operations

NASA Astrophysics Data System (ADS)

Verma, Dinesh; Calo, Seraphin; Chakraborty, Supriyo; Bertino, Elisa; Williams, Chris; Tucker, Jeremy; Rivera, Brian; de Mel, Geeth R.

2017-05-01

It is envisioned that the success of future military operations depends on the better integration, organizationally and operationally, among allies, coalition members, inter-agency partners, and so forth. However, this leads to a challenging and complex environment where the heterogeneity and dynamism in the operating environment intertwines with the evolving situational factors that affect the decision-making life cycle of the war fighter. Therefore, the users in such environments need secure, accessible, and resilient information infrastructures where policy-based mechanisms adopt the behaviours of the systems to meet end user goals. By specifying and enforcing a policy based model and framework for operations and security which accommodates heterogeneous coalitions, high levels of agility can be enabled to allow rapid assembly and restructuring of system and information resources. However, current prevalent policy models (e.g., rule based event-condition-action model and its variants) are not sufficient to deal with the highly dynamic and plausibly non-deterministic nature of these environments. Therefore, to address the above challenges, in this paper, we present a new approach for policies which enables managed systems to take more autonomic decisions regarding their operations.

Big data, little security: Addressing security issues in your platform

NASA Astrophysics Data System (ADS)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

SPI/U3.2. Security Profile Inspector for UNIX Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bartoletti, A.

1994-08-01

SPI/U3.2 consists of five tools used to assess and report the security posture of computers running the UNIX operating system. The tools are: Access Control Test: A rule-based system which identifies sequential dependencies in UNIX access controls. Binary Authentication Tool: Evaluates the release status of system binaries by comparing a crypto-checksum to provide table entries. Change Detection Tool: Maintains and applies a snapshot of critical system files and attributes for purposes of change detection. Configuration Query Language: Accepts CQL-based scripts (provided) to evaluate queries over the status of system files, configuration of services and many other elements of UNIX systemmore » security. Password Security Inspector: Tests for weak or aged passwords. The tools are packaged with a forms-based user interface providing on-line context-sensistive help, job scheduling, parameter management and output report management utilities. Tools may be run independent of the UI.« less

A Design of a Surgical Site Verification System.

PubMed

Shen, Biyu; He, Yan; Chen, Haoyang

2017-01-01

Patient security is a significant issue in medical research and clinical practice at present. The Surgical Verification System (Patent Number: ZL 201420079273.5) is designed to recognize and check surgical sites of patients so as to ensure operation security and decrease the risk for practitioners. Composition: (1) Operating Room Server, (2) Label Reader, (3) E-Label, (4) Surgical Site Display, (5) Ward Client, (6) Label Rader-Writer, and (7) Acousto-Optic Alarm. If the Surgical identification, the surgical site, and so on are incorrect, a flashing label control will appear when the alarm rings. You can specify a sound to play for the alarm, a picture to draw, and a message to send. It is a user-friendly system.

Exploration of Best-Fit Solution for Harbormaster Security Information Sharing Systems

DTIC Science & Technology

2012-06-01

amongst harbor cargo operators engaged in intermodal shipping. Through interviews conducted of MIST’s federal and local partners, careful examination...harbor cargo operators engaged in intermodal shipping. Through interviews conducted of MIST’s federal and local partners, careful examination of...system amongst harbor operators engaged in intermodal shipping. Through interviews conducted of MIST’s federal and local partners, careful

Field trial of the enhanced data authentication system (EDAS)

DOE PAGES

Thomas, Maikael A.; Hymel, Ross W.; Baldwin, George; ...

2016-11-01

The Enhanced Data Authentication System (EDAS) is means to securely branch information from an existing measurement system or data stream to a secondary observer. In an international nuclear safeguards context, the EDAS connects to operator instrumentation, and provides a cryptographically secure copy of the information for a safeguards inspectorate. However, this novel capability could be a valuable complement to inspector-owned safeguards instrumentation, offering context that is valuable for anomaly resolution and contingency.

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2013 CFR

2013-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2011 CFR

2011-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2014 CFR

2014-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2012 CFR

2012-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

12 CFR 615.5450 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... and Banking FARM CREDIT ADMINISTRATION FARM CREDIT SYSTEM FUNDING AND FISCAL AFFAIRS, LOAN POLICIES AND OPERATIONS, AND FUNDING OPERATIONS Book-Entry Procedures for Farm Credit Securities § 615.5450... as agent for the Farm Credit banks and the Funding Corporation. (j) Federal Reserve Bank Operating...

46 CFR 199.90 - Operating instructions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 7 2010-10-01 2010-10-01 false Operating instructions. 199.90 Section 199.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) LIFESAVING APPLIANCES AND ARRANGEMENTS LIFESAVING SYSTEMS FOR CERTAIN INSPECTED VESSELS Requirements for All Vessels § 199.90 Operating instructions...

SSBRP User Operations Facility (UOF) Overview and Development Strategy

NASA Technical Reports Server (NTRS)

Picinich, Lou; Stone, Thom; Sun, Charles; Windrem, May; Givens, John J. (Technical Monitor)

1995-01-01

This paper will present the Space Station Biological Research Project (SSBRP) User Operations Facility (UOF) architecture and development strategy. A major element of the UOF at NASA Ames Research Center, the Communication and Data System (CDS) will be the primary focus of the discussions. CDS operational, telescience, security, and development objectives will be discussed along with CDS implementation strategy. The implementation strategy discussions will include: Object Oriented Analysis & Design, System & Software Prototyping, and Technology Utilization. A CDS design overview that includes: CDS Context Diagram, CDS Architecture, Object Models, Use Cases, and User Interfaces will also be presented. CDS development brings together "cutting edge" technologies and techniques such as: object oriented development, network security, multimedia networking, web-based data distribution, JAVA, and graphical user interfaces. Use of these "cutting edge" technologies and techniques translates directly to lower development and operations costs.

Experiments of 10 Gbit/sec quantum stream cipher applicable to optical Ethernet and optical satellite link

NASA Astrophysics Data System (ADS)

Hirota, Osamu; Ohhata, Kenichi; Honda, Makoto; Akutsu, Shigeto; Doi, Yoshifumi; Harasawa, Katsuyoshi; Yamashita, Kiichi

2009-08-01

The security issue for the next generation optical network which realizes Cloud Computing System Service with data center" is urgent problem. In such a network, the encryption by physical layer which provide super security and small delay should be employed. It must provide, however, very high speed encryption because the basic link is operated at 2.5 Gbit/sec or 10 Gbit/sec. The quantum stream cipher by Yuen-2000 protocol (Y-00) is a completely new type random cipher so called Gauss-Yuen random cipher, which can break the Shannon limit for the symmetric key cipher. We develop such a cipher which has good balance of the security, speed and cost performance. In SPIE conference on quantum communication and quantum imaging V, we reported a demonstration of 2.5 Gbit/sec system for the commercial link and proposed how to improve it to 10 Gbit/sec. This paper reports a demonstration of the Y-00 cipher system which works at 10 Gbit/sec. A transmission test in a laboratory is tried to get the basic data on what parameters are important to operate in the real commercial networks. In addition, we give some theoretical results on the security. It is clarified that the necessary condition to break the Shannon limit requires indeed the quantum phenomenon, and that the full information theoretically secure system is available in the satellite link application.

Cyber security evaluation of II&C technologies

DOE Office of Scientific and Technical Information (OSTI.GOV)

Thomas, Ken

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) tomore » address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a cyber security team with expertise in nuclear utility cyber security programs and experience in conducting these evaluations. The evaluation has determined that, for the most part, cyber security will not be a limiting factor in the application of these technologies to nuclear power plant applications.« less

33 CFR 96.390 - When will the Coast Guard deny entry into a U.S. port?

Code of Federal Regulations, 2010 CFR

2010-07-01

... HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and Enforced? § 96.390 When will the... force majeure, no vessel shall enter any port or terminal of the U.S. without a safety management system...

33 CFR 96.390 - When will the Coast Guard deny entry into a U.S. port?

Code of Federal Regulations, 2011 CFR

2011-07-01

... HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and Enforced? § 96.390 When will the... force majeure, no vessel shall enter any port or terminal of the U.S. without a safety management system...

33 CFR 150.405 - How must a cargo transfer system be tested and inspected?

Code of Federal Regulations, 2013 CFR

2013-07-01

... 33 Navigation and Navigable Waters 2 2013-07-01 2013-07-01 false How must a cargo transfer system..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Cargo Transfer Operations § 150.405 How must a cargo transfer system be tested and inspected? (a) No person may transfer oil...

33 CFR 150.405 - How must a cargo transfer system be tested and inspected?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 2 2011-07-01 2011-07-01 false How must a cargo transfer system..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Cargo Transfer Operations § 150.405 How must a cargo transfer system be tested and inspected? (a) No person may transfer oil...

33 CFR 150.405 - How must a cargo transfer system be tested and inspected?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 2 2010-07-01 2010-07-01 false How must a cargo transfer system..., DEPARTMENT OF HOMELAND SECURITY (CONTINUED) DEEPWATER PORTS DEEPWATER PORTS: OPERATIONS Cargo Transfer Operations § 150.405 How must a cargo transfer system be tested and inspected? (a) No person may transfer oil...

Secure Computer System: Unified Exposition and Multics Interpretation

DTIC Science & Technology

1976-03-01

prearranged code to semaphore critical information to an undercleared subject/process. Neither of these topics is directly addressed by the mathematical...FURTHER CONSIDERATIONS. RULES OF OPERATION FOR A SECURE MULTICS Kernel primitives for a secure Multics will be derived from a higher level user...the Multics architecture as little as possible; this will account to a large extent for radical differences in form between actual kernel primitives

46 CFR 76.35-15 - Operation and installation.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PASSENGER VESSELS FIRE PROTECTION EQUIPMENT Manual Alarm System, Details § 76.35-15 Operation and installation. (a) The system shall be so arranged and installed that the presence of a fire may be reported from any of the protected spaces and be...

46 CFR 76.35-15 - Operation and installation.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PASSENGER VESSELS FIRE PROTECTION EQUIPMENT Manual Alarm System, Details § 76.35-15 Operation and installation. (a) The system shall be so arranged and installed that the presence of a fire may be reported from any of the protected spaces and be...

46 CFR 76.35-15 - Operation and installation.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PASSENGER VESSELS FIRE PROTECTION EQUIPMENT Manual Alarm System, Details § 76.35-15 Operation and installation. (a) The system shall be so arranged and installed that the presence of a fire may be reported from any of the protected spaces and be...

46 CFR 76.35-15 - Operation and installation.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) PASSENGER VESSELS FIRE PROTECTION EQUIPMENT Manual Alarm System, Details § 76.35-15 Operation and installation. (a) The system shall be so arranged and installed that the presence of a fire may be reported from any of the protected spaces and be...

33 CFR 169.235 - What exemptions are there from reporting?

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY (CONTINUED) PORTS AND WATERWAYS SAFETY SHIP REPORTING SYSTEMS Transmission of Long Range... this subpart if it is— (a) Fitted with an operating automatic identification system (AIS), under 33 CFR 164.46, and operates only within 20 nautical miles of the United States baseline, (b) A warship, naval...

46 CFR 185.320 - Steering gear, controls, and communication system tests.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 7 2010-10-01 2010-10-01 false Steering gear, controls, and communication system tests. 185.320 Section 185.320 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) SMALL PASSENGER VESSELS (UNDER 100 GROSS TONS) OPERATIONS Miscellaneous Operating Requirements § 185.320 Steering...

33 CFR 96.310 - Who does this subpart apply to?

Code of Federal Regulations, 2010 CFR

2010-07-01

...? 96.310 Section 96.310 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and Enforced? § 96.310 Who does this subpart apply to...

33 CFR 96.490 - What further obligations exist for an organization if the Coast Guard terminates its authorization?

Code of Federal Regulations, 2010 CFR

2010-07-01

... and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized... companies and vessels must do to have their safety management systems transferred to another organization...

33 CFR 96.210 - Who does this subpart apply to?

Code of Federal Regulations, 2010 CFR

2010-07-01

...? 96.210 Section 96.210 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Company and Vessel Safety Management Systems § 96.210 Who does this subpart apply to? (a) This subpart...

Automated Guideway Transit System Passenger Security Guidebook

DOT National Transportation Integrated Search

1980-03-01

This uidebook provides AGT system planners, designers and operators with information on available crime countermeasures and their relative effectiveness against transit crime. : Crime countermeasures on current transit systems have been reviewed and ...

Cost and effectiveness analysis on unmanned aerial vehicle (UAV) use at border security

NASA Astrophysics Data System (ADS)

Yilmaz, Bahadır.

2013-06-01

Drones and Remotely Piloted Vehicles are types of Unmanned Aerial Vehicles. UAVs began to be used with the war of Vietnam, they had a great interest when Israel used them in Bekaa Valley Operations of 1982. UAVs have been used by different countries with different aims with the help of emerging technology and investments. In this article, in the context of areas of UAV usage in national security, benefits and disadvantages of UAVs are put forward. Particularly, it has been evaluated on the basis of cost-effectiveness by focusing the use of UAV in the border security. UAVs have been studied by taking cost analysis, procurement and operational costs into consideration. Analysis of effectiveness has been done with illegal passages of people and drugs from flight times of UAVs. Although the procurement cost of the medium-level UAVs is low, its operational costs are high. For this reason, the idea of less costly alternative systems have been revealed for the border security. As the costs are reduced to acceptable level involving national security and border security in future with high-technology products in their structure, it will continue to be used in an increasing proportion.

Problems of collaborative work of the automated process control system (APCS) and the its information security and solutions.

NASA Astrophysics Data System (ADS)

Arakelyan, E. K.; Andryushin, A. V.; Mezin, S. V.; Kosoy, A. A.; Kalinina, Ya V.; Khokhlov, I. S.

2017-11-01

The principle of interaction of the specified systems of technological protections by the Automated process control system (APCS) and information safety in case of incorrect execution of the algorithm of technological protection is offered. - checking the correctness of the operation of technological protection in each specific situation using the functional relationship between the monitored parameters. The methodology for assessing the economic feasibility of developing and implementing an information security system.

Security Concepts for Satellite Links

NASA Astrophysics Data System (ADS)

Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.

2008-08-01

The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).

Implementing Information Assurance - Beyond Process

DTIC Science & Technology

2009-01-01

disabled or properly configured. Tools and scripts are available to expedite the configuration process on some platforms, For example, approved Windows...in the System Security Plan (SSP) or Information Security Plan (lSP). Any PPSs not required for operation by the system must be disabled , This...Services must be disabled , Implementing an 1M capability within the boundary carries many policy and documentation requirements. Usemame and passwords

Server-Based and Server-Less Byod Solutions to Support Electronic Learning

DTIC Science & Technology

2016-06-01

Knowledge Online NSD National Security Directive OS operating system OWA Outlook Web Access PC personal computer PED personal electronic device PDA...mobile devices, institute mobile device policies and standards, and promote the development and use of DOD mobile and web -enabled applications” (DOD...with an isolated BYOD web server, properly educated system administrators must carry out and execute the necessary, pre-defined network security

Securing Mobile Networks in an Operational Setting

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Stewart, David H.; Bell, Terry L.; Paulsen, Phillip E.; Shell, Dan

2004-01-01

This paper describes a network demonstration and three month field trial of mobile networking using mobile-IPv4. The network was implemented as part of the US Coast Guard operational network which is a ".mil" network and requires stringent levels of security. The initial demonstrations took place in November 2002 and a three month field trial took place from July through September of 2003. The mobile network utilized encryptors capable of NSA-approved Type 1 algorithms, mobile router from Cisco Systems and 802.11 and satellite wireless links. This paper also describes a conceptual architecture for wide-scale deployment of secure mobile networking in operational environments where both private and public infrastructure is used. Additional issues presented include link costs, placement of encryptors and running routing protocols over layer-3 encryption devices.

Thermal infrared panoramic imaging sensor

NASA Astrophysics Data System (ADS)

Gutin, Mikhail; Tsui, Eddy K.; Gutin, Olga; Wang, Xu-Ming; Gutin, Alexey

2006-05-01

Panoramic cameras offer true real-time, 360-degree coverage of the surrounding area, valuable for a variety of defense and security applications, including force protection, asset protection, asset control, security including port security, perimeter security, video surveillance, border control, airport security, coastguard operations, search and rescue, intrusion detection, and many others. Automatic detection, location, and tracking of targets outside protected area ensures maximum protection and at the same time reduces the workload on personnel, increases reliability and confidence of target detection, and enables both man-in-the-loop and fully automated system operation. Thermal imaging provides the benefits of all-weather, 24-hour day/night operation with no downtime. In addition, thermal signatures of different target types facilitate better classification, beyond the limits set by camera's spatial resolution. The useful range of catadioptric panoramic cameras is affected by their limited resolution. In many existing systems the resolution is optics-limited. Reflectors customarily used in catadioptric imagers introduce aberrations that may become significant at large camera apertures, such as required in low-light and thermal imaging. Advantages of panoramic imagers with high image resolution include increased area coverage with fewer cameras, instantaneous full horizon detection, location and tracking of multiple targets simultaneously, extended range, and others. The Automatic Panoramic Thermal Integrated Sensor (APTIS), being jointly developed by Applied Science Innovative, Inc. (ASI) and the Armament Research, Development and Engineering Center (ARDEC) combines the strengths of improved, high-resolution panoramic optics with thermal imaging in the 8 - 14 micron spectral range, leveraged by intelligent video processing for automated detection, location, and tracking of moving targets. The work in progress supports the Future Combat Systems (FCS) and the Intelligent Munitions Systems (IMS). The APTIS is anticipated to operate as an intelligent node in a wireless network of multifunctional nodes that work together to serve in a wide range of applications of homeland security, as well as serve the Army in tasks of improved situational awareness (SA) in defense and offensive operations, and as a sensor node in tactical Intelligence Surveillance Reconnaissance (ISR). The novel ViperView TM high-resolution panoramic thermal imager is the heart of the APTIS system. It features an aberration-corrected omnidirectional imager with small optics designed to match the resolution of a 640x480 pixels IR camera with improved image quality for longer range target detection, classification, and tracking. The same approach is applicable to panoramic cameras working in the visible spectral range. Other components of the ATPIS system include network communications, advanced power management, and wakeup capability. Recent developments include image processing, optical design being expanded into the visible spectral range, and wireless communications design. This paper describes the development status of the APTIS system.

Line-scan system for continuous hand authentication

NASA Astrophysics Data System (ADS)

Liu, Xiaofeng; Kong, Lingsheng; Diao, Zhihui; Jia, Ping

2017-03-01

An increasing number of heavy machinery and vehicles have come into service, giving rise to a significant concern over protecting these high-security systems from misuse. Conventionally, authentication performed merely at the initial login may not be sufficient for detecting intruders throughout the operating session. To address this critical security flaw, a line-scan continuous hand authentication system with the appearance of an operating rod is proposed. Given that the operating rod is occupied throughout the operating period, it can be a possible solution for unobtrusively recording the personal characteristics for continuous monitoring. The ergonomics in the physiological and psychological aspects are fully considered. Under the shape constraints, a highly integrated line-scan sensor, a controller unit, and a gear motor with encoder are utilized. This system is suitable for both the desktop and embedded platforms with a universal serial bus interface. The volume of the proposed system is smaller than 15% of current multispectral area-based camera systems. Based on experiments on a database with 4000 images from 200 volunteers, a competitive equal error rate of 0.1179% is achieved, which is far more accurate than the state-of-the-art continuous authentication systems using other modalities.

Self port scanning tool : providing a more secure computing Environment through the use of proactive port scanning

NASA Technical Reports Server (NTRS)

Kocher, Joshua E; Gilliam, David P.

2005-01-01

Secure computing is a necessity in the hostile environment that the internet has become. Protection from nefarious individuals and organizations requires a solution that is more a methodology than a one time fix. One aspect of this methodology is having the knowledge of which network ports a computer has open to the world, These network ports are essentially the doorways from the internet into the computer. An assessment method which uses the nmap software to scan ports has been developed to aid System Administrators (SAs) with analysis of open ports on their system(s). Additionally, baselines for several operating systems have been developed so that SAs can compare their open ports to a baseline for a given operating system. Further, the tool is deployed on a website where SAs and Users can request a port scan of their computer. The results are then emailed to the requestor. This tool aids Users, SAs, and security professionals by providing an overall picture of what services are running, what ports are open, potential trojan programs or backdoors, and what ports can be closed.

Integrating a Trusted Computing Base Extension Server and Secure Session Server into the LINUX Operating System

DTIC Science & Technology

2001-09-01

Readily Available Linux has been copyrighted under the terms of the GNU General Public 5 License (GPL)1. This is a license written by the Free...GNOME and KDE . d. Portability Linux is highly compatible with many common operating systems. For...using suitable libraries, Linux is able to run programs written for other operating systems. [Ref. 8] 1 The GNU Project is coordinated by the

46 CFR 111.05-13 - Grounding connection.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) ELECTRICAL ENGINEERING ELECTRIC SYSTEMS-GENERAL REQUIREMENTS Equipment Ground, Ground Detection, and Grounded Systems § 111.05-13 Grounding... power sources operating in parallel in the system. ...

78 FR 19744 - Privacy Act of 1974; Privacy Act System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-02

...: NASA Guest Operations System. SECURITY CLASSIFICATION: None. SYSTEM LOCATION: Location 1, as set forth... in accordance with the guidelines defined in the NASA Records Retention Schedules (NRRS), Schedule 1...

Field test of quantum key distribution in the Tokyo QKD Network.

PubMed

Sasaki, M; Fujiwara, M; Ishizuka, H; Klaus, W; Wakui, K; Takeoka, M; Miki, S; Yamashita, T; Wang, Z; Tanaka, A; Yoshino, K; Nambu, Y; Takahashi, S; Tajima, A; Tomita, A; Domeki, T; Hasegawa, T; Sakai, Y; Kobayashi, H; Asai, T; Shimizu, K; Tokura, T; Tsurumaru, T; Matsui, M; Honjo, T; Tamaki, K; Takesue, H; Tokura, Y; Dynes, J F; Dixon, A R; Sharpe, A W; Yuan, Z L; Shields, A J; Uchikoga, S; Legré, M; Robyr, S; Trinkler, P; Monat, L; Page, J-B; Ribordy, G; Poppe, A; Allacher, A; Maurhart, O; Länger, T; Peev, M; Zeilinger, A

2011-05-23

A secure communication network with quantum key distribution in a metropolitan area is reported. Six different QKD systems are integrated into a mesh-type network. GHz-clocked QKD links enable us to demonstrate the world-first secure TV conferencing over a distance of 45km. The network includes a commercial QKD product for long-term stable operation, and application interface to secure mobile phones. Detection of an eavesdropper, rerouting into a secure path, and key relay via trusted nodes are demonstrated in this network.

Building Combat Strength through Logistics: Translating the New Air Force Logistics Concept of Operations into Action

DTIC Science & Technology

1988-03-31

MARCI 1988 iAm U m WI 4EUnclT CLSIIAION OF THIS PAGE REPORT DOCUMENTATION PAGE is REPORT SECURITY CLASSIFICATION lb. RESTRICTIVE MARKINGS 2.. SECUR ...logistics system of the future more capable of supporting the full spectrumn of war 20 OISTRIaSUTION.’AVAILAeILiTY 0" ABSTRACT 21 ABSTRACT SECURITY ... SECURITY CLASSIFICATION OT: THIS PAGF Unclas ’SCUFUTY Cý= I!FICATION OF THIS PAGE 1,Qwcont.) scenarios. Today’s logistics processes assume wartime

41 CFR 102-192.80 - How do we develop written security policies and plans?

Code of Federal Regulations, 2010 CFR

2010-07-01

... Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION...) Operating procedures; (d) Plan to provide a visible mail screening operation; (e) Training mail center...) Managing threats; (h) Communications plan; (i) Occupant Emergency Plan (OEP); (j) Continuity of Operations...

Hazardous material transportation safety and security field operational test beta test and baseline data report : executive summary

DOT National Transportation Integrated Search

2003-10-29

The Beta Test and Baseline Data Collection efforts ensured that the test technologies would successfully operate during the field operational test (FOT) in the designed scenario configurations. These efforts also ensured that FOT systems would succes...

Protecting clinical data on Web client computers: the PCASSO approach.

PubMed Central

Masys, D. R.; Baker, D. B.

1998-01-01

The ubiquity and ease of use of the Web have made it an increasingly popular medium for communication of health-related information. Web interfaces to commercially available clinical information systems are now available or under development by most major vendors. To the extent that such interfaces involve the use of unprotected operating systems, they are vulnerable to security limitations of Web client software environments. The Patient Centered Access to Secure Systems Online (PCASSO) project extends the protections for person-identifiable health data on Web client computers. PCASSO uses several approaches, including physical protection of authentication information, execution containment, graphical displays, and monitoring the client system for intrusions and co-existing programs that may compromise security. PMID:9929243

Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

NASA Technical Reports Server (NTRS)

Gunawan, Ryan A.

2016-01-01

With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

75 FR 9919 - Extension of Agency Information Collection Activity Under OMB Review: Air Cargo Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-04

...This notice announces that the Transportation Security Administration (TSA) has forwarded the Information Collection Request (ICR), OMB control number 1652-0040, abstracted below to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment period soliciting comments, of the following collection of information on November 16, 2009, 74 FR 58969. TSA has not received any comments. The collections of information that make up this ICR involve five broad categories affecting airports, passenger aircraft operators, foreign air carriers, indirect air carriers operating under a security program, and all-cargo carriers. These five categories are: security programs, security threat assessments (STA), known shipper data via the Known Shipper Management System (KSMS), cargo screening reporting, and evidence of compliance recordkeeping.

76 FR 4362 - Extension of Agency Information Collection Activity Under OMB Review: Air Cargo Security...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-25

...This notice announces that the Transportation Security Administration (TSA) has forwarded the Information Collection Request (ICR), OMB control number 1652-0040, abstracted below, to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. TSA published a Federal Register notice, with a 60-day comment period soliciting comments, of this collection of information on October 14, 2010, 75 FR 63192. TSA has not received any comments. The collections of information that make up this ICR involve five broad categories affecting airports, passenger aircraft operators, foreign air carriers, indirect air carriers operating under a security program, and all-cargo carriers. These five categories are: Security programs, security threat assessments (STA), known shipper data via the Known Shipper Management System (KSMS), cargo screening reporting, and evidence of compliance recordkeeping.

Performance of an optical identification and interrogation system

NASA Astrophysics Data System (ADS)

Venugopalan, A.; Ghosh, A. K.; Verma, P.; Cheng, S.

2008-04-01

A free space optics based identification and interrogation system has been designed. The applications of the proposed system lie primarily in areas which require a secure means of mutual identification and information exchange between optical readers and tags. Conventional RFIDs raise issues regarding security threats, electromagnetic interference and health safety. The security of RF-ID chips is low due to the wide spatial spread of radio waves. Malicious nodes can read data being transmitted on the network, if they are in the receiving range. The proposed system provides an alternative which utilizes the narrow paraxial beams of lasers and an RSA-based authentication scheme. These provide enhanced security to communication between a tag and the base station or reader. The optical reader can also perform remote identification and the tag can be read from a far off distance, given line of sight. The free space optical identification and interrogation system can be used for inventory management, security systems at airports, port security, communication with high security systems, etc. to name a few. The proposed system was implemented with low-cost, off-the-shelf components and its performance in terms of throughput and bit error rate has been measured and analyzed. The range of operation with a bit-error-rate lower than 10-9 was measured to be about 4.5 m. The security of the system is based on the strengths of the RSA encryption scheme implemented using more than 1024 bits.

Test Operations Procedure (TOP) 03-2-827 Test Procedures for Video Target Scoring Using Calibration Lights

DTIC Science & Technology

2016-04-04

Final 3. DATES COVERED (From - To) 4. TITLE AND SUBTITLE Test Operations Procedure (TOP) 03-2-827 Test Procedures for Video Target Scoring Using...ABSTRACT This Test Operations Procedure (TOP) describes typical equipment and procedures to setup and operate a Video Target Scoring System (VTSS) to...lights. 15. SUBJECT TERMS Video Target Scoring System, VTSS, witness screens, camera, target screen, light pole 16. SECURITY

An Asymmetric Image Encryption Based on Phase Truncated Hybrid Transform

NASA Astrophysics Data System (ADS)

Khurana, Mehak; Singh, Hukum

2017-09-01

To enhance the security of the system and to protect it from the attacker, this paper proposes a new asymmetric cryptosystem based on hybrid approach of Phase Truncated Fourier and Discrete Cosine Transform (PTFDCT) which adds non linearity by including cube and cube root operation in the encryption and decryption path respectively. In this cryptosystem random phase masks are used as encryption keys and phase masks generated after the cube operation in encryption process are reserved as decryption keys and cube root operation is required to decrypt image in decryption process. The cube and cube root operation introduced in the encryption and decryption path makes system resistant against standard attacks. The robustness of the proposed cryptosystem has been analysed and verified on the basis of various parameters by simulating on MATLAB 7.9.0 (R2008a). The experimental results are provided to highlight the effectiveness and suitability of the proposed cryptosystem and prove the system is secure.

Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research

NASA Astrophysics Data System (ADS)

Johnsen, Stig; Skramstad, Torbjorn; Hagen, Janne

This paper discusses the results of a questionnaire-based survey used to assess the safety, security and resilience of information and communications technology (ICT) and supervisory control and data acquisition (SCADA) systems used in the Norwegian oil and gas industry. The survey identifies several challenges, including the involvement of professionals with different backgrounds and expertise, lack of common risk perceptions, inadequate testing and integration of ICT and SCADA systems, poor information sharing related to undesirable incidents and lack of resilience in the design of technical systems. Action research is proposed as a process for addressing these challenges in a systematic manner and helping enhance the safety, security and resilience of ICT and SCADA systems used in oil and gas operations.

Unmanned Aerial Systems Traffic Management (UTM): Safely Enabling UAS Operations in Low-Altitude Airspace

NASA Technical Reports Server (NTRS)

Jung, Jaewoo; Kopardekar, Parimal H.

2016-01-01

Flexibility where possible, and structure where necessary. Consider the needs of national security, safe airspace operations, economic opportunities, and emerging technologies. Risk-based approach based on population density, assets on the ground, density of operations, etc. Digital, virtual, dynamic, and as needed UTM services to manage operations.

Unmanned Aerial Systems Traffic Management (UTM): Safely Enabling UAS Operations in Low-Altitude Airspace

NASA Technical Reports Server (NTRS)

Kopardekar, Parimal H.; Cavolowsky, John

2015-01-01

Flexibility where possible, and structure where necessary. Consider the needs of national security, safe airspace operations, economic opportunities, and emerging technologies. Risk-based approach based on population density, assets on the ground, density of operations, etc. Digital, virtual, dynamic, and as needed UTM services to manage operations.

Exploring Operational Safeguards, Safety, and Security by Design to Address Real Time Threats in Nuclear Facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Schanfein, Mark J.; Mladineo, Stephen V.

2015-07-07

Over the last few years, significant attention has been paid to both encourage application and provide domestic and international guidance for designing in safeguards and security in new facilities.1,2,3 However, once a facility is operational, safeguards, security, and safety often operate as separate entities that support facility operations. This separation is potentially a serious weakness should insider or outsider threats become a reality.Situations may arise where safeguards detects a possible loss of material in a facility. Will they notify security so they can, for example, check perimeter doors for tampering? Not doing so might give the advantage to an insidermore » who has already, or is about to, move nuclear material outside the facility building. If outsiders break into a facility, the availability of any information to coordinate the facility’s response through segregated alarm stations or a failure to include all available radiation sensors, such as safety’s criticality monitors can give the advantage to the adversary who might know to disable camera systems, but would most likely be unaware of other highly relevant sensors in a nuclear facility.This paper will briefly explore operational safeguards, safety, and security by design (3S) at a high level for domestic and State facilities, identify possible weaknesses, and propose future administrative and technical methods, to strengthen the facility system’s response to threats.« less

Joint force protection advanced security system (JFPASS) "the future of force protection: integrate and automate"

NASA Astrophysics Data System (ADS)

Lama, Carlos E.; Fagan, Joe E.

2009-09-01

The United States Department of Defense (DoD) defines 'force protection' as "preventive measures taken to mitigate hostile actions against DoD personnel (to include family members), resources, facilities, and critical information." Advanced technologies enable significant improvements in automating and distributing situation awareness, optimizing operator time, and improving sustainability, which enhance protection and lower costs. The JFPASS Joint Capability Technology Demonstration (JCTD) demonstrates a force protection environment that combines physical security and Chemical, Biological, Radiological, Nuclear, and Explosive (CBRNE) defense through the application of integrated command and control and data fusion. The JFPASS JCTD provides a layered approach to force protection by integrating traditional sensors used in physical security, such as video cameras, battlefield surveillance radars, unmanned and unattended ground sensors. The optimization of human participation and automation of processes is achieved by employment of unmanned ground vehicles, along with remotely operated lethal and less-than-lethal weapon systems. These capabilities are integrated via a tailorable, user-defined common operational picture display through a data fusion engine operating in the background. The combined systems automate the screening of alarms, manage the information displays, and provide assessment and response measures. The data fusion engine links disparate sensors and systems, and applies tailored logic to focus the assessment of events. It enables timely responses by providing the user with automated and semi-automated decision support tools. The JFPASS JCTD uses standard communication/data exchange protocols, which allow the system to incorporate future sensor technologies or communication networks, while maintaining the ability to communicate with legacy or existing systems.

78 FR 35945 - Request for Comments on Security Training Programs for Surface Mode Employees

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-14

... provided by owner/operators of freight railroads, passenger railroads, public transportation systems... in the public transportation, railroad carrier, and over-the-road bus (OTRB) modes.\\2\\ In summary.... 266 (August 3, 2007). 9/11 Act's Public Transportation Security Training Requirements. Paragraph 1408...

75 FR 64753 - Options Price Reporting Authority; Notice of Filing and Immediate Effectiveness of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-20

... Securities Industry Automation Corporation as OPRA's Independent System Capacity Advisor October 14, 2010... would reflect the fact that OPRA has selected the Securities Industry Automation Corporation (``SIAC..., in that capacity, provided the data processing services needed to develop, operate and maintain the...

Automated power management and control

NASA Technical Reports Server (NTRS)

Dolce, James L.

1991-01-01

A comprehensive automation design is being developed for Space Station Freedom's electric power system. A joint effort between NASA's Office of Aeronautics and Exploration Technology and NASA's Office of Space Station Freedom, it strives to increase station productivity by applying expert systems and conventional algorithms to automate power system operation. The initial station operation will use ground-based dispatches to perform the necessary command and control tasks. These tasks constitute planning and decision-making activities that strive to eliminate unplanned outages. We perceive an opportunity to help these dispatchers make fast and consistent on-line decisions by automating three key tasks: failure detection and diagnosis, resource scheduling, and security analysis. Expert systems will be used for the diagnostics and for the security analysis; conventional algorithms will be used for the resource scheduling.

46 CFR 133.90 - Operating instructions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 4 2012-10-01 2012-10-01 false Operating instructions. 133.90 Section 133.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OFFSHORE SUPPLY VESSELS LIFESAVING SYSTEMS Requirements for All OSVs § 133.90 Operating instructions. Each OSV must have posters or signs displayed in the...

46 CFR 133.90 - Operating instructions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 4 2011-10-01 2011-10-01 false Operating instructions. 133.90 Section 133.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OFFSHORE SUPPLY VESSELS LIFESAVING SYSTEMS Requirements for All OSVs § 133.90 Operating instructions. Each OSV must have posters or signs displayed in the...

46 CFR 133.90 - Operating instructions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 4 2014-10-01 2014-10-01 false Operating instructions. 133.90 Section 133.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OFFSHORE SUPPLY VESSELS LIFESAVING SYSTEMS Requirements for All OSVs § 133.90 Operating instructions. Each OSV must have posters or signs displayed in the...

46 CFR 133.90 - Operating instructions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 4 2010-10-01 2010-10-01 false Operating instructions. 133.90 Section 133.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OFFSHORE SUPPLY VESSELS LIFESAVING SYSTEMS Requirements for All OSVs § 133.90 Operating instructions. Each OSV must have posters or signs displayed in the...

46 CFR 133.90 - Operating instructions.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 4 2013-10-01 2013-10-01 false Operating instructions. 133.90 Section 133.90 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) OFFSHORE SUPPLY VESSELS LIFESAVING SYSTEMS Requirements for All OSVs § 133.90 Operating instructions. Each OSV must have posters or signs displayed in the...

46 CFR 58.16-30 - Operating instructions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 2 2010-10-01 2010-10-01 false Operating instructions. 58.16-30 Section 58.16-30 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MAIN AND AUXILIARY MACHINERY AND RELATED SYSTEMS Liquefied Petroleum Gases for Cooking and Heating § 58.16-30 Operating...

Handbook of emergency management for state-level transportation agencies.

DOT National Transportation Integrated Search

2010-03-01

The Department of Homeland Security has mandated specific systems and techniques for the management of emergencies in the United States, including the Incident Command System, the National Incident Management System, Emergency Operations Plans, Emerg...

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

33 CFR 96.330 - Document of Compliance certificate: what is it and when is it needed?

Code of Federal Regulations, 2011 CFR

2011-07-01

... GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS How Will Safety Management Systems Be Certificated and Enforced... freight vessel, freight vessel, or a self-propelled mobile offshore drilling unit of 500 gross tons or...

33 CFR 96.450 - What happens if the Coast Guard disapproves an organization's request to be authorized?

Code of Federal Regulations, 2010 CFR

2010-07-01

... COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized Organizations To Act on Behalf...

Addressing the Need for Independence in the CSE Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Ferragut, Erik M; Sheldon, Frederick T

2011-01-01

Abstract Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. Risk assessment is the widely accepted process used to understand, quantify, and document the effects of undesirable events on organizational objectives so that risk management, continuity of operations planning, and contingency planning can be performed. One technique, the Cyberspace Security Econometrics System (CSES), is a methodology for estimating security costs to stakeholders as a function of possible risk postures. In earlier works, we presented a computationalmore » infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain, as a result of security breakdowns. Additional work has applied CSES to specific business cases. The current state-of-the-art of CSES addresses independent events. In typical usage, analysts create matrices that capture their expert opinion, and then use those matrices to quantify costs to stakeholders. This expansion generalizes CSES to the common real-world case where events may be dependent.« less

Secure Web-based Ground System User Interfaces over the Open Internet

NASA Technical Reports Server (NTRS)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

Biometrics based key management of double random phase encoding scheme using error control codes

NASA Astrophysics Data System (ADS)

Saini, Nirmala; Sinha, Aloka

2013-08-01

In this paper, an optical security system has been proposed in which key of the double random phase encoding technique is linked to the biometrics of the user to make it user specific. The error in recognition due to the biometric variation is corrected by encoding the key using the BCH code. A user specific shuffling key is used to increase the separation between genuine and impostor Hamming distance distribution. This shuffling key is then further secured using the RSA public key encryption to enhance the security of the system. XOR operation is performed between the encoded key and the feature vector obtained from the biometrics. The RSA encoded shuffling key and the data obtained from the XOR operation are stored into a token. The main advantage of the present technique is that the key retrieval is possible only in the simultaneous presence of the token and the biometrics of the user which not only authenticates the presence of the original input but also secures the key of the system. Computational experiments showed the effectiveness of the proposed technique for key retrieval in the decryption process by using the live biometrics of the user.

Photonic quantum digital signatures operating over kilometer ranges in installed optical fiber

NASA Astrophysics Data System (ADS)

Collins, Robert J.; Fujiwara, Mikio; Amiri, Ryan; Honjo, Toshimori; Shimizu, Kaoru; Tamaki, Kiyoshi; Takeoka, Masahiro; Andersson, Erika; Buller, Gerald S.; Sasaki, Masahide

2016-10-01

The security of electronic communications is a topic that has gained noteworthy public interest in recent years. As a result, there is an increasing public recognition of the existence and importance of mathematically based approaches to digital security. Many of these implement digital signatures to ensure that a malicious party has not tampered with the message in transit, that a legitimate receiver can validate the identity of the signer and that messages are transferable. The security of most digital signature schemes relies on the assumed computational difficulty of solving certain mathematical problems. However, reports in the media have shown that certain implementations of such signature schemes are vulnerable to algorithmic breakthroughs and emerging quantum processing technologies. Indeed, even without quantum processors, the possibility remains that classical algorithmic breakthroughs will render these schemes insecure. There is ongoing research into information-theoretically secure signature schemes, where the security is guaranteed against an attacker with arbitrary computational resources. One such approach is quantum digital signatures. Quantum signature schemes can be made information-theoretically secure based on the laws of quantum mechanics while comparable classical protocols require additional resources such as anonymous broadcast and/or a trusted authority. Previously, most early demonstrations of quantum digital signatures required dedicated single-purpose hardware and operated over restricted ranges in a laboratory environment. Here, for the first time, we present a demonstration of quantum digital signatures conducted over several kilometers of installed optical fiber. The system reported here operates at a higher signature generation rate than previous fiber systems.

Multiple Object Based RFID System Using Security Level

NASA Astrophysics Data System (ADS)

Kim, Jiyeon; Jung, Jongjin; Ryu, Ukjae; Ko, Hoon; Joe, Susan; Lee, Yongjun; Kim, Boyeon; Chang, Yunseok; Lee, Kyoonha

2007-12-01

RFID systems are increasingly applied for operational convenience in wide range of industries and individual life. However, it is uneasy for a person to control many tags because common RFID systems have the restriction that a tag used to identify just a single object. In addition, RFID systems can make some serious problems in violation of privacy and security because of their radio frequency communication. In this paper, we propose a multiple object RFID tag which can keep multiple object identifiers for different applications in a same tag. The proposed tag allows simultaneous access for their pair applications. We also propose an authentication protocol for multiple object tag to prevent serious problems of security and privacy in RFID applications. Especially, we focus on efficiency of the authentication protocol by considering security levels of applications. In the proposed protocol, the applications go through different authentication procedures according to security level of the object identifier stored in the tag. We implemented the proposed RFID scheme and made experimental results about efficiency and stability for the scheme.

Introducing the CERT (Trademark) Resiliency Engineering Framework: Improving the Security and Sustainability Processes

DTIC Science & Technology

2007-05-01

business processes and services. 4. Security operations management addresses the day-to-day activities that the organization performs to protect the...Management TM – Technology Management Security Operations Management SOM – Security Operations Management 5.7.2 Important Operations Competency...deals with the provision of access rights to informa- tion and technical assets SOM – Security Operations Management , which addresses the fundamental

Margin and sensitivity methods for security analysis of electric power systems

NASA Astrophysics Data System (ADS)

Greene, Scott L.

Reliable operation of large scale electric power networks requires that system voltages and currents stay within design limits. Operation beyond those limits can lead to equipment failures and blackouts. Security margins measure the amount by which system loads or power transfers can change before a security violation, such as an overloaded transmission line, is encountered. This thesis shows how to efficiently compute security margins defined by limiting events and instabilities, and the sensitivity of those margins with respect to assumptions, system parameters, operating policy, and transactions. Security margins to voltage collapse blackouts, oscillatory instability, generator limits, voltage constraints and line overloads are considered. The usefulness of computing the sensitivities of these margins with respect to interarea transfers, loading parameters, generator dispatch, transmission line parameters, and VAR support is established for networks as large as 1500 buses. The sensitivity formulas presented apply to a range of power system models. Conventional sensitivity formulas such as line distribution factors, outage distribution factors, participation factors and penalty factors are shown to be special cases of the general sensitivity formulas derived in this thesis. The sensitivity formulas readily accommodate sparse matrix techniques. Margin sensitivity methods are shown to work effectively for avoiding voltage collapse blackouts caused by either saddle node bifurcation of equilibria or immediate instability due to generator reactive power limits. Extremely fast contingency analysis for voltage collapse can be implemented with margin sensitivity based rankings. Interarea transfer can be limited by voltage limits, line limits, or voltage stability. The sensitivity formulas presented in this thesis apply to security margins defined by any limit criteria. A method to compute transfer margins by directly locating intermediate events reduces the total number of loadflow iterations required by each margin computation and provides sensitivity information at minimal additional cost. Estimates of the effect of simultaneous transfers on the transfer margins agree well with the exact computations for a network model derived from a portion of the U.S grid. The accuracy of the estimates over a useful range of conditions and the ease of obtaining the estimates suggest that the sensitivity computations will be of practical value.

75 FR 22151 - National Maritime Security Advisory Committee; Vacancies

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-27

... field are encouraged to apply: Port Operations Management/Port Authorities. Maritime Security Operations and Training. Marine Salvage Operations. Maritime Security Related Academics/Public Policy. Marine Facilities and Terminals Security Management. Vessel Owners/Operators. Maritime Labor. International and...

Air Force IT System Security Compliance with Law and Policy

DTIC Science & Technology

2016-04-01

production /1/saf_cio_a6/publication/afpd33-2/afpd33-2.pdf 21 AFI33-210, Air Force Certification and Accreditation Program (AFCAP), October 2014: http...cyber systems for support and operation. Today’s system certification and compliancy tracking methods are very costly, time intensive, unrealistic...and often lag behind operational and test requirements. However, with changes to policy and implementation requirements, the IT system certification

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jackson, K.A.; Neuman, M.C.; Simmonds, D.D.

An effective method for detecting computer misuse is the automatic monitoring and analysis of on-line user activity. This activity is reflected in the system audit record, in the system vulnerability posture, and in other evidence found through active testing of the system. During the last several years we have implemented an automatic misuse detection system at Los Alamos. This is the Network Anomaly Detection and Intrusion Reporter (NADIR). We are currently expanding NADIR to include processing of the Cray UNICOS operating system. This new component is called the UNICOS Realtime NADIR, or UNICORN. UNICORN summarizes user activity and system configurationmore » in statistical profiles. It compares these profiles to expert rules that define security policy and improper or suspicious behavior. It reports suspicious behavior to security auditors and provides tools to aid in follow-up investigations. The first phase of UNICORN development is nearing completion, and will be operational in late 1994.« less

Constructing vulnerabilty and protective measures indices for the enhanced critical infrastructure protection program.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fisher, R. E.; Buehring, W. A.; Whitfield, R. G.

2009-10-14

The US Department of Homeland Security (DHS) has directed its Protective Security Advisors (PSAs) to form partnerships with the owners and operators of assets most essential to the Nation's well being - a subclass of critical infrastructure and key resources (CIKR) - and to conduct site visits for these and other high-risk assets as part of the Enhanced Critical Infrastructure Protection (ECIP) Program. During each such visit, the PSA documents information about the facility's current CIKR protection posture and overall security awareness. The primary goals for ECIP site visits (DHS 2009) are to: (1) inform facility owners and operators ofmore » the importance of their facilities as an identified high-priority CIKR and the need to be vigilant in light of the ever-present threat of terrorism; (2) identify protective measures currently in place at these facilities, provide comparisons of CIKR protection postures across like assets, and track the implementation of new protective measures; and (3) enhance existing relationships among facility owners and operators; DHS; and various Federal, State, local tribal, and territorial partners. PSAs conduct ECIP visits to assess overall site security; educate facility owners and operators about security; help owners and operators identify gaps and potential improvements; and promote communication and information sharing among facility owners and operators, DHS, State governments, and other security partners. Information collected during ECIP visits is used to develop metrics; conduct sector-by-sector and cross-sector vulnerability comparisons; identify security gaps and trends across CIKR sectors and subsectors; establish sector baseline security survey results; and track progress toward improving CIKR security through activities, programs, outreach, and training (Snyder 2009). The data being collected are used in a framework consistent with the National Infrastructure Protection Plan (NIPP) risk criteria (DHS 2009). The NIPP framework incorporates consequence, threat, and vulnerability components and addresses all hazards. The analysis of the vulnerability data needs to be reproducible, support risk analysis, and go beyond protection. It also needs to address important security/vulnerability topics, such as physical security, cyber security, systems analysis, and dependencies and interdependencies. This report provides an overview of the approach being developed to estimate vulnerability and provide vulnerability comparisons for sectors and subsectors. the information will be used to assist DHS in analyzing existing protective measures and vulnerability at facilities, to identify potential ways to reduce vulnerabilities, and to assist in preparing sector risk estimates. The owner/operator receives an analysis of the data collected for a specific asset, showing a comparison between the facility's protection posture/vulnerability index and those of DHS sector/subsector sites visited. This comparison gives the owner/operator an indication of the asset's security strengths and weaknesses that may be contributing factors to its vulnerability and protection posture. The information provided to the owner/operator shows how the asset compares to other similar assets within the asset's sector or subsector. A 'dashboard' display is used to illustrate the results in a convenient format. The dashboard allows the owner/operator to analyze the implementation of additional protective measures and to illustrate how such actions would impact the asset's Protective Measures Index (PMI) or Vulnerability Index (VI).« less

Evaluating Security Controls Based on Key Performance Indicators and Stakeholder Mission

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Abercrombie, Robert K; Mili, Ali

2008-01-01

Good security metrics are required to make good decisions about how to design security countermeasures, to choose between alternative security architectures, and to improve security during operations. Therefore, in essence, measurement can be viewed as a decision aid. The lack of sound practical security metrics is severely hampering progress in the development of secure systems. The Cyberspace Security Econometrics System (CSES) offers the following advantages over traditional measurement systems: (1) CSES reflects the variances that exist amongst different stakeholders of the same system. Different stakeholders will typically attach different stakes to the same requirement or service (e.g., a service maymore » be provided by an information technology system or process control system, etc.). (2) For a given stakeholder, CSES reflects the variance that may exist among the stakes she/he attaches to meeting each requirement. The same stakeholder may attach different stakes to satisfying different requirements within the overall system specification. (3) For a given compound specification (e.g., combination(s) of commercial off the shelf software and/or hardware), CSES reflects the variance that may exist amongst the levels of verification and validation (i.e., certification) performed on components of the specification. The certification activity may produce higher levels of assurance across different components of the specification than others. Consequently, this paper introduces the basis, objectives and capabilities for the CSES including inputs/outputs and the basic structural and mathematical underpinnings.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stewart, John; Halbgewachs, Ron; Chavez, Adrian

The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relatingmore » to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock utilities into proprietary and closed systems.« less

A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System.

PubMed

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2015-08-01

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

Develop security architecture for both in-house healthcare information systems and electronic patient record

NASA Astrophysics Data System (ADS)

Zhang, Jianguo; Chen, Xiaomeng; Zhuang, Jun; Jiang, Jianrong; Zhang, Xiaoyan; Wu, Dongqing; Huang, H. K.

2003-05-01

In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

Priority Intelligence Requirements: The Operational Vacuum

DTIC Science & Technology

1990-05-16

armored vehicles , not ho!: the systems are used to achieve operational goals.34 Enemy mobilization, employment philosophy, and history are excluded in...extensive security problems create massive bottlenecks in the dissemination of intellingence information .48 Today, we sport a tremendous intelligence

33 CFR 96.470 - How does the Coast Guard terminate an organization's authorization?

Code of Federal Regulations, 2010 CFR

2010-07-01

..., DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized Organizations To Act on Behalf of the U.S. § 96.470...

33 CFR 96.420 - What authority may an organization ask for under this regulation?

Code of Federal Regulations, 2010 CFR

2010-07-01

..., DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized Organizations To Act on Behalf of the U.S. § 96.420...

33 CFR 96.460 - How will I know what the Coast Guard requires of my organization if my organization receives...

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized...

33 CFR 96.480 - What is the status of a certificate if the issuing organization has its authority terminated?

Code of Federal Regulations, 2010 CFR

2010-07-01

... Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY VESSEL OPERATING REGULATIONS RULES FOR THE SAFE OPERATION OF VESSELS AND SAFETY MANAGEMENT SYSTEMS Authorization of Recognized Organizations To...

45 CFR 307.10 - Functional requirements for computerized support enforcement systems in operation by October 1...

Code of Federal Regulations, 2011 CFR

2011-10-01

... information such as social security numbers, names, dates of birth, home addresses and mailing addresses... enable the Office to monitor State operations and assess program performance through the audit conducted...

[Experimental study of angiography using vascular interventional robot-2(VIR-2)].

PubMed

Tian, Zeng-min; Lu, Wang-sheng; Liu, Da; Wang, Da-ming; Guo, Shu-xiang; Xu, Wu-yi; Jia, Bo; Zhao, De-peng; Liu, Bo; Gao, Bao-feng

2012-06-01

To verify the feasibility and safety of new vascular interventional robot system used in vascular interventional procedures. Vascular interventional robot type-2 (VIR-2) included master-slave parts of body propulsion system, image navigation systems and force feedback system, the catheter movement could achieve under automatic control and navigation, force feedback was integrated real-time, followed by in vitro pre-test in vascular model and cerebral angiography in dog. Surgeon controlled vascular interventional robot remotely, the catheter was inserted into the intended target, the catheter positioning error and the operation time would be evaluated. In vitro pre-test and animal experiment went well; the catheter can enter any branch of vascular. Catheter positioning error was less than 1 mm. The angiography operation in animal was carried out smoothly without complication; the success rate of the operation was 100% and the entire experiment took 26 and 30 minutes, efficiency was slightly improved compared with the VIR-1, and the time what staff exposed to the DSA machine was 0 minute. The resistance of force sensor can be displayed to the operator to provide a security guarantee for the operation. No surgical complications. VIR-2 is safe and feasible, and can achieve the catheter remote operation and angiography; the master-slave system meets the characteristics of traditional procedure. The three-dimensional image can guide the operation more smoothly; force feedback device provides remote real-time haptic information to provide security for the operation.

46 CFR 39.30-1 - Operational requirements-TB/ALL.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 1 2011-10-01 2011-10-01 false Operational requirements-TB/ALL. 39.30-1 Section 39.30-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY TANK VESSELS VAPOR CONTROL SYSTEMS Operations § 39.30-1 Operational requirements—TB/ALL. (a) Vapor from a tank vessel may not be transferred to: (1) A...

46 CFR 39.30-1 - Operational requirements-TB/ALL.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 1 2012-10-01 2012-10-01 false Operational requirements-TB/ALL. 39.30-1 Section 39.30-1 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY TANK VESSELS VAPOR CONTROL SYSTEMS Operations § 39.30-1 Operational requirements—TB/ALL. (a) Vapor from a tank vessel may not be transferred to: (1) A...

Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

NASA Technical Reports Server (NTRS)

Ivancic, William D.; Paulsen, Phillip E.

2004-01-01

The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and mitigation of potential equipment malfunctions. As an additional benefit, team advancements were incorporated into open standards, ensuring technology transfer. Low-cost, commercial products incorporating the new technology are already available. Furthermore, these products are fully interoperable with legacy network technology equipment currently being used throughout the world.

Mitigating Cyber Security Risk in Satellite Ground Systems

DTIC Science & Technology

2015-04-01

because cyber security in government remains shrouded in secrecy. However, using the Defense Operational Test and Evaluation Office’s (DOT& E ) FY14...report on cybersecurity one grasps the seriousness of the problem. DOT& E reported only 85% of networks in DoD were compliant with the cyber...security regulations discussed later in this paper. Not until compliance is near 100% could DOT& E conceive with confidence that DoD networks were safe

Enhancing National Security in Hungary through the Development and Employment of Special Forces

DTIC Science & Technology

2006-06-01

Low Intensity Conflict, Strategy, Hungary, Special Forces 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY...of Hungary in NATO has brought a penetrating change. As the member of an alliance system, Hungary cannot interpret in an unchanged manner the...more confident that in particular cases, operators will act in ways that the head of the agency would have acted had he or she been in their shoes

Hacking and securing the AR.Drone 2.0 quadcopter: investigations for improving the security of a toy

NASA Astrophysics Data System (ADS)

Pleban, Johann-Sebastian; Band, Ricardo; Creutzburg, Reiner

2014-02-01

In this article we describe the security problems of the Parrot AR.Drone 2.0 quadcopter. Due to the fact that it is promoted as a toy with low acquisition costs, it may end up being used by many individuals which makes it a target for harmful attacks. In addition, the videostream of the drone could be of interest for a potential attacker due to its ability of revealing confidential information. Therefore, we will perform a security threat analysis on this particular drone. We will set the focus mainly on obvious security vulnerabilities like the unencrypted Wi-Fi connection or the user management of the GNU/Linux operating system which runs on the drone. We will show how the drone can be hacked in order to hijack the AR.Drone 2.0. Our aim is to sensitize the end-user of AR.Drones by describing the security vulnerabilities and to show how the AR.Drone 2.0 could be secured from unauthorized access. We will provide instructions to secure the drones Wi-Fi connection and its operation with the official Smartphone App and third party PC software.

Experimental realization of a highly secure chaos communication under strong channel noise

NASA Astrophysics Data System (ADS)

Ye, Weiping; Dai, Qionglin; Wang, Shihong; Lu, Huaping; Kuang, Jinyu; Zhao, Zhenfeng; Zhu, Xiangqing; Tang, Guoning; Huang, Ronghuai; Hu, Gang

2004-09-01

A one-way coupled spatiotemporally chaotic map lattice is used to construct cryptosystem. With the combinatorial applications of both chaotic computations and conventional algebraic operations, our system has optimal cryptographic properties much better than the separative applications of known chaotic and conventional methods. We have realized experiments to practice duplex voice secure communications in realistic Wired Public Switched Telephone Network by applying our chaotic system and the system of Advanced Encryption Standard (AES), respectively, for cryptography. Our system can work stably against strong channel noise when AES fails to work.

A Geant4 model of backscatter security imaging systems

NASA Astrophysics Data System (ADS)

Leboffe, Eric Matthew

The operating characteristics of x ray security scanner systems that utilize backscatter signal in order to distinguish person borne threats have never been made fully available to the general public. By designing a model using Geant4, studies can be performed which will shed light on systems such as security scanners and allow for analysis of the performance and safety of the system without access to any system data. Despite the fact that the systems are no longer in use at airports in the United States, the ability to design and validate detector models and phenomena is an important capability that can be applied to many current real world applications. The model presented provides estimates for absorbed dose, effective dose and dose depth distribution that are comparable to previously published work and explores imaging capabilities for the system embodiment modeled.

Enhanced secure 4-D modulation space optical multi-carrier system based on joint constellation and Stokes vector scrambling.

PubMed

Liu, Bo; Zhang, Lijia; Xin, Xiangjun

2018-03-19

This paper proposes and demonstrates an enhanced secure 4-D modulation optical generalized filter bank multi-carrier (GFBMC) system based on joint constellation and Stokes vector scrambling. The constellation and Stokes vectors are scrambled by using different scrambling parameters. A multi-scroll Chua's circuit map is adopted as the chaotic model. Large secure key space can be obtained due to the multi-scroll attractors and independent operability of subcarriers. A 40.32Gb/s encrypted optical GFBMC signal with 128 parallel subcarriers is successfully demonstrated in the experiment. The results show good resistance against the illegal receiver and indicate a potential way for the future optical multi-carrier system.

49 CFR 1549.103 - Qualifications and training of individuals with security-related duties.

Code of Federal Regulations, 2011 CFR

2011-10-01

... screening technologies that the facility is authorized to use. These include: (i) The ability to operate x-ray equipment and to distinguish on the x-ray monitor the appropriate imaging standard specified in the certified cargo screening facility security program. Wherever the x-ray system displays colors...

A Data Analysis of Naval Air Systems Command Funding Documents

DTIC Science & Technology

2017-06-01

Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management ...Business & Financial Managers 15. NUMBER OF PAGES 75 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY...Summary Statistics for Regressions with a Statistically Significant Relationship

77 FR 5747 - Security Zones, Seattle's Seafair Fleet Week Moving Vessels, Puget Sound, WA

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-06

... establishment of security zones. We seek any comments or information that may lead to the discovery of a... This proposed rule would call for no new collection of information under the Paperwork Reduction Act of..., design, or operation; test methods; sampling procedures; and related management systems practices) that...

NASA Blue Team: Determining Operational Security Posture of Critical Systems and Networks

NASA Technical Reports Server (NTRS)

Alley, Adam David

2016-01-01

Emergence of Cybersecurity has increased the focus on security risks to Information Technology (IT) assets going beyond traditional Information Assurance (IA) concerns: More sophisticated threats have emerged from increasing sources as advanced hacker tools and techniques have emerged and proliferated to broaden the attack surface available across globally interconnected networks.

75 FR 79077 - Notice of Passenger Facility Charge (PFC) Approvals and Disapprovals

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-17

... rehabilitation, phase I Airfield sweeper Airfield pavement markings Airport operations area security improvements... Collection and Use at a $3.00 PFC Level: Permanent in-line baggage system design Terminal 3 security... the FAA to design and construct the South Air Traffic Control Tower. In addition, due to the complex...