Do You Ignore Information Security in Your Journal Website?

PubMed

Dadkhah, Mehdi; Borchardt, Glenn; Lagzian, Mohammad

2017-08-01

Nowadays, web-based applications extend to all businesses due to their advantages and easy usability. The most important issue in web-based applications is security. Due to their advantages, most academic journals are now using these applications, with papers being submitted and published through their websites. As these websites are resources for knowledge, information security is primary for maintaining their integrity. In this opinion piece, we point out vulnerabilities in certain websites and introduce the potential for future threats. We intend to present how some journals are vulnerable and what will happen if a journal can be infected by attackers. This opinion is not a technical manual in information security, it is a short inspection that we did to improve the security of academic journals.

Supporting Case-Based Learning in Information Security with Web-Based Technology

ERIC Educational Resources Information Center

He, Wu; Yuan, Xiaohong; Yang, Li

2013-01-01

Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security…

Internet/Web-based administration of benefits.

PubMed

Vitiello, J

2001-09-01

Most funds will face the challenge of deploying at least some Web-based functionality in the near future, if they have not already done so. Clear objectives and careful planning will help ensure success. Issues that must be considered include support requirements, security concerns, functional business objectives, and employer and member Web access.

Network Computing Infrastructure to Share Tools and Data in Global Nuclear Energy Partnership

NASA Astrophysics Data System (ADS)

Kim, Guehee; Suzuki, Yoshio; Teshima, Naoya

CCSE/JAEA (Center for Computational Science and e-Systems/Japan Atomic Energy Agency) integrated a prototype system of a network computing infrastructure for sharing tools and data to support the U.S. and Japan collaboration in GNEP (Global Nuclear Energy Partnership). We focused on three technical issues to apply our information process infrastructure, which are accessibility, security, and usability. In designing the prototype system, we integrated and improved both network and Web technologies. For the accessibility issue, we adopted SSL-VPN (Security Socket Layer-Virtual Private Network) technology for the access beyond firewalls. For the security issue, we developed an authentication gateway based on the PKI (Public Key Infrastructure) authentication mechanism to strengthen the security. Also, we set fine access control policy to shared tools and data and used shared key based encryption method to protect tools and data against leakage to third parties. For the usability issue, we chose Web browsers as user interface and developed Web application to provide functions to support sharing tools and data. By using WebDAV (Web-based Distributed Authoring and Versioning) function, users can manipulate shared tools and data through the Windows-like folder environment. We implemented the prototype system in Grid infrastructure for atomic energy research: AEGIS (Atomic Energy Grid Infrastructure) developed by CCSE/JAEA. The prototype system was applied for the trial use in the first period of GNEP.

WebTag: Web browsing into sensor tags over NFC.

PubMed

Echevarria, Juan Jose; Ruiz-de-Garibay, Jonathan; Legarda, Jon; Alvarez, Maite; Ayerbe, Ana; Vazquez, Juan Ignacio

2012-01-01

Information and Communication Technologies (ICTs) continue to overcome many of the challenges related to wireless sensor monitoring, such as for example the design of smarter embedded processors, the improvement of the network architectures, the development of efficient communication protocols or the maximization of the life cycle autonomy. This work tries to improve the communication link of the data transmission in wireless sensor monitoring. The upstream communication link is usually based on standard IP technologies, but the downstream side is always masked with the proprietary protocols used for the wireless link (like ZigBee, Bluetooth, RFID, etc.). This work presents a novel solution (WebTag) for a direct IP based access to a sensor tag over the Near Field Communication (NFC) technology for secure applications. WebTag allows a direct web access to the sensor tag by means of a standard web browser, it reads the sensor data, configures the sampling rate and implements IP based security policies. It is, definitely, a new step towards the evolution of the Internet of Things paradigm.

WebTag: Web Browsing into Sensor Tags over NFC

PubMed Central

Echevarria, Juan Jose; Ruiz-de-Garibay, Jonathan; Legarda, Jon; Álvarez, Maite; Ayerbe, Ana; Vazquez, Juan Ignacio

2012-01-01

Information and Communication Technologies (ICTs) continue to overcome many of the challenges related to wireless sensor monitoring, such as for example the design of smarter embedded processors, the improvement of the network architectures, the development of efficient communication protocols or the maximization of the life cycle autonomy. This work tries to improve the communication link of the data transmission in wireless sensor monitoring. The upstream communication link is usually based on standard IP technologies, but the downstream side is always masked with the proprietary protocols used for the wireless link (like ZigBee, Bluetooth, RFID, etc.). This work presents a novel solution (WebTag) for a direct IP based access to a sensor tag over the Near Field Communication (NFC) technology for secure applications. WebTag allows a direct web access to the sensor tag by means of a standard web browser, it reads the sensor data, configures the sampling rate and implements IP based security policies. It is, definitely, a new step towards the evolution of the Internet of Things paradigm. PMID:23012511

Using Secure Web Services to Visualize Poison Center Data for Nationwide Biosurveillance: A Case Study

PubMed Central

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M. Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Objectives Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. Methods As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Results Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. Discussion This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Conclusion Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance. PMID:23569581

Robust image obfuscation for privacy protection in Web 2.0 applications

NASA Astrophysics Data System (ADS)

Poller, Andreas; Steinebach, Martin; Liu, Huajian

2012-03-01

We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

Tools for Administration of a UNIX-Based Network

NASA Technical Reports Server (NTRS)

LeClaire, Stephen; Farrar, Edward

2004-01-01

Several computer programs have been developed to enable efficient administration of a large, heterogeneous, UNIX-based computing and communication network that includes a variety of computers connected to a variety of subnetworks. One program provides secure software tools for administrators to create, modify, lock, and delete accounts of specific users. This program also provides tools for users to change their UNIX passwords and log-in shells. These tools check for errors. Another program comprises a client and a server component that, together, provide a secure mechanism to create, modify, and query quota levels on a network file system (NFS) mounted by use of the VERITAS File SystemJ software. The client software resides on an internal secure computer with a secure Web interface; one can gain access to the client software from any authorized computer capable of running web-browser software. The server software resides on a UNIX computer configured with the VERITAS software system. Directories where VERITAS quotas are applied are NFS-mounted. Another program is a Web-based, client/server Internet Protocol (IP) address tool that facilitates maintenance lookup of information about IP addresses for a network of computers.

Development of a web-based register for the Dutch national study on biologicals in JIA: www.ABC-register.nl.

PubMed

Prince, F H M; Ferket, I S; Kamphuis, S; Armbrust, W; Ten Cate, R; Hoppenreijs, E P A H; Koopman-Keemink, Y; van Rossum, M A J; van Santen-Hoeufft, M; Twilt, M; van Suijlekom-Smit, L W A

2008-09-01

Most clinical studies use paper case record forms (CRFs) to collect data. In the Dutch multi-centre observational study on biologicals we encountered several disadvantages of using the paper CRFs. These are delay in data collection, lack of overview in collected data and difficulties in obtaining up-to-date interim reports. Therefore, we wanted to create a more effective method of data collection compared with CRFs on paper in a multi-centre study. We designed a web-based register with the intention to make it easy to use for participating physicians and at the same time accurate and up-to-date. Security demands were taken into account to secure the safety of the patient data. The web-based register was tested with data from 161 juvenile idiopathic arthritis patients from nine different centres. Internal validity was obtained and user-friendliness guaranteed. To secure the completeness of the data automatically generated e-mail alerts were implemented into the web-based register. More transparency of data was achieved by including the option to automatically generate interim reports of data in the web-based register. The safety was tested and approved. By digitalizing the CRF we achieved our aim to provide easy, rapid and safe access to the database and contributed to a new way of data collection. Although the web-based register was designed for the current multi-centre observational study, this type of instrument can also be applied to other types of studies. We expect that especially collaborative study groups will find it an efficient tool to collect data.

Secure web-based invocation of large-scale plasma simulation codes

NASA Astrophysics Data System (ADS)

Dimitrov, D. A.; Busby, R.; Exby, J.; Bruhwiler, D. L.; Cary, J. R.

2004-12-01

We present our design and initial implementation of a web-based system for running, both in parallel and serial, Particle-In-Cell (PIC) codes for plasma simulations with automatic post processing and generation of visual diagnostics.

Interpreting User's Choice of Technologies: A Quantitative Research on Choosing the Best Web-Based Communication Tools

ERIC Educational Resources Information Center

Adebiaye, Richmond

2010-01-01

The proliferation of web-based communication tools like email clients vis-a-vis Yahoo mail, Gmail, and Hotmail have led to new innovations in web-based communication. Email users benefit greatly from this technology, but lack of security of these tools can put users at risk of loss of privacy, including identity theft, corporate espionage, and…

An implementation of a security infrastructure compliant with the Italian Personal Data Protection Code in a web-based cooperative work system.

PubMed

Eccher, Claudio; Eccher, Lorenzo; Izzo, Umberto

2005-01-01

In this poster we describe the security solutions implemented in a web-based cooperative work frame-work for managing heart failure patients among different health care professionals involved in the care process. The solution, developed in close collaboration with the Law Department of the University of Trento, is compliant with the new Italian Personal Data Protection Code, issued in 2003, that regulates also the storing and processing of health data.

Teaching Web Security Using Portable Virtual Labs

ERIC Educational Resources Information Center

Chen, Li-Chiou; Tao, Lixin

2012-01-01

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Security Aspects of an Enterprise-Wide Network Architecture.

ERIC Educational Resources Information Center

Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

1999-01-01

Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chevassut, Olivier; Milner, Joseph; Pointcheval, David

2008-04-21

The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on anmore » analysis of relevant patents in the area.« less

Implementation of clinical research trials using web-based and mobile devices: challenges and solutions.

PubMed

Eagleson, Roy; Altamirano-Diaz, Luis; McInnis, Alex; Welisch, Eva; De Jesus, Stefanie; Prapavessis, Harry; Rombeek, Meghan; Seabrook, Jamie A; Park, Teresa; Norozi, Kambiz

2017-03-17

With the increasing implementation of web-based, mobile health interventions in clinical trials, it is crucial for researchers to address the security and privacy concerns of patient information according to high ethical standards. The full process of meeting these standards is often made more complicated due to the use of internet-based technology and smartphones for treatment, telecommunication, and data collection; however, this process is not well-documented in the literature. The Smart Heart Trial is a single-arm feasibility study that is currently assessing the effects of a web-based, mobile lifestyle intervention for overweight and obese children and youth with congenital heart disease in Southwestern Ontario. Participants receive telephone counseling regarding nutrition and fitness; and complete goal-setting activities on a web-based application. This paper provides a detailed overview of the challenges the study faced in meeting the high standards of our Research Ethics Board, specifically regarding patient privacy. We outline our solutions, successes, limitations, and lessons learned to inform future similar studies; and model much needed transparency in ensuring high quality security and protection of patient privacy when using web-based and mobile devices for telecommunication and data collection in clinical research.

Secure electronic commerce communication system based on CA

NASA Astrophysics Data System (ADS)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

76 FR 24848 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-03

...: USDA Web Based Supply Chain Management System (WBSCMs). OMB Control Number: 0581--NEW. Summary of... using the secure Web Based Supply Chain Management System (WBSCM). Vendors must be registered, and have... assists AMS with making a determination whether a business is viable and capable of supplying product to...

Research on web-based decision support system for sports competitions

NASA Astrophysics Data System (ADS)

Huo, Hanqiang

2010-07-01

This paper describes the system architecture and implementation technology of the decision support system for sports competitions, discusses the design of decision-making modules, management modules and security of the system, and proposes the development idea of building a web-based decision support system for sports competitions.

Access Control of Web and Java Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

Security and Efficiency Concerns With Distributed Collaborative Networking Environments

DTIC Science & Technology

2003-09-01

have the ability to access Web communications services of the WebEx MediaTone Network from a single login. [24] WebEx provides a range of secure...Web. WebEx services enable secure data, voice and video communications through the browser and are supported by the WebEx MediaTone Network, a global...designed to host large-scale, structured events and conferences, featuring a Q&A Manager that allows multiple moderators to handle questions while

76 FR 31968 - Agency Information Collection Activities: Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-02

.... Proposed Project: SAMHSA SOAR Web-Based Data Form--NEW In 2009 the Substance Abuse and Mental Health... in all states. SOAR's primary objective is to improve the allowance rate for Social Security... Center under SAMHSA's direction developed a web-based data form that case managers can use to track the...

76 FR 51044 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-17

.... Project: SAMHSA SOAR Web-Based Data Form--NEW In 2009 the Substance Abuse and Mental Health Services... states. SOAR's primary objective is to improve the allowance rate for Social Security Administration (SSA... SAMHSA's direction developed a web-based data form that case managers can use to track the progress of...

Computer-aided diagnosis workstation and teleradiology network system for chest diagnosis using the web medical image conference system with a new information security solution

NASA Astrophysics Data System (ADS)

Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kaneko, Masahiro; Kakinuma, Ryutaro; Moriyama, Noriyuki

2010-03-01

Diagnostic MDCT imaging requires a considerable number of images to be read. Moreover, the doctor who diagnoses a medical image is insufficient in Japan. Because of such a background, we have provided diagnostic assistance methods to medical screening specialists by developing a lung cancer screening algorithm that automatically detects suspected lung cancers in helical CT images, a coronary artery calcification screening algorithm that automatically detects suspected coronary artery calcification and a vertebra body analysis algorithm for quantitative evaluation of osteoporosis. We also have developed the teleradiology network system by using web medical image conference system. In the teleradiology network system, the security of information network is very important subjects. Our teleradiology network system can perform Web medical image conference in the medical institutions of a remote place using the web medical image conference system. We completed the basic proof experiment of the web medical image conference system with information security solution. We can share the screen of web medical image conference system from two or more web conference terminals at the same time. An opinion can be exchanged mutually by using a camera and a microphone that are connected with the workstation that builds in some diagnostic assistance methods. Biometric face authentication used on site of teleradiology makes "Encryption of file" and "Success in login" effective. Our Privacy and information security technology of information security solution ensures compliance with Japanese regulations. As a result, patients' private information is protected. Based on these diagnostic assistance methods, we have developed a new computer-aided workstation and a new teleradiology network that can display suspected lesions three-dimensionally in a short time. The results of this study indicate that our radiological information system without film by using computer-aided diagnosis workstation and our teleradiology network system can increase diagnostic speed, diagnostic accuracy and security improvement of medical information.

Data Mining for Web-Based Support Systems: A Case Study in e-Custom Systems

NASA Astrophysics Data System (ADS)

Razmerita, Liana; Kirchner, Kathrin

This chapter provides an example of a Web-based support system (WSS) used to streamline trade procedures, prevent potential security threats, and reduce tax-related fraud in cross-border trade. The architecture is based on a service-oriented architecture that includes smart seals and Web services. We discuss the implications and suggest further enhancements to demonstrate how such systems can move toward a Web-based decision support system with the support of data mining methods. We provide a concrete example of how data mining can help to analyze the vast amount of data collected while monitoring the container movements along its supply chain.

Effectiveness of home blood pressure monitoring, Web communication, and pharmacist care on hypertension control: a randomized controlled trial.

PubMed

Green, Beverly B; Cook, Andrea J; Ralston, James D; Fishman, Paul A; Catz, Sheryl L; Carlson, James; Carrell, David; Tyll, Lynda; Larson, Eric B; Thompson, Robert S

2008-06-25

Treating hypertension decreases mortality and disability from cardiovascular disease, but most hypertension remains inadequately controlled. To determine if a new model of care that uses patient Web services, home blood pressure (BP) monitoring, and pharmacist-assisted care improves BP control. A 3-group randomized controlled trial, the Electronic Communications and Home Blood Pressure Monitoring study was based on the Chronic Care Model. The trial was conducted at an integrated group practice in Washington state, enrolling 778 participants aged 25 to 75 years with uncontrolled essential hypertension and Internet access. Care was delivered over a secure patient Web site from June 2005 to December 2007. Participants were randomly assigned to usual care, home BP monitoring and secure patient Web site training only, or home BP monitoring and secure patient Web site training plus pharmacist care management delivered through Web communications. Percentage of patients with controlled BP (<140/90 mm Hg) and changes in systolic and diastolic BP at 12 months. Of 778 patients, 730 (94%) completed the 1-year follow-up visit. Patients assigned to the home BP monitoring and Web training only group had a nonsignificant increase in the percentage of patients with controlled BP (<140/90 mm Hg) compared with usual care (36% [95% confidence interval {CI}, 30%-42%] vs 31% [95% CI, 25%-37%]; P = .21). Adding Web-based pharmacist care to home BP monitoring and Web training significantly increased the percentage of patients with controlled BP (56%; 95% CI, 49%-62%) compared with usual care (P < .001) and home BP monitoring and Web training only (P < .001). Systolic BP was decreased stepwise from usual care to home BP monitoring and Web training only to home BP monitoring and Web training plus pharmacist care. Diastolic BP was decreased only in the pharmacist care group compared with both the usual care and home BP monitoring and Web training only groups. Compared with usual care, the patients who had baseline systolic BP of 160 mm Hg or higher and received home BP monitoring and Web training plus pharmacist care had a greater net reduction in systolic BP (-13.2 mm Hg [95% CI, -19.2 to -7.1]; P < .001) and diastolic BP (-4.6 mm Hg [95% CI, -8.0 to -1.2]; P < .001), and improved BP control (relative risk, 3.32 [95% CI, 1.86 to 5.94]; P<.001). Pharmacist care management delivered through secure patient Web communications improved BP control in patients with hypertension. Trial Registration clinicaltrials.gov Identifier: NCT00158639.

A Policy Based Approach for the Management of Web Browser Resources to Prevent Anonymity Attacks in Tor

NASA Astrophysics Data System (ADS)

Navarro-Arribas, Guillermo; Garcia-Alfaro, Joaquin

Web browsers are becoming the universal interface to reach applications and services related with these systems. Different browsing contexts may be required in order to reach them, e.g., use of VPN tunnels, corporate proxies, anonymisers, etc. By browsing context we mean how the user browsers the Web, including mainly the concrete configuration of its browser. When the context of the browser changes, its security requirements also change. In this work, we present the use of authorisation policies to automatise the process of controlling the resources of a Web browser when its context changes. The objective of our proposal is oriented towards easing the adaptation to the security requirements of the new context and enforce them in the browser without the need for user intervention. We present a concrete application of our work as a plug-in for the adaption of security requirements in Mozilla/Firefox browser when a context of anonymous navigation through the Tor network is enabled.

Building Multilevel Secure Web Services-Based Components for the Global Information Grid

DTIC Science & Technology

2006-05-01

unclassified Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18 Transforming: Business , Security ,Warfighting 16 CROSSTALK The Journal of Defense...A Single Step of the BAC Table 1: A Single Step of the Block Access Controller Transforming: Business , Security ,Warfighting 18 CROSSTALK The Journal

Construction and validation of a web-based epidemiological database for inflammatory bowel diseases in Europe An EpiCom study.

PubMed

Burisch, Johan; Cukovic-Cavka, Silvija; Kaimakliotis, Ioannis; Shonová, Olga; Andersen, Vibeke; Dahlerup, Jens F; Elkjaer, Margarita; Langholz, Ebbe; Pedersen, Natalia; Salupere, Riina; Kolho, Kaija-Leena; Manninen, Pia; Lakatos, Peter Laszlo; Shuhaibar, Mary; Odes, Selwyn; Martinato, Matteo; Mihu, Ion; Magro, Fernando; Belousova, Elena; Fernandez, Alberto; Almer, Sven; Halfvarson, Jonas; Hart, Ailsa; Munkholm, Pia

2011-08-01

The EpiCom-study investigates a possible East-West-gradient in Europe in the incidence of IBD and the association with environmental factors. A secured web-based database is used to facilitate and centralize data registration. To construct and validate a web-based inception cohort database available in both English and Russian language. The EpiCom database has been constructed in collaboration with all 34 participating centers. The database was translated into Russian using forward translation, patient questionnaires were translated by simplified forward-backward translation. Data insertion implies fulfillment of international diagnostic criteria, disease activity, medical therapy, quality of life, work productivity and activity impairment, outcome of pregnancy, surgery, cancer and death. Data is secured by the WinLog3 System, developed in cooperation with the Danish Data Protection Agency. Validation of the database has been performed in two consecutive rounds, each followed by corrections in accordance with comments. The EpiCom database fulfills the requirements of the participating countries' local data security agencies by being stored at a single location. The database was found overall to be "good" or "very good" by 81% of the participants after the second validation round and the general applicability of the database was evaluated as "good" or "very good" by 77%. In the inclusion period January 1st -December 31st 2010 1336 IBD patients have been included in the database. A user-friendly, tailor-made and secure web-based inception cohort database has been successfully constructed, facilitating remote data input. The incidence of IBD in 23 European countries can be found at www.epicom-ecco.eu. Copyright © 2011 European Crohn's and Colitis Organisation. All rights reserved.

A Web-Based Database for Nurse Led Outreach Teams (NLOT) in Toronto.

PubMed

Li, Shirley; Kuo, Mu-Hsing; Ryan, David

2016-01-01

A web-based system can provide access to real-time data and information. Healthcare is moving towards digitizing patients' medical information and securely exchanging it through web-based systems. In one of Ontario's health regions, Nurse Led Outreach Teams (NLOT) provide emergency mobile nursing services to help reduce unnecessary transfers from long-term care homes to emergency departments. Currently the NLOT team uses a Microsoft Access database to keep track of the health information on the residents that they serve. The Access database lacks scalability, portability, and interoperability. The objective of this study is the development of a web-based database using Oracle Application Express that is easily accessible from mobile devices. The web-based database will allow NLOT nurses to enter and access resident information anytime and from anywhere.

Web Services Security - Implementation and Evaluation Issues

NASA Astrophysics Data System (ADS)

Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

Incentives to Encourage Scientific Web Contribution (Invited)

NASA Astrophysics Data System (ADS)

Antunes, A. K.

2010-12-01

We suggest improvements to citation standards and creation of remuneration opportunities to encourage career scientist contributions to Web2.0 and social media science channels. At present, agencies want to accomplish better outreach and engagement with no funding, while scientists sacrifice their personal time to contribute to web and social media sites. Securing active participation by scientists requires career recognition of the value scientists provide to web knowledge bases and to the general public. One primary mechanism to encourage participation is citation standards, which let a contributor improve their reputation in a quantifiable way. But such standards must be recognized by their scientific and workplace communities. Using case studies such as the acceptance of web in the workplace and the growth of open access journals, we examine what agencies and individual can do as well as the time scales needed to secure increased active contribution by scientists. We also discuss ways to jumpstart this process.

76 FR 29817 - Further Definition of “Swap,” “Security-Based Swap,” and “Security-Based Swap Agreement”; Mixed...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-23

... present their views more generally on implementation of the Dodd-Frank Act through their Web sites... . The views expressed in the comments in response to the ANPR, in response to the Commissions' informal solicitations, and at such meetings are collectively referred to as the views of ``commenters.'' Based on this...

Web-Enabled Systems for Student Access.

ERIC Educational Resources Information Center

Harris, Chad S.; Herring, Tom

1999-01-01

California State University, Fullerton is developing a suite of server-based, Web-enabled applications that distribute the functionality of its student information system software to external customers without modifying the mainframe applications or databases. The cost-effective, secure, and rapidly deployable business solution involves using the…

Protecting Database Centric Web Services against SQL/XPath Injection Attacks

NASA Astrophysics Data System (ADS)

Laranjeiro, Nuno; Vieira, Marco; Madeira, Henrique

Web services represent a powerful interface for back-end database systems and are increasingly being used in business critical applications. However, field studies show that a large number of web services are deployed with security flaws (e.g., having SQL Injection vulnerabilities). Although several techniques for the identification of security vulnerabilities have been proposed, developing non-vulnerable web services is still a difficult task. In fact, security-related concerns are hard to apply as they involve adding complexity to already complex code. This paper proposes an approach to secure web services against SQL and XPath Injection attacks, by transparently detecting and aborting service invocations that try to take advantage of potential vulnerabilities. Our mechanism was applied to secure several web services specified by the TPC-App benchmark, showing to be 100% effective in stopping attacks, non-intrusive and very easy to use.

The research of network database security technology based on web service

NASA Astrophysics Data System (ADS)

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

Design of Provider-Provisioned Website Protection Scheme against Malware Distribution

NASA Astrophysics Data System (ADS)

Yagi, Takeshi; Tanimoto, Naoto; Hariu, Takeo; Itoh, Mitsutaka

Vulnerabilities in web applications expose computer networks to security threats, and many websites are used by attackers as hopping sites to attack other websites and user terminals. These incidents prevent service providers from constructing secure networking environments. To protect websites from attacks exploiting vulnerabilities in web applications, service providers use web application firewalls (WAFs). WAFs filter accesses from attackers by using signatures, which are generated based on the exploit codes of previous attacks. However, WAFs cannot filter unknown attacks because the signatures cannot reflect new types of attacks. In service provider environments, the number of exploit codes has recently increased rapidly because of the spread of vulnerable web applications that have been developed through cloud computing. Thus, generating signatures for all exploit codes is difficult. To solve these problems, our proposed scheme detects and filters malware downloads that are sent from websites which have already received exploit codes. In addition, to collect information for detecting malware downloads, web honeypots, which automatically extract the communication records of exploit codes, are used. According to the results of experiments using a prototype, our scheme can filter attacks automatically so that service providers can provide secure and cost-effective network environments.

Secure medical digital libraries.

PubMed

Papadakis, I; Chrissikopoulos, V; Polemi, D

2001-12-01

In this paper, a secure medical digital library is presented. It is based on the CORBA specifications for distributed systems. The described approach relies on a three-tier architecture. Interaction between the medical digital library and its users is achieved through a Web server. The choice of employing Web technology for the dissemination of medical data has many advantages compared to older approaches, but also poses extra requirements that need to be fulfilled. Thus, special attention is paid to the distinguished nature of such medical data, whose integrity and confidentiality should be preserved at all costs. This is achieved through the employment of Trusted Third Parties (TTP) technology for the support of the required security services. Additionally, the proposed digital library employs smartcards for the management of the various security tokens that are used from the above services.

The Effectiveness of Homeland Security Training for Rural Communities: A Comparative Analysis of Web-Based and Instructor-Led Training Delivery

ERIC Educational Resources Information Center

Baggett, Ryan K.

2012-01-01

The development of advanced training technologies such as Web Based Training (WBT), coupled with the proliferation of computer and Internet availability, has increased training opportunities for rural communities. This advancement is critical to meeting the training needs of emergency response personnel in rural communities who routinely face the…

Home blood pressure monitoring, secure electronic messaging and medication intensification for improving hypertension control: a mediation analysis.

PubMed

Ralston, J D; Cook, A J; Anderson, M L; Catz, S L; Fishman, P A; Carlson, J; Johnson, R; Green, B B

2014-01-01

We evaluated the role of home monitoring, communication with pharmacists, medication intensification, medication adherence and lifestyle factors in contributing to the effectiveness of an intervention to improve blood pressure control in patients with uncontrolled essential hypertension. We performed a mediation analysis of a published randomized trial based on the Chronic Care Model delivered over a secure patient website from June 2005 to December 2007. Study arms analyzed included usual care with a home blood pressure monitor and usual care with home blood pressure monitor and web-based pharmacist care. Mediator measures included secure messaging and telephone encounters; home blood pressure monitoring; medications intensification and adherence and lifestyle factors. Overall fidelity to the Chronic Care Model was assessed with the Patient Assessment of Chronic Care (PACIC) instrument. The primary outcome was percent of participants with blood pressure (BP) <140/90 mm Hg. At 12 months follow-up, patients in the web-based pharmacist care group were more likely to have BP <140/90 mm Hg (55%) compared to patients in the group with home blood pressure monitors only (37%) (p = 0.001). Home blood pressure monitoring accounted for 30.3% of the intervention effect, secure electronic messaging accounted for 96%, and medication intensification for 29.3%. Medication adherence and self-report of fruit and vegetable intake and weight change were not different between the two study groups. The PACIC score accounted for 22.0 % of the main intervention effect. The effect of web-based pharmacist care on improved blood pressure control was explained in part through a combination of home blood pressure monitoring, secure messaging, and antihypertensive medication intensification.

A transmission security framework for email-based telemedicine.

PubMed

Caffery, Liam J; Smith, Anthony C

2010-01-01

Encryption is used to convert an email message to an unreadable format thereby securing patient privacy during the transmission of the message across the Internet. Two available means of encryption are: public key infrastructure (PKI) used in conjunction with ordinary email and secure hypertext transfer protocol (HTTPS) used by secure web-mail applications. Both of these approaches have advantages and disadvantages in terms of viability, cost, usability and compliance. The aim of this study was develop an instrument to identify the most appropriate means of encrypting email communication for telemedicine. A multi-method approach was used to construct the instrument. Technical assessment and existing bodies of knowledge regarding the utility of PKI were analyzed, along with survey results from users of Queensland Health's Child and Youth Mental Health Service secure web-mail service. The resultant decision support model identified that the following conditions affect the choice of encryption technology: correspondent's risk perception, correspondent's identification to the security afforded by encryption, email-client used by correspondents, the tolerance to human error and the availability of technical resources. A decision support model is presented as a flow chart to identify the most appropriate encryption for a specific email-based telemedicine service.

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Municipal securities...

Marketing and Selling CD-ROM Products on the World-Wide Web.

ERIC Educational Resources Information Center

Walker, Becki

1995-01-01

Describes three companies' approaches to marketing and selling CD-ROM products on the World Wide Web. Benefits include low overhead for Internet-based sales, allowance for creativity, and ability to let customers preview products online. Discusses advertising, information delivery, content, information services, and security. (AEF)

Web-based Factors Affecting Online Purchasing Behaviour

NASA Astrophysics Data System (ADS)

Ariff, Mohd Shoki Md; Sze Yan, Ng; Zakuan, Norhayati; Zaidi Bahari, Ahamad; Jusoh, Ahmad

2013-06-01

The growing use of internet and online purchasing among young consumers in Malaysia provides a huge prospect in e-commerce market, specifically for B2C segment. In this market, if E-marketers know the web-based factors affecting online buyers' behaviour, and the effect of these factors on behaviour of online consumers, then they can develop their marketing strategies to convert potential customers into active one, while retaining existing online customers. Review of previous studies related to the online purchasing behaviour in B2C market has point out that the conceptualization and empirical validation of the online purchasing behaviour of Information and Communication Technology (ICT) literate users, or ICT professional, in Malaysia has not been clearly addressed. This paper focuses on (i) web-based factors which online buyers (ICT professional) keep in mind while shopping online; and (ii) the effect of web-based factors on online purchasing behaviour. Based on the extensive literature review, a conceptual framework of 24 items of five factors was constructed to determine web-based factors affecting online purchasing behaviour of ICT professional. Analysis of data was performed based on the 310 questionnaires, which were collected using a stratified random sampling method, from ICT undergraduate students in a public university in Malaysia. The Exploratory factor analysis performed showed that five factors affecting online purchase behaviour are Information Quality, Fulfilment/Reliability/Customer Service, Website Design, Quick and Details, and Privacy/Security. The result of Multiple Regression Analysis indicated that Information Quality, Quick and Details, and Privacy/Security affect positively online purchase behaviour. The results provide a usable model for measuring web-based factors affecting buyers' online purchase behaviour in B2C market, as well as for online shopping companies to focus on the factors that will increase customers' online purchase.

Columbia University's Informatics for Diabetes Education and Telemedicine (IDEATel) Project

PubMed Central

Starren, Justin; Hripcsak, George; Sengupta, Soumitra; Abbruscato, C.R.; Knudson, Paul E.; Weinstock, Ruth S.; Shea, Steven

2002-01-01

The Columbia University Informatics for Diabetes Education and Telemedicine IDEATel) project is a four-year demonstration project funded by the Centers for Medicare and Medicaid Services with the overall goal of evaluating the feasibility, acceptability, effectiveness, and cost-effectiveness of telemedicine. The focal point of the intervention is the home telemedicine unit (HTU), which provides four functions: synchronous videoconferencing over standard telephone lines, electronic transmission for fingerstick glucose and blood pressure readings, secure Web-based messaging and clinical data review, and access to Web-based educational materials. The HTU must be usable by elderly patients with no prior computer experience. Providing these functions through the HTU requires tight integration of six components: the HTU itself, case management software, a clinical information system, Web-based educational material, data security, and networking and telecommunications. These six components were integrated through a variety of interfaces, providing a system that works well for patients and providers. With more than 400 HTUs installed, IDEATel has demonstrated the feasibility of large-scale home telemedicine. PMID:11751801

Recent advancements on the development of web-based applications for the implementation of seismic analysis and surveillance systems

NASA Astrophysics Data System (ADS)

Friberg, P. A.; Luis, R. S.; Quintiliani, M.; Lisowski, S.; Hunter, S.

2014-12-01

Recently, a novel set of modules has been included in the Open Source Earthworm seismic data processing system, supporting the use of web applications. These include the Mole sub-system, for storing relevant event data in a MySQL database (see M. Quintiliani and S. Pintore, SRL, 2013), and an embedded webserver, Moleserv, for serving such data to web clients in QuakeML format. These modules have enabled, for the first time using Earthworm, the use of web applications for seismic data processing. These can greatly simplify the operation and maintenance of seismic data processing centers by having one or more servers providing the relevant data as well as the data processing applications themselves to client machines running arbitrary operating systems.Web applications with secure online web access allow operators to work anywhere, without the often cumbersome and bandwidth hungry use of secure shell or virtual private networks. Furthermore, web applications can seamlessly access third party data repositories to acquire additional information, such as maps. Finally, the usage of HTML email brought the possibility of specialized web applications, to be used in email clients. This is the case of EWHTMLEmail, which produces event notification emails that are in fact simple web applications for plotting relevant seismic data.Providing web services as part of Earthworm has enabled a number of other tools as well. One is ISTI's EZ Earthworm, a web based command and control system for an otherwise command line driven system; another is a waveform web service. The waveform web service serves Earthworm data to additional web clients for plotting, picking, and other web-based processing tools. The current Earthworm waveform web service hosts an advanced plotting capability for providing views of event-based waveforms from a Mole database served by Moleserve.The current trend towards the usage of cloud services supported by web applications is driving improvements in JavaScript, css and HTML, as well as faster and more efficient web browsers, including mobile. It is foreseeable that in the near future, web applications are as powerful and efficient as native applications. Hence the work described here has been the first step towards bringing the Open Source Earthworm seismic data processing system to this new paradigm.

Accelerating Cancer Systems Biology Research through Semantic Web Technology

PubMed Central

Wang, Zhihui; Sagotsky, Jonathan; Taylor, Thomas; Shironoshita, Patrick; Deisboeck, Thomas S.

2012-01-01

Cancer systems biology is an interdisciplinary, rapidly expanding research field in which collaborations are a critical means to advance the field. Yet the prevalent database technologies often isolate data rather than making it easily accessible. The Semantic Web has the potential to help facilitate web-based collaborative cancer research by presenting data in a manner that is self-descriptive, human and machine readable, and easily sharable. We have created a semantically linked online Digital Model Repository (DMR) for storing, managing, executing, annotating, and sharing computational cancer models. Within the DMR, distributed, multidisciplinary, and inter-organizational teams can collaborate on projects, without forfeiting intellectual property. This is achieved by the introduction of a new stakeholder to the collaboration workflow, the institutional licensing officer, part of the Technology Transfer Office. Furthermore, the DMR has achieved silver level compatibility with the National Cancer Institute’s caBIG®, so users can not only interact with the DMR through a web browser but also through a semantically annotated and secure web service. We also discuss the technology behind the DMR leveraging the Semantic Web, ontologies, and grid computing to provide secure inter-institutional collaboration on cancer modeling projects, online grid-based execution of shared models, and the collaboration workflow protecting researchers’ intellectual property. PMID:23188758

Accelerating cancer systems biology research through Semantic Web technology.

PubMed

Wang, Zhihui; Sagotsky, Jonathan; Taylor, Thomas; Shironoshita, Patrick; Deisboeck, Thomas S

2013-01-01

Cancer systems biology is an interdisciplinary, rapidly expanding research field in which collaborations are a critical means to advance the field. Yet the prevalent database technologies often isolate data rather than making it easily accessible. The Semantic Web has the potential to help facilitate web-based collaborative cancer research by presenting data in a manner that is self-descriptive, human and machine readable, and easily sharable. We have created a semantically linked online Digital Model Repository (DMR) for storing, managing, executing, annotating, and sharing computational cancer models. Within the DMR, distributed, multidisciplinary, and inter-organizational teams can collaborate on projects, without forfeiting intellectual property. This is achieved by the introduction of a new stakeholder to the collaboration workflow, the institutional licensing officer, part of the Technology Transfer Office. Furthermore, the DMR has achieved silver level compatibility with the National Cancer Institute's caBIG, so users can interact with the DMR not only through a web browser but also through a semantically annotated and secure web service. We also discuss the technology behind the DMR leveraging the Semantic Web, ontologies, and grid computing to provide secure inter-institutional collaboration on cancer modeling projects, online grid-based execution of shared models, and the collaboration workflow protecting researchers' intellectual property. Copyright © 2012 Wiley Periodicals, Inc.

Security concept in 'MyAngelWeb' a website for the individual patient at risk of emergency.

PubMed

Pinciroli, F; Nahaissi, D; Boschini, M; Ferrari, R; Meloni, G; Camnasio, M; Spaggiari, P; Carnerone, G

2000-11-01

We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

Security concept in 'MyAngelWeb((R))' a website for the individual patient at risk of emergency.

PubMed

Pinciroli; Nahaissi; Boschini; Ferrari; Meloni; Camnasio; Spaggiari; Carnerone

2000-11-01

We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

Access Control of Web- and Java-Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

A Web-based, secure, light weight clinical multimedia data capture and display system.

PubMed

Wang, S S; Starren, J

2000-01-01

Computer-based patient records are traditionally composed of textual data. Integration of multimedia data has been historically slow. Multimedia data such as image, audio, and video have been traditionally more difficult to handle. An implementation of a clinical system for multimedia data is discussed. The system implementation uses Java, Secure Socket Layer (SSL), and Oracle 8i. The system is on top of the Internet so it is architectural independent, cross-platform, cross-vendor, and secure. Design and implementations issues are discussed.

Service-Oriented Architecture for NVO and TeraGrid Computing

NASA Technical Reports Server (NTRS)

Jacob, Joseph; Miller, Craig; Williams, Roy; Steenberg, Conrad; Graham, Matthew

2008-01-01

The National Virtual Observatory (NVO) Extensible Secure Scalable Service Infrastructure (NESSSI) is a Web service architecture and software framework that enables Web-based astronomical data publishing and processing on grid computers such as the National Science Foundation's TeraGrid. Characteristics of this architecture include the following: (1) Services are created, managed, and upgraded by their developers, who are trusted users of computing platforms on which the services are deployed. (2) Service jobs can be initiated by means of Java or Python client programs run on a command line or with Web portals. (3) Access is granted within a graduated security scheme in which the size of a job that can be initiated depends on the level of authentication of the user.

reCAPTCHA: human-based character recognition via Web security measures.

PubMed

von Ahn, Luis; Maurer, Benjamin; McMillen, Colin; Abraham, David; Blum, Manuel

2008-09-12

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.

Applying World Wide Web technology to the study of patients with rare diseases.

PubMed

de Groen, P C; Barry, J A; Schaller, W J

1998-07-15

Randomized, controlled trials of sporadic diseases are rarely conducted. Recent developments in communication technology, particularly the World Wide Web, allow efficient dissemination and exchange of information. However, software for the identification of patients with a rare disease and subsequent data entry and analysis in a secure Web database are currently not available. To study cholangiocarcinoma, a rare cancer of the bile ducts, we developed a computerized disease tracing system coupled with a database accessible on the Web. The tracing system scans computerized information systems on a daily basis and forwards demographic information on patients with bile duct abnormalities to an electronic mailbox. If informed consent is given, the patient's demographic and preexisting medical information available in medical database servers are electronically forwarded to a UNIX research database. Information from further patient-physician interactions and procedures is also entered into this database. The database is equipped with a Web user interface that allows data entry from various platforms (PC-compatible, Macintosh, and UNIX workstations) anywhere inside or outside our institution. To ensure patient confidentiality and data security, the database includes all security measures required for electronic medical records. The combination of a Web-based disease tracing system and a database has broad applications, particularly for the integration of clinical research within clinical practice and for the coordination of multicenter trials.

A systematic review of studies of web portals for patients with diabetes mellitus.

PubMed

Coughlin, Steven S; Williams, Lovoria B; Hatzigeorgiou, Christos

2017-01-01

Patient web portals are password-protected online websites that offer patients 24-hour access to personal health information from anywhere with an Internet connection. Due to advances in health information technologies, there has been increasing interest among providers and researchers in patient web portals for use by patients with diabetes and other chronic conditions. This article, which is based upon bibliographic searches in PubMed, reviews web portals for patients with diabetes mellitus including patient web portals tethered to electronic medical records and web portals developed specifically for patients with diabetes. Twelve studies of the impact of patient web portals on the management of diabetes patients were identified. Three had a cross-sectional design, 1 employed mixed-methods, one had a matched-control design, 3 had a retrospective cohort design, and 5 were randomized controlled trials. Six (50%) of the studies examined web portals tethered to electronic medical records and the remainder were web portals developed specifically for diabetes patients. The results of this review suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control. However, results from observational studies indicate that many diabetic patients do not take advantage of web portal features such as secure messaging, perhaps because of a lack of internet access or lack of experience in navigating web portal resources. Although results from randomized controlled trials provide stronger evidence of the efficacy of web portal use in improving glycemic control among diabetic patients, the number of trials is small and results from the trials have been mixed. Studies suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control, but negative findings have also been reported. The number of randomized controlled trials that have examined the efficacy of web portal use in improving glycemic control among diabetic patients is still small. Additional research is needed to identify specific portal features that may impact quality of care or improve glycemic control.

A systematic review of studies of web portals for patients with diabetes mellitus

PubMed Central

Williams, Lovoria B.; Hatzigeorgiou, Christos

2017-01-01

Patient web portals are password-protected online websites that offer patients 24-hour access to personal health information from anywhere with an Internet connection. Due to advances in health information technologies, there has been increasing interest among providers and researchers in patient web portals for use by patients with diabetes and other chronic conditions. This article, which is based upon bibliographic searches in PubMed, reviews web portals for patients with diabetes mellitus including patient web portals tethered to electronic medical records and web portals developed specifically for patients with diabetes. Twelve studies of the impact of patient web portals on the management of diabetes patients were identified. Three had a cross-sectional design, 1 employed mixed-methods, one had a matched-control design, 3 had a retrospective cohort design, and 5 were randomized controlled trials. Six (50%) of the studies examined web portals tethered to electronic medical records and the remainder were web portals developed specifically for diabetes patients. The results of this review suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control. However, results from observational studies indicate that many diabetic patients do not take advantage of web portal features such as secure messaging, perhaps because of a lack of internet access or lack of experience in navigating web portal resources. Although results from randomized controlled trials provide stronger evidence of the efficacy of web portal use in improving glycemic control among diabetic patients, the number of trials is small and results from the trials have been mixed. Studies suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control, but negative findings have also been reported. The number of randomized controlled trials that have examined the efficacy of web portal use in improving glycemic control among diabetic patients is still small. Additional research is needed to identify specific portal features that may impact quality of care or improve glycemic control. PMID:28736732

Orchestrating BMD Control in Extended BPEL

DTIC Science & Technology

2008-05-21

Orchestration of secure WebMail , Technical Report ISE-TR-06-08, George Mason University, Fairfax, VA, August 2006. [9] E. Christensen, F. Curbera...methods to access and dissemination control, securing circuit switched (SS7) and IP based telecommunication (VoIP) systems, multimedia, security ...decorating the Business Process Execution Language (BPEL) with Quality of Service (QoS), Measures of Performance (MoP), Measures of Effectiveness (MoE

Automatic Web-based Calibration of Network-Capable Shipboard Sensors

DTIC Science & Technology

2007-09-01

Server, Java , Applet, and Servlet . 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS PAGE...49 b. Sensor Applet...........................................................................49 3. Java Servlet ...Table 1. Required System Environment Variables for Java Servlet Development. ......25 Table 2. Payload Data Format of the POST Requests from

A demanding web-based PACS supported by web services technology

NASA Astrophysics Data System (ADS)

Costa, Carlos M. A.; Silva, Augusto; Oliveira, José L.; Ribeiro, Vasco G.; Ribeiro, José

2006-03-01

During the last years, the ubiquity of web interfaces have pushed practically all PACS suppliers to develop client applications in which clinical practitioners can receive and analyze medical images, using conventional personal computers and Web browsers. However, due to security and performance issues, the utilization of these software packages has been restricted to Intranets. Paradigmatically, one of the most important advantages of digital image systems is to simplify the widespread sharing and remote access of medical data between healthcare institutions. This paper analyses the traditional PACS drawbacks that contribute to their reduced usage in the Internet and describes a PACS based on Web Services technology that supports a customized DICOM encoding syntax and a specific compression scheme providing all historical patient data in a unique Web interface.

Method for secure electronic voting system: face recognition based approach

NASA Astrophysics Data System (ADS)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

Secure remote access to a clinical data repository using a wireless personal digital assistant (PDA).

PubMed

Duncan, R G; Shabot, M M

2000-01-01

TCP/IP and World-Wide-Web (WWW) technology have become the universal standards for networking and delivery of information. Personal digital assistants (PDAs), cellular telephones, and alphanumeric pagers are rapidly converging on a single pocket device that will leverage wireless TCP/IP networks and WWW protocols and can be used to deliver clinical information and alerts anytime, anywhere. We describe a wireless interface to clinical information for physicians based on Palm Corp.'s Palm VII pocket computer, a wireless digital network, encrypted data transmission, secure web servers, and a clinical data repository (CDR).

Secure remote access to a clinical data repository using a wireless personal digital assistant (PDA).

PubMed Central

Duncan, R. G.; Shabot, M. M.

2000-01-01

TCP/IP and World-Wide-Web (WWW) technology have become the universal standards for networking and delivery of information. Personal digital assistants (PDAs), cellular telephones, and alphanumeric pagers are rapidly converging on a single pocket device that will leverage wireless TCP/IP networks and WWW protocols and can be used to deliver clinical information and alerts anytime, anywhere. We describe a wireless interface to clinical information for physicians based on Palm Corp.'s Palm VII pocket computer, a wireless digital network, encrypted data transmission, secure web servers, and a clinical data repository (CDR). PMID:11079875

Session management for web-based healthcare applications.

PubMed Central

Wei, L.; Sengupta, S.

1999-01-01

In health care systems, users may access multiple applications during one session of interaction with the system. However, users must sign on to each application individually, and it is difficult to maintain a common context among these applications. We are developing a session management system for web-based applications using LDAP directory service, which will allow single sign-on to multiple web-based applications, and maintain a common context among those applications for the user. This paper discusses the motivations for building this system, the system architecture, and the challenges of our approach, such as the session objects management for the user, and session security. PMID:10566511

A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application

DOE Office of Scientific and Technical Information (OSTI.GOV)

Curtis, Darren S.; Peterson, Elena S.; Oehmen, Chris S.

2008-05-04

This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroicmore » effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster.« less

Implementation of the Web-based laboratory

NASA Astrophysics Data System (ADS)

Ying, Liu; Li, Xunbo

2005-12-01

With the rapid developments of Internet technologies, remote access and control via Internet is becoming a reality. A realization of the web-based laboratory (the W-LAB) was presented. The main target of the W-LAB was to allow users to easily access and conduct experiments via the Internet. While realizing the remote communication, a system, which adopted the double client-server architecture, was introduced. It ensures the system better security and higher functionality. The experimental environment implemented in the W-Lab was integrated by both virtual lab and remote lab. The embedded technology in the W-LAB system as an economical and efficient way to build the distributed infrastructural network was introduced. Furthermore, by introducing the user authentication mechanism in the system, it effectively secures the remote communication.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

The Transportation Secure Data Center (TSDC) at www.nrel.gov/tsdc provides free, web-based access to detailed transportation data from a variety of travel surveys conducted across the nation. While preserving the privacy of survey participants, this online repository makes vital transportation data broadly available to users from the comfort of their own desks via a secure online connection.

Implementing a low-cost web-based clinical trial management system for community studies: a case study.

PubMed

Geyer, John; Myers, Kathleen; Vander Stoep, Ann; McCarty, Carolyn; Palmer, Nancy; DeSalvo, Amy

2011-10-01

Clinical trials with multiple intervention locations and a single research coordinating center can be logistically difficult to implement. Increasingly, web-based systems are used to provide clinical trial support with many commercial, open source, and proprietary systems in use. New web-based tools are available which can be customized without programming expertise to deliver web-based clinical trial management and data collection functions. To demonstrate the feasibility of utilizing low-cost configurable applications to create a customized web-based data collection and study management system for a five intervention site randomized clinical trial establishing the efficacy of providing evidence-based treatment via teleconferencing to children with attention-deficit hyperactivity disorder. The sites are small communities that would not usually be included in traditional randomized trials. A major goal was to develop database that participants could access from computers in their home communities for direct data entry. Discussed is the selection process leading to the identification and utilization of a cost-effective and user-friendly set of tools capable of customization for data collection and study management tasks. An online assessment collection application, template-based web portal creation application, and web-accessible Access 2007 database were selected and customized to provide the following features: schedule appointments, administer and monitor online secure assessments, issue subject incentives, and securely transmit electronic documents between sites. Each tool was configured by users with limited programming expertise. As of June 2011, the system has successfully been used with 125 participants in 5 communities, who have completed 536 sets of assessment questionnaires, 8 community therapists, and 11 research staff at the research coordinating center. Total automation of processes is not possible with the current set of tools as each is loosely affiliated, creating some inefficiency. This system is best suited to investigations with a single data source e.g., psychosocial questionnaires. New web-based applications can be used by investigators with limited programming experience to implement user-friendly, efficient, and cost-effective tools for multi-site clinical trials with small distant communities. Such systems allow the inclusion in research of populations that are not usually involved in clinical trials.

A Web-based, secure, light weight clinical multimedia data capture and display system.

PubMed Central

Wang, S. S.; Starren, J.

2000-01-01

Computer-based patient records are traditionally composed of textual data. Integration of multimedia data has been historically slow. Multimedia data such as image, audio, and video have been traditionally more difficult to handle. An implementation of a clinical system for multimedia data is discussed. The system implementation uses Java, Secure Socket Layer (SSL), and Oracle 8i. The system is on top of the Internet so it is architectural independent, cross-platform, cross-vendor, and secure. Design and implementations issues are discussed. Images Figure 2 Figure 3 PMID:11080014

Use of a secure Internet Web site for collaborative medical research.

PubMed

Marshall, W W; Haley, R W

2000-10-11

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849.

Remote monitoring and security alert based on motion detection using mobile

NASA Astrophysics Data System (ADS)

Suganya Devi, K.; Srinivasan, P.

2016-03-01

Background model does not have any robust solution and constitutes one of the main problems in surveillance systems. The aim of the paper is to provide a mobile based security to a remote monitoring system through a WAP using GSM modem. It is most designed to provide durability and versatility for a wide variety of indoor and outdoor applications. It is compatible with both narrow and band networks and provides simultaneous image detection. The communicator provides remote control, event driven recording, including pre-alarm and post-alarm and image motion detection. The web cam allowing them to be mounted either to a ceiling or wall without requiring bracket, with the use of web cam. We could continuously monitoring status in the client system through the web. If any intruder arrives in the client system, server will provide an alert to the mobile (what we are set in the message that message send to the authorized person) and the client can view the image using WAP.

RxPATROL: a Web-based tool for combating pharmacy theft.

PubMed

Smith, Meredith Y; Graham, J Aaron; Haddox, J David; Steffey, Amy

2009-01-01

To report the incidence of pharmacy-related burglaries and robberies and characteristics of pharmacies where such crimes have occurred using recent data from Rx Pattern Analysis Tracking Robberies & Other Losses (RxPATROL), a national Web-based information clearinghouse on pharmacy-related theft of prescription medications and over-the-counter products. Descriptive, nonexperimental study. United States between 2005 and 2006. Not applicable. Not applicable. Number of pharmacy theft reports received; incident type, date, and location; point of entry; and pharmacy security features. Between 2005 and 2006, 202 pharmacy burglary and 299 pharmacy robbery reports from 45 different states were filed with RxPATROL. More than 70% of pharmacies reporting such crimes lacked a security camera. Among those reporting a burglary, 60% lacked dead bolt locks, a solid exterior door, a motion detector device, or a safe or vault for storage of controlled substances. Burglars most often obtained access to the pharmacy via the front door. RxPATROL is a Web-based tool that can assist pharmacies and law enforcement in collaborating more effectively to combat and prevent pharmacy-related crimes.

Security & Privacy Policy - Naval Oceanography Portal

Science.gov Websites

Notice: This is a U.S. Government Web Site 1. This is a World Wide Web site for official information information on this Web site are strictly prohibited and may be punishable under the Computer Fraud and Abuse Information Act (FOIA) | External Link Disclaimer This is an official U.S. Navy web site. Security &

Protecting clinical data on Web client computers: the PCASSO approach.

PubMed Central

Masys, D. R.; Baker, D. B.

1998-01-01

The ubiquity and ease of use of the Web have made it an increasingly popular medium for communication of health-related information. Web interfaces to commercially available clinical information systems are now available or under development by most major vendors. To the extent that such interfaces involve the use of unprotected operating systems, they are vulnerable to security limitations of Web client software environments. The Patient Centered Access to Secure Systems Online (PCASSO) project extends the protections for person-identifiable health data on Web client computers. PCASSO uses several approaches, including physical protection of authentication information, execution containment, graphical displays, and monitoring the client system for intrusions and co-existing programs that may compromise security. PMID:9929243

Automated generation of a World Wide Web-based data entry and check program for medical applications.

PubMed

Kiuchi, T; Kaihara, S

1997-02-01

The World Wide Web-based form is a promising method for the construction of an on-line data collection system for clinical and epidemiological research. It is, however, laborious to prepare a common gateway interface (CGI) program for each project, which the World Wide Web server needs to handle the submitted data. In medicine, it is even more laborious because the CGI program must check deficits, type, ranges, and logical errors (bad combination of data) of entered data for quality assurance as well as data length and meta-characters of the entered data to enhance the security of the server. We have extended the specification of the hypertext markup language (HTML) form to accommodate information necessary for such data checking and we have developed software named AUTOFORM for this purpose. The software automatically analyzes the extended HTML form and generates the corresponding ordinary HTML form, 'Makefile', and C source of CGI programs. The resultant CGI program checks the entered data through the HTML form, records them in a computer, and returns them to the end-user. AUTOFORM drastically reduces the burden of development of the World Wide Web-based data entry system and allows the CGI programs to be more securely and reliably prepared than had they been written from scratch.

Generalisation and extension of a web-based data collection system for clinical studies using Java and CORBA.

PubMed

Eich, H P; Ohmann, C

1999-01-01

Inadequate informatical support of multi-centre clinical trials lead to pure quality. In order to support a multi-centre clinical trial a data collection via WWW and Internet based on Java has been developed. In this study a generalization and extension of this prototype has been performed. The prototype has been applied to another clinical trial and a knowledge server based on C+t has been integrated via CORBA. The investigation and implementation of security aspects of web-based data collection is now under evaluation.

A security architecture for interconnecting health information systems.

PubMed

Gritzalis, Dimitris; Lambrinoudakis, Costas

2004-03-31

Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

Development of Standardized Clinical Training Cases for Diagnosis of Sexual Abuse using a Secure Telehealth Application

ERIC Educational Resources Information Center

Frasier, Lori D.; Thraen, Ioana; Kaplan, Rich; Goede, Patricia

2012-01-01

Objectives: The training of physicians, nurse examiners, social workers and other health professional on the evidentiary findings of sexual abuse in children is challenging. Our objective was to develop peer reviewed training cases for medical examiners of child sexual abuse, using a secure web based telehealth application (TeleCAM). Methods:…

Knowledge-Base Semantic Gap Analysis for the Vulnerability Detection

NASA Astrophysics Data System (ADS)

Wu, Raymond; Seki, Keisuke; Sakamoto, Ryusuke; Hisada, Masayuki

Web security became an alert in internet computing. To cope with ever-rising security complexity, semantic analysis is proposed to fill-in the gap that the current approaches fail to commit. Conventional methods limit their focus to the physical source codes instead of the abstraction of semantics. It bypasses new types of vulnerability and causes tremendous business loss.

The informatics superhighway: prototyping on the World Wide Web.

PubMed

Cimino, J J; Socratous, S A; Grewal, R

1995-01-01

We have experimented with developing a prototype Surgeon's Workstation which makes use of the World Wide Web client-server architecture. Although originally intended merely as a means for obtaining user feedback for use in designing a "real" system, the application has been adopted for use by our Department of Surgery. As they begin to use the application, they have suggested changes and we have responded. This paper illustrates some of the advantages we have found for prototyping with Web-based applications, including security aspects.

Secure Web-Site Access with Tickets and Message-Dependent Digests

USGS Publications Warehouse

Donato, David I.

2008-01-01

Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

The Enterprise 2.0 Concept: Challenges on Data and Information Security

NASA Astrophysics Data System (ADS)

Silva, Ana; Moreira, Fernando; Varajão, João

The Web 2.0 wave has "hit" businesses all over the world, with companies taking advantage of the 2.0 concept and new applications stimulating collaboration between employees, and also with external partners (suppliers, contractors, universities, R&D organizations and others). However, the use of Web 2.0 applications inside organizations has created additional security challenges, especially regarding data and information security. Companies need to be aware of these risks when deploying the 2.0 concept and take a proactive approach on security. In this paper are identified and discussed some of the challenges and risks of the use of Web 2.0 tools, namely when it comes to securing companies' intellectual property.

Department of Defense Annual Report on Sexual Assault in the Military. Fiscal Year 2013

DTIC Science & Technology

2014-04-16

a web based, self-guided training solution for SARCs and SAPR PMs consisting of simulations demonstrating DSAID’s capabilities;  Included D-SAACP...for future Soldiers. This is a web -based training tool for potential and new recruits that can be accessed and used in Recruiting Stations. Topics...sensitive” to protect and promote the welfare of the patient. Paper records are treated as “sensitive,” maintained in a locked, secured container

Verification Tools Secure Online Shopping, Banking

NASA Technical Reports Server (NTRS)

2010-01-01

Just like rover or rocket technology sent into space, the software that controls these technologies must be extensively tested to ensure reliability and effectiveness. Ames Research Center invented the open-source Java Pathfinder (JPF) toolset for the deep testing of Java-based programs. Fujitsu Labs of America Inc., based in Sunnyvale, California, improved the capabilities of the JPF Symbolic Pathfinder tool, establishing the tool as a means of thoroughly testing the functionality and security of Web-based Java applications such as those used for Internet shopping and banking.

Small numbers, disclosure risk, security, and reliability issues in Web-based data query systems.

PubMed

Rudolph, Barbara A; Shah, Gulzar H; Love, Denise

2006-01-01

This article describes the process for developing consensus guidelines and tools for releasing public health data via the Web and highlights approaches leading agencies have taken to balance disclosure risk with public dissemination of reliable health statistics. An agency's choice of statistical methods for improving the reliability of released data for Web-based query systems is based upon a number of factors, including query system design (dynamic analysis vs preaggregated data and tables), population size, cell size, data use, and how data will be supplied to users. The article also describes those efforts that are necessary to reduce the risk of disclosure of an individual's protected health information.

Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

NASA Astrophysics Data System (ADS)

Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

2018-05-01

This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

Virtualization of open-source secure web services to support data exchange in a pediatric critical care research network

PubMed Central

Sward, Katherine A; Newth, Christopher JL; Khemani, Robinder G; Cryer, Martin E; Thelen, Julie L; Enriquez, Rene; Shaoyu, Su; Pollack, Murray M; Harrison, Rick E; Meert, Kathleen L; Berg, Robert A; Wessel, David L; Shanley, Thomas P; Dalton, Heidi; Carcillo, Joseph; Jenkins, Tammara L; Dean, J Michael

2015-01-01

Objectives To examine the feasibility of deploying a virtual web service for sharing data within a research network, and to evaluate the impact on data consistency and quality. Material and Methods Virtual machines (VMs) encapsulated an open-source, semantically and syntactically interoperable secure web service infrastructure along with a shadow database. The VMs were deployed to 8 Collaborative Pediatric Critical Care Research Network Clinical Centers. Results Virtual web services could be deployed in hours. The interoperability of the web services reduced format misalignment from 56% to 1% and demonstrated that 99% of the data consistently transferred using the data dictionary and 1% needed human curation. Conclusions Use of virtualized open-source secure web service technology could enable direct electronic abstraction of data from hospital databases for research purposes. PMID:25796596

Multiple-Feature Extracting Modules Based Leak Mining System Design

PubMed Central

Cho, Ying-Chiang; Pan, Jen-Yi

2013-01-01

Over the years, human dependence on the Internet has increased dramatically. A large amount of information is placed on the Internet and retrieved from it daily, which makes web security in terms of online information a major concern. In recent years, the most problematic issues in web security have been e-mail address leakage and SQL injection attacks. There are many possible causes of information leakage, such as inadequate precautions during the programming process, which lead to the leakage of e-mail addresses entered online or insufficient protection of database information, a loophole that enables malicious users to steal online content. In this paper, we implement a crawler mining system that is equipped with SQL injection vulnerability detection, by means of an algorithm developed for the web crawler. In addition, we analyze portal sites of the governments of various countries or regions in order to investigate the information leaking status of each site. Subsequently, we analyze the database structure and content of each site, using the data collected. Thus, we make use of practical verification in order to focus on information security and privacy through black-box testing. PMID:24453892

Multiple-feature extracting modules based leak mining system design.

PubMed

Cho, Ying-Chiang; Pan, Jen-Yi

2013-01-01

Over the years, human dependence on the Internet has increased dramatically. A large amount of information is placed on the Internet and retrieved from it daily, which makes web security in terms of online information a major concern. In recent years, the most problematic issues in web security have been e-mail address leakage and SQL injection attacks. There are many possible causes of information leakage, such as inadequate precautions during the programming process, which lead to the leakage of e-mail addresses entered online or insufficient protection of database information, a loophole that enables malicious users to steal online content. In this paper, we implement a crawler mining system that is equipped with SQL injection vulnerability detection, by means of an algorithm developed for the web crawler. In addition, we analyze portal sites of the governments of various countries or regions in order to investigate the information leaking status of each site. Subsequently, we analyze the database structure and content of each site, using the data collected. Thus, we make use of practical verification in order to focus on information security and privacy through black-box testing.

Securing a web-based teleradiology platform according to German law and "best practices".

PubMed

Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

2009-01-01

The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data.

Development of a virtual multidisciplinary lung cancer tumor board in a community setting.

PubMed

Stevenson, Marvaretta M; Irwin, Tonia; Lowry, Terry; Ahmed, Maleka Z; Walden, Thomas L; Watson, Melanie; Sutton, Linda

2013-05-01

Creating an effective platform for multidisciplinary tumor conferences can be challenging in the rural community setting. The Duke Cancer Network created an Internet-based platform for a multidisciplinary conference to enhance the care of patients with lung cancer. This conference incorporates providers from different physical locations within a rural community and affiliated providers from a university-based cancer center 2 hours away. An electronic Web conferencing tool connects providers aurally and visually. Conferences were set up using a commercially available Web conferencing platform. The video platform provides a secure Web site coupled with a secure teleconference platform to ensure patient confidentiality. Multiple disciplines are invited to participate, including radiology, radiation oncology, thoracic surgery, pathology, and medical oncology. Participants only need telephone access and Internet connection to participate. Patient histories and physicals are presented, and the Web conferencing platform allows radiologic and histologic images to be reviewed. Treatment plans for patients are discussed, allowing providers to coordinate care among the different subspecialties. Patients who need referral to the affiliated university-based cancer center for specialized services are identified. Pertinent treatment guidelines and journal articles are reviewed. On average, there are 10 participants with one to two cases presented per session. The use of a Web conferencing platform allows subspecialty providers throughout the community and hours away to discuss lung cancer patient cases. This platform increases convenience for providers, eliminating travel to a central location. Coordination of care for patients requiring multidisciplinary care is facilitated, shortening evaluation time before definitive treatment plan.

Web-based tailored intervention for preparation of parents and children for outpatient surgery (WebTIPS): development.

PubMed

Kain, Zeev N; Fortier, Michelle A; Chorney, Jill MacLaren; Mayes, Linda

2015-04-01

As a result of cost-containment efforts, preparation programs for outpatient surgery are currently not available to the majority of children and parents. The recent dramatic growth in the Internet presents a unique opportunity to transform how children and their parents are prepared for surgery. In this article, we describe the development of a Web-based Tailored Intervention for Preparation of parents and children undergoing Surgery (WebTIPS). A multidisciplinary taskforce agreed that a Web-based tailored intervention consisting of intake, matrix, and output modules was the preferred approach. Next, the content of the various intake variables, the matrix logic, and the output content was developed. The output product has a parent component and a child component and is described in http://surgerywebtips.com/about.php. The child component makes use of preparation strategies such as information provision, modeling, play, and coping skills training. The parent component of WebTIPS includes strategies such as information provision, coping skills training, and relaxation and distraction techniques. A reputable animation and Web design company developed a secured Web-based product based on the above description. In this article, we describe the development of a Web-based tailored preoperative preparation program that can be accessed by children and parents multiple times before and after surgery. A follow-up article in this issue of Anesthesia & Analgesia describes formative evaluation and preliminary efficacy testing of this Web-based tailored preoperative preparation program.

Web-based Tailored Intervention for Preparation of Parents and Children for Outpatient Surgery (WebTIPS): Development

PubMed Central

Kain, Zeev N.; Fortier, Michelle A.; Chorney, Jill MacLaren; Mayes, Linda

2014-01-01

Background Due to cost-containment efforts, preparation programs for outpatient surgery are currently not available to the majority of children and parents. The recent dramatic growth in the Internet presents a unique opportunity to transform how children and their parents are prepared for surgery. In this article we describe the development of a Web-based tailored preparation program for children and parents undergoing surgery (WebTIPS). Development of Program A multidisciplinary taskforce agreed that a Web-based tailored intervention comprised of intake, matrix and output modules was the preferred approach. Next, the content of the various intake variables, the matrix logic and the output content was developed. The output product has a parent component and a child component and is described in http://surgerywebtips.com/about.php. The child component makes use of preparation strategies such as information provision, modeling, play and coping skills training. The parent component of WebTIPS includes strategies such as information provision, coping skills training, relaxation and distraction techniques. A reputable animation and Web-design company developed a secured Web-based product based on the above description. Conclusions In this article we describe the development of a Web-based tailored preoperative preparation program that can be accessed by children and parents multiple times before and after surgery. A follow-up article in this issue of Anesthesia & Analgesia describes formative evaluation and preliminary efficacy testing of this Web-based tailored preoperative preparation program. PMID:25790212

Interactive, Secure Web-enabled Aircraft Engine Simulation Using XML Databinding Integration

NASA Technical Reports Server (NTRS)

Lin, Risheng; Afjeh, Abdollah A.

2003-01-01

This paper discusses the detailed design of an XML databinding framework for aircraft engine simulation. The framework provides an object interface to access and use engine data. while at the same time preserving the meaning of the original data. The Language independent representation of engine component data enables users to move around XML data using HTTP through disparate networks. The application of this framework is demonstrated via a web-based turbofan propulsion system simulation using the World Wide Web (WWW). A Java Servlet based web component architecture is used for rendering XML engine data into HTML format and dealing with input events from the user, which allows users to interact with simulation data from a web browser. The simulation data can also be saved to a local disk for archiving or to restart the simulation at a later time.

gemcWeb: A Cloud Based Nuclear Physics Simulation Software

NASA Astrophysics Data System (ADS)

Markelon, Sam

2017-09-01

gemcWeb allows users to run nuclear physics simulations from the web. Being completely device agnostic, scientists can run simulations from anywhere with an Internet connection. Having a full user system, gemcWeb allows users to revisit and revise their projects, and share configurations and results with collaborators. gemcWeb is based on simulation software gemc, which is based on standard GEant4. gemcWeb requires no C++, gemc, or GEant4 knowledge. Using a simple but powerful GUI allows users to configure their project from geometries and configurations stored on the deployment server. Simulations are then run on the server, with results being posted to the user, and then securely stored. Python based and open-source, the main version of gemcWeb is hosted internally at Jefferson National Labratory and used by the CLAS12 and Electron-Ion Collider Project groups. However, as the software is open-source, and hosted as a GitHub repository, an instance can be deployed on the open web, or any institution's intra-net. An instance can be configured to host experiments specific to an institution, and the code base can be modified by any individual or group. Special thanks to: Maurizio Ungaro, PhD., creator of gemc; Markus Diefenthaler, PhD., advisor; and Kyungseon Joo, PhD., advisor.

Transformative Rendering of Internet Resources

DTIC Science & Technology

2012-10-01

4 Securing WiFi Connections...comes from legitimate web sites that have themselves been hacked . There is no way of anticipating which of these sites have been hacked and therefore...pose a security threat to visitors. The purpose of most of this web page hacking is to plant malicious code on the web site that will attack any

TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones

NASA Astrophysics Data System (ADS)

Nauman, Mohammad; Ali, Tamleek

Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers

DTIC Science & Technology

2014-07-07

POST re- quest, LastPass will store h’ as authenticating Alice. Mallory can then use otp’ to log-in to LastPass us- ing otp’. Of course , decrypting the...everywhere. [36] M. Rochkind. Security, forms, and error handling. In Expert PHP and MySQL , pages 191–247. Springer, 2013. [37] D. Silver, S. Jana, E

Using Information Technologies in Professional Training of Future Security Specialists in the USA, Great Britain, Poland and Israel

ERIC Educational Resources Information Center

Kyslenko, Dmytro

2017-01-01

The paper discusses the use of information technologies in professional training of future security specialists in the United States, Great Britain, Poland and Israel. The probable use of computer-based techniques being available within the integrated Web-sites have been systematized. It has been suggested that the presented scheme may be of great…

Web vulnerability study of online pharmacy sites.

PubMed

Kuzma, Joanne

2011-01-01

Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers' personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

PubMed

Smith, Alan D

2009-01-01

Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

DOE Office of Scientific and Technical Information (OSTI.GOV)

The system is developed to collect, process, store and present the information provided by the radio frequency identification (RFID) devices. The system contains three parts, the application software, the database and the web page. The application software manages multiple RFID devices, such as readers and portals, simultaneously. It communicates with the devices through application programming interface (API) provided by the device vendor. The application software converts data collected by the RFID readers and portals to readable information. It is capable of encrypting data using 256 bits advanced encryption standard (AES). The application software has a graphical user interface (GUI). Themore » GUI mimics the configurations of the nucler material storage sites or transport vehicles. The GUI gives the user and system administrator an intuitive way to read the information and/or configure the devices. The application software is capable of sending the information to a remote, dedicated and secured web and database server. Two captured screen samples, one for storage and transport, are attached. The database is constructed to handle a large number of RFID tag readers and portals. A SQL server is employed for this purpose. An XML script is used to update the database once the information is sent from the application software. The design of the web page imitates the design of the application software. The web page retrieves data from the database and presents it in different panels. The user needs a user name combined with a password to access the web page. The web page is capable of sending e-mail and text messages based on preset criteria, such as when alarm thresholds are excceeded. A captured screen sample is attached. The application software is designed to be installed on a local computer. The local computer is directly connected to the RFID devices and can be controlled locally or remotely. There are multiple local computers managing different sites or transport vehicles. The control from remote sites and information transmitted to a central database server is through secured internet. The information stored in the central databaser server is shown on the web page. The users can view the web page on the internet. A dedicated and secured web and database server (https) is used to provide information security.« less

A Web-based telemedicine system for diabetic retinopathy screening using digital fundus photography.

PubMed

Wei, Jack C; Valentino, Daniel J; Bell, Douglas S; Baker, Richard S

2006-02-01

The purpose was to design and implement a Web-based telemedicine system for diabetic retinopathy screening using digital fundus cameras and to make the software publicly available through Open Source release. The process of retinal imaging and case reviewing was modeled to optimize workflow and implement use of computer system. The Web-based system was built on Java Servlet and Java Server Pages (JSP) technologies. Apache Tomcat was chosen as the JSP engine, while MySQL was used as the main database and Laboratory of Neuro Imaging (LONI) Image Storage Architecture, from the LONI-UCLA, as the platform for image storage. For security, all data transmissions were carried over encrypted Internet connections such as Secure Socket Layer (SSL) and HyperText Transfer Protocol over SSL (HTTPS). User logins were required and access to patient data was logged for auditing. The system was deployed at Hubert H. Humphrey Comprehensive Health Center and Martin Luther King/Drew Medical Center of Los Angeles County Department of Health Services. Within 4 months, 1500 images of more than 650 patients were taken at Humphrey's Eye Clinic and successfully transferred to King/Drew's Department of Ophthalmology. This study demonstrates an effective architecture for remote diabetic retinopathy screening.

Electronic Health Records: An Enhanced Security Paradigm to Preserve Patient's Privacy

NASA Astrophysics Data System (ADS)

Slamanig, Daniel; Stingl, Christian

In recent years, demographic change and increasing treatment costs demand the adoption of more cost efficient, highly qualitative and integrated health care processes. The rapid growth and availability of the Internet facilitate the development of eHealth services and especially of electronic health records (EHRs) which are promising solutions to meet the aforementioned requirements. Considering actual web-based EHR systems, patient-centric and patient moderated approaches are widely deployed. Besides, there is an emerging market of so called personal health record platforms, e.g. Google Health. Both concepts provide a central and web-based access to highly sensitive medical data. Additionally, the fact that these systems may be hosted by not fully trustworthy providers necessitates to thoroughly consider privacy issues. In this paper we define security and privacy objectives that play an important role in context of web-based EHRs. Furthermore, we discuss deployed solutions as well as concepts proposed in the literature with respect to this objectives and point out several weaknesses. Finally, we introduce a system which overcomes the drawbacks of existing solutions by considering an holistic approach to preserve patient's privacy and discuss the applied methods.

Web-based GIS for spatial pattern detection: application to malaria incidence in Vietnam.

PubMed

Bui, Thanh Quang; Pham, Hai Minh

2016-01-01

There is a great concern on how to build up an interoperable health information system of public health and health information technology within the development of public information and health surveillance programme. Technically, some major issues remain regarding to health data visualization, spatial processing of health data, health information dissemination, data sharing and the access of local communities to health information. In combination with GIS, we propose a technical framework for web-based health data visualization and spatial analysis. Data was collected from open map-servers and geocoded by open data kit package and data geocoding tools. The Web-based system is designed based on Open-source frameworks and libraries. The system provides Web-based analyst tool for pattern detection through three spatial tests: Nearest neighbour, K function, and Spatial Autocorrelation. The result is a web-based GIS, through which end users can detect disease patterns via selecting area, spatial test parameters and contribute to managers and decision makers. The end users can be health practitioners, educators, local communities, health sector authorities and decision makers. This web-based system allows for the improvement of health related services to public sector users as well as citizens in a secure manner. The combination of spatial statistics and web-based GIS can be a solution that helps empower health practitioners in direct and specific intersectional actions, thus provide for better analysis, control and decision-making.

HomeFront Strong (HFS): Building Resiliency in Military Families

DTIC Science & Technology

2016-09-01

2. Train community providers to disseminate HomeFront Strong at their community sites; and 3. Evaluate the mental health outcomes of Group vs. Web...in each of these areas. 15. SUBJECT TERMS Military spouses; Resilience; Psychology health intervention; Mental health 16. SECURITY CLASSIFICATION... mental health outcomes of Group vs. Web-based HFS in a sample of 360 military and veteran spouses/partners and their children. The current proposal

Development of a Virtual Multidisciplinary Lung Cancer Tumor Board in a Community Setting

PubMed Central

Stevenson, Marvaretta M.; Irwin, Tonia; Lowry, Terry; Ahmed, Maleka Z.; Walden, Thomas L.; Watson, Melanie; Sutton, Linda

2013-01-01

Purpose: Creating an effective platform for multidisciplinary tumor conferences can be challenging in the rural community setting. The Duke Cancer Network created an Internet-based platform for a multidisciplinary conference to enhance the care of patients with lung cancer. This conference incorporates providers from different physical locations within a rural community and affiliated providers from a university-based cancer center 2 hours away. An electronic Web conferencing tool connects providers aurally and visually. Methods: Conferences were set up using a commercially available Web conferencing platform. The video platform provides a secure Web site coupled with a secure teleconference platform to ensure patient confidentiality. Multiple disciplines are invited to participate, including radiology, radiation oncology, thoracic surgery, pathology, and medical oncology. Participants only need telephone access and Internet connection to participate. Results: Patient histories and physicals are presented, and the Web conferencing platform allows radiologic and histologic images to be reviewed. Treatment plans for patients are discussed, allowing providers to coordinate care among the different subspecialties. Patients who need referral to the affiliated university-based cancer center for specialized services are identified. Pertinent treatment guidelines and journal articles are reviewed. On average, there are 10 participants with one to two cases presented per session. Conclusion: The use of a Web conferencing platform allows subspecialty providers throughout the community and hours away to discuss lung cancer patient cases. This platform increases convenience for providers, eliminating travel to a central location. Coordination of care for patients requiring multidisciplinary care is facilitated, shortening evaluation time before definitive treatment plan. PMID:23942505

Grid Enabled Geospatial Catalogue Web Service

NASA Technical Reports Server (NTRS)

Chen, Ai-Jun; Di, Li-Ping; Wei, Ya-Xing; Liu, Yang; Bui, Yu-Qi; Hu, Chau-Min; Mehrotra, Piyush

2004-01-01

Geospatial Catalogue Web Service is a vital service for sharing and interoperating volumes of distributed heterogeneous geospatial resources, such as data, services, applications, and their replicas over the web. Based on the Grid technology and the Open Geospatial Consortium (0GC) s Catalogue Service - Web Information Model, this paper proposes a new information model for Geospatial Catalogue Web Service, named as GCWS which can securely provides Grid-based publishing, managing and querying geospatial data and services, and the transparent access to the replica data and related services under the Grid environment. This information model integrates the information model of the Grid Replica Location Service (RLS)/Monitoring & Discovery Service (MDS) with the information model of OGC Catalogue Service (CSW), and refers to the geospatial data metadata standards from IS0 19115, FGDC and NASA EOS Core System and service metadata standards from IS0 191 19 to extend itself for expressing geospatial resources. Using GCWS, any valid geospatial user, who belongs to an authorized Virtual Organization (VO), can securely publish and manage geospatial resources, especially query on-demand data in the virtual community and get back it through the data-related services which provide functions such as subsetting, reformatting, reprojection etc. This work facilitates the geospatial resources sharing and interoperating under the Grid environment, and implements geospatial resources Grid enabled and Grid technologies geospatial enabled. It 2!so makes researcher to focus on science, 2nd not cn issues with computing ability, data locztic, processir,g and management. GCWS also is a key component for workflow-based virtual geospatial data producing.

Type-Based Access Control in Data-Centric Systems

NASA Astrophysics Data System (ADS)

Caires, Luís; Pérez, Jorge A.; Seco, João Costa; Vieira, Hugo Torres; Ferrão, Lúcio

Data-centric multi-user systems, such as web applications, require flexible yet fine-grained data security mechanisms. Such mechanisms are usually enforced by a specially crafted security layer, which adds extra complexity and often leads to error prone coding, easily causing severe security breaches. In this paper, we introduce a programming language approach for enforcing access control policies to data in data-centric programs by static typing. Our development is based on the general concept of refinement type, but extended so as to address realistic and challenging scenarios of permission-based data security, in which policies dynamically depend on the database state, and flexible combinations of column- and row-level protection of data are necessary. We state and prove soundness and safety of our type system, stating that well-typed programs never break the declared data access control policies.

Virtualization of open-source secure web services to support data exchange in a pediatric critical care research network.

PubMed

Frey, Lewis J; Sward, Katherine A; Newth, Christopher J L; Khemani, Robinder G; Cryer, Martin E; Thelen, Julie L; Enriquez, Rene; Shaoyu, Su; Pollack, Murray M; Harrison, Rick E; Meert, Kathleen L; Berg, Robert A; Wessel, David L; Shanley, Thomas P; Dalton, Heidi; Carcillo, Joseph; Jenkins, Tammara L; Dean, J Michael

2015-11-01

To examine the feasibility of deploying a virtual web service for sharing data within a research network, and to evaluate the impact on data consistency and quality. Virtual machines (VMs) encapsulated an open-source, semantically and syntactically interoperable secure web service infrastructure along with a shadow database. The VMs were deployed to 8 Collaborative Pediatric Critical Care Research Network Clinical Centers. Virtual web services could be deployed in hours. The interoperability of the web services reduced format misalignment from 56% to 1% and demonstrated that 99% of the data consistently transferred using the data dictionary and 1% needed human curation. Use of virtualized open-source secure web service technology could enable direct electronic abstraction of data from hospital databases for research purposes. © The Author 2015. Published by Oxford University Press on behalf of the American Medical Informatics Association. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

A secure and easy-to-implement web-based communication framework for caregiving robot teams

NASA Astrophysics Data System (ADS)

Tuna, G.; Daş, R.; Tuna, A.; Örenbaş, H.; Baykara, M.; Gülez, K.

2016-03-01

In recent years, robots have started to become more commonplace in our lives, from factory floors to museums, festivals and shows. They have started to change how we work and play. With an increase in the population of the elderly, they have also been started to be used for caregiving services, and hence many countries have been investing in the robot development. The advancements in robotics and wireless communications has led to the emergence of autonomous caregiving robot teams which cooperate to accomplish a set of tasks assigned by human operators. Although wireless communications and devices are flexible and convenient, they are vulnerable to many risks compared to traditional wired networks. Since robots with wireless communication capability transmit all data types, including sensory, coordination, and control, through radio frequencies, they are open to intruders and attackers unless protected and their openness may lead to many security issues such as data theft, passive listening, and service interruption. In this paper, a secure web-based communication framework is proposed to address potential security threats due to wireless communication in robot-robot and human-robot interaction. The proposed framework is simple and practical, and can be used by caregiving robot teams in the exchange of sensory data as well as coordination and control data.

Towards an Approach of Semantic Access Control for Cloud Computing

NASA Astrophysics Data System (ADS)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

Beyond grid security

NASA Astrophysics Data System (ADS)

Hoeft, B.; Epting, U.; Koenig, T.

2008-07-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

Farm Mapping to Assist, Protect, and Prepare Emergency Responders: Farm MAPPER.

PubMed

Reyes, Iris; Rollins, Tami; Mahnke, Andrea; Kadolph, Christopher; Minor, Gerald; Keifer, Matthew

2014-01-01

Responders such as firefighters and emergency medical technicians who respond to farm emergencies often face complex and unknown environments. They may encounter hazards such as fuels, solvents, pesticides, caustics, and exploding gas storage cylinders. Responders may be unaware of dirt roads within the farm that can expedite their arrival at critical sites or snow-covered manure pits that act as hidden hazards. A response to a farm, unless guided by someone familiar with the operation, may present a risk to responders and post a challenge in locating the victim. This project explored the use of a Web-based farm-mapping application optimized for tablets and accessible via easily accessible on-site matrix barcodes, or quick response codes (QR codes), to provide emergency responders with hazard and resource information to agricultural operations. Secured portals were developed for both farmers and responders, allowing both parties to populate and customize farm maps with icons. Data were stored online and linked to QR codes attached to mailbox posts where emergency responders may read them with a mobile device. Mock responses were conducted on dairy farms to test QR code linking efficacy, Web site security, and field usability. Findings from farmer usability tests showed willingness to enter data as well as ease of Web site navigation and data entry even with farmers who had limited computer knowledge. Usability tests with emergency responders showed ease of QR code connectivity to the farm maps and ease of Web site navigation. Further research is needed to improve data security as well as assess the program's applicability to nonfarm environments and integration with existing emergency response systems. The next phases of this project will expand the program for regional and national use, develop QR code-linked, Web-based extrication guidance for farm machinery for victim entrapment rescue, and create QR code-linked online training videos and materials for limited English proficient immigrant farm workers.

Texture Analysis of Chaotic Coupled Map Lattices Based Image Encryption Algorithm

NASA Astrophysics Data System (ADS)

Khan, Majid; Shah, Tariq; Batool, Syeda Iram

2014-09-01

As of late, data security is key in different enclosures like web correspondence, media frameworks, therapeutic imaging, telemedicine and military correspondence. In any case, a large portion of them confronted with a few issues, for example, the absence of heartiness and security. In this letter, in the wake of exploring the fundamental purposes of the chaotic trigonometric maps and the coupled map lattices, we have presented the algorithm of chaos-based image encryption based on coupled map lattices. The proposed mechanism diminishes intermittent impact of the ergodic dynamical systems in the chaos-based image encryption. To assess the security of the encoded image of this scheme, the association of two nearby pixels and composition peculiarities were performed. This algorithm tries to minimize the problems arises in image encryption.

Insecurity on the Net.

ERIC Educational Resources Information Center

Brandt, D. Scott

1998-01-01

Examines Internet security risks and how users can protect themselves. Discusses inadvertent bugs in software; programming problems with Common Gateway Interface (CGI); viruses; tracking of Web users; and preventing access to selected Web pages and filtering software. A glossary of Internet security-related terms is included. (AEF)

A Multifactor Secure Authentication System for Wireless Payment

NASA Astrophysics Data System (ADS)

Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

OGC and Grid Interoperability in enviroGRIDS Project

NASA Astrophysics Data System (ADS)

Gorgan, Dorian; Rodila, Denisa; Bacu, Victor; Giuliani, Gregory; Ray, Nicolas

2010-05-01

EnviroGRIDS (Black Sea Catchment Observation and Assessment System supporting Sustainable Development) [1] is a 4-years FP7 Project aiming to address the subjects of ecologically unsustainable development and inadequate resource management. The project develops a Spatial Data Infrastructure of the Black Sea Catchment region. The geospatial technologies offer very specialized functionality for Earth Science oriented applications as well as the Grid oriented technology that is able to support distributed and parallel processing. One challenge of the enviroGRIDS project is the interoperability between geospatial and Grid infrastructures by providing the basic and the extended features of the both technologies. The geospatial interoperability technology has been promoted as a way of dealing with large volumes of geospatial data in distributed environments through the development of interoperable Web service specifications proposed by the Open Geospatial Consortium (OGC), with applications spread across multiple fields but especially in Earth observation research. Due to the huge volumes of data available in the geospatial domain and the additional introduced issues (data management, secure data transfer, data distribution and data computation), the need for an infrastructure capable to manage all those problems becomes an important aspect. The Grid promotes and facilitates the secure interoperations of geospatial heterogeneous distributed data within a distributed environment, the creation and management of large distributed computational jobs and assures a security level for communication and transfer of messages based on certificates. This presentation analysis and discusses the most significant use cases for enabling the OGC Web services interoperability with the Grid environment and focuses on the description and implementation of the most promising one. In these use cases we give a special attention to issues such as: the relations between computational grid and the OGC Web service protocols, the advantages offered by the Grid technology - such as providing a secure interoperability between the distributed geospatial resource -and the issues introduced by the integration of distributed geospatial data in a secure environment: data and service discovery, management, access and computation. enviroGRIDS project proposes a new architecture which allows a flexible and scalable approach for integrating the geospatial domain represented by the OGC Web services with the Grid domain represented by the gLite middleware. The parallelism offered by the Grid technology is discussed and explored at the data level, management level and computation level. The analysis is carried out for OGC Web service interoperability in general but specific details are emphasized for Web Map Service (WMS), Web Feature Service (WFS), Web Coverage Service (WCS), Web Processing Service (WPS) and Catalog Service for Web (CSW). Issues regarding the mapping and the interoperability between the OGC and the Grid standards and protocols are analyzed as they are the base in solving the communication problems between the two environments: grid and geospatial. The presetation mainly highlights how the Grid environment and Grid applications capabilities can be extended and utilized in geospatial interoperability. Interoperability between geospatial and Grid infrastructures provides features such as the specific geospatial complex functionality and the high power computation and security of the Grid, high spatial model resolution and geographical area covering, flexible combination and interoperability of the geographical models. According with the Service Oriented Architecture concepts and requirements of interoperability between geospatial and Grid infrastructures each of the main functionality is visible from enviroGRIDS Portal and consequently, by the end user applications such as Decision Maker/Citizen oriented Applications. The enviroGRIDS portal is the single way of the user to get into the system and the portal faces a unique style of the graphical user interface. Main reference for further information: [1] enviroGRIDS Project, http://www.envirogrids.net/

Vipie: web pipeline for parallel characterization of viral populations from multiple NGS samples.

PubMed

Lin, Jake; Kramna, Lenka; Autio, Reija; Hyöty, Heikki; Nykter, Matti; Cinek, Ondrej

2017-05-15

Next generation sequencing (NGS) technology allows laboratories to investigate virome composition in clinical and environmental samples in a culture-independent way. There is a need for bioinformatic tools capable of parallel processing of virome sequencing data by exactly identical methods: this is especially important in studies of multifactorial diseases, or in parallel comparison of laboratory protocols. We have developed a web-based application allowing direct upload of sequences from multiple virome samples using custom parameters. The samples are then processed in parallel using an identical protocol, and can be easily reanalyzed. The pipeline performs de-novo assembly, taxonomic classification of viruses as well as sample analyses based on user-defined grouping categories. Tables of virus abundance are produced from cross-validation by remapping the sequencing reads to a union of all observed reference viruses. In addition, read sets and reports are created after processing unmapped reads against known human and bacterial ribosome references. Secured interactive results are dynamically plotted with population and diversity charts, clustered heatmaps and a sortable and searchable abundance table. The Vipie web application is a unique tool for multi-sample metagenomic analysis of viral data, producing searchable hits tables, interactive population maps, alpha diversity measures and clustered heatmaps that are grouped in applicable custom sample categories. Known references such as human genome and bacterial ribosomal genes are optionally removed from unmapped ('dark matter') reads. Secured results are accessible and shareable on modern browsers. Vipie is a freely available web-based tool whose code is open source.

48 CFR 19.1501 - Definition.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 1 2013-10-01 2013-10-01 false Definition. 19.1501 Section 19.1501 Federal Acquisition Regulations System FEDERAL ACQUISITION REGULATION SOCIOECONOMIC... Repository means a secure, Web-based application that collects, stores, and disseminates documents to the...

48 CFR 19.1501 - Definition.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 1 2011-10-01 2011-10-01 false Definition. 19.1501 Section 19.1501 Federal Acquisition Regulations System FEDERAL ACQUISITION REGULATION SOCIOECONOMIC... Repository means a secure, Web-based application that collects, stores, and disseminates documents to the...

48 CFR 19.1501 - Definition.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 1 2014-10-01 2014-10-01 false Definition. 19.1501 Section 19.1501 Federal Acquisition Regulations System FEDERAL ACQUISITION REGULATION SOCIOECONOMIC... Repository means a secure, Web-based application that collects, stores, and disseminates documents to the...

48 CFR 19.1501 - Definition.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 1 2012-10-01 2012-10-01 false Definition. 19.1501 Section 19.1501 Federal Acquisition Regulations System FEDERAL ACQUISITION REGULATION SOCIOECONOMIC... Repository means a secure, Web-based application that collects, stores, and disseminates documents to the...

Efficient Web Services Policy Combination

NASA Technical Reports Server (NTRS)

Vatan, Farrokh; Harman, Joseph G.

2010-01-01

Large-scale Web security systems usually involve cooperation between domains with non-identical policies. The network management and Web communication software used by the different organizations presents a stumbling block. Many of the tools used by the various divisions do not have the ability to communicate network management data with each other. At best, this means that manual human intervention into the communication protocols used at various network routers and endpoints is required. Developing practical, sound, and automated ways to compose policies to bridge these differences is a long-standing problem. One of the key subtleties is the need to deal with inconsistencies and defaults where one organization proposes a rule on a particular feature, and another has a different rule or expresses no rule. A general approach is to assign priorities to rules and observe the rules with the highest priorities when there are conflicts. The present methods have inherent inefficiency, which heavily restrict their practical applications. A new, efficient algorithm combines policies utilized for Web services. The method is based on an algorithm that allows an automatic and scalable composition of security policies between multiple organizations. It is based on defeasible policy composition, a promising approach for finding conflicts and resolving priorities between rules. In the general case, policy negotiation is an intractable problem. A promising method, suggested in the literature, is when policies are represented in defeasible logic, and composition is based on rules for non-monotonic inference. In this system, policy writers construct metapolicies describing both the policy that they wish to enforce and annotations describing their composition preferences. These annotations can indicate whether certain policy assertions are required by the policy writer or, if not, under what circumstances the policy writer is willing to compromise and allow other assertions to take precedence. Meta-policies are specified in defeasible logic, a computationally efficient non-monotonic logic developed to model human reasoning. One drawback of this method is that at one point the algorithm starts an exhaustive search of all subsets of the set of conclusions of a defeasible theory. Although the propositional defeasible logic has linear complexity, the set of conclusions here may be large, especially in real-life practical cases. This phenomenon leads to an inefficient exponential explosion of complexity. The current process of getting a Web security policy from combination of two meta-policies consists of two steps. The first is generating a new meta-policy that is a composition of the input meta-policies, and the second is mapping the meta-policy onto a security policy. The new algorithm avoids the exhaustive search in the current algorithm, and provides a security policy that matches all requirements of the involved metapolicies.

Enhancing the AliEn Web Service Authentication

NASA Astrophysics Data System (ADS)

Zhu, Jianlin; Saiz, Pablo; Carminati, Federico; Betev, Latchezar; Zhou, Daicui; Mendez Lorenzo, Patricia; Grigoras, Alina Gabriela; Grigoras, Costin; Furano, Fabrizio; Schreiner, Steffen; Vladimirovna Datskova, Olga; Sankar Banerjee, Subho; Zhang, Guoping

2011-12-01

Web Services are an XML based technology that allow applications to communicate with each other across disparate systems. Web Services are becoming the de facto standard that enable inter operability between heterogeneous processes and systems. AliEn2 is a grid environment based on web services. The AliEn2 services can be divided in three categories: Central services, deployed once per organization; Site services, deployed on each of the participating centers; Job Agents running on the worker nodes automatically. A security model to protect these services is essential for the whole system. Current implementations of web server, such as Apache, are not suitable to be used within the grid environment. Apache with the mod_ssl and OpenSSL only supports the X.509 certificates. But in the grid environment, the common credential is the proxy certificate for the purpose of providing restricted proxy and delegation. An Authentication framework was taken for AliEn2 web services to add the ability to accept X.509 certificates and proxy certificates from client-side to Apache Web Server. The authentication framework could also allow the generation of access control policies to limit access to the AliEn2 web services.

Design of a Web-tool for diagnostic clinical trials handling medical imaging research.

PubMed

Baltasar Sánchez, Alicia; González-Sistal, Angel

2011-04-01

New clinical studies in medicine are based on patients and controls using different imaging diagnostic modalities. Medical information systems are not designed for clinical trials employing clinical imaging. Although commercial software and communication systems focus on storage of image data, they are not suitable for storage and mining of new types of quantitative data. We sought to design a Web-tool to support diagnostic clinical trials involving different experts and hospitals or research centres. The image analysis of this project is based on skeletal X-ray imaging. It involves a computerised image method using quantitative analysis of regions of interest in healthy bone and skeletal metastases. The database is implemented with ASP.NET 3.5 and C# technologies for our Web-based application. For data storage, we chose MySQL v.5.0, one of the most popular open source databases. User logins were necessary, and access to patient data was logged for auditing. For security, all data transmissions were carried over encrypted connections. This Web-tool is available to users scattered at different locations; it allows an efficient organisation and storage of data (case report form) and images and allows each user to know precisely what his task is. The advantages of our Web-tool are as follows: (1) sustainability is guaranteed; (2) network locations for collection of data are secured; (3) all clinical information is stored together with the original images and the results derived from processed images and statistical analysis that enable us to perform retrospective studies; (4) changes are easily incorporated because of the modular architecture; and (5) assessment of trial data collected at different sites is centralised to reduce statistical variance.

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

A WebGIS-based system for analyzing and visualizing air quality data for Shanghai Municipality

NASA Astrophysics Data System (ADS)

Wang, Manyi; Liu, Chaoshun; Gao, Wei

2014-10-01

An online visual analytical system based on Java Web and WebGIS for air quality data for Shanghai Municipality was designed and implemented to quantitatively analyze and qualitatively visualize air quality data. By analyzing the architecture of WebGIS and Java Web, we firstly designed the overall scheme for system architecture, then put forward the software and hardware environment and also determined the main function modules for the system. The visual system was ultimately established with the DIV + CSS layout method combined with JSP, JavaScript, and some other computer programming languages based on the Java programming environment. Moreover, Struts, Spring, and Hibernate frameworks (SSH) were integrated in the system for the purpose of easy maintenance and expansion. To provide mapping service and spatial analysis functions, we selected ArcGIS for Server as the GIS server. We also used Oracle database and ESRI file geodatabase to store spatial data and non-spatial data in order to ensure the data security. In addition, the response data from the Web server are resampled to implement rapid visualization through the browser. The experimental successes indicate that this system can quickly respond to user's requests, and efficiently return the accurate processing results.

National Vulnerability Database (NVD)

National Institute of Standards and Technology Data Gateway

National Vulnerability Database (NVD) (Web, free access)   NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on and synchronized with the CVE vulnerability naming standard.

77 FR 40371 - Agency Information Collection Activities: Submission for Review; Information Collection Extension...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-09

... Community of Practice (FRCoP): User Registration Page (DHS Form 10059 (9/09)). The FRCoP web based tool... Security Act of 2002 (PL 107-296) established this requirement. This notice and request for comments is...

Cryptography for a High-Assurance Web-Based Enterprise

DTIC Science & Technology

2013-10-01

2. Other Cryptographic services - Java provides many cryptographic services through the Java Cryptography Architecture (JCA) framework. The...id=2125 [7]. Miller, Sandra Kay, Fiber Optic Networks Vulnerable to Attack, Information Security Magazine, November 15, 2006, [8]. José R.C

General Practitioners' Attitudes Toward a Web-Based Mental Health Service for Adolescents: Implications for Service Design and Delivery.

PubMed

Subotic-Kerry, Mirjana; King, Catherine; O'Moore, Kathleen; Achilles, Melinda; O'Dea, Bridianne

2018-03-23

Anxiety disorders and depression are prevalent among youth. General practitioners (GPs) are often the first point of professional contact for treating health problems in young people. A Web-based mental health service delivered in partnership with schools may facilitate increased access to psychological care among adolescents. However, for such a model to be implemented successfully, GPs' views need to be measured. This study aimed to examine the needs and attitudes of GPs toward a Web-based mental health service for adolescents, and to identify the factors that may affect the provision of this type of service and likelihood of integration. Findings will inform the content and overall service design. GPs were interviewed individually about the proposed Web-based service. Qualitative analysis of transcripts was performed using thematic coding. A short follow-up questionnaire was delivered to assess background characteristics, level of acceptability, and likelihood of integration of the Web-based mental health service. A total of 13 GPs participated in the interview and 11 completed a follow-up online questionnaire. Findings suggest strong support for the proposed Web-based mental health service. A wide range of factors were found to influence the likelihood of GPs integrating a Web-based service into their clinical practice. Coordinated collaboration with parents, students, school counselors, and other mental health care professionals were considered important by nearly all GPs. Confidence in Web-based care, noncompliance of adolescents and GPs, accessibility, privacy, and confidentiality were identified as potential barriers to adopting the proposed Web-based service. GPs were open to a proposed Web-based service for the monitoring and management of anxiety and depression in adolescents, provided that a collaborative approach to care is used, the feedback regarding the client is clear, and privacy and security provisions are assured. ©Mirjana Subotic-Kerry, Catherine King, Kathleen O'Moore, Melinda Achilles, Bridianne O'Dea. Originally published in JMIR Human Factors (http://humanfactors.jmir.org), 23.03.2018.

JPARSS: A Java Parallel Network Package for Grid Computing

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chen, Jie; Akers, Walter; Chen, Ying

2002-03-01

The emergence of high speed wide area networks makes grid computinga reality. However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to network tuning of TCP window size to improve bandwidth and to reduce latency on a high speed wide area network. This paper presents a Java package called JPARSS (Java Parallel Secure Stream (Socket)) that divides data into partitions that are sent over several parallel Java streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a grid environment without the necessity of tuning TCP window size.more » This package enables single sign-on, certificate delegation and secure or plain-text data transfer using several security components based on X.509 certificate and SSL. Several experiments will be presented to show that using Java parallelstreams is more effective than tuning TCP window size. In addition a simple architecture using Web services« less

Glucoweb: a case study of secure, remote biomonitoring and communication.

PubMed

Nigrin, D J; Kohane, I S

2000-01-01

As the Internet begins to play a greater role in many healthcare processes, it is inevitable that remote monitoring of patients' physiological parameters over the Internet will become increasingly commonplace. Internet-based communication between patients and their healthcare providers has already become prevalent, and has gained significant attention in terms of confidentiality issues. However, transmission of data directly from patients' physiological biomonitoring devices over the Web has garnered significantly less focus, especially in the area of authentication and security. In this paper, we describe a prototype system called Glucoweb, which allows patients with diabetes mellitus to transmit their self-monitored blood glucose data directly from their personal glucometer device to their diabetes care provider over the Internet. No customized software is necessary on the patient's computer, only a Web browser and active Internet connection. We use this example to highlight key authentication and security measures that should be considered for devices that transmit healthcare data to remote locations.

48 CFR 52.222-54 - Employment Eligibility Verification.

Code of Federal Regulations, 2011 CFR

2011-10-01

...) or the Social Security Administration (SSA) may terminate the Contractor's MOU and deny access to the... determines not to suspend or debar the Contractor, then the Contractor must reenroll in E-Verify. (c) Web... at the Department of Homeland Security Web site: http://www.dhs.gov/E-Verify. (d) Individuals...

48 CFR 52.222-54 - Employment Eligibility Verification.

Code of Federal Regulations, 2010 CFR

2010-10-01

...) or the Social Security Administration (SSA) may terminate the Contractor's MOU and deny access to the... determines not to suspend or debar the Contractor, then the Contractor must reenroll in E-Verify. (c) Web... at the Department of Homeland Security Web site: http://www.dhs.gov/E-Verify. (d) Individuals...

49 CFR 393.102 - What are the minimum performance criteria for cargo securement devices and systems?

Code of Federal Regulations, 2012 CFR

2012-10-01

... chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening..., steel strapping, synthetic webbing, and cordage) and other attachment or fastening devices used to... contained within the structure of the vehicle. Securement systems must provide a downward force equivalent...

49 CFR 393.102 - What are the minimum performance criteria for cargo securement devices and systems?

Code of Federal Regulations, 2014 CFR

2014-10-01

... chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening..., steel strapping, synthetic webbing, and cordage) and other attachment or fastening devices used to... contained within the structure of the vehicle. Securement systems must provide a downward force equivalent...

49 CFR 393.102 - What are the minimum performance criteria for cargo securement devices and systems?

Code of Federal Regulations, 2013 CFR

2013-10-01

... chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening..., steel strapping, synthetic webbing, and cordage) and other attachment or fastening devices used to... contained within the structure of the vehicle. Securement systems must provide a downward force equivalent...

IT Security: Target: The Web

ERIC Educational Resources Information Center

Waters, John K.

2009-01-01

In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

Expert Advisor (EA) Evaluation System Using Web-based ELECTRE Method in Foreign Exchange (Forex) Market

NASA Astrophysics Data System (ADS)

Satibi; Widodo, Catur Edi; Farikhin

2018-02-01

This research aims to optimize forex trading profit automatically using EA but its still keep considering accuracy and drawdown levels. The evaluation system will classify EA performance based on trading market sessions (Sydney, Tokyo, London and New York) to determine the right EA to be used in certain market sessions. This evaluation system is a web-based ELECTRE methods that interact in real-time with EA through web service and are able to present real-time charts performance dashboard using web socket protocol communications. Web applications are programmed using NodeJs. In the testing period, all EAs had been simulated 24 hours in all market sessions for three months, the best EA is valued by its profit, accuracy and drawdown criteria that calculated using web-based ELECTRE method. The ideas of this research are to compare the best EA on testing period with collaboration performances of each best classified EA by market sessions. This research uses three months historical data of EUR/USD as testing period and other 3 months as validation period. As a result, performance of collaboration four best EA classified by market sessions can increase profits percentage consistently in testing and validation periods and keep securing accuracy and drawdown levels.

MED31/437: A Web-based Diabetes Management System: DiabNet

PubMed Central

Zhao, N; Roudsari, A; Carson, E

1999-01-01

Introduction A web-based system (DiabNet) was developed to provide instant access to the Electronic Diabetes Records (EDR) for end-users, and real-time information for healthcare professionals to facilitate their decision-making. It integrates portable glucometer, handheld computer, mobile phone and Internet access as a combined telecommunication and mobile computing solution for diabetes management. Methods: Active Server Pages (ASP) embedded with advanced ActiveX controls and VBScript were developed to allow remote data upload, retrieval and interpretation. Some advisory and Internet-based learning features, together with a video teleconferencing component make DiabNet web site an informative platform for Web-consultation. Results The evaluation of the system is being implemented among several UK Internet diabetes discussion groups and the Diabetes Day Centre at the Guy's & St. Thomas' Hospital. Many positive feedback are received from the web site demonstrating DiabNet is an advanced web-based diabetes management system which can help patients to keep closer control of self-monitoring blood glucose remotely, and is an integrated diabetes information resource that offers telemedicine knowledge in diabetes management. Discussion In summary, DiabNet introduces an innovative online diabetes management concept, such as online appointment and consultation, to enable users to access diabetes management information without time and location limitation and security concerns.

Development Issues on Linked Data Weblog Enrichment

NASA Astrophysics Data System (ADS)

Ruiz-Rube, Iván; Cornejo, Carlos M.; Dodero, Juan Manuel; García, Vicente M.

In this paper, we describe the issues found during the development of LinkedBlog, a Linked Data extension for WordPress blogs. This extension enables to enrich text-based and video information contained in blog entries with RDF triples that are suitable to be stored, managed and exploited by other web-based applications. The issues have to do with the generality, usability, tracking, depth, security, trustiness and performance of the linked data enrichment process. The presented annotation approach aims at maintaining web-based contents independent from the underlying ontological model, by providing a loosely coupled RDFa-based approach in the linked data application. Finally, we detail how the performance of annotations can be improved through a semantic reasoner.

Secure Service Proxy: A CoAP(s) Intermediary for a Securer and Smarter Web of Things

PubMed Central

Van den Abeele, Floris; Moerman, Ingrid; Demeester, Piet

2017-01-01

As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things. PMID:28696393

Secure Service Proxy: A CoAP(s) Intermediary for a Securer and Smarter Web of Things.

PubMed

Van den Abeele, Floris; Moerman, Ingrid; Demeester, Piet; Hoebeke, Jeroen

2017-07-11

As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things.

Semantic-JSON: a lightweight web service interface for Semantic Web contents integrating multiple life science databases.

PubMed

Kobayashi, Norio; Ishii, Manabu; Takahashi, Satoshi; Mochizuki, Yoshiki; Matsushima, Akihiro; Toyoda, Tetsuro

2011-07-01

Global cloud frameworks for bioinformatics research databases become huge and heterogeneous; solutions face various diametric challenges comprising cross-integration, retrieval, security and openness. To address this, as of March 2011 organizations including RIKEN published 192 mammalian, plant and protein life sciences databases having 8.2 million data records, integrated as Linked Open or Private Data (LOD/LPD) using SciNetS.org, the Scientists' Networking System. The huge quantity of linked data this database integration framework covers is based on the Semantic Web, where researchers collaborate by managing metadata across public and private databases in a secured data space. This outstripped the data query capacity of existing interface tools like SPARQL. Actual research also requires specialized tools for data analysis using raw original data. To solve these challenges, in December 2009 we developed the lightweight Semantic-JSON interface to access each fragment of linked and raw life sciences data securely under the control of programming languages popularly used by bioinformaticians such as Perl and Ruby. Researchers successfully used the interface across 28 million semantic relationships for biological applications including genome design, sequence processing, inference over phenotype databases, full-text search indexing and human-readable contents like ontology and LOD tree viewers. Semantic-JSON services of SciNetS.org are provided at http://semanticjson.org.

Design and implementation of a unified certification management system based on seismic business

NASA Astrophysics Data System (ADS)

Tang, Hongliang

2018-04-01

Many business software for seismic systems are based on web pages, users can simply open a browser and enter their IP address. However, how to achieve unified management and security management of many IP addresses, this paper introduces the design concept based on seismic business and builds a unified authentication management system using ASP technology.

Cloud Computing in Support of Synchronized Disaster Response Operations

DTIC Science & Technology

2010-09-01

scalable, Web application based on cloud computing technologies to facilitate communication between a broad range of public and private entities without...requiring them to compromise security or competitive advantage. The proposed design applies the unique benefits of cloud computing architectures such as

Integrated web-based viewing and secure remote access to a clinical data repository and diverse clinical systems.

PubMed

Duncan, R G; Saperia, D; Dulbandzhyan, R; Shabot, M M; Polaschek, J X; Jones, D T

2001-01-01

The advent of the World-Wide-Web protocols and client-server technology has made it easy to build low-cost, user-friendly, platform-independent graphical user interfaces to health information systems and to integrate the presentation of data from multiple systems. The authors describe a Web interface for a clinical data repository (CDR) that was moved from concept to production status in less than six months using a rapid prototyping approach, multi-disciplinary development team, and off-the-shelf hardware and software. The system has since been expanded to provide an integrated display of clinical data from nearly 20 disparate information systems.

Technical Considerations in Remote LIMS Access via the World Wide Web

PubMed Central

Schlabach, David M.

2005-01-01

The increased dependency on the World Wide Web by both laboratories and their customers has led LIMS developers to take advantage of thin-client web applications that provide both remote data entry and manipulation, along with remote reporting functionality. Use of an LIMS through a web browser allows a person to interact with a distant application, providing both remote administration and real-time analytical result delivery from virtually anywhere in the world. While there are many benefits of web-based LIMS applications, some concern must be given to these new methods of system architecture before justifying them as a suitable replacement for their traditional client-server systems. Developers and consumers alike must consider the security aspects of introducing a wide area network capable system into a production environment, as well as the concerns of data integrity and usability. PMID:18924736

Performance-Based Design for Arson Threats: Policy Analysis of the Physical Security for Federal Facilities Standard

DTIC Science & Technology

2013-09-01

2012.0002- IR -EP7-A 12a. DISTRIBUTION / AVAILABILITY STATEMENT Approved for public release; distribution is unlimited 12b. DISTRIBUTION CODE A...extremist web forums is directed at Western audiences and supports Homeland attacks. (U.S. Department of Homeland Security Office of Intelligence and...23 In this context, “before the event.” 24 Yung and Benichou’s paper originally was presented at the 5th Fire

Purdue University graduate certificate program in Veterinary Homeland Security.

PubMed

Amass, Sandra F; Blossom, Thaddaeus D; Ash, Marianne; McCay, Don; Mattix, Marc E

2008-01-01

Our nation lacks a critical mass of professionals trained to prevent and respond to food- and animal-related emergencies. Training veterinarians provides an immediate means of addressing this shortage of experts. Achievement of critical mass to effectively address animal-related emergencies is expedited by concurrent training of professionals and graduate students in related areas. Purdue University offers a Web-based Graduate Certificate in Veterinary Homeland Security to address this special area of need. The program is a collaborative effort among the Purdue University School of Veterinary Medicine, the Purdue Homeland Security Institute, the Indiana State Board of Animal Health, the Indiana State Police, and others with the overall goal of increasing capacity and preparedness to manage animal-related emergencies. Individuals with expertise in veterinary medicine, public health, animal science, or homeland security are encouraged to participate. The Web-based system allows courses to be delivered efficiently and effectively around the world and allows participants to continue their graduate education while maintaining full-time jobs. Participants enhance their understanding of natural and intentional threats to animal health, strengthen their skills in managing animal-health emergencies, and develop problem-solving expertise to become effective members of animal emergency response teams and of their communities. Students receive graduate credit from Purdue University that can be used toward the certificate and toward an advanced graduate degree. Currently, 70 participants from 28 states; Washington, DC; Singapore; and Bermuda are enrolled.

Clinical software development for the Web: lessons learned from the BOADICEA project

PubMed Central

2012-01-01

Background In the past 20 years, society has witnessed the following landmark scientific advances: (i) the sequencing of the human genome, (ii) the distribution of software by the open source movement, and (iii) the invention of the World Wide Web. Together, these advances have provided a new impetus for clinical software development: developers now translate the products of human genomic research into clinical software tools; they use open-source programs to build them; and they use the Web to deliver them. Whilst this open-source component-based approach has undoubtedly made clinical software development easier, clinical software projects are still hampered by problems that traditionally accompany the software process. This study describes the development of the BOADICEA Web Application, a computer program used by clinical geneticists to assess risks to patients with a family history of breast and ovarian cancer. The key challenge of the BOADICEA Web Application project was to deliver a program that was safe, secure and easy for healthcare professionals to use. We focus on the software process, problems faced, and lessons learned. Our key objectives are: (i) to highlight key clinical software development issues; (ii) to demonstrate how software engineering tools and techniques can facilitate clinical software development for the benefit of individuals who lack software engineering expertise; and (iii) to provide a clinical software development case report that can be used as a basis for discussion at the start of future projects. Results We developed the BOADICEA Web Application using an evolutionary software process. Our approach to Web implementation was conservative and we used conventional software engineering tools and techniques. The principal software development activities were: requirements, design, implementation, testing, documentation and maintenance. The BOADICEA Web Application has now been widely adopted by clinical geneticists and researchers. BOADICEA Web Application version 1 was released for general use in November 2007. By May 2010, we had > 1200 registered users based in the UK, USA, Canada, South America, Europe, Africa, Middle East, SE Asia, Australia and New Zealand. Conclusions We found that an evolutionary software process was effective when we developed the BOADICEA Web Application. The key clinical software development issues identified during the BOADICEA Web Application project were: software reliability, Web security, clinical data protection and user feedback. PMID:22490389

Clinical software development for the Web: lessons learned from the BOADICEA project.

PubMed

Cunningham, Alex P; Antoniou, Antonis C; Easton, Douglas F

2012-04-10

In the past 20 years, society has witnessed the following landmark scientific advances: (i) the sequencing of the human genome, (ii) the distribution of software by the open source movement, and (iii) the invention of the World Wide Web. Together, these advances have provided a new impetus for clinical software development: developers now translate the products of human genomic research into clinical software tools; they use open-source programs to build them; and they use the Web to deliver them. Whilst this open-source component-based approach has undoubtedly made clinical software development easier, clinical software projects are still hampered by problems that traditionally accompany the software process. This study describes the development of the BOADICEA Web Application, a computer program used by clinical geneticists to assess risks to patients with a family history of breast and ovarian cancer. The key challenge of the BOADICEA Web Application project was to deliver a program that was safe, secure and easy for healthcare professionals to use. We focus on the software process, problems faced, and lessons learned. Our key objectives are: (i) to highlight key clinical software development issues; (ii) to demonstrate how software engineering tools and techniques can facilitate clinical software development for the benefit of individuals who lack software engineering expertise; and (iii) to provide a clinical software development case report that can be used as a basis for discussion at the start of future projects. We developed the BOADICEA Web Application using an evolutionary software process. Our approach to Web implementation was conservative and we used conventional software engineering tools and techniques. The principal software development activities were: requirements, design, implementation, testing, documentation and maintenance. The BOADICEA Web Application has now been widely adopted by clinical geneticists and researchers. BOADICEA Web Application version 1 was released for general use in November 2007. By May 2010, we had > 1200 registered users based in the UK, USA, Canada, South America, Europe, Africa, Middle East, SE Asia, Australia and New Zealand. We found that an evolutionary software process was effective when we developed the BOADICEA Web Application. The key clinical software development issues identified during the BOADICEA Web Application project were: software reliability, Web security, clinical data protection and user feedback.

Empirical analysis of the effects of cyber security incidents.

PubMed

Davis, Ginger; Garcia, Alfredo; Zhang, Weide

2009-09-01

We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

Internet Roadside Cafe #6. [Videotape.

ERIC Educational Resources Information Center

American Library Association Video/Library Video Network, Towson, MD.

This 30-minute videotape takes an in-depth look at World Wide Web business transactions, potential risks, client privacy and security issues by asking businesses and consumers how they do business on the Internet. Also featured in the program is advice about choosing a secure password, the use of credit cards for Web purchasing and a review of…

Weaving a Secure Web around Education: A Guide to Technology Standards and Security.

ERIC Educational Resources Information Center

National Forum on Education Statistics (ED/OERI), Washington, DC.

The purpose of this guidebook is to assist education agencies and organizations--which include state education agencies or state departments of education, school districts, and schools--in the development, maintenance, and standardization of effective Web sites. Also included is a detailed examination of the procedures necessary to provide…

Web Application Software for Ground Operations Planning Database (GOPDb) Management

NASA Technical Reports Server (NTRS)

Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

2013-01-01

A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

Web technology for emergency medicine and secure transmission of electronic patient records.

PubMed

Halamka, J D

1998-01-01

The American Heritage dictionary defines the word "web" as "something intricately contrived, especially something that ensnares or entangles." The wealth of medical resources on the World Wide Web is now so extensive, yet disorganized and unmonitored, that such a definition seems fitting. In emergency medicine, for example, a field in which accurate and complete information, including patients' records, is urgently needed, more than 5000 Web pages are available today, whereas fewer than 50 were available in December 1994. Most sites are static Web pages using the Internet to publish textbook material, but new technology is extending the scope of the Internet to include online medical education and secure exchange of clinical information. This article lists some of the best Web sites for use in emergency medicine and then describes a project in which the Web is used for transmission and protection of electronic medical records.

Colombia’s Resurrection: Alternative Development is the Key to Democratic Security

DTIC Science & Technology

2004-09-01

regional economic strength. This implies 73 Sesin. 74 Departamento Nacional de Planeación (DNP), Bases del Plan Nacional de Desarrollo “Hacia un...Estado Comunitario .” Page 54 (Web version). 38 that the government is willing to adopt more flexible

Can trainees design and deliver a national audit of epistaxis management? A pilot of a secure web-based audit tool and research trainee collaboratives.

PubMed

Mehta, N; Williams, R J; Smith, M E; Hall, A; Hardman, J C; Cheung, L; Ellis, M P; Fussey, J M; Lakhani, R; McLaren, O; Nankivell, P C; Sharma, N; Yeung, W; Carrie, S; Hopkins, C

2017-06-01

To investigate the feasibility of a national audit of epistaxis management led and delivered by a multi-region trainee collaborative using a web-based interface to capture patient data. Six trainee collaboratives across England nominated one site each and worked together to carry out this pilot. An encrypted data capture tool was adapted and installed within the infrastructure of a university secure server. Site-lead feedback was assessed through questionnaires. Sixty-three patients with epistaxis were admitted over a two-week period. Site leads reported an average of 5 minutes to complete questionnaires and described the tool as easy to use. Data quality was high, with little missing data. Site-lead feedback showed high satisfaction ratings for the project (mean, 4.83 out of 5). This pilot showed that trainee collaboratives can work together to deliver an audit using an encrypted data capture tool cost-effectively, whilst maintaining the highest levels of data quality.

Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks

PubMed Central

Lin, Zhaowen; Tao, Dan; Wang, Zhenji

2017-01-01

For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller. PMID:28430155

Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

PubMed

Lin, Zhaowen; Tao, Dan; Wang, Zhenji

2017-04-21

For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

An Encryption Scheme for Communication Internet SCADA Components

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network. SCADA is considered a critical infrastructure, and connecting to the internet is putting the society on jeopardy, some operators hold back on connecting it to the internet. But since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Supervisory Control and Data Acquisition Systems (SCADA) through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Cloud-based Predictive Modeling System and its Application to Asthma Readmission Prediction

PubMed Central

Chen, Robert; Su, Hang; Khalilia, Mohammed; Lin, Sizhe; Peng, Yue; Davis, Tod; Hirsh, Daniel A; Searles, Elizabeth; Tejedor-Sojo, Javier; Thompson, Michael; Sun, Jimeng

2015-01-01

The predictive modeling process is time consuming and requires clinical researchers to handle complex electronic health record (EHR) data in restricted computational environments. To address this problem, we implemented a cloud-based predictive modeling system via a hybrid setup combining a secure private server with the Amazon Web Services (AWS) Elastic MapReduce platform. EHR data is preprocessed on a private server and the resulting de-identified event sequences are hosted on AWS. Based on user-specified modeling configurations, an on-demand web service launches a cluster of Elastic Compute 2 (EC2) instances on AWS to perform feature selection and classification algorithms in a distributed fashion. Afterwards, the secure private server aggregates results and displays them via interactive visualization. We tested the system on a pediatric asthma readmission task on a de-identified EHR dataset of 2,967 patients. We conduct a larger scale experiment on the CMS Linkable 2008–2010 Medicare Data Entrepreneurs’ Synthetic Public Use File dataset of 2 million patients, which achieves over 25-fold speedup compared to sequential execution. PMID:26958172

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

[Remote access to a web-based image distribution system].

PubMed

Bergh, B; Schlaefke, A; Frankenbach, R; Vogl, T J

2004-06-01

To assess different network and security technologies for remote access to a web-based image distribution system of a hospital intranet. Following preparatory testing, the time-to-display (TTD) was measured for three image types (CR, CT, MR). The evaluation included two remote access technologies consisting of direct ISDN-Dial-Up or VPN connection (Virtual Private Network), with three different connection speeds of 64, 128 (ISDN) and 768 Kbit/s (ADSL-Asymmetric Digital Subscriber Line), as well as with lossless and lossy compression. Depending on the image type, the TTD with lossless compression for 64 Kbit/s varied from 1 : 00 to 2 : 40 minutes, for 128 Kbit/s from 0 : 35 to 1 : 15 minutes and for ADSL from 0 : 15 to 0 : 45 minutes. The ISDN-Dial-Up connection was superior to VPN technology at 64 Kbit/s but did not allow higher connection speeds. Lossy compression reduced the TTD by half for all measurements. VPN technology is preferable to direct Dial-Up connections since it offers higher connection speeds and advantages in usage and security. For occasional usage, 128 Kbit/s (ISDN) can be considered sufficient, especially in conjunction with lossy compression. ADSL should be chosen when a more frequent usage is anticipated, whereby lossy compression may be omitted. Due to higher bandwidths and improved usability, the web-based approach appears superior to conventional teleradiology systems.

Design and Evaluation of a Web-Based Symptom Monitoring Tool for Heart Failure.

PubMed

Wakefield, Bonnie J; Alexander, Gregory; Dohrmann, Mary; Richardson, James

2017-05-01

Heart failure is a chronic condition where symptom recognition and between-visit communication with providers are critical. Patients are encouraged to track disease-specific data, such as weight and shortness of breath. Use of a Web-based tool that facilitates data display in graph form may help patients recognize exacerbations and more easily communicate out-of-range data to clinicians. The purposes of this study were to (1) design a Web-based tool to facilitate symptom monitoring and symptom recognition in patients with chronic heart failure and (2) conduct a usability evaluation of the Web site. Patient participants generally had a positive view of the Web site and indicated it would support recording their health status and communicating with their doctors. Clinician participants generally had a positive view of the Web site and indicated it would be a potentially useful adjunct to electronic health delivery systems. Participants expressed a need to incorporate decision support within the site and wanted to add other data, for example, blood pressure, and have the ability to adjust font size. A few expressed concerns about data privacy and security. Technologies require careful design and testing to ensure they are useful, usable, and safe for patients and do not add to the burden of busy providers.

Smart Grid Information Clearinghouse (SGIC)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rahman, Saifur

Since the Energy Independence and Security Act of 2007 was enacted, there has been a large number of websites that discusses smart grid and relevant information, including those from government, academia, industry, private sector and regulatory. These websites collect information independently. Therefore, smart grid information was quite scattered and dispersed. The objective of this work was to develop, populate, manage and maintain the public Smart Grid Information Clearinghouse (SGIC) web portal. The information in the SGIC website is comprehensive that includes smart grid information, research & development, demonstration projects, technical standards, costs & benefit analyses, business cases, legislation, policy &more » regulation, and other information on lesson learned and best practices. The content in the SGIC website is logically grouped to allow easily browse, search and sort. In addition to providing the browse and search feature, the SGIC web portal also allow users to share their smart grid information with others though our online content submission platform. The Clearinghouse web portal, therefore, serves as the first stop shop for smart grid information that collects smart grid information in a non-bias, non-promotional manner and can provide a missing link from information sources to end users and better serve users’ needs. The web portal is available at www.sgiclearinghouse.org. This report summarizes the work performed during the course of the project (September 2009 – August 2014). Section 2.0 lists SGIC Advisory Committee and User Group members. Section 3.0 discusses SGIC information architecture and web-based database application functionalities. Section 4.0 summarizes SGIC features and functionalities, including its search, browse and sort capabilities, web portal social networking, online content submission platform and security measures implemented. Section 5.0 discusses SGIC web portal contents, including smart grid 101, smart grid projects, deployment experience (i.e., use cases, lessons learned, cost-benefit analyses and business cases), in-depth information (i.e., standards, technology, cyber security, legislation, education and training and demand response), as well as international information. Section 6.0 summarizes SGIC statistics from the launch of the portal on July 07, 2010 to August 31, 2014. Section 7.0 summarizes publicly available information as a result of this work.« less

Current experiences with internet telepathology and possible evolution in the next generation of Internet services.

PubMed

Della Mea, V; Beltrami, C A

2000-01-01

The last five years experience has definitely demonstrated the possible applications of the Internet for telepathology. They may be listed as follows: (a) teleconsultation via multimedia e-mail; (b) teleconsultation via web-based tools; (c) distant education by means of World Wide Web; (d) virtual microscope management through Web and Java interfaces; (e) real-time consultations through Internet-based videoconferencing. Such applications have led to the recognition of some important limits of the Internet, when dealing with telemedicine: (i) no guarantees on the quality of service (QoS); (ii) inadequate security and privacy; (iii) for some countries, low bandwidth and thus low responsiveness for real-time applications. Currently, there are several innovations in the world of the Internet. Different initiatives have been aimed at an amelioration of the Internet protocols, in order to have quality of service, multimedia support, security and other advanced services, together with greater bandwidth. The forthcoming Internet improvements, although induced by electronic commerce, video on demand, and other commercial needs, are of real interest also for telemedicine, because they solve the limits currently slowing down the use of Internet. When such new services will be available, telepathology applications may switch from research to daily practice in a fast way.

Design Considerations for a Web-based Database System of ELISpot Assay in Immunological Research

PubMed Central

Ma, Jingming; Mosmann, Tim; Wu, Hulin

2005-01-01

The enzyme-linked immunospot (ELISpot) assay has been a primary means in immunological researches (such as HIV-specific T cell response). Due to huge amount of data involved in ELISpot assay testing, the database system is needed for efficient data entry, easy retrieval, secure storage, and convenient data process. Besides, the NIH has recently issued a policy to promote the sharing of research data (see http://grants.nih.gov/grants/policy/data_sharing). The Web-based database system will be definitely benefit to data sharing among broad research communities. Here are some considerations for a database system of ELISpot assay (DBSEA). PMID:16779326

Identifying Effectiveness Criteria for Internet Payment Systems.

ERIC Educational Resources Information Center

Shon, Tae-Hwan; Swatman, Paula M. C.

1998-01-01

Examines Internet payment systems (IPS): third-party, card, secure Web server, electronic token, financial electronic data interchange (EDI), and micropayment based. Reports the results of a Delphi survey of experts identifying and classifying IPS effectiveness criteria and classifying types of IPS providers. Includes the survey invitation letter…

A web-based screening and accrual strategy for a cancer prevention clinical trial in healthy smokers.

PubMed

Mohebati, Arash; Knutson, Allison; Zhou, Xi Kathy; Smith, Judith J; Brown, Powel H; Dannenberg, Andrew J; Szabo, Eva

2012-09-01

Screening and recruitment of qualified subjects for clinical trials is an essential component of translational research, and it can be quite challenging if the most efficient recruitment method is not utilized. In this report, we describe a successful web-based screening and accrual method used in a randomized prospective chemoprevention clinical trial with urinary biomarker endpoints. The targeted study population was a group of at-risk healthy current smokers with no evidence of lung disease. Craigslist was used as the sole recruitment modality for this study. All interested subjects were directed to a pre-screening website, in which subject questionnaire responses were linked to the study coordinator's secure e-mail account. Of the 429 initial inquiries, 189 individuals were initially eligible based on the questionnaire response. One hundred twenty-two people were telephone-screened, of whom 98 subjects were consented, 84 were randomized and 77 subjects completed the study successfully. Utilizing this single web-based advertising strategy, accrual for the trial was completed 7 months prior to the projected date. Craigslist is a cost effective and efficient web-based resource that can be utilized in accruing subjects to some chemoprevention trials. Published by Elsevier Inc.

A web-based screening and accrual strategy for a cancer prevention clinical trial in healthy smokers

PubMed Central

Mohebati, Arash; Knutson, Allison; Zhou, Xi Kathy; Smith, Judith J.; Brown, Powel H.; Dannenberg, Andrew J.; Szabo, Eva

2012-01-01

Screening and recruitment of qualified subjects for clinical trials is an essential component of translational research, and it can be quite challenging if the most efficient recruitment method is not utilized. In this report, we describe a successful web-based screening and accrual method used in a randomized prospective chemoprevention clinical trial with urinary biomarker endpoints. The targeted study population was a group of at-risk healthy current smokers with no evidence of lung disease. Craigslist was used as the sole recruitment modality for this study. All interested subjects were directed to a pre-screening website, in which subject questionnaire responses were linked to the study coordinator's secure e-mail account. Of the 429 initial inquiries, 189 individuals were initially eligible based on the questionnaire response. One hundred twenty-two people were telephone-screened, of whom 98 subjects were consented, 84 were randomized and 77 subjects completed the study successfully. Utilizing this single web-based advertising strategy, accrual for the trial was completed 7 months prior to the projected date. Craigslist is a cost effective and efficient web-based resource that can be utilized in accruing subjects to some chemoprevention trials. PMID:22771576

Innovative technology for web-based data management during an outbreak

PubMed Central

Mukhi, Shamir N; Chester, Tammy L Stuart; Klaver-Kibria, Justine DA; Nowicki, Deborah L; Whitlock, Mandy L; Mahmud, Salah M; Louie, Marie; Lee, Bonita E

2011-01-01

Lack of automated and integrated data collection and management, and poor linkage of clinical, epidemiological and laboratory data during an outbreak can inhibit effective and timely outbreak investigation and response. This paper describes an innovative web-based technology, referred to as Web Data, developed for the rapid set-up and provision of interactive and adaptive data management during outbreak situations. We also describe the benefits and limitations of the Web Data technology identified through a questionnaire that was developed to evaluate the use of Web Data implementation and application during the 2009 H1N1 pandemic by Winnipeg Regional Health Authority and Provincial Laboratory for Public Health of Alberta. Some of the main benefits include: improved and secure data access, increased efficiency and reduced error, enhanced electronic collection and transfer of data, rapid creation and modification of the database, conversion of specimen-level to case-level data, and user-defined data extraction and query capabilities. Areas requiring improvement include: better understanding of privacy policies, increased capability for data sharing and linkages between jurisdictions to alleviate data entry duplication. PMID:23569597

Combining Domain-driven Design and Mashups for Service Development

NASA Astrophysics Data System (ADS)

Iglesias, Carlos A.; Fernández-Villamor, José Ignacio; Del Pozo, David; Garulli, Luca; García, Boni

This chapter presents the Romulus project approach to Service Development using Java-based web technologies. Romulus aims at improving productivity of service development by providing a tool-supported model to conceive Java-based web applications. This model follows a Domain Driven Design approach, which states that the primary focus of software projects should be the core domain and domain logic. Romulus proposes a tool-supported model, Roma Metaframework, that provides an abstraction layer on top of existing web frameworks and automates the application generation from the domain model. This metaframework follows an object centric approach, and complements Domain Driven Design by identifying the most common cross-cutting concerns (security, service, view, ...) of web applications. The metaframework uses annotations for enriching the domain model with these cross-cutting concerns, so-called aspects. In addition, the chapter presents the usage of mashup technology in the metaframework for service composition, using the web mashup editor MyCocktail. This approach is applied to a scenario of the Mobile Phone Service Portability case study for the development of a new service.

[Development of a secure and cost-effective infrastructure for the access of arbitrary web-based image distribution systems].

PubMed

Hackländer, T; Kleber, K; Schneider, H; Demabre, N; Cramer, B M

2004-08-01

To build an infrastructure that enables radiologists on-call and external users a teleradiological access to the HTML-based image distribution system inside the hospital via internet. In addition, no investment costs should arise on the user side and the image data should be sent renamed using cryptographic techniques. A pure HTML-based system manages the image distribution inside the hospital, with an open source project extending this system through a secure gateway outside the firewall of the hospital. The gateway handles the communication between the external users and the HTML server within the network of the hospital. A second firewall is installed between the gateway and the external users and builds up a virtual private network (VPN). A connection between the gateway and the external user is only acknowledged if the computers involved authenticate each other via certificates and the external users authenticate via a multi-stage password system. All data are transferred encrypted. External users get only access to images that have been renamed to a pseudonym by means of automated processing before. With an ADSL internet access, external users achieve an image load frequency of 0.4 CT images per second. More than 90 % of the delay during image transfer results from security checks within the firewalls. Data passing the gateway induce no measurable delay. Project goals were realized by means of an infrastructure that works vendor independently with any HTML-based image distribution systems. The requirements of data security were realized using state-of-the-art web techniques. Adequate access and transfer speed lead to a widespread acceptance of the system on the part of external users.

Technical note: real-time web-based wireless visual guidance system for radiotherapy.

PubMed

Lee, Danny; Kim, Siyong; Palta, Jatinder R; Kim, Taeho

2017-06-01

Describe a Web-based wireless visual guidance system that mitigates issues associated with hard-wired audio-visual aided patient interactive motion management systems that are cumbersome to use in routine clinical practice. Web-based wireless visual display duplicates an existing visual display of a respiratory-motion management system for visual guidance. The visual display of the existing system is sent to legacy Web clients over a private wireless network, thereby allowing a wireless setting for real-time visual guidance. In this study, active breathing coordinator (ABC) trace was used as an input for visual display, which captured and transmitted to Web clients. Virtual reality goggles require two (left and right eye view) images for visual display. We investigated the performance of Web-based wireless visual guidance by quantifying (1) the network latency of visual displays between an ABC computer display and Web clients of a laptop, an iPad mini 2 and an iPhone 6, and (2) the frame rate of visual display on the Web clients in frames per second (fps). The network latency of visual display between the ABC computer and Web clients was about 100 ms and the frame rate was 14.0 fps (laptop), 9.2 fps (iPad mini 2) and 11.2 fps (iPhone 6). In addition, visual display for virtual reality goggles was successfully shown on the iPhone 6 with 100 ms and 11.2 fps. A high network security was maintained by utilizing the private network configuration. This study demonstrated that a Web-based wireless visual guidance can be a promising technique for clinical motion management systems, which require real-time visual display of their outputs. Based on the results of this study, our approach has the potential to reduce clutter associated with wired-systems, reduce space requirements, and extend the use of medical devices from static usage to interactive and dynamic usage in a radiotherapy treatment vault.

Symmetric Key Services Markup Language (SKSML)

NASA Astrophysics Data System (ADS)

Noor, Arshad

Symmetric Key Services Markup Language (SKSML) is the eXtensible Markup Language (XML) being standardized by the OASIS Enterprise Key Management Infrastructure Technical Committee for requesting and receiving symmetric encryption cryptographic keys within a Symmetric Key Management System (SKMS). This protocol is designed to be used between clients and servers within an Enterprise Key Management Infrastructure (EKMI) to secure data, independent of the application and platform. Building on many security standards such as XML Signature, XML Encryption, Web Services Security and PKI, SKSML provides standards-based capability to allow any application to use symmetric encryption keys, while maintaining centralized control. This article describes the SKSML protocol and its capabilities.

FASH: A web application for nucleotides sequence search.

PubMed

Veksler-Lublinksy, Isana; Barash, Danny; Avisar, Chai; Troim, Einav; Chew, Paul; Kedem, Klara

2008-05-27

: FASH (Fourier Alignment Sequence Heuristics) is a web application, based on the Fast Fourier Transform, for finding remote homologs within a long nucleic acid sequence. Given a query sequence and a long text-sequence (e.g, the human genome), FASH detects subsequences within the text that are remotely-similar to the query. FASH offers an alternative approach to Blast/Fasta for querying long RNA/DNA sequences. FASH differs from these other approaches in that it does not depend on the existence of contiguous seed-sequences in its initial detection phase. The FASH web server is user friendly and very easy to operate. FASH can be accessed athttps://fash.bgu.ac.il:8443/fash/default.jsp (secured website).

Authentication Binding between SSL/TLS and HTTP

NASA Astrophysics Data System (ADS)

Saito, Takamichi; Sekiguchi, Kiyomi; Hatsugai, Ryosuke

While the Secure Socket Layer or Transport Layer Security (SSL/TLS) is assumed to provide secure communications over the Internet, many web applications utilize basic or digest authentication of Hyper Text Transport Protocol (HTTP) over SSL/TLS. Namely, in the scheme, there are two different authentication schemes in a session. Since they are separated by a layer, these are not convenient for a web application. Moreover, the scheme may also cause problems in establishing secure communication. Then we provide a scheme of authentication binding between SSL/TLS and HTTP without modifying SSL/TLS protocols and its implementation, and we show the effectiveness of our proposed scheme.

Ultrabroadband photonic internet: safety aspects

NASA Astrophysics Data System (ADS)

Kalicki, Arkadiusz; Romaniuk, Ryszard

2008-11-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. There are several techniques to mitigate attacks. Most important are web application strong design, correct input validation, defined data types for each field and parameterized statements in SQL queries. Server hardening with firewall, modern security policies systems and safe web framework interpreter configuration are essential. It is advised to keep proper security level on client side, keep updated software and install personal web firewalls or IDS/IPS systems. Good habits are logging out from services just after finishing work and using even separate web browser for most important sites, like e-banking.

Semantic-JSON: a lightweight web service interface for Semantic Web contents integrating multiple life science databases

PubMed Central

Kobayashi, Norio; Ishii, Manabu; Takahashi, Satoshi; Mochizuki, Yoshiki; Matsushima, Akihiro; Toyoda, Tetsuro

2011-01-01

Global cloud frameworks for bioinformatics research databases become huge and heterogeneous; solutions face various diametric challenges comprising cross-integration, retrieval, security and openness. To address this, as of March 2011 organizations including RIKEN published 192 mammalian, plant and protein life sciences databases having 8.2 million data records, integrated as Linked Open or Private Data (LOD/LPD) using SciNetS.org, the Scientists' Networking System. The huge quantity of linked data this database integration framework covers is based on the Semantic Web, where researchers collaborate by managing metadata across public and private databases in a secured data space. This outstripped the data query capacity of existing interface tools like SPARQL. Actual research also requires specialized tools for data analysis using raw original data. To solve these challenges, in December 2009 we developed the lightweight Semantic-JSON interface to access each fragment of linked and raw life sciences data securely under the control of programming languages popularly used by bioinformaticians such as Perl and Ruby. Researchers successfully used the interface across 28 million semantic relationships for biological applications including genome design, sequence processing, inference over phenotype databases, full-text search indexing and human-readable contents like ontology and LOD tree viewers. Semantic-JSON services of SciNetS.org are provided at http://semanticjson.org. PMID:21632604

Flush-mounting technique for composite beams

NASA Technical Reports Server (NTRS)

Harman, T. C.; Kay, B. F.

1980-01-01

Procedure permits mounting of heavy parts to surface of composite beams without appreciably weakening beam web. Web is split and held apart in region where attachment is to be made by lightweight precast foam filler. Bolt hole penetrates foam rather than web, and is secured by barrelnut in transverse bushing through web.

12 CFR 555.310 - How do I notify OTS?

Code of Federal Regulations, 2010 CFR

2010-01-01

...) Describe the transactional web site. (2) Indicate the date the transactional web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional web site. (b) Transition provision. If you established a transactional web site after the date of your last...

12 CFR 155.310 - How do I notify the OCC?

Code of Federal Regulations, 2014 CFR

2014-01-01

... least 30 days before you establish a transactional Web site. The notice must do three things: (a) Describe the transactional web site. (b) Indicate the date the transactional web site will become operational. (c) List a contact familiar with the deployment, operation, and security of the transactional web...

12 CFR 390.222 - How do I notify FDIC?

Code of Federal Regulations, 2013 CFR

2013-01-01

... 30 days before you establish a transactional Web site. The notice must do three things: (1) Describe the transactional Web site. (2) Indicate the date the transactional Web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional Web...

12 CFR 555.310 - How do I notify OTS?

Code of Federal Regulations, 2013 CFR

2013-01-01

...) Describe the transactional web site. (2) Indicate the date the transactional web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional web site. (b) Transition provision. If you established a transactional web site after the date of your last...

12 CFR 390.222 - How do I notify FDIC?

Code of Federal Regulations, 2012 CFR

2012-01-01

... 30 days before you establish a transactional Web site. The notice must do three things: (1) Describe the transactional Web site. (2) Indicate the date the transactional Web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional Web...

12 CFR 555.310 - How do I notify OTS?

Code of Federal Regulations, 2012 CFR

2012-01-01

...) Describe the transactional web site. (2) Indicate the date the transactional web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional web site. (b) Transition provision. If you established a transactional web site after the date of your last...

12 CFR 155.310 - How do I notify the OCC?

Code of Federal Regulations, 2013 CFR

2013-01-01

... least 30 days before you establish a transactional Web site. The notice must do three things: (a) Describe the transactional web site. (b) Indicate the date the transactional web site will become operational. (c) List a contact familiar with the deployment, operation, and security of the transactional web...

12 CFR 555.310 - How do I notify OTS?

Code of Federal Regulations, 2014 CFR

2014-01-01

...) Describe the transactional web site. (2) Indicate the date the transactional web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional web site. (b) Transition provision. If you established a transactional web site after the date of your last...

12 CFR 390.222 - How do I notify FDIC?

Code of Federal Regulations, 2014 CFR

2014-01-01

... 30 days before you establish a transactional Web site. The notice must do three things: (1) Describe the transactional Web site. (2) Indicate the date the transactional Web site will become operational. (3) List a contact familiar with the deployment, operation, and security of the transactional Web...

12 CFR 155.310 - How do I notify the OCC?

Code of Federal Regulations, 2012 CFR

2012-01-01

... least 30 days before you establish a transactional Web site. The notice must do three things: (a) Describe the transactional web site. (b) Indicate the date the transactional web site will become operational. (c) List a contact familiar with the deployment, operation, and security of the transactional web...

Practice improvement, part II: update on patient communication technologies.

PubMed

Roett, Michelle A; Coleman, Mary Thoesen

2013-11-01

Patient portals (ie, secure web-based services for patient health record access) and secure messaging to health care professionals are gaining popularity slowly. Advantages of web portals include timely communication and instruction, access to appointments and other services, and high patient satisfaction. Limitations include inappropriate use, security considerations, organizational costs, and exclusion of patients who are uncomfortable with or unable to use computers. Attention to the organization's strategic plan and office policies, patient and staff expectations, workflow and communication integration, training, marketing, and enrollment can facilitate optimal use of this technology. Other communication technologies that can enhance patient care include automated voice or text reminders and brief electronic communications. Social media provide another method of patient outreach, but privacy and access are concerns. Incorporating telehealthcare (health care provided via telephone or Internet), providing health coaching, and using interactive health communication applications can improve patient knowledge and clinical outcomes and provide social support. Written permission from the American Academy of Family Physicians is required for reproduction of this material in whole or in part in any form or medium.

78 FR 68813 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-15

... planned radio frequency (RF) bands that are shared on a co-primary basis by Federal and non-Federal users... newly proposed assignment within the shared portions of the radio spectrum; and replaced the manual RF... national security. The Web-based system replaced a manual process where coordination and approval could...

78 FR 42078 - Agency Forms Undergoing Paperwork Reduction Act Review

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-15

..., data definitions, or reporting instructions. Changes within this information collection request (ICR... salaries of personnel conducting data collection and analysis since the last ICR approval. DTBE is the lead... Indicators Project (NTIP), a secure web-based system for program evaluation data, in 2010. No other federal...

OpenID Connect as a security service in cloud-based medical imaging systems.

PubMed

Ma, Weina; Sartipi, Kamran; Sharghigoorabi, Hassan; Koff, David; Bak, Peter

2016-04-01

The evolution of cloud computing is driving the next generation of medical imaging systems. However, privacy and security concerns have been consistently regarded as the major obstacles for adoption of cloud computing by healthcare domains. OpenID Connect, combining OpenID and OAuth together, is an emerging representational state transfer-based federated identity solution. It is one of the most adopted open standards to potentially become the de facto standard for securing cloud computing and mobile applications, which is also regarded as "Kerberos of cloud." We introduce OpenID Connect as an authentication and authorization service in cloud-based diagnostic imaging (DI) systems, and propose enhancements that allow for incorporating this technology within distributed enterprise environments. The objective of this study is to offer solutions for secure sharing of medical images among diagnostic imaging repository (DI-r) and heterogeneous picture archiving and communication systems (PACS) as well as Web-based and mobile clients in the cloud ecosystem. The main objective is to use OpenID Connect open-source single sign-on and authorization service and in a user-centric manner, while deploying DI-r and PACS to private or community clouds should provide equivalent security levels to traditional computing model.

Development of a Dynamically Configurable, Object-Oriented Framework for Distributed, Multi-modal Computational Aerospace Systems Simulation

NASA Technical Reports Server (NTRS)

Afjeh, Abdollah A.; Reed, John A.

2003-01-01

The following reports are presented on this project:A first year progress report on: Development of a Dynamically Configurable,Object-Oriented Framework for Distributed, Multi-modal Computational Aerospace Systems Simulation; A second year progress report on: Development of a Dynamically Configurable, Object-Oriented Framework for Distributed, Multi-modal Computational Aerospace Systems Simulation; An Extensible, Interchangeable and Sharable Database Model for Improving Multidisciplinary Aircraft Design; Interactive, Secure Web-enabled Aircraft Engine Simulation Using XML Databinding Integration; and Improving the Aircraft Design Process Using Web-based Modeling and Simulation.

Applying the Earth System Grid Security System in a Heterogeneous Environment of Data Access Services

NASA Astrophysics Data System (ADS)

Kershaw, Philip; Lawrence, Bryan; Lowe, Dominic; Norton, Peter; Pascoe, Stephen

2010-05-01

CEDA (Centre for Environmental Data Archival) based at STFC Rutherford Appleton Laboratory is host to the BADC (British Atmospheric Data Centre) and NEODC (NERC Earth Observation Data Centre) with data holdings of over half a Petabyte. In the coming months this figure is set to increase by over one Petabyte through the BADC's role as one of three data centres to host the CMIP5 (Coupled Model Intercomparison Project Phase 5) core archive of climate model data. Quite apart from the problem of managing the storage of such large volumes there is the challenge of collating the data together from the modelling centres around the world and enabling access to these data for the user community. An infrastructure to support this is being developed under the US Earth System Grid (ESG) and related projects bringing together participating organisations together in a federation. The ESG architecture defines Gateways, the web interfaces that enable users to access data and data serving applications organised into Data Nodes. The BADC has been working in collaboration with US Earth System Grid team and other partners to develop a security system to restrict access to data. This provides single sign-on via both OpenID and PKI based means and uses role based authorisation facilitated by SAML and OpenID based interfaces for attribute retrieval. This presentation will provide an overview of the access control architecture and look at how this has been implemented for CEDA. CEDA has developed an expertise in data access and information services over several years through a number of projects to develop and enhance these capabilities. Participation in CMIP5 comes at a time when a number of other software development activities are coming to fruition. New services are in the process of being deployed alongside services making up the system for ESG. The security system must apply access control across this heterogeneous environment of different data services and technologies. One strand of the development efforts within CEDA has been the NDG (NERC Datagrid) Security system. This system has been extended to interoperate with ESG, greatly assisted by the standards based approach adopted for the ESG security architecture. Drawing from experience from previous projects the decision was taken to refactor the NDG Security software into a component based architecture to enable a separation of concerns between access control and the functionality of a given application being protected. Such an approach is only possible through a generic interface. At CEDA, this has been realised in the Python programming language using the WSGI (Web Server Gateway Interface) specification. A parallel Java filter based implementation is also under development with our US partners for use with the THREDDS Data Server. Using such technologies applications and middleware can be assembled into custom configurations to meet different requirements. In the case of access control, NDG Security middleware can be layered over the top of existing applications without the need to modify them. A RESTful approach to the application of authorisation policy has been key in this approach. We explore the practical implementation of such a scheme alongside the application of the ESG security architecture to CEDA's OGC web services implementation COWS.

Development of wide area environment accelerator operation and diagnostics method

NASA Astrophysics Data System (ADS)

Uchiyama, Akito; Furukawa, Kazuro

2015-08-01

Remote operation and diagnostic systems for particle accelerators have been developed for beam operation and maintenance in various situations. Even though fully remote experiments are not necessary, the remote diagnosis and maintenance of the accelerator is required. Considering remote-operation operator interfaces (OPIs), the use of standard protocols such as the hypertext transfer protocol (HTTP) is advantageous, because system-dependent protocols are unnecessary between the remote client and the on-site server. Here, we have developed a client system based on WebSocket, which is a new protocol provided by the Internet Engineering Task Force for Web-based systems, as a next-generation Web-based OPI using the Experimental Physics and Industrial Control System Channel Access protocol. As a result of this implementation, WebSocket-based client systems have become available for remote operation. Also, as regards practical application, the remote operation of an accelerator via a wide area network (WAN) faces a number of challenges, e.g., the accelerator has both experimental device and radiation generator characteristics. Any error in remote control system operation could result in an immediate breakdown. Therefore, we propose the implementation of an operator intervention system for remote accelerator diagnostics and support that can obviate any differences between the local control room and remote locations. Here, remote-operation Web-based OPIs, which resolve security issues, are developed.

Exploring Patients' Views Toward Giving Web-Based Feedback and Ratings to General Practitioners in England: A Qualitative Descriptive Study.

PubMed

Patel, Salma; Cain, Rebecca; Neailey, Kevin; Hooberman, Lucy

2016-08-05

Patient feedback websites or doctor rating websites are increasingly being used by patients to give feedback about their health care experiences. There is little known about why patients in England may give Web-based feedback and what may motivate or dissuade them from giving Web-based feedback. The aim of this study was to explore patients' views toward giving Web-based feedback and ratings to general practitioners (GPs), within the context of other feedback methods available in primary care in England, and in particular, paper-based feedback cards. A descriptive exploratory qualitative approach using face-to-face semistructured interviews was used in this study. Purposive sampling was used to recruit 18 participants from different age groups in London and Coventry. Interviews were transcribed verbatim and analyzed using applied thematic analysis. Half of the participants in this study were not aware of the opportunity to leave feedback for GPs, and there was limited awareness about the methods available to leave feedback for a GP. The majority of participants were not convinced that formal patient feedback was needed by GPs or would be used by GPs for improvement, regardless of whether they gave it via a website or on paper. Some participants said or suggested that they may leave feedback on a website rather than on a paper-based feedback card for several reasons: because of the ability and ease of giving it remotely; because it would be shared with the public; and because it would be taken more seriously by GPs. Others, however, suggested that they would not use a website to leave feedback for the opposite reasons: because of accessibility issues; privacy and security concerns; and because they felt feedback left on a website may be ignored. Patient feedback and rating websites as they currently are will not replace other mechanisms for patients in England to leave feedback for a GP. Rather, they may motivate a small number of patients who have more altruistic motives or wish to place collective pressure on a GP to give Web-based feedback. If the National Health Service or GP practices want more patients to leave Web-based feedback, we suggest they first make patients aware that they can leave anonymous feedback securely on a website for a GP. They can then convince them that their feedback is needed and wanted by GPs for improvement, and that the reviews they leave on the website will be of benefit to other patients to decide which GP to see or which GP practice to join.

Development, implementation and pilot evaluation of a Web-based Virtual Patient Case Simulation environment – Web-SP

PubMed Central

Zary, Nabil; Johnson, Gunilla; Boberg, Jonas; Fors, Uno GH

2006-01-01

Background The Web-based Simulation of Patients (Web-SP) project was initiated in order to facilitate the use of realistic and interactive virtual patients (VP) in medicine and healthcare education. Web-SP focuses on moving beyond the technology savvy teachers, when integrating simulation-based education into health sciences curricula, by making the creation and use of virtual patients easier. The project strives to provide a common generic platform for design/creation, management, evaluation and sharing of web-based virtual patients. The aim of this study was to evaluate if it was possible to develop a web-based virtual patient case simulation environment where the entire case authoring process might be handled by teachers and which would be flexible enough to be used in different healthcare disciplines. Results The Web-SP system was constructed to support easy authoring, management and presentation of virtual patient cases. The case authoring environment was found to facilitate for teachers to create full-fledged patient cases without the assistance of computer specialists. Web-SP was successfully implemented at several universities by taking into account key factors such as cost, access, security, scalability and flexibility. Pilot evaluations in medical, dentistry and pharmacy courses shows that students regarded Web-SP as easy to use, engaging and to be of educational value. Cases adapted for all three disciplines were judged to be of significant educational value by the course leaders. Conclusion The Web-SP system seems to fulfil the aim of providing a common generic platform for creation, management and evaluation of web-based virtual patient cases. The responses regarding the authoring environment indicated that the system might be user-friendly enough to appeal to a majority of the academic staff. In terms of implementation strengths, Web-SP seems to fulfil most needs from course directors and teachers from various educational institutions and disciplines. The system is currently in use or under implementation in several healthcare disciplines at more than ten universities worldwide. Future aims include structuring the exchange of cases between teachers and academic institutions by building a VP library function. We intend to follow up the positive results presented in this paper with other studies looking at the learning outcomes, critical thinking and patient management. Studying the potential of Web-SP as an assessment tool will also be performed. More information about Web-SP: PMID:16504041

Development, implementation and pilot evaluation of a Web-based Virtual Patient Case Simulation environment--Web-SP.

PubMed

Zary, Nabil; Johnson, Gunilla; Boberg, Jonas; Fors, Uno G H

2006-02-21

The Web-based Simulation of Patients (Web-SP) project was initiated in order to facilitate the use of realistic and interactive virtual patients (VP) in medicine and healthcare education. Web-SP focuses on moving beyond the technology savvy teachers, when integrating simulation-based education into health sciences curricula, by making the creation and use of virtual patients easier. The project strives to provide a common generic platform for design/creation, management, evaluation and sharing of web-based virtual patients. The aim of this study was to evaluate if it was possible to develop a web-based virtual patient case simulation environment where the entire case authoring process might be handled by teachers and which would be flexible enough to be used in different healthcare disciplines. The Web-SP system was constructed to support easy authoring, management and presentation of virtual patient cases. The case authoring environment was found to facilitate for teachers to create full-fledged patient cases without the assistance of computer specialists. Web-SP was successfully implemented at several universities by taking into account key factors such as cost, access, security, scalability and flexibility. Pilot evaluations in medical, dentistry and pharmacy courses shows that students regarded Web-SP as easy to use, engaging and to be of educational value. Cases adapted for all three disciplines were judged to be of significant educational value by the course leaders. The Web-SP system seems to fulfil the aim of providing a common generic platform for creation, management and evaluation of web-based virtual patient cases. The responses regarding the authoring environment indicated that the system might be user-friendly enough to appeal to a majority of the academic staff. In terms of implementation strengths, Web-SP seems to fulfil most needs from course directors and teachers from various educational institutions and disciplines. The system is currently in use or under implementation in several healthcare disciplines at more than ten universities worldwide. Future aims include structuring the exchange of cases between teachers and academic institutions by building a VP library function. We intend to follow up the positive results presented in this paper with other studies looking at the learning outcomes, critical thinking and patient management. Studying the potential of Web-SP as an assessment tool will also be performed. More information about Web-SP: http://websp.lime.ki.se.

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

PubMed Central

Masys, D. R.; Baker, D. B.

1997-01-01

The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks. PMID:9357644

76 FR 19110 - Published Privacy Impact Assessments on the Web

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-06

... the Web AGENCY: Privacy Office, Department of Homeland Security (DHS). ACTION: Notice of Publication... the Privacy Office's Web site between May 3, 2010 and January 7, 2011. DATES: The Privacy Impact Assessments are available on the DHS Web site until June 6, 2011, after which they are obtained by contacting...

The Potential of CGI: Using Pre-Built CGI Scripts to Make Interactive Web Pages.

ERIC Educational Resources Information Center

Nackerud, Shane A.

1998-01-01

Describes CGI (Common Gateway Interface) scripts that are available on the Web and explains how librarians can use them to make Web pages more interactive. Topics include CGI security; Perl scripts; UNIX; and HTML. (LRW)

Keeping Kids Safe from a Design Perspective: Ethical and Legal Guidelines for Designing a Video-Based App for Children

ERIC Educational Resources Information Center

Zydney, Janet Mannheimer; Hooper, Simon

2015-01-01

Educators can use video to gain invaluable information about their students. A concern is that collecting videos online can create an increased security risk for children. The purpose of this article is to provide ethical and legal guidelines for designing video-based apps for mobile devices and the web. By reviewing the literature, law, and code…

Are personal health records safe? A review of free web-accessible personal health record privacy policies.

PubMed

Carrión Señor, Inmaculada; Fernández-Alemán, José Luis; Toval, Ambrosio

2012-08-23

Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users' concerns regarding the privacy and security of their personal health information. To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users' accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low.

Advancing the science of forensic data management

NASA Astrophysics Data System (ADS)

Naughton, Timothy S.

2002-07-01

Many individual elements comprise a typical forensics process. Collecting evidence, analyzing it, and using results to draw conclusions are all mutually distinct endeavors. Different physical locations and personnel are involved, juxtaposed against an acute need for security and data integrity. Using digital technologies and the Internet's ubiquity, these diverse elements can be conjoined using digital data as the common element. This result is a new data management process that can be applied to serve all elements of the community. The first step is recognition of a forensics lifecycle. Evidence gathering, analysis, storage, and use in legal proceedings are actually just distinct parts of a single end-to-end process, and thus, it is hypothesized that a single data system that can also accommodate each constituent phase using common network and security protocols. This paper introduces the idea of web-based Central Data Repository. Its cornerstone is anywhere, anytime Internet upload, viewing, and report distribution. Archives exist indefinitely after being created, and high-strength security and encryption protect data and ensure subsequent case file additions do not violate chain-of-custody or other handling provisions. Several legal precedents have been established for using digital information in courts of law, and in fact, effective prosecution of cyber crimes absolutely relies on its use. An example is a US Department of Agriculture division's use of digital images to back up its inspection process, with pictures and information retained on secure servers to enforce the Perishable Agricultural Commodities Act. Forensics is a cumulative process. Secure, web-based data management solutions, such as the Central Data Repository postulated here, can support each process step. Logically marrying digital technologies with Internet accessibility should help nurture a thought process to explore alternatives that make forensics data accessible to authorized individuals, whenever and wherever they need it.

Are Personal Health Records Safe? A Review of Free Web-Accessible Personal Health Record Privacy Policies

PubMed Central

Fernández-Alemán, José Luis; Toval, Ambrosio

2012-01-01

Background Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users’ concerns regarding the privacy and security of their personal health information. Objective To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. Methods We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. Results The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users’ accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Conclusions Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low. PMID:22917868

Toward Exposing Timing-Based Probing Attacks in Web Applications †

PubMed Central

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-01-01

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach. PMID:28245610

Toward Exposing Timing-Based Probing Attacks in Web Applications.

PubMed

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-02-25

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users' browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

Application of Multiprotocol Medical Imaging Communications and an Extended DICOM WADO Service in a Teleradiology Architecture

PubMed Central

Koutelakis, George V.; Anastassopoulos, George K.; Lymberopoulos, Dimitrios K.

2012-01-01

Multiprotocol medical imaging communication through the Internet is more flexible than the tight DICOM transfers. This paper introduces a modular multiprotocol teleradiology architecture that integrates DICOM and common Internet services (based on web, FTP, and E-mail) into a unique operational domain. The extended WADO service (a web extension of DICOM) and the other proposed services allow access to all levels of the DICOM information hierarchy as opposed to solely Object level. A lightweight client site is considered adequate, because the server site of the architecture provides clients with service interfaces through the web as well as invulnerable space for temporary storage, called as User Domains, so that users fulfill their applications' tasks. The proposed teleradiology architecture is pilot implemented using mainly Java-based technologies and is evaluated by engineers in collaboration with doctors. The new architecture ensures flexibility in access, user mobility, and enhanced data security. PMID:22489237

Science and Technology Resources on the Internet: Computer Security.

ERIC Educational Resources Information Center

Kinkus, Jane F.

2002-01-01

Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

Defense Science Board 2003 Summer Study on DoD Roles and Missions in Homeland Security. Volume 1

DTIC Science & Technology

2003-11-01

were used to develop a web-based "deployment picture." (A little money -a few million dollars-can go a long way in the combatant commands). OSD critical...AND MISSIONS f1 HOMELAND SECURJTY 91 APP8VD&XH Dr. Mark Harper U.S. Naval Academy Mr. Art Money Private Consultant Mr. Walter Morrow, Jr. MIT Lincoln...Protection BrigGen Irv Halter Discussion Mr. John Lauder Overview of NRO support to Homeland Security Mr. Brian Hack and Mr. Alan NRO Comms - NRO backbone

Electronic Derivative Classifier/Reviewing Official

DOE Office of Scientific and Technical Information (OSTI.GOV)

Harris, Joshua C; McDuffie, Gregory P; Light, Ken L

2017-02-17

The electronic Derivative Classifier, Reviewing Official (eDC/RO) is a web based document management and routing system that reduces security risks and increases workflow efficiencies. The system automates the upload, notification review request, and document status tracking of documents for classification review on a secure server. It supports a variety of document formats (i.e., pdf, doc, docx, xls, xlsx, xlsm, ppt, pptx, vsd, vsdx and txt), and allows for the dynamic placement of classification markings such as the classification level, category and caveats on the document, in addition to a document footer and digital signature.

Making Spatial Statistics Service Accessible On Cloud Platform

NASA Astrophysics Data System (ADS)

Mu, X.; Wu, J.; Li, T.; Zhong, Y.; Gao, X.

2014-04-01

Web service can bring together applications running on diverse platforms, users can access and share various data, information and models more effectively and conveniently from certain web service platform. Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtualized resources are provided as services. With the rampant growth of massive data and restriction of net, traditional web services platforms have some prominent problems existing in development such as calculation efficiency, maintenance cost and data security. In this paper, we offer a spatial statistics service based on Microsoft cloud. An experiment was carried out to evaluate the availability and efficiency of this service. The results show that this spatial statistics service is accessible for the public conveniently with high processing efficiency.

Distributed Item Review: Administrator User Guide. Technical Report #1603

ERIC Educational Resources Information Center

Irvin, P. Shawn

2016-01-01

The Distributed Item Review (DIR) is a secure and flexible, web-based system designed to present test items to expert reviewers across a broad geographic area for evaluation of important dimensions of quality (e.g., alignment with standards, bias, sensitivity, and student accessibility). The DIR is comprised of essential features that allow system…

77 FR 1728 - Privacy Act of 1974; Publication of Five New Systems of Records; Amendments to Five Existing...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-11

... assistance to correspondents; to use Web site based programs; to provide usage statistics associated with the... of individuals for surveys. Among other things, maintaining the names, addresses, etc. of individuals... information in the system. Safeguards: Access by authorized personnel only. Computer security safeguards are...

Secure web book to store structural genomics research data.

PubMed

Manjasetty, Babu A; Höppner, Klaus; Mueller, Uwe; Heinemann, Udo

2003-01-01

Recently established collaborative structural genomics programs aim at significantly accelerating the crystal structure analysis of proteins. These large-scale projects require efficient data management systems to ensure seamless collaboration between different groups of scientists working towards the same goal. Within the Berlin-based Protein Structure Factory, the synchrotron X-ray data collection and the subsequent crystal structure analysis tasks are located at BESSY, a third-generation synchrotron source. To organize file-based communication and data transfer at the BESSY site of the Protein Structure Factory, we have developed the web-based BCLIMS, the BESSY Crystallography Laboratory Information Management System. BCLIMS is a relational data management system which is powered by MySQL as the database engine and Apache HTTP as the web server. The database interface routines are written in Python programing language. The software is freely available to academic users. Here we describe the storage, retrieval and manipulation of laboratory information, mainly pertaining to the synchrotron X-ray diffraction experiments and the subsequent protein structure analysis, using BCLIMS.

Developing an App by Exploiting Web-Based Mobile Technology to Inspect Controlled Substances in Patient Care Units

PubMed Central

2017-01-01

We selected iOS in this study as the App operation system, Objective-C as the programming language, and Oracle as the database to develop an App to inspect controlled substances in patient care units. Using a web-enabled smartphone, pharmacist inspection can be performed on site and the inspection result can be directly recorded into HIS through the Internet, so human error of data translation can be minimized and the work efficiency and data processing can be improved. This system not only is fast and convenient compared to the conventional paperwork, but also provides data security and accuracy. In addition, there are several features to increase inspecting quality: (1) accuracy of drug appearance, (2) foolproof mechanism to avoid input errors or miss, (3) automatic data conversion without human judgments, (4) online alarm of expiry date, and (5) instant inspection result to show not meted items. This study has successfully turned paper-based medication inspection into inspection using a web-based mobile device. PMID:28286761

[Study of sharing platform of web-based enhanced extracorporeal counterpulsation hemodynamic waveform data].

PubMed

Huang, Mingbo; Hu, Ding; Yu, Donglan; Zheng, Zhensheng; Wang, Kuijian

2011-12-01

Enhanced extracorporeal counterpulsation (EECP) information consists of both text and hemodynamic waveform data. At present EECP text information has been successfully managed through Web browser, while the management and sharing of hemodynamic waveform data through Internet has not been solved yet. In order to manage EECP information completely, based on the in-depth analysis of EECP hemodynamic waveform file of digital imaging and communications in medicine (DICOM) format and its disadvantages in Internet sharing, we proposed the use of the extensible markup language (XML), which is currently the Internet popular data exchange standard, as the storage specification for the sharing of EECP waveform data. Then we designed a web-based sharing system of EECP hemodynamic waveform data via ASP. NET 2.0 platform. Meanwhile, we specifically introduced the four main system function modules and their implement methods, including DICOM to XML conversion module, EECP waveform data management module, retrieval and display of EECP waveform module and the security mechanism of the system.

Developing an App by Exploiting Web-Based Mobile Technology to Inspect Controlled Substances in Patient Care Units.

PubMed

Lu, Ying-Hao; Lee, Li-Yao; Chen, Ying-Lan; Cheng, Hsing-I; Tsai, Wen-Tsung; Kuo, Chen-Chun; Chen, Chung-Yu; Huang, Yaw-Bin

2017-01-01

We selected iOS in this study as the App operation system, Objective-C as the programming language, and Oracle as the database to develop an App to inspect controlled substances in patient care units. Using a web-enabled smartphone, pharmacist inspection can be performed on site and the inspection result can be directly recorded into HIS through the Internet, so human error of data translation can be minimized and the work efficiency and data processing can be improved. This system not only is fast and convenient compared to the conventional paperwork, but also provides data security and accuracy. In addition, there are several features to increase inspecting quality: (1) accuracy of drug appearance, (2) foolproof mechanism to avoid input errors or miss, (3) automatic data conversion without human judgments, (4) online alarm of expiry date, and (5) instant inspection result to show not meted items. This study has successfully turned paper-based medication inspection into inspection using a web-based mobile device.

Web-Based Problem-Solving Assignment and Grading System

NASA Astrophysics Data System (ADS)

Brereton, Giles; Rosenberg, Ronald

2014-11-01

In engineering courses with very specific learning objectives, such as fluid mechanics and thermodynamics, it is conventional to reinforce concepts and principles with problem-solving assignments and to measure success in problem solving as an indicator of student achievement. While the modern-day ease of copying and searching for online solutions can undermine the value of traditional assignments, web-based technologies also provide opportunities to generate individualized well-posed problems with an infinite number of different combinations of initial/final/boundary conditions, so that the probability of any two students being assigned identical problems in a course is vanishingly small. Such problems can be designed and programmed to be: single or multiple-step, self-grading, allow students single or multiple attempts; provide feedback when incorrect; selectable according to difficulty; incorporated within gaming packages; etc. In this talk, we discuss the use of a homework/exam generating program of this kind in a single-semester course, within a web-based client-server system that ensures secure operation.

Evolution of System Architectures: Where Do We Need to Fail Next?

NASA Astrophysics Data System (ADS)

Bermudez, Luis; Alameh, Nadine; Percivall, George

2013-04-01

Innovation requires testing and failing. Thomas Edison was right when he said "I have not failed. I've just found 10,000 ways that won't work". For innovation and improvement of standards to happen, service Architectures have to be tested and tested. Within the Open Geospatial Consortium (OGC), testing of service architectures has occurred for the last 15 years. This talk will present an evolution of these service architectures and a possible future path. OGC is a global forum for the collaboration of developers and users of spatial data products and services, and for the advancement and development of international standards for geospatial interoperability. The OGC Interoperability Program is a series of hands-on, fast paced, engineering initiatives to accelerate the development and acceptance of OGC standards. Each initiative is organized in threads that provide focus under a particular theme. The first testbed, OGC Web Services phase 1, completed in 2003 had four threads: Common Architecture, Web Mapping, Sensor Web and Web Imagery Enablement. The Common Architecture was a cross-thread theme, to ensure that the Web Mapping and Sensor Web experiments built on a base common architecture. The architecture was based on the three main SOA components: Broker, Requestor and Provider. It proposed a general service model defining service interactions and dependencies; categorization of service types; registries to allow discovery and access of services; data models and encodings; and common services (WMS, WFS, WCS). For the latter, there was a clear distinction on the different services: Data Services (e.g. WMS), Application services (e.g. Coordinate transformation) and server-side client applications (e.g. image exploitation). The latest testbed, OGC Web Service phase 9, completed in 2012 had 5 threads: Aviation, Cross-Community Interoperability (CCI), Security and Services Interoperability (SSI), OWS Innovations and Compliance & Interoperability Testing & Evaluation (CITE). Compared to the first testbed, OWS-9 did not have a separate common architecture thread. Instead the emphasis was on brokering information models, securing them and making data available efficiently on mobile devices. The outcome is an architecture based on usability and non-intrusiveness while leveraging mediation of information models from different communities. This talk will use lessons learned from the evolution from OGC Testbed phase 1 to phase 9 to better understand how global and complex infrastructures evolve to support many communities including the Earth System Science Community.

Development of a Global Agricultural Hotspot Detection and Early Warning System

NASA Astrophysics Data System (ADS)

Lemoine, G.; Rembold, F.; Urbano, F.; Csak, G.

2015-12-01

The number of web based platforms for crop monitoring has grown rapidly over the last years and anomaly maps and time profiles of remote sensing derived indicators can be accessed online thanks to a number of web based portals. However, while these systems make available a large amount of crop monitoring data to the agriculture and food security analysts, there is no global platform which provides agricultural production hotspot warning in a highly automatic and timely manner. Therefore a web based system providing timely warning evidence as maps and short narratives is currently under development by the Joint Research Centre. The system (called "HotSpot Detection System of Agriculture Production Anomalies", HSDS) will focus on water limited agricultural systems worldwide. The automatic analysis of relevant meteorological and vegetation indicators at selected administrative units (Gaul 1 level) will trigger warning messages for the areas where anomalous conditions are observed. The level of warning (ranging from "watch" to "alert") will depend on the nature and number of indicators for which an anomaly is detected. Information regarding the extent of the agricultural areas concerned by the anomaly and the progress of the agricultural season will complement the warning label. In addition, we are testing supplementary detailed information from other sources for the areas triggering a warning. These regard the automatic web-based and food security-tailored analysis of media (using the JRC Media Monitor semantic search engine) and the automatic detection of active crop area using Sentinel 1, upcoming Sentinel-2 and Landsat 8 imagery processed in Google Earth Engine. The basic processing will be fully automated and updated every 10 days exploiting low resolution rainfall estimates and satellite vegetation indices. Maps, trend graphs and statistics accompanied by short narratives edited by a team of crop monitoring experts, will be made available on the website on a monthly basis.

A web implementation: the good and the not-so-good.

PubMed

Bergsneider, C; Piraino, D; Fuerst, M

2001-06-01

E-commerce, e-mail, e-greeting, e-this, and e-that everywhere you turn there is a new "e" word for an internet or Web application. We, at the Cleveland Clinic Foundation, have been "e-nlightened" and will discuss in this report the implementation of a web-based radiology information system (RIS) in our radiology division or "e-radiology" division. The application, IDXRad Version 10.0 from IDX Corp, Burlington, VT, is in use at the Cleveland Clinic Foundation and has both intranet (for use in Radiology) and internet (referring physician viewing) modules. We will concentrate on the features of using a web browser for the application's front-end, including easy prototyping for screen review, easier mock-ups of demonstrations by vendors and developers, and easier training as more people become web-addicted. Project communication can be facilitated with an internal project web page, and use of the web browser can accommodate quicker turnaround of software upgrades as the software code is centrally located. Compared with other technologies, including client/server, there is a smaller roll out cost when using a standard web browser. However, the new technology requires a change and changes are never implemented without challenges. A seasoned technologist using a legacy system can enter data quicker using function keys than using a graphical user interface and pointing and clicking through a series of pop-up windows. Also, effective use of a web browser depends on intuitive design for it to be easily implemented and accepted by the user. Some software packages will not work on both of the popular web browsers and then are tailored to specific release levels. As computer-based patient records become a standard, patient confidentiality must be enforced. The technical design and application security features that support the web-based software package will be discussed. Also web technologies have their own implementation issues.

Conducting real-time multiplayer experiments on the web.

PubMed

Hawkins, Robert X D

2015-12-01

Group behavior experiments require potentially large numbers of participants to interact in real time with perfect information about one another. In this paper, we address the methodological challenge of developing and conducting such experiments on the web, thereby broadening access to online labor markets as well as allowing for participation through mobile devices. In particular, we combine a set of recent web development technologies, including Node.js with the Socket.io module, HTML5 canvas, and jQuery, to provide a secure platform for pedagogical demonstrations and scalable, unsupervised experiment administration. Template code is provided for an example real-time behavioral game theory experiment which automatically pairs participants into dyads and places them into a virtual world. In total, this treatment is intended to allow those with a background in non-web-based programming to modify the template, which handles the technical server-client networking details, for their own experiments.

Modeling, Simulation and Analysis of Public Key Infrastructure

NASA Technical Reports Server (NTRS)

Liu, Yuan-Kwei; Tuey, Richard; Ma, Paul (Technical Monitor)

1998-01-01

Security is an essential part of network communication. The advances in cryptography have provided solutions to many of the network security requirements. Public Key Infrastructure (PKI) is the foundation of the cryptography applications. The main objective of this research is to design a model to simulate a reliable, scalable, manageable, and high-performance public key infrastructure. We build a model to simulate the NASA public key infrastructure by using SimProcess and MatLab Software. The simulation is from top level all the way down to the computation needed for encryption, decryption, digital signature, and secure web server. The application of secure web server could be utilized in wireless communications. The results of the simulation are analyzed and confirmed by using queueing theory.

A web-based information system for management and analysis of patient data after refractive eye surgery.

PubMed

Zuberbuhler, Bruno; Galloway, Peter; Reddy, Aravind; Saldana, Manuel; Gale, Richard

2007-12-01

The aim was to develop a software tool for refractive surgeons using a standard user-friendly web-based interface, providing the user with a secure environment to protect large volumes of patient data. The software application was named "Internet-based refractive analysis" (IBRA), and was programmed with the computer languages PHP, HTML and JavaScript, attached to the opensource MySQL database. IBRA facilitated internationally accepted presentation methods including the stability chart, the predictability chart and the safety chart; it was able to perform vector analysis for the course of a single patient or for group data. With the integrated nomogram calculation, treatment could be customised to reduce the postoperative refractive error. Multicenter functions permitted quality-control comparisons between different surgeons and laser units.

Head in the clouds: Re-imagining the experimental laboratory record for the web-based networked world

PubMed Central

2009-01-01

The means we use to record the process of carrying out research remains tied to the concept of a paginated paper notebook despite the advances over the past decade in web based communication and publication tools. The development of these tools offers an opportunity to re-imagine what the laboratory record would look like if it were re-built in a web-native form. In this paper I describe a distributed approach to the laboratory record based which uses the most appropriate tool available to house and publish each specific object created during the research process, whether they be a physical sample, a digital data object, or the record of how one was created from another. I propose that the web-native laboratory record would act as a feed of relationships between these items. This approach can be seen as complementary to, rather than competitive with, integrative approaches that aim to aggregate relevant objects together to describe knowledge. The potential for the recent announcement of the Google Wave protocol to have a significant impact on realizing this vision is discussed along with the issues of security and provenance that are raised by such an approach. PMID:20098590

OpenID Connect as a security service in cloud-based medical imaging systems

PubMed Central

Ma, Weina; Sartipi, Kamran; Sharghigoorabi, Hassan; Koff, David; Bak, Peter

2016-01-01

Abstract. The evolution of cloud computing is driving the next generation of medical imaging systems. However, privacy and security concerns have been consistently regarded as the major obstacles for adoption of cloud computing by healthcare domains. OpenID Connect, combining OpenID and OAuth together, is an emerging representational state transfer-based federated identity solution. It is one of the most adopted open standards to potentially become the de facto standard for securing cloud computing and mobile applications, which is also regarded as “Kerberos of cloud.” We introduce OpenID Connect as an authentication and authorization service in cloud-based diagnostic imaging (DI) systems, and propose enhancements that allow for incorporating this technology within distributed enterprise environments. The objective of this study is to offer solutions for secure sharing of medical images among diagnostic imaging repository (DI-r) and heterogeneous picture archiving and communication systems (PACS) as well as Web-based and mobile clients in the cloud ecosystem. The main objective is to use OpenID Connect open-source single sign-on and authorization service and in a user-centric manner, while deploying DI-r and PACS to private or community clouds should provide equivalent security levels to traditional computing model. PMID:27340682

Finding Web-Based Anxiety Interventions on the World Wide Web: A Scoping Review

PubMed Central

Olander, Ellinor K; Ayers, Susan

2016-01-01

Background One relatively new and increasingly popular approach of increasing access to treatment is Web-based intervention programs. The advantage of Web-based approaches is the accessibility, affordability, and anonymity of potentially evidence-based treatment. Despite much research evidence on the effectiveness of Web-based interventions for anxiety found in the literature, little is known about what is publically available for potential consumers on the Web. Objective Our aim was to explore what a consumer searching the Web for Web-based intervention options for anxiety-related issues might find. The objectives were to identify currently publically available Web-based intervention programs for anxiety and to synthesize and review these in terms of (1) website characteristics such as credibility and accessibility; (2) intervention program characteristics such as intervention focus, design, and presentation modes; (3) therapeutic elements employed; and (4) published evidence of efficacy. Methods Web keyword searches were carried out on three major search engines (Google, Bing, and Yahoo—UK platforms). For each search, the first 25 hyperlinks were screened for eligible programs. Included were programs that were designed for anxiety symptoms, currently publically accessible on the Web, had an online component, a structured treatment plan, and were available in English. Data were extracted for website characteristics, program characteristics, therapeutic characteristics, as well as empirical evidence. Programs were also evaluated using a 16-point rating tool. Results The search resulted in 34 programs that were eligible for review. A wide variety of programs for anxiety, including specific anxiety disorders, and anxiety in combination with stress, depression, or anger were identified and based predominantly on cognitive behavioral therapy techniques. The majority of websites were rated as credible, secure, and free of advertisement. The majority required users to register and/or to pay a program access fee. Half of the programs offered some form of paid therapist or professional support. Programs varied in treatment length and number of modules and employed a variety of presentation modes. Relatively few programs had published research evidence of the intervention’s efficacy. Conclusions This review represents a snapshot of available Web-based intervention programs for anxiety that could be found by consumers in March 2015. The consumer is confronted with a diversity of programs, which makes it difficult to identify an appropriate program. Limited reports and existence of empirical evidence for efficacy make it even more challenging to identify credible and reliable programs. This highlights the need for consistent guidelines and standards on developing, providing, and evaluating Web-based interventions and platforms with reliable up-to-date information for professionals and consumers about the characteristics, quality, and accessibility of Web-based interventions. PMID:27251763

Finding Web-Based Anxiety Interventions on the World Wide Web: A Scoping Review.

PubMed

Ashford, Miriam Thiel; Olander, Ellinor K; Ayers, Susan

2016-06-01

One relatively new and increasingly popular approach of increasing access to treatment is Web-based intervention programs. The advantage of Web-based approaches is the accessibility, affordability, and anonymity of potentially evidence-based treatment. Despite much research evidence on the effectiveness of Web-based interventions for anxiety found in the literature, little is known about what is publically available for potential consumers on the Web. Our aim was to explore what a consumer searching the Web for Web-based intervention options for anxiety-related issues might find. The objectives were to identify currently publically available Web-based intervention programs for anxiety and to synthesize and review these in terms of (1) website characteristics such as credibility and accessibility; (2) intervention program characteristics such as intervention focus, design, and presentation modes; (3) therapeutic elements employed; and (4) published evidence of efficacy. Web keyword searches were carried out on three major search engines (Google, Bing, and Yahoo-UK platforms). For each search, the first 25 hyperlinks were screened for eligible programs. Included were programs that were designed for anxiety symptoms, currently publically accessible on the Web, had an online component, a structured treatment plan, and were available in English. Data were extracted for website characteristics, program characteristics, therapeutic characteristics, as well as empirical evidence. Programs were also evaluated using a 16-point rating tool. The search resulted in 34 programs that were eligible for review. A wide variety of programs for anxiety, including specific anxiety disorders, and anxiety in combination with stress, depression, or anger were identified and based predominantly on cognitive behavioral therapy techniques. The majority of websites were rated as credible, secure, and free of advertisement. The majority required users to register and/or to pay a program access fee. Half of the programs offered some form of paid therapist or professional support. Programs varied in treatment length and number of modules and employed a variety of presentation modes. Relatively few programs had published research evidence of the intervention's efficacy. This review represents a snapshot of available Web-based intervention programs for anxiety that could be found by consumers in March 2015. The consumer is confronted with a diversity of programs, which makes it difficult to identify an appropriate program. Limited reports and existence of empirical evidence for efficacy make it even more challenging to identify credible and reliable programs. This highlights the need for consistent guidelines and standards on developing, providing, and evaluating Web-based interventions and platforms with reliable up-to-date information for professionals and consumers about the characteristics, quality, and accessibility of Web-based interventions.

Identification and Illustration of Insecure Direct Object References and their Countermeasures

NASA Astrophysics Data System (ADS)

KumarShrestha, Ajay; Singh Maharjan, Pradip; Paudel, Santosh

2015-03-01

The insecure direct object reference simply represents the flaws in the system design without the full protection mechanism for the sensitive system resources or data. It basically occurs when the web application developer provides direct access to objects in accordance with the user input. So any attacker can exploit this web vulnerability and gain access to privileged information by bypassing the authorization. The main aim of this paper is to demonstrate the real effect and the identification of the insecure direct object references and then to provide the feasible preventive solutions such that the web applications do not allow direct object references to be manipulated by attackers. The experiment of the insecure direct object referencing is carried out using the insecure J2EE web application called WebGoat and its security testing is being performed using another JAVA based tool called BURP SUITE. The experimental result shows that the access control check for gaining access to privileged information is a very simple problem but at the same time its correct implementation is a tricky task. The paper finally presents some ways to overcome this web vulnerability.

Space Internet-Embedded Web Technologies Demonstration

NASA Technical Reports Server (NTRS)

Foltz, David A.

2001-01-01

The NASA Glenn Research Center recently demonstrated the ability to securely command and control space-based assets by using the Internet and standard Internet Protocols (IP). This is a significant accomplishment because future NASA missions will benefit by using Internet standards-based protocols. The benefits include reduced mission costs and increased mission efficiency. The Internet-Based Space Command and Control System Architecture demonstrated at the NASA Inspection 2000 event proved that this communications architecture is viable for future NASA missions.

Promotion of Home-Based Exercise Training as Secondary Prevention of Coronary Heart Disease: A PILOT WEB-BASED INTERVENTION.

PubMed

Torri, Anna; Panzarino, Claudia; Scaglione, Anna; Modica, Maddalena; Bordoni, Bruno; Redaelli, Raffaella; De Maria, Renata; Ferratini, Maurizio

2018-07-01

Although cardiac rehabilitation (CR) is cost- effective in improving the health of patients with coronary heart disease (CHD), less than half of eligible CHD patients attend a CR program. Innovative web-based technologies might improve CR delivery and utilization. We assessed the feasibility and impact on functional capacity and secondary prevention targets of a long-term web-monitored exercise-based CR maintenance program. Low- to moderate-risk CHD patients were recruited at discharge from inpatient CR after a coronary event or revascularization. We developed an interactive web-based platform for secure home individual access control, monitoring, and validation of exercise training. Of 86 eligible patients, 26 consented to participate in the study intervention (IG). Using a quasi-experimental design, we recruited in parallel 27 eligible patients, unavailable for regular web monitoring, who consented to a follow-up visit as usual care (UC). Among IG, active daily data transmission was 100% during month 1, 88% at month 3, and 81% at 6 months, with sustained improvement in self-reported physical activity beginning with the first week after discharge from inpatient CR (2467 [1854-3554] MET-min/wk) to month 3 (3411 [1981-5347] MET-min/wk, P = .019). Both groups showed favorable changes over time in lipid profile, ventricular function, distance walked in 6 min, and quality of life. At 6 mo, IG achieved a significantly higher proportion of cardiovascular risk factor targets than UC (75 ± 20% vs 59 ± 30%, P = .029). Our web-based home CR maintenance program was feasible, well-accepted, and effective in improving physical activity during 6 mo and achieved higher overall adherence to cardiovascular risk targets than UC.

Assuring the privacy and security of transmitting sensitive electronic health information.

PubMed

Peng, Charlie; Kesarinath, Gautam; Brinks, Tom; Young, James; Groves, David

2009-11-14

The interchange of electronic health records between healthcare providers and public health organizations has become an increasingly desirable tool in reducing healthcare costs, improving healthcare quality, and protecting population health. Assuring privacy and security in nationwide sharing of Electronic Health Records (EHR) in an environment such as GRID has become a top challenge and concern. The Centers for Disease Control and Prevention's (CDC) and The Science Application International Corporation (SAIC) have jointly conducted a proof of concept study to find and build a common secure and reliable messaging platform (the SRM Platform) to handle this challenge. The SRM Platform is built on the open standards of OASIS, World Wide Web Consortium (W3C) web-services standards, and Web Services Interoperability (WS-I) specifications to provide the secure transport of sensitive EHR or electronic medical records (EMR). Transmitted data may be in any digital form including text, data, and binary files, such as images. This paper identifies the business use cases, architecture, test results, and new connectivity options for disparate health networks among PHIN, NHIN, Grid, and others.

Security of social network credentials for accessing course portal: Users' experience

NASA Astrophysics Data System (ADS)

Katuk, Norliza; Fong, Choo Sok; Chun, Koo Lee

2015-12-01

Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the within-subject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

A Course Evolves-Physical Anthropology.

ERIC Educational Resources Information Center

O'Neil, Dennis

2001-01-01

Describes the development of an online physical anthropology course at Palomar College (California) that evolved from online tutorials. Discusses the ability to update materials on the Web more quickly than in traditional textbooks; creating Web pages that are readable by most Web browsers; test security issues; and clarifying ownership of online…

Employment Security Tax

Science.gov Websites

Alaska > DOLWD > Employment Security Tax EMAIL SCAM ALERT (December 2012) On-line Employer Services Online Filing Demonstrations FAQs for TaxWeb Employer Report Notice Alaska Unemployment Insurance Tax Handbook The Employment Security Tax Section is responsible for providing assistance and information to

LigoDV-web: Providing easy, secure and universal access to a large distributed scientific data store for the LIGO scientific collaboration

NASA Astrophysics Data System (ADS)

Areeda, J. S.; Smith, J. R.; Lundgren, A. P.; Maros, E.; Macleod, D. M.; Zweizig, J.

2017-01-01

Gravitational-wave observatories around the world, including the Laser Interferometer Gravitational-Wave Observatory (LIGO), record a large volume of gravitational-wave output data and auxiliary data about the instruments and their environments. These data are stored at the observatory sites and distributed to computing clusters for data analysis. LigoDV-web is a web-based data viewer that provides access to data recorded at the LIGO Hanford, LIGO Livingston and GEO600 observatories, and the 40 m prototype interferometer at Caltech. The challenge addressed by this project is to provide meaningful visualizations of small data sets to anyone in the collaboration in a fast, secure and reliable manner with minimal software, hardware and training required of the end users. LigoDV-web is implemented as a Java Enterprise Application, with Shibboleth Single Sign On for authentication and authorization, and a proprietary network protocol used for data access on the back end. Collaboration members with proper credentials can request data be displayed in any of several general formats from any Internet appliance that supports a modern browser with Javascript and minimal HTML5 support, including personal computers, smartphones, and tablets. Since its inception in 2012, 634 unique users have visited the LigoDV-web website in a total of 33 , 861 sessions and generated a total of 139 , 875 plots. This infrastructure has been helpful in many analyses within the collaboration including follow-up of the data surrounding the first gravitational-wave events observed by LIGO in 2015.

Strategic Embodiment in Virtual Spaces: Exploring an On-Line Discussion about Sexualities Equality in Schools

ERIC Educational Resources Information Center

Depalma, Renee; Atkinson, Elizabeth

2007-01-01

This paper analyses patterns of participation on a voluntary anonymous Web-based discussion forum, open to students and faculty in one UK university, concerning sexualities equality in schools. Analysis revealed that participants often rejected the security of anonymity and strategically embodied themselves and others (as gay, straight, parents,…

75 FR 80173 - Further Definition of “Swap Dealer,” “Security-Based Swap Dealer,” “Major Swap Participant...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-21

.... The Commission will post all comments on the Commission's Internet Web site ( http://www.sec.gov/rules..., which are the subject of separate rulemakings. For example, whether the definition of a major... Regarding Dealing Activities Commenters provided numerous examples of conduct they viewed as dealing...

A Unique Design for High-Impact Safety and Awareness Training

ERIC Educational Resources Information Center

Calandra, Brendan; Harmon, Stephen W.

2012-01-01

The authors were asked to design and develop a large-scale, web-based learning environment that would effectively assist international aid workers in conducting their daily tasks in the field, at home and in the office in a safer and more secure fashion. The design, development and dissemination of the training needed to be done quickly,…

Faculty Distance Courseware Ownership and the "Wal-Mart" Approach to Higher Education

ERIC Educational Resources Information Center

Talab, Rosemary

2007-01-01

Whether by choice or necessity, colleges and universities are in competition with each other for the burgeoning web-based course market. Spurred by the growth of the for-profits such as the University of Phoenix, institutions have reasons, both practical and philosophical,"...to secure a position in ownership and control of faculty-produced…

Addressing mental health epidemic among university students via web-based, self-screening, and referral system: a preliminary study.

PubMed

Kim, Eung-Hun; Coumar, Anil; Lober, William B; Kim, Yongmin

2011-03-01

The prevalence and severity of mental health problems in college and university communities are alarming. However, the majority of students with mental disorders do not seek help from professionals. To help students assess their mental conditions and encourage them to take an active role in seeking care, we developed a web-based self-screening, referral, and secure communication system and evaluated it at the University of Washington for 17 months. The system handled more than 1000 screenings during the study period. Of the subjects who used the system, 75% noted that the system helped them to make a decision to receive help from professionals. The system was able to provide outreach to students with mental health concerns effectively, allow them to self-screen their conditions, and encourage them to receive professional assistance. The system provided students with 24/7 web-based access to the clinic, and more than 50% of the system use was made during off-hours. The system was well received by patients, referral managers, and care providers, and it was transferred to the clinic for daily clinical use. We believe that a web-based system like ours could be used as one way to tackle the growing epidemic of mental health problems among college and university students.

Methods and implementation of a central biosample and data management in a three-centre clinical study.

PubMed

Angelow, Aniela; Schmidt, Matthias; Weitmann, Kerstin; Schwedler, Susanne; Vogt, Hannes; Havemann, Christoph; Hoffmann, Wolfgang

2008-07-01

In our report we describe concept, strategies and implementation of a central biosample and data management (CSDM) system in the three-centre clinical study of the Transregional Collaborative Research Centre "Inflammatory Cardiomyopathy - Molecular Pathogenesis and Therapy" SFB/TR 19, Germany. Following the requirements of high system resource availability, data security, privacy protection and quality assurance, a web-based CSDM was developed based on Java 2 Enterprise Edition using an Oracle database. An efficient and reliable sample documentation system using bar code labelling, a partitioning storage algorithm and an online documentation software was implemented. An online electronic case report form is used to acquire patient-related data. Strict rules for access to the online applications and secure connections are used to account for privacy protection and data security. Challenges for the implementation of the CSDM resided at project, technical and organisational level as well as at staff level.

Detection and Prevention of Insider Threats in Database Driven Web Services

NASA Astrophysics Data System (ADS)

Chumash, Tzvi; Yao, Danfeng

In this paper, we take the first step to address the gap between the security needs in outsourced hosting services and the protection provided in the current practice. We consider both insider and outsider attacks in the third-party web hosting scenarios. We present SafeWS, a modular solution that is inserted between server side scripts and databases in order to prevent and detect website hijacking and unauthorized access to stored data. To achieve the required security, SafeWS utilizes a combination of lightweight cryptographic integrity and encryption tools, software engineering techniques, and security data management principles. We also describe our implementation of SafeWS and its evaluation. The performance analysis of our prototype shows the overhead introduced by security verification is small. SafeWS will allow business owners to significantly reduce the security risks and vulnerabilities of outsourcing their sensitive customer data to third-party providers.

The peer review system (PRS) for quality assurance and treatment improvement in radiation therapy

NASA Astrophysics Data System (ADS)

Le, Anh H. T.; Kapoor, Rishabh; Palta, Jatinder R.

2012-02-01

Peer reviews are needed across all disciplines of medicine to address complex medical challenges in disease care, medical safety, insurance coverage handling, and public safety. Radiation therapy utilizes technologically advanced imaging for treatment planning, often with excellent efficacy. Since planning data requirements are substantial, patients are at risk for repeat diagnostic procedures or suboptimal therapeutic intervention due to a lack of knowledge regarding previous treatments. The Peer Review System (PRS) will make this critical radiation therapy information readily available on demand via Web technology. The PRS system has been developed with current Web technology, .NET framework, and in-house DICOM library. With the advantages of Web server-client architecture, including IIS web server, SOAP Web Services and Silverlight for the client side, the patient data can be visualized through web browser and distributed across multiple locations by the local area network and Internet. This PRS will significantly improve the quality, safety, and accessibility, of treatment plans in cancer therapy. Furthermore, the secure Web-based PRS with DICOM-RT compliance will provide flexible utilities for organization, sorting, and retrieval of imaging studies and treatment plans to optimize the patient treatment and ultimately improve patient safety and treatment quality.

Adopting and adapting a commercial view of web services for the Navy

NASA Astrophysics Data System (ADS)

Warner, Elizabeth; Ladner, Roy; Katikaneni, Uday; Petry, Fred

2005-05-01

Web Services are being adopted as the enabling technology to provide net-centric capabilities for many Department of Defense operations. The Navy Enterprise Portal, for example, is Web Services-based, and the Department of the Navy is promulgating guidance for developing Web Services. Web Services, however, only constitute a baseline specification that provides the foundation on which users, under current approaches, write specialized applications in order to retrieve data over the Internet. Application development may increase dramatically as the number of different available Web Services increases. Reasons for specialized application development include XML schema versioning differences, adoption/use of diverse business rules, security access issues, and time/parameter naming constraints, among others. We are currently developing for the US Navy a system which will improve delivery of timely and relevant meteorological and oceanographic (MetOc) data to the warfighter. Our objective is to develop an Advanced MetOc Broker (AMB) that leverages Web Services technology to identify, retrieve and integrate relevant MetOc data in an automated manner. The AMB will utilize a Mediator, which will be developed by applying ontological research and schema matching techniques to MetOc forms of data. The AMB, using the Mediator, will support a new, advanced approach to the use of Web Services; namely, the automated identification, retrieval and integration of MetOc data. Systems based on this approach will then not require extensive end-user application development for each Web Service from which data can be retrieved. Users anywhere on the globe will be able to receive timely environmental data that fits their particular needs.

Exploring Patients’ Views Toward Giving Web-Based Feedback and Ratings to General Practitioners in England: A Qualitative Descriptive Study

PubMed Central

Cain, Rebecca; Neailey, Kevin; Hooberman, Lucy

2016-01-01

Background Patient feedback websites or doctor rating websites are increasingly being used by patients to give feedback about their health care experiences. There is little known about why patients in England may give Web-based feedback and what may motivate or dissuade them from giving Web-based feedback. Objective The aim of this study was to explore patients’ views toward giving Web-based feedback and ratings to general practitioners (GPs), within the context of other feedback methods available in primary care in England, and in particular, paper-based feedback cards. Methods A descriptive exploratory qualitative approach using face-to-face semistructured interviews was used in this study. Purposive sampling was used to recruit 18 participants from different age groups in London and Coventry. Interviews were transcribed verbatim and analyzed using applied thematic analysis. Results Half of the participants in this study were not aware of the opportunity to leave feedback for GPs, and there was limited awareness about the methods available to leave feedback for a GP. The majority of participants were not convinced that formal patient feedback was needed by GPs or would be used by GPs for improvement, regardless of whether they gave it via a website or on paper. Some participants said or suggested that they may leave feedback on a website rather than on a paper-based feedback card for several reasons: because of the ability and ease of giving it remotely; because it would be shared with the public; and because it would be taken more seriously by GPs. Others, however, suggested that they would not use a website to leave feedback for the opposite reasons: because of accessibility issues; privacy and security concerns; and because they felt feedback left on a website may be ignored. Conclusions Patient feedback and rating websites as they currently are will not replace other mechanisms for patients in England to leave feedback for a GP. Rather, they may motivate a small number of patients who have more altruistic motives or wish to place collective pressure on a GP to give Web-based feedback. If the National Health Service or GP practices want more patients to leave Web-based feedback, we suggest they first make patients aware that they can leave anonymous feedback securely on a website for a GP. They can then convince them that their feedback is needed and wanted by GPs for improvement, and that the reviews they leave on the website will be of benefit to other patients to decide which GP to see or which GP practice to join. PMID:27496366

77 FR 41678 - Amendment Relating to Reasonable Contract or Arrangement Under Section 408(b)(2)-Fee Disclosure...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-16

...This document revises the mailing address and web-based submission procedures for filing certain notices under the Department of Labor (Department) Employee Benefits Security Administration's fiduciary-level fee disclosure regulation under section 408(b)(2) of the Employee Retirement Income Security Act of 1974 (ERISA). Responsible plan fiduciaries of employee pension benefit plans must file these notices with the Department to obtain relief from ERISA's prohibited transaction provisions that otherwise may apply when a covered service provider to the plan fails to disclose information in accordance with the regulation's requirements.

Academic Information Security Researchers: Hackers or Specialists?

PubMed

Dadkhah, Mehdi; Lagzian, Mohammad; Borchardt, Glenn

2018-04-01

In this opinion piece, we present a synopsis of our findings from the last 2 years concerning cyber-attacks on web-based academia. We also present some of problems that we have faced and try to resolve any misunderstandings about our work. We are academic information security specialists, not hackers. Finally, we present a brief overview of our methods for detecting cyber fraud in an attempt to present general guidelines for researchers who would like to continue our work. We believe that our work is necessary for protecting the integrity of scholarly publishing against emerging cybercrime.

Patient empowerment by the means of citizen-managed Electronic Health Records: web 2.0 health digital identity scenarios.

PubMed

Falcão-Reis, Filipa; Correia, Manuel E

2010-01-01

With the advent of more sophisticated and comprehensive healthcare information systems, system builders are becoming more interested in patient interaction and what he can do to help to improve his own health care. Information systems play nowadays a crucial and fundamental role in hospital work-flows, thus providing great opportunities to introduce and improve upon "patient empowerment" processes for the personalization and management of Electronic Health Records (EHRs). In this paper, we present a patient's privacy generic control mechanisms scenarios based on the Extended OpenID (eOID), a user centric digital identity provider previously developed by our group, which leverages a secured OpenID 2.0 infrastructure with the recently released Portuguese Citizen Card (CC) for secure authentication in a distributed health information environment. eOID also takes advantage of Oauth assertion based mechanisms to implement patient controlled secure qualified role based access to his EHR, by third parties.

Web Server Security on Open Source Environments

NASA Astrophysics Data System (ADS)

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Development of a unified web-based national HIV/AIDS information system in China

PubMed Central

Mao, Yurong; Wu, Zunyou; Poundstone, Katharine; Wang, Changhe; Qin, Qianqian; Ma, Ye; Ma, Wei

2010-01-01

Background In the past, many data collection systems were in operation for different HIV/AIDS projects in China. We describe the creation of a unified, web-based national HIV/AIDS information system designed to streamline data collection and facilitate data use. Methods Integration of separate HIV/AIDS data systems was carried out in three phases. Phase 1, from January 2006 to December 2007, involved creating a set of unified data collection forms that took into account existing program needs and the reporting requirements of various international organizations. Phase 2, from January to October 2007, involved creating a web-based platform to host the integrated HIV/AIDS data collection system. Phase 3, from November to December 2007, involved pilot testing the new, integrated system prior to nationwide application. Results Eight web-based data collection subsystems based on one platform began operation on 1 January 2008. These eight subsystems cover: (i) HIV/AIDS case reporting; (ii) HIV testing and counselling; (iii) antiretroviral treatment (ART) for adults; (iv) ART for children; (v) behavioural interventions for high-risk groups; (vi) methadone maintenance treatment; (vii) sentinel and behavioural surveillance; and (viii) local county background information. The system provides real-time data to monitor HIV testing, prevention and treatment programs across the country. Conclusion China’s new unified, web-based HIV/AIDS information system has improved the efficiency of data collection, reporting, analysis and use, as well as data quality and security. It is a powerful tool to support policy making, program evaluation and implementation of the national HIV/AIDS program and, thus, may serve a model for other countries. PMID:21113041

Cloud Computing for Pharmacometrics: Using AWS, NONMEM, PsN, Grid Engine, and Sonic

PubMed Central

Sanduja, S; Jewell, P; Aron, E; Pharai, N

2015-01-01

Cloud computing allows pharmacometricians to access advanced hardware, network, and security resources available to expedite analysis and reporting. Cloud-based computing environments are available at a fraction of the time and effort when compared to traditional local datacenter-based solutions. This tutorial explains how to get started with building your own personal cloud computer cluster using Amazon Web Services (AWS), NONMEM, PsN, Grid Engine, and Sonic. PMID:26451333

Cloud Computing for Pharmacometrics: Using AWS, NONMEM, PsN, Grid Engine, and Sonic.

PubMed

Sanduja, S; Jewell, P; Aron, E; Pharai, N

2015-09-01

Cloud computing allows pharmacometricians to access advanced hardware, network, and security resources available to expedite analysis and reporting. Cloud-based computing environments are available at a fraction of the time and effort when compared to traditional local datacenter-based solutions. This tutorial explains how to get started with building your own personal cloud computer cluster using Amazon Web Services (AWS), NONMEM, PsN, Grid Engine, and Sonic.

Trust and Online Reputation Systems

NASA Astrophysics Data System (ADS)

Kwan, Ming; Ramachandran, Deepak

Web 2.0 technologies provide organizations with unprecedented opportunities to expand and solidify relationships with their customers, partners, and employees—while empowering firms to define entirely new business models focused on sharing information in online collaborative environments. Yet, in and of themselves, these technologies cannot ensure productive online interactions. Leading enterprises that are experimenting with social networks and online communities are already discovering this fact and along with it, the importance of establishing trust as the foundation for online collaboration and transactions. Just as today's consumers must feel secure to bank, exchange personal information and purchase products and services online; participants in Web 2.0 initiatives will only accept the higher levels of risk and exposure inherent in e-commerce and Web collaboration in an environment of trust. Indeed, only by attending to the need to cultivate online trust with customers, partners and employees will enterprises ever fully exploit the expanded business potential posed by Web 2.0. But developing online trust is no easy feat. While various preliminary attempts have occurred, no definitive model for establishing or measuring it has yet been established. To that end, nGenera has identified three, distinct dimensions of online trust: reputation (quantitative-based); relationship (qualitative-based) and process (system-based). When considered together, they form a valuable model for understanding online trust and a toolbox for cultivating it to support Web 2.0 initiatives.

Electronic Clinical Trial Protocol Distribution via the World-Wide Web

PubMed Central

Afrin, Lawrence B.; Kuppuswamy, Valarmathi; Slater, Barbara; Stuart, Robert K.

1997-01-01

Clinical trials today typically are inefficient, paper-based operations. Poor community physician awareness of available trials and difficult referral mechanisms also contribute to poor accrual. The Physicians Research Network (PRN) web was developed for more efficient trial protocol distribution and eligibility inquiries. The Medical University of South Carolina's Hollings Cancer Center trials program and two community oncology practices served as a testbed. In 581 man-hours over 18 months, 147 protocols were loaded into PRN. The trials program eliminated all protocol hardcopies except the masters, reduced photocopier use 59%, and saved 1.0 full-time equivalents (FTE), but 1.0 FTE was needed to manage PRN. There were no known security breaches, downtime, or content-related problems. Therefore, PRN is a paperless, user-preferred, reliable, secure method for distributing protocols and reducing distribution errors and delays because only a single copy of each protocol is maintained. Furthermore, PRN is being extended to serve other aspects of trial operations. PMID:8988471

Distributed Operations Planning

NASA Technical Reports Server (NTRS)

Fox, Jason; Norris, Jeffrey; Powell, Mark; Rabe, Kenneth; Shams, Khawaja

2007-01-01

Maestro software provides a secure and distributed mission planning system for long-term missions in general, and the Mars Exploration Rover Mission (MER) specifically. Maestro, the successor to the Science Activity Planner, has a heavy emphasis on portability and distributed operations, and requires no data replication or expensive hardware, instead relying on a set of services functioning on JPL institutional servers. Maestro works on most current computers with network connections, including laptops. When browsing down-link data from a spacecraft, Maestro functions similarly to being on a Web browser. After authenticating the user, it connects to a database server to query an index of data products. It then contacts a Web server to download and display the actual data products. The software also includes collaboration support based upon a highly reliable messaging system. Modifications made to targets in one instance are quickly and securely transmitted to other instances of Maestro. The back end that has been developed for Maestro could benefit many future missions by reducing the cost of centralized operations system architecture.

[The Internet and its security].

PubMed

Masić, Izet; Ahmetović, Ademir; Jakupović, Safet; Masić, Zlatan; Zunić, Lejla

2002-01-01

Internet, is the greatest world net by by means of which nowadays the planet communicates, rapidly goes forward. The last years of the university in USA the commonly develop the more progressive concept of the net (Internet 2), thanks to the constant growing technologies, with the goal to answer the needs of the scientific and the educational institutions, but also the commercial institutions and the organizations. Almost the there is no more significant institution in the world which has not developed their web pages and data bases with the most actual contents available to the wider circle of the users. In this paper we have given the section of the most actual web pages. However, Internet is not immune to those users who are not benevolent and who have developed the different tools in the goal of the destroying or unabling of the normal use of all the Internet conveniences. The authors is considering the protection problem and the data security which get distributed by Internet.

76 FR 7884 - Self-Regulatory Organizations; International Securities Exchange, LLC; Order Approving Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-11

... Industry Regulatory Authority's (``FINRA'') Central Registration Depository System (``Web CRD''), and must... proposed Rule 313 all associated persons that are not already registered in Web CRD must register (i.e... the Exchange via a Form U4 through FINRA's Web CRD. (Generally, all principals must qualify as...

32 CFR 806b.51 - Privacy and the Web.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 32 National Defense 6 2013-07-01 2013-07-01 false Privacy and the Web. 806b.51 Section 806b.51 National Defense Department of Defense (Continued) DEPARTMENT OF THE AIR FORCE ADMINISTRATION PRIVACY ACT... security notices at major web site entry points and Privacy Act statements or Privacy Advisories when...

Special Reports; Homeland Security and Information Management; The Development of Electronic Government in the United States: The Federal Policy Experience; Digital Rights Management: Why Libraries Should Be Major Players; The Current State and Future Promise of Portal Applications; Recruitment and Retention: A Professional Concern.

ERIC Educational Resources Information Center

Relyea, Harold C.; Halchin, L. Elaine; Hogue, Henry B.; Agnew, Grace; Martin, Mairead; Schottlaender, Brian E. C.; Jackson, Mary E.

2003-01-01

Theses five reports address five special issues: the effects of the September 11 attacks on information management, including homeland security, Web site information removal, scientific and technical information, and privacy concerns; federal policy for electronic government information; digital rights management and libraries; library Web portal…

One-Time URL: A Proximity Security Mechanism between Internet of Things and Mobile Devices.

PubMed

Solano, Antonio; Dormido, Raquel; Duro, Natividad; González, Víctor

2016-10-13

The aim of this paper is to determine the physical proximity of connected things when they are accessed from a smartphone. Links between connected things and mobile communication devices are temporarily created by means of dynamic URLs (uniform resource locators) which may be easily discovered with pervasive short-range radio frequency technologies available on smartphones. In addition, a multi cross domain silent logging mechanism to allow people to interact with their surrounding connected things from their mobile communication devices is presented. The proposed mechanisms are based in web standards technologies, evolving our social network of Internet of Things towards the so-called Web of Things.

Health Statistics NSW: getting the right balance between privacy and small numbers in a web-based reporting system.

PubMed

Scandol, James P; Moore, Helen A

2012-01-01

Health Statistics NSW is a new web-based application developed by the Centre for Epidemiology and Research at the NSW Ministry of Health. The application is designed to be an efficient vehicle for the timely delivery of health statistics to a diverse audience including the general public, health planners, researchers, students and policy analysts. The development and implementation of this web application required the consideration of a series of competing demands such as: the public interest in providing health data while maintaining the privacy interests of the individuals whose health is being reported; reporting data at spatial scales of relevance to health planners while maintaining the statistical integrity of any inferences drawn; the use of hardware and software systems which are publicly accessible, scalable and robust, while ensuring high levels of security. These three competing demands and the relationships between them are discussed in the context of Health Statistics NSW.

Delivery of laboratory data with World Wide Web technology.

PubMed

Hahn, A W; Leon, M A; Klein-Leon, S; Allen, G K; Boon, G D; Patrick, T B; Klimczak, J C

1997-01-01

We have developed an experimental World Wide Web (WWW) based system to deliver laboratory results to clinicians in our Veterinary Medical Teaching Hospital. Laboratory results are generated by the clinical pathology section of our Veterinary Medical Diagnostic Laboratory and stored in a legacy information system. This system does not interface directly to the hospital information system, and it cannot be accessed directly by clinicians. Our "meta" system first parses routine print reports and then instantiates the data into a modern, open-architecture relational database using a data model constructed with currently accepted international standards for data representation and communication. The system does not affect either of the existing legacy systems. Location-independent delivery of patient data is via a secure WWW based system which maximizes usability and allows "value-added" graphic representations. The data can be viewed with any web browser. Future extensibility and intra- and inter-institutional compatibility served as key design criteria. The system is in the process of being evaluated using accepted methods of assessment of information technologies.

48 CFR 1804.470-3 - IT security requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... the provisioning of services or products (e.g., research and development, engineering, manufacturing... Policies are available at the NASA IT Security Policy Web site at: http://www.nasa.gov/offices/ocio...

CMCC Data Distribution Centre

NASA Astrophysics Data System (ADS)

Aloisio, Giovanni; Fiore, Sandro; Negro, A.

2010-05-01

The CMCC Data Distribution Centre (DDC) is the primary entry point (web gateway) to the CMCC. It is a Data Grid Portal providing a ubiquitous and pervasive way to ease data publishing, climate metadata search, datasets discovery, metadata annotation, data access, data aggregation, sub-setting, etc. The grid portal security model includes the use of HTTPS protocol for secure communication with the client (based on X509v3 certificates that must be loaded into the browser) and secure cookies to establish and maintain user sessions. The CMCC DDC is now in a pre-production phase and it is currently used only by internal users (CMCC researchers and climate scientists). The most important component already available in the CMCC DDC is the Search Engine which allows users to perform, through web interfaces, distributed search and discovery activities by introducing one or more of the following search criteria: horizontal extent (which can be specified by interacting with a geographic map), vertical extent, temporal extent, keywords, topics, creation date, etc. By means of this page the user submits the first step of the query process on the metadata DB, then, she can choose one or more datasets retrieving and displaying the complete XML metadata description (from the browser). This way, the second step of the query process is carried out by accessing to a specific XML document of the metadata DB. Finally, through the web interface, the user can access to and download (partially or totally) the data stored on the storage device accessing to OPeNDAP servers and to other available grid storage interfaces. Requests concerning datasets stored in deep storage will be served asynchronously.

Cyber Situation Awareness through Instance-Based Learning: Modeling the Security Analyst in a Cyber-Attack Scenario

DTIC Science & Technology

2012-01-01

Chocolate Avenue Hershey PA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: cust@igi-global.com Web site: http://www.igi-global.com Copyright © 2011...Lawrence Erlbaum Associates. Anderson, J. R., & Lebiere, C. (2003). The New- ell test for a theory of mind. The Behavioral and Brain Sciences, 26(5

Development of an Innovative Interactive Virtual Classroom System for K-12 Education Using Google App Engine

ERIC Educational Resources Information Center

Mumba, Frackson; Zhu, Mengxia

2013-01-01

This paper presents a Simulation-based interactive Virtual ClassRoom web system (SVCR: www.vclasie.com) powered by the state-of-the-art cloud computing technology from Google SVCR integrates popular free open-source math, science and engineering simulations and provides functions such as secure user access control and management of courses,…

BetterThanPin: Empowering Users to Fight Phishing (Poster)

NASA Astrophysics Data System (ADS)

Tan, Teik Guan

The BetterThanPin concept is an online security service that allows users to enable almost any Cloud or Web-based account (e.g. Gmail, MSN, Yahoo, etc) to be protected with "almost" 2-factor authentication (2FA). The result is that users can now protect their online accounts with better authentication, without waiting for the service or cloud provider.

Attitudes toward Web application supporting pharmacist-clinician comanagement of postexposure prophylaxis patients.

PubMed

Fuller, Crystal M; Turner, Alezandria K; Hernández, Diana; Rivera, Alexis V; Amesty, Silvia; Lewis, Michael D; Feldman, Stuart

2013-01-01

To qualitatively explore clinician and pharmacist attitudes toward using a Web application virtual pharmacist-clinician partnership (VPCP) to assist with comanaged care of illicit drug-using patients prescribed postexposure prophylaxis (PEP). Qualitative, descriptive, nonexperimental study. New York City (NYC) from February 2011 to March 2012. Four pharmacists and nine clinicians. In-depth interviews. Potential impact of the VPCP on pharmacist-clinician communication and potential barriers to use of the VPCP when comanaging PEP patients among pharmacists and clinicians. Pharmacists and clinicians were supportive of an interactive Web application that would expand the role of pharmacists to include assistance with PEP access and patient management. Participants noted that the VPCP would facilitate communication between pharmacists and clinicians and have potential to support adherence among patients. Pharmacists and clinicians were concerned about not having time to use the VPCP and security of patient information on the site. Pharmacist and clinician concerns informed final development of the VPCP, including creation of a user-friendly interface, linkage to users' e-mail accounts for timeline notification, and attention to security. Use of Web-based technology to support communication between pharmacists and clinicians was seen as being a potentially feasible method for improving patient care, particularly in the delivery of PEP to drug users and other high-risk groups. These findings highlight the need for further study of a technology-supported partnership, particularly for comanagement of patients who face challenges with adherence.

Development and Use of a Virtual NMR Facility

NASA Astrophysics Data System (ADS)

Keating, Kelly A.; Myers, James D.; Pelton, Jeffrey G.; Bair, Raymond A.; Wemmer, David E.; Ellis, Paul D.

2000-03-01

We have developed a "virtual NMR facility" (VNMRF) to enhance access to the NMR spectrometers in Pacific Northwest National Laboratory's Environmental Molecular Sciences Laboratory (EMSL). We use the term virtual facility to describe a real NMR facility made accessible via the Internet. The VNMRF combines secure remote operation of the EMSL's NMR spectrometers over the Internet with real-time videoconferencing, remotely controlled laboratory cameras, real-time computer display sharing, a Web-based electronic laboratory notebook, and other capabilities. Remote VNMRF users can see and converse with EMSL researchers, directly and securely control the EMSL spectrometers, and collaboratively analyze results. A customized Electronic Laboratory Notebook allows interactive Web-based access to group notes, experimental parameters, proposed molecular structures, and other aspects of a research project. This paper describes our experience developing a VNMRF and details the specific capabilities available through the EMSL VNMRF. We show how the VNMRF has evolved during a test project and present an evaluation of its impact in the EMSL and its potential as a model for other scientific facilities. All Collaboratory software used in the VNMRF is freely available from http://www.emsl.pnl.gov:2080/docs/collab.

The Anatomy of a Grid portal

NASA Astrophysics Data System (ADS)

Licari, Daniele; Calzolari, Federico

2011-12-01

In this paper we introduce a new way to deal with Grid portals referring to our implementation. L-GRID is a light portal to access the EGEE/EGI Grid infrastructure via Web, allowing users to submit their jobs from a common Web browser in a few minutes, without any knowledge about the Grid infrastructure. It provides the control over the complete lifecycle of a Grid Job, from its submission and status monitoring, to the output retrieval. The system, implemented as client-server architecture, is based on the Globus Grid middleware. The client side application is based on a java applet; the server relies on a Globus User Interface. There is no need of user registration on the server side, and the user needs only his own X.509 personal certificate. The system is user-friendly, secure (it uses SSL protocol, mechanism for dynamic delegation and identity creation in public key infrastructures), highly customizable, open source, and easy to install. The X.509 personal certificate does not get out from the local machine. It allows to reduce the time spent for the job submission, granting at the same time a higher efficiency and a better security level in proxy delegation and management.

77 FR 19408 - Reinstate Index to Chapter III in 20 CFR

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-30

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0018] Reinstate Index to Chapter III in 20 CFR AGENCY: Social Security Administration. ACTION: Notice; correction. SUMMARY: The Social Security... Chapter III in Title 20 of the Code of Federal Regulations. The document contains a misprinted Web site...

School Safety and Security.

ERIC Educational Resources Information Center

California State Dept. of Education, Sacramento.

This document offers additional guidelines for school facilities in California in the areas of safety and security, lighting, and cleanliness. It also offers a description of technology resources available on the World Wide Web. On the topic of safety and security, the document offers guidelines in the areas of entrances, doors, and controlled…

78 FR 13897 - Final Revision and Publication of the 2012 Form M-1, Notice

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-01

... DEPARTMENT OF LABOR Employee Benefits Security Administration RIN 1210-AB51 Final Revision and Publication of the 2012 Form M-1, Notice AGENCY: Employee Benefits Security Administration, Department of... Security Administration's (EBSA) Web site at www.dol.gov/ebsa . The revised form is substantively different...

Development of a Secure Mobile GPS Tracking and Management System

ERIC Educational Resources Information Center

Liu, Anyi

2012-01-01

With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2012 CFR

2012-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2014 CFR

2014-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE U.S. TREASURY SECURITIES...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2013 CFR

2013-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

Defense.gov - Special Report - Travels With Gates

Science.gov Websites

/Photos Leaders DoD Web Sites Contact Us Shangri-La Dialogue: Asia Security Summit Alaska Visit – June Shangri-La Dialogue on Asia Security Summit, Singapore, May 30, 2009. DoD photo by U.S. Air Force Master Robert M. Gates opened the “Shangri-La Dialogue” Asia security summit outlining broad security issues

Addressing Software Security

NASA Technical Reports Server (NTRS)

Bailey, Brandon

2015-01-01

Historically security within organizations was thought of as an IT function (web sites/servers, email, workstation patching, etc.) Threat landscape has evolved (Script Kiddies, Hackers, Advanced Persistent Threat (APT), Nation States, etc.) Attack surface has expanded -Networks interconnected!! Some security posture factors Network Layer (Routers, Firewalls, etc.) Computer Network Defense (IPS/IDS, Sensors, Continuous Monitoring, etc.) Industrial Control Systems (ICS) Software Security (COTS, FOSS, Custom, etc.)

Trusted computing strengthens cloud authentication.

PubMed

Ghazizadeh, Eghbal; Zamani, Mazdak; Ab Manan, Jamalul-lail; Alizadeh, Mojtaba

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.

Trusted Computing Strengthens Cloud Authentication

PubMed Central

2014-01-01

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model. PMID:24701149

Implementing Patient Access to Electronic Health Records Under HIPAA: Lessons Learned

PubMed Central

Wang, Tiffany; Pizziferri, Lisa; Volk, Lynn A; Mikels, Debra A; Grant, Karen G; Wald, Jonathan S; Bates, David W

2004-01-01

In 2001, the Institute of Medicine (IOM) and the Health Insurance Portability and Accountability Act (HIPAA) emphasized the need for patients to have greater control over their health information. We describe a Boston healthcare system's approach to providing patients access to their electronic health records (EHRs) via Patient Gateway, a secure, Web-based portal. Implemented in 19 clinic sites to date, Patient Gateway allows patients to access information from their medical charts via the Internet in a secure manner. Since 2002, over 19,000 patients have enrolled in Patient Gateway, more than 125,000 patients have logged into the system, and over 37,000 messages have been sent by patients to their practices. There have been no major security concerns. By providing access to EHR data, secure systems like Patient Gateway allow patients a greater role in their healthcare process, as envisioned by the IOM and HIPAA. PMID:18066391

Knowledge-based personalized search engine for the Web-based Human Musculoskeletal System Resources (HMSR) in biomechanics.

PubMed

Dao, Tien Tuan; Hoang, Tuan Nha; Ta, Xuan Hien; Tho, Marie Christine Ho Ba

2013-02-01

Human musculoskeletal system resources of the human body are valuable for the learning and medical purposes. Internet-based information from conventional search engines such as Google or Yahoo cannot response to the need of useful, accurate, reliable and good-quality human musculoskeletal resources related to medical processes, pathological knowledge and practical expertise. In this present work, an advanced knowledge-based personalized search engine was developed. Our search engine was based on a client-server multi-layer multi-agent architecture and the principle of semantic web services to acquire dynamically accurate and reliable HMSR information by a semantic processing and visualization approach. A security-enhanced mechanism was applied to protect the medical information. A multi-agent crawler was implemented to develop a content-based database of HMSR information. A new semantic-based PageRank score with related mathematical formulas were also defined and implemented. As the results, semantic web service descriptions were presented in OWL, WSDL and OWL-S formats. Operational scenarios with related web-based interfaces for personal computers and mobile devices were presented and analyzed. Functional comparison between our knowledge-based search engine, a conventional search engine and a semantic search engine showed the originality and the robustness of our knowledge-based personalized search engine. In fact, our knowledge-based personalized search engine allows different users such as orthopedic patient and experts or healthcare system managers or medical students to access remotely into useful, accurate, reliable and good-quality HMSR information for their learning and medical purposes. Copyright © 2012 Elsevier Inc. All rights reserved.

Security, privacy, and confidentiality issues on the Internet

PubMed Central

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

Security, privacy, and confidentiality issues on the Internet.

PubMed

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Building a Library Web Server on a Budget.

ERIC Educational Resources Information Center

Orr, Giles

1998-01-01

Presents a method for libraries with limited budgets to create reliable Web servers with existing hardware and free software available via the Internet. Discusses staff, hardware and software requirements, and security; outlines the assembly process. (PEN)

12 CFR Appendix A to Part 40 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... the term “Social Security number” in the first bullet. (2) Institutions must use five (5) of the...; a Web site; or use of a mail-in opt-out form. Institutions may include the words “toll-free” before... specific Web address that takes consumers directly to the opt-out page or a general Web address that...

12 CFR Appendix A to Part 716 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... the term “Social Security number” in the first bullet. (2) Institutions must use five (5) of the...; a Web site; or use of a mail-in opt-out form. Institutions may include the words “toll-free” before... specific Web address that takes consumers directly to the opt-out page or a general Web address that...

12 CFR Appendix A to Part 573 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... the term “Social Security number” in the first bullet. (2) Institutions must use five (5) of the...; a Web site; or use of a mail-in opt-out form. Institutions may include the words “toll-free” before... specific Web address that takes consumers directly to the opt-out page or a general Web address that...

78 FR 62862 - Self-Regulatory Organizations; Financial Industry Regulatory Authority, Inc.; Notice of Filing of...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-22

... count information for equity securities publicly available on its Web site. The text of the proposed rule change is available on FINRA's Web site at http://www.finra.org , at the principal office of FINRA... basis.\\15\\ Under the proposed rule change, FINRA would publish on its Web site the reported information...

78 FR 20983 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-08

... the proposed rule change is available on the Exchange's Web site at www.nyse.com , at the principal... in a manner to facilitate its distribution via Web sites or mobile devices. \\4\\ See Securities... broadcasters, Web site and mobile device service providers, and others to distribute this data product to their...

A web-based institutional DICOM distribution system with the integration of the Clinical Trial Processor (CTP).

PubMed

Aryanto, K Y E; Broekema, A; Langenhuysen, R G A; Oudkerk, M; van Ooijen, P M A

2015-05-01

To develop and test a fast and easy rule-based web-environment with optional de-identification of imaging data to facilitate data distribution within a hospital environment. A web interface was built using Hypertext Preprocessor (PHP), an open source scripting language for web development, and Java with SQL Server to handle the database. The system allows for the selection of patient data and for de-identifying these when necessary. Using the services provided by the RSNA Clinical Trial Processor (CTP), the selected images were pushed to the appropriate services using a protocol based on the module created for the associated task. Five pipelines, each performing a different task, were set up in the server. In a 75 month period, more than 2,000,000 images are transferred and de-identified in a proper manner while 20,000,000 images are moved from one node to another without de-identification. While maintaining a high level of security and stability, the proposed system is easy to setup, it integrate well with our clinical and research practice and it provides a fast and accurate vendor-neutral process of transferring, de-identifying, and storing DICOM images. Its ability to run different de-identification processes in parallel pipelines is a major advantage in both clinical and research setting.

A Practical Guide To Developing Effective Web-based Learning

PubMed Central

Cook, David A; Dupras, Denise M

2004-01-01

OBJECTIVE Online learning has changed medical education, but many “educational” websites do not employ principles of effective learning. This article will assist readers in developing effective educational websites by integrating principles of active learning with the unique features of the Web. DESIGN Narrative review. RESULTS The key steps in developing an effective educational website are: Perform a needs analysis and specify goals and objectives; determine technical resources and needs; evaluate preexisting software and use it if it fully meets your needs; secure commitment from all participants and identify and address potential barriers to implementation; develop content in close coordination with website design (appropriately use multimedia, hyperlinks, and online communication) and follow a timeline; encourage active learning (self-assessment, reflection, self-directed learning, problem-based learning, learner interaction, and feedback); facilitate and plan to encourage use by the learner (make website accessible and user-friendly, provide time for learning, and motivate learners); evaluate learners and course; pilot the website before full implementation; and plan to monitor online communication and maintain the site by resolving technical problems, periodically verifying hyperlinks, and regularly updating content. CONCLUSION Teaching on the Web involves more than putting together a colorful webpage. By consistently employing principles of effective learning, educators will unlock the full potential of Web-based medical education. PMID:15209610

Proposal and Implementation of SSH Client System Using Ajax

NASA Astrophysics Data System (ADS)

Kosuda, Yusuke; Sasaki, Ryoichi

Technology called Ajax gives web applications the functionality and operability of desktop applications. In this study, we propose and implement a Secure Shell (SSH) client system using Ajax, independent of the OS or Java execution environment. In this system, SSH packets are generated on a web browser by using JavaScript and a web server works as a proxy in communication with an SSH server to realize end-to-end SSH communication. We implemented a prototype program and confirmed by experiment that it runs on several web browsers and mobile phones. This system has enabled secure SSH communication from a PC at an Internet cafe or any mobile phone. By measuring the processing performance, we verified satisfactory performance for emergency use, although the speed was unsatisfactory in some cases with mobile phone. The system proposed in this study will be effective in various fields of E-Business.

Web-based health care agents; the case of reminders and todos, too (R2Do2).

PubMed

Silverman, B G; Andonyadis, C; Morales, A

1998-11-01

This paper describes efforts to develop and field an agent-based, healthcare middleware framework that securely connects practice rule sets to patient records to anticipate health todo items and to remind and alert users about these items over the web. Reminders and todos, too (R2Do2) is an example of merging data- and document-centric architectures, and of integrating agents into patient-provider collaboration environments. A test of this capability verifies that R2Do2 is progressing toward its two goals: (1) an open standards framework for middleware in the healthcare field; and (2) an implementation of the 'principle of optimality' to derive the best possible health plans for each user. This paper concludes with lessons learned to date.

Applying Web-Based Tools for Research, Engineering, and Operations

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2011-01-01

Personnel in the NASA Glenn Research Center Network and Architectures branch have performed a variety of research related to space-based sensor webs, network centric operations, security and delay tolerant networking (DTN). Quality documentation and communications, real-time monitoring and information dissemination are critical in order to perform quality research while maintaining low cost and utilizing multiple remote systems. This has been accomplished using a variety of Internet technologies often operating simultaneously. This paper describes important features of various technologies and provides a number of real-world examples of how combining Internet technologies can enable a virtual team to act efficiently as one unit to perform advanced research in operational systems. Finally, real and potential abuses of power and manipulation of information and information access is addressed.

Development of a Web-Based Registry to Support Diabetes Care in Free Medical Clinics.

PubMed

McFadden, Norman; Daniel, Bryan; Hoyt, Robert; Snider, Dallas

2017-01-01

The United States has more than 1,000 free medical clinics. Because these clinics do not bill Medicare or Medicaid, they are not eligible for federal reimbursement for electronic health record (EHR) adoption. As a result, most do not have EHRs or electronic disease registries. A web-based diabetes registry was created with all open-source components for use in an urban free clinic to manage patients with type 2 diabetes and comorbidities. The registry was modeled after the Chronic Disease Electronic Management System and recommendations of the American Diabetes Association. The software was enhanced to include multiple other features, such as progress notes, so that it can function as a simple EHR. The configuration permits other free clinics to join securely, and the software can be shared.

Safe and Secure Services Based on NGN

NASA Astrophysics Data System (ADS)

Fukazawa, Tomoo; Nisase, Takemi; Kawashima, Masahisa; Hariu, Takeo; Oshima, Yoshihito

Next Generation Network (NGN), which has been undergoing standardization as it has developed, is expected to create new services that converge the fixed and mobile networks. This paper introduces the basic requirements for NGN in terms of security and explains the standardization activities, in particular, the requirements for the security function described in Y.2701 discussed in ITU-T SG-13. In addition to the basic NGN security function, requirements for NGN authentication are also described from three aspects: security, deployability, and service. As examples of authentication implementation, three profiles-namely, fixed, nomadic, and mobile-are defined in this paper. That is, the “fixed profile” is typically for fixed-line subscribers, the “nomadic profile” basically utilizes WiFi access points, and the “mobile profile” provides ideal NGN mobility for mobile subscribers. All three of these profiles satisfy the requirements from security aspects. The three profiles are compared from the viewpoint of requirements for deployability and service. After showing that none of the three profiles can fulfill all of the requirements, we propose that multiple profiles should be used by NGN providers. As service and application examples, two promising NGN applications are proposed. The first is a strong authentication mechanism that makes Web applications more safe and secure even against password theft. It is based on NGN ID federation function. The second provides an easy peer-to-peer broadband virtual private network service aimed at safe and secure communication for personal/SOHO (small office, home office) users, based on NGN SIP (session initiation protocol) session control.

Integrating geo web services for a user driven exploratory analysis

NASA Astrophysics Data System (ADS)

Moncrieff, Simon; Turdukulov, Ulanbek; Gulland, Elizabeth-Kate

2016-04-01

In data exploration, several online data sources may need to be dynamically aggregated or summarised over spatial region, time interval, or set of attributes. With respect to thematic data, web services are mainly used to present results leading to a supplier driven service model limiting the exploration of the data. In this paper we propose a user need driven service model based on geo web processing services. The aim of the framework is to provide a method for the scalable and interactive access to various geographic data sources on the web. The architecture combines a data query, processing technique and visualisation methodology to rapidly integrate and visually summarise properties of a dataset. We illustrate the environment on a health related use case that derives Age Standardised Rate - a dynamic index that needs integration of the existing interoperable web services of demographic data in conjunction with standalone non-spatial secure database servers used in health research. Although the example is specific to the health field, the architecture and the proposed approach are relevant and applicable to other fields that require integration and visualisation of geo datasets from various web services and thus, we believe is generic in its approach.

Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

DTIC Science & Technology

2008-03-01

Machine [29]. OC4J applications support Java Servlets , Web services, and the following J2EE specific standards: Extensible Markup Language (XML...IMAP Internet Message Access Protocol IP Internet Protocol IT Information Technology xviii J2EE Java Enterprise Environment JSR 168 Java ...LDAP), World Wide Web Distributed Authoring and Versioning (WebDav), Java Specification Request 168 (JSR 168), and Web Services for Remote

A Web-Based Information System for Field Data Management

NASA Astrophysics Data System (ADS)

Weng, Y. H.; Sun, F. S.

2014-12-01

A web-based field data management system has been designed and developed to allow field geologists to store, organize, manage, and share field data online. System requirements were analyzed and clearly defined first regarding what data are to be stored, who the potential users are, and what system functions are needed in order to deliver the right data in the right way to the right user. A 3-tiered architecture was adopted to create this secure, scalable system that consists of a web browser at the front end while a database at the back end and a functional logic server in the middle. Specifically, HTML, CSS, and JavaScript were used to implement the user interface in the front-end tier, the Apache web server runs PHP scripts, and MySQL to server is used for the back-end database. The system accepts various types of field information, including image, audio, video, numeric, and text. It allows users to select data and populate them on either Google Earth or Google Maps for the examination of the spatial relations. It also makes the sharing of field data easy by converting them into XML format that is both human-readable and machine-readable, and thus ready for reuse.

Using a Java Web-based Graphical User Interface to access the SOHO Data Arch ive

NASA Astrophysics Data System (ADS)

Scholl, I.; Girard, Y.; Bykowski, A.

This paper presents the architecture of a Java web-based graphical interface dedicated to the access of the SOHO Data archive. This application allows local and remote users to search in the SOHO data catalog and retrieve the SOHO data files from the archive. It has been developed at MEDOC (Multi-Experiment Data and Operations Centre), located at the Institut d'Astrophysique Spatiale (Orsay, France), which is one of the European Archives for the SOHO data. This development is part of a joint effort between ESA, NASA and IAS in order to implement long term archive systems for the SOHO data. The software architecture is built as a client-server application using Java language and SQL above a set of components such as an HTTP server, a JDBC gateway, a RDBMS server, a data server and a Web browser. Since HTML pages and CGI scripts are not powerful enough to allow user interaction during a multi-instrument catalog search, this type of requirement enforces the choice of Java as the main language. We also discuss performance issues, security problems and portability on different Web browsers and operating syste ms.

Written online situational feedback via mobile phone to support self-management of chronic widespread pain: a usability study of a Web-based intervention

PubMed Central

2011-01-01

Background This pretrial study aimed to develop and test the usability of a four-week Internet intervention delivered by a Web-enabled mobile phone to support self-management of chronic widespread pain. Methods The intervention included daily online entries and individualized written feedback, grounded in a mindfulness-based cognitive behavioral approach. The participants registered activities, emotions and pain cognitions three times daily using the mobile device. The therapist had immediate access to this information through a secure Web site. The situational information was used to formulate and send a personalized text message to the participant with the aim of stimulating effective self-management of the current situation. Six women participated and evaluated the experience. Results The intervention was rated as supportive, meaningful and user-friendly by the majority of the women. The response rate to the daily registration entries was high and technical problems were few. Conclusion The results indicate a feasible intervention. Web-applications are fast becoming standard features of mobile phones and interventions of this kind can therefore be more available than before. Trial registration number ClinicalTrials.gov: NCT01236209 PMID:21352516

The International Collaboration for Autism Registry Epidemiology (iCARE): multinational registry-based investigations of autism risk factors and trends.

PubMed

Schendel, Diana E; Bresnahan, Michaeline; Carter, Kim W; Francis, Richard W; Gissler, Mika; Grønborg, Therese K; Gross, Raz; Gunnes, Nina; Hornig, Mady; Hultman, Christina M; Langridge, Amanda; Lauritsen, Marlene B; Leonard, Helen; Parner, Erik T; Reichenberg, Abraham; Sandin, Sven; Sourander, Andre; Stoltenberg, Camilla; Suominen, Auli; Surén, Pål; Susser, Ezra

2013-11-01

The International Collaboration for Autism Registry Epidemiology (iCARE) is the first multinational research consortium (Australia, Denmark, Finland, Israel, Norway, Sweden, USA) to promote research in autism geographical and temporal heterogeneity, phenotype, family and life course patterns, and etiology. iCARE devised solutions to challenges in multinational collaboration concerning data access security, confidentiality and management. Data are obtained by integrating existing national or state-wide, population-based, individual-level data systems and undergo rigorous harmonization and quality control processes. Analyses are performed using database federation via a computational infrastructure with a secure, web-based, interface. iCARE provides a unique, unprecedented resource in autism research that will significantly enhance the ability to detect environmental and genetic contributions to the causes and life course of autism.

Department of Defense High Performance Computing Modernization Program. 2008 Annual Report

DTIC Science & Technology

2009-04-01

place to another on the network. Without it, a computer could only talk to itself - no email, no web browsing, and no iTunes . Most of the Internet...Your SecurID Card ), Ken Renard Secure Wireless, Rob Scott and Stephen Bowman Securing Today’s Networks, Rich Whittney, Juniper Networks, Federal

Cyber Security Applications: Freeware & Shareware

ERIC Educational Resources Information Center

Rogers, Gary; Ashford, Tina

2015-01-01

This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

Security Considerations of Doing Business via the Internet: Cautions To Be Considered.

ERIC Educational Resources Information Center

Aldridge, Alicia; White, Michele; Forcht, Karen

1997-01-01

Lack of security is perceived as a major roadblock to doing business online. This article examines system, user, and commercial transaction privacy on the World Wide Web and discusses methods of protection: operating systems security, file and data protection, user education, access restrictions, data authentication, perimeter and transaction…

Shared Electronic Health Record Systems: Key Legal and Security Challenges.

PubMed

Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

2017-11-01

Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

Computer-aided diagnosis workstation and telemedicine network system for chest diagnosis based on multislice CT images

NASA Astrophysics Data System (ADS)

Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kakinuma, Ryutaru; Moriyama, Noriyuki

2009-02-01

Mass screening based on multi-helical CT images requires a considerable number of images to be read. It is this time-consuming step that makes the use of helical CT for mass screening impractical at present. Moreover, the doctor who diagnoses a medical image is insufficient in Japan. To overcome these problems, we have provided diagnostic assistance methods to medical screening specialists by developing a lung cancer screening algorithm that automatically detects suspected lung cancers in helical CT images, a coronary artery calcification screening algorithm that automatically detects suspected coronary artery calcification and a vertebra body analysis algorithm for quantitative evaluation of osteoporosis likelihood by using helical CT scanner for the lung cancer mass screening. The functions to observe suspicious shadow in detail are provided in computer-aided diagnosis workstation with these screening algorithms. We also have developed the telemedicine network by using Web medical image conference system with the security improvement of images transmission, Biometric fingerprint authentication system and Biometric face authentication system. Biometric face authentication used on site of telemedicine makes "Encryption of file" and "Success in login" effective. As a result, patients' private information is protected. We can share the screen of Web medical image conference system from two or more web conference terminals at the same time. An opinion can be exchanged mutually by using a camera and a microphone that are connected with workstation. Based on these diagnostic assistance methods, we have developed a new computer-aided workstation and a new telemedicine network that can display suspected lesions three-dimensionally in a short time. The results of this study indicate that our radiological information system without film by using computer-aided diagnosis workstation and our telemedicine network system can increase diagnostic speed, diagnostic accuracy and security improvement of medical information.

The iMeteo is a web-based weather visualization tool

NASA Astrophysics Data System (ADS)

Tuni San-Martín, Max; San-Martín, Daniel; Cofiño, Antonio S.

2010-05-01

iMeteo is a web-based weather visualization tool. Designed with an extensible J2EE architecture, it is capable of displaying information from heterogeneous data sources such as gridded data from numerical models (in NetCDF format) or databases of local predictions. All this information is presented in a user-friendly way, being able to choose the specific tool to display data (maps, graphs, information tables) and customize it to desired locations. *Modular Display System* Visualization of the data is achieved through a set of mini tools called widgets. A user can add them at will and arrange them around the screen easily with a drag and drop movement. They can be of various types and each can be configured separately, forming a really powerful and configurable system. The "Map" is the most complex widget, since it can show several variables simultaneously (either gridded or point-based) through a layered display. Other useful widgets are the the "Histogram", which generates a graph with the frequency characteristics of a variable and the "Timeline" which shows the time evolution of a variable at a given location in an interactive way. *Customization and security* Following the trends in web development, the user can easily customize the way data is displayed. Due to programming in client side with technologies like AJAX, the interaction with the application is similar to the desktop ones because there are rapid respone times. If a user is registered then he could also save his settings in the database, allowing access from any system with Internet access with his particular setup. There is particular emphasis on application security. The administrator can define a set of user profiles, which may have associated restrictions on access to certain data sources, geographic areas or time intervals.

WebGLORE: a web service for Grid LOgistic REgression.

PubMed

Jiang, Wenchao; Li, Pinghao; Wang, Shuang; Wu, Yuan; Xue, Meng; Ohno-Machado, Lucila; Jiang, Xiaoqian

2013-12-15

WebGLORE is a free web service that enables privacy-preserving construction of a global logistic regression model from distributed datasets that are sensitive. It only transfers aggregated local statistics (from participants) through Hypertext Transfer Protocol Secure to a trusted server, where the global model is synthesized. WebGLORE seamlessly integrates AJAX, JAVA Applet/Servlet and PHP technologies to provide an easy-to-use web service for biomedical researchers to break down policy barriers during information exchange. http://dbmi-engine.ucsd.edu/webglore3/. WebGLORE can be used under the terms of GNU general public license as published by the Free Software Foundation.

Enterprise Considerations for Ports and Protocols

DTIC Science & Technology

2016-10-21

selected communications. These protocols are restricted to specific ports or addresses in the receiving web service. HTTPS is familiarly restricted...in use by the web services and applications that are connected to the network are required for interoperability and security. Policies specify the...network or reside at the end-points (i.e., web services or clients). ____________________________ Manuscript received June 1, 2016; revised July

Faith-Based Organizations and Veteran Reintegration: Enriching the Web of Support

DTIC Science & Technology

2015-01-01

health care , physi- cal health, family, and social networks. In some cases, the support is offered to veterans directly; in other instances, the...locating meaningful civilian employment, pursuing higher education, securing housing, and building a social network after spending years or even...the prevalence of reintegration challenges. Approximately one-fourth to one-half of these veterans experienced difficulty in social functioning (e.g

Networking and Information Technology Research and Development. Supplement to the President’s Budget for FY 2002

DTIC Science & Technology

2001-07-01

Web-based applications to improve health data systems and quality of care; innovative strategies for data collection in clinical settings; approaches...research to increase interoperability and integration of software in distributed systems ; protocols and tools for data annotation and management; and...Generation National Defense and National Security Systems .......................... 27 Improved Health Care Systems for All Citizens

A web-based remote radiation treatment planning system using the remote desktop function of a computer operating system: a preliminary report.

PubMed

Suzuki, Keishiro; Hirasawa, Yukinori; Yaegashi, Yuji; Miyamoto, Hideki; Shirato, Hiroki

2009-01-01

We developed a web-based, remote radiation treatment planning system which allowed staff at an affiliated hospital to obtain support from a fully staffed central institution. Network security was based on a firewall and a virtual private network (VPN). Client computers were installed at a cancer centre, at a university hospital and at a staff home. We remotely operated the treatment planning computer using the Remote Desktop function built in to the Windows operating system. Except for the initial setup of the VPN router, no special knowledge was needed to operate the remote radiation treatment planning system. There was a time lag that seemed to depend on the volume of data traffic on the Internet, but it did not affect smooth operation. The initial cost and running cost of the system were reasonable.

33 CFR 106.262 - Security measures for newly-hired employees.

Code of Federal Regulations, 2010 CFR

2010-07-01

... following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil): (i) Full legal name, including middle name if one exists; (ii) Date of birth; (iii) Social security...

33 CFR 106.262 - Security measures for newly-hired employees.

Code of Federal Regulations, 2011 CFR

2011-07-01

... following information on the new hire into the Coast Guard's Homeport Web site (http://homeport.uscg.mil): (i) Full legal name, including middle name if one exists; (ii) Date of birth; (iii) Social security...

Android Based Area Web Monitoring

NASA Astrophysics Data System (ADS)

Kanigoro, Bayu; Galih Salman, Afan; Moniaga, Jurike V.; Chandra, Eric; Rezky Chandra, Zein

2014-03-01

The research objective is to develop an application that can be used in the monitoring of an area by using a webcam. It aims to create a sense of security on the user's application because it can monitor an area using mobile phone anywhere. The results obtained in this study is to create an area with a webcam monitoring application that can be accessed anywhere as long as the monitoring results have internet access and can also be accessed through Android Based Mobile Phone.

Constructing paths through social networks for disease surveillance

NASA Astrophysics Data System (ADS)

Greene, Marjorie

2011-06-01

Global health security needs better information on biological threats such as pandemics and bioterrorism that pose ever-increasing dangers for the health of populations worldwide. A vast amount of real-time information about infectious disease outbreaks is found in various forms of Web-based data streams. There are advantages and disadvantages of Internet-based surveillance and it has been suggested that an important research area will be to evaluate the application of technologies that will provide benefits to outbreak disease control at local, national, and international levels.

Application of open source standards and technologies in the http://climate4impact.eu/ portal

NASA Astrophysics Data System (ADS)

Plieger, Maarten; Som de Cerff, Wim; Pagé, Christian; Tatarinova, Natalia

2015-04-01

This presentation will demonstrate how to calculate and visualize the climate indice SU (number of summer days) on the climate4impact portal. The following topics will be covered during the demonstration: - Security: Login using OpenID for access to the Earth System Grid Fedeation (ESGF) data nodes. The ESGF works in conjunction with several external websites and systems. The climate4impact portal uses X509 based short lived credentials, generated on behalf of the user with a MyProxy service. Single Sign-on (SSO) is used to make these websites and systems work together. - Discovery: Facetted search based on e.g. variable name, model and institute using the ESGF search services. A catalog browser allows for browsing through CMIP5 and any other climate model data catalogues (e.g. ESSENCE, EOBS, UNIDATA). - Processing using Web Processing Services (WPS): Transform data, subset, export into other formats, and perform climate indices calculations using Web Processing Services implemented by PyWPS, based on NCAR NCPP OpenClimateGIS and IS-ENES2 ICCLIM. - Visualization using Web Map Services (WMS): Visualize data from ESGF data nodes using ADAGUC Web Map Services. The aim of climate4impact is to enhance the use of Climate Research Data and to enhance the interaction with climate effect/impact communities. The portal is based on 21 impact use cases from 5 different European countries, and is evaluated by a user panel consisting of use case owners. It has been developed within the European projects IS-ENES and IS-ENES2 for more than 5 years, and its development currently continues within IS-ENES2 and CLIPC. As the climate impact community is very broad, the focus is mainly on the scientific impact community. This work has resulted in the ENES portal interface for climate impact communities and can be visited at http://climate4impact.eu/ The current main objectives for climate4impact can be summarized in two objectives. The first one is to work on a web interface which automatically generates a graphical user interface on WPS endpoints. The WPS calculates climate indices and subset data using OpenClimateGIS/ICCLIM on data stored in ESGF data nodes. Data is then transmitted from ESGF nodes over secured OpenDAP and becomes available in a new, per user, secured OpenDAP server. The results can then be visualized again using ADAGUC WMS. Dedicated wizards for processing of climate indices will be developed in close collaboration with users. The second one is to expose climate4impact services, so as to offer standardized services which can be used by other portals. This has the advantage to add interoperability between several portals, as well as to enable the design of specific portals aimed at different impact communities, either thematic or national, for example.

WebBioBank: a new platform for integrating clinical forms and shared neurosignal analyses to support multi-centre studies in Parkinson's Disease.

PubMed

Rossi, Elena; Rosa, Manuela; Rossi, Lorenzo; Priori, Alberto; Marceglia, Sara

2014-12-01

The web-based systems available for multi-centre clinical trials do not combine clinical data collection (Electronic Health Records, EHRs) with signal processing storage and analysis tools. However, in pathophysiological research, the correlation between clinical data and signals is crucial for uncovering the underlying neurophysiological mechanisms. A specific example is the investigation of the mechanisms of action for Deep Brain Stimulation (DBS) used for Parkinson's Disease (PD); the neurosignals recorded from the DBS target structure and clinical data must be investigated. The aim of this study is the development and testing of a new system dedicated to a multi-centre study of Parkinson's Disease that integrates biosignal analysis tools and data collection in a shared and secure environment. We designed a web-based platform (WebBioBank) for managing the clinical data and biosignals of PD patients treated with DBS in different clinical research centres. Homogeneous data collection was ensured in the different centres (Operative Units, OUs). The anonymity of the data was preserved using unique identifiers associated with patients (ID BAC). The patients' personal details and their equivalent ID BACs were archived inside the corresponding OU and were not uploaded on the web-based platform; data sharing occurred using the ID BACs. The system allowed researchers to upload different signal processing functions (in a .dll extension) onto the web-based platform and to combine them to define dedicated algorithms. Four clinical research centres used WebBioBank for 1year. The clinical data from 58 patients treated using DBS were managed, and 186 biosignals were uploaded and classified into 4 categories based on the treatment (pharmacological and/or electrical). The user's satisfaction mean score exceeded the satisfaction threshold. WebBioBank enabled anonymous data sharing for a clinical study conducted at multiple centres and demonstrated the capabilities of the signal processing chain configuration as well as its effectiveness and efficiency for integrating the neurophysiological results with clinical data in multi-centre studies, which will allow the future collection of homogeneous data in large cohorts of patients. Copyright © 2014 Elsevier Inc. All rights reserved.

GEMSS: privacy and security for a medical Grid.

PubMed

Middleton, S E; Herveg, J A M; Crazzolara, F; Marvin, D; Poullet, Y

2005-01-01

The GEMSS project is developing a secure Grid infrastructure through which six medical simulations services can be invoked. We examine the legal and security framework within which GEMSS operates. We provide a legal qualification to the operations performed upon patient data, in view of EU directive 95/46, when using medical applications on the GEMSS Grid. We identify appropriate measures to ensure security and describe the legal rationale behind our choice of security technology. Our legal analysis demonstrates there must be an identified controller (typically a hospital) of patient data. The controller must then choose a processor (in this context a Grid service provider) that provides sufficient guarantees with respect to the security of their technical and organizational data processing procedures. These guarantees must ensure a level of security appropriate to the risks, with due regard to the state of the art and the cost of their implementation. Our security solutions are based on a public key infrastructure (PKI), transport level security and end-to-end security mechanisms in line with the web service (WS Security, WS Trust and SecureConversation) security specifications. The GEMSS infrastructure ensures a degree of protection of patient data that is appropriate for the health care sector, and is in line with the European directives. We hope that GEMSS will become synonymous with high security data processing, providing a framework by which GEMSS service providers can provide the security guarantees required by hospitals with regard to the processing of patient data.

One-Time URL: A Proximity Security Mechanism between Internet of Things and Mobile Devices

PubMed Central

Solano, Antonio; Dormido, Raquel; Duro, Natividad; González, Víctor

2016-01-01

The aim of this paper is to determine the physical proximity of connected things when they are accessed from a smartphone. Links between connected things and mobile communication devices are temporarily created by means of dynamic URLs (uniform resource locators) which may be easily discovered with pervasive short-range radio frequency technologies available on smartphones. In addition, a multi cross domain silent logging mechanism to allow people to interact with their surrounding connected things from their mobile communication devices is presented. The proposed mechanisms are based in web standards technologies, evolving our social network of Internet of Things towards the so-called Web of Things. PMID:27754378

Fermilab Security Site Access Request Database

Science.gov Websites

Fermilab Security Site Access Request Database Use of the online version of the Fermilab Security Site Access Request Database requires that you login into the ESH&Q Web Site. Note: Only Fermilab generated from the ESH&Q Section's Oracle database on May 27, 2018 05:48 AM. If you have a question

Perceptions of Accounting Practitioners and Educators on E-Business Curriculum and Web Security Issues

ERIC Educational Resources Information Center

Ragothaman, Srinivasan; Lavin, Angeline; Davies, Thomas

2007-01-01

This research examines, through survey administration, the perceptions of accounting practitioners and educators with respect to the multi-faceted security issues of e-commerce payment systems as well as e-business curriculum issues. Specific security issues explored include misuse/theft of personal and credit card information, spam e-mails,…

The secure authorization model for healthcare information system.

PubMed

Hsu, Wen-Shin; Pan, Jiann-I

2013-10-01

Exploring healthcare system for assisting medical services or transmitting patients' personal health information in web application has been widely investigated. Information and communication technologies have been applied to the medical services and healthcare area for a number of years to resolve problems in medical management. In the healthcare system, not all users are allowed to access all the information. Several authorization models for restricting users to access specific information at specific permissions have been proposed. However, as the number of users and the amount of information grows, the difficulties for administrating user authorization will increase. The critical problem limits the widespread usage of the healthcare system. This paper proposes an approach for role-based and extends it to deal with the information for authorizations in the healthcare system. We propose the role-based authorization model which supports authorizations for different kinds of objects, and a new authorization domain. Based on this model, we discuss the issues and requirements of security in the healthcare systems. The security issues for services shared between different healthcare industries will also be discussed.

Design and implementation of a web-based patient portal linked to an ambulatory care electronic health record: patient gateway for diabetes collaborative care.

PubMed

Grant, Richard W; Wald, Jonathan S; Poon, Eric G; Schnipper, Jeffrey L; Gandhi, Tejal K; Volk, Lynn A; Middleton, Blackford

2006-10-01

Despite the availability of expert guidelines and widespread diabetes quality improvement efforts, care of patients with diabetes remains suboptimal. Two key barriers to care that may be amenable to informatics-based interventions include (1) lack of patient engagement with therapeutic care plans and (2) lack of medication adjustment by physicians ("clinical inertia") during clinical encounters. The authors describe the conceptual framework, design, implementation, and analysis plan for a diabetes patient web-portal linked directly to the electronic health record (EHR) of a large academic medical center via secure Internet access designed to overcome barriers to effective diabetes care. Partners HealthCare System (Boston, MA), a multi-hospital health care network comprising several thousand physicians caring for over 1 million individual patients, has developed a comprehensive patient web-portal called Patient Gateway that allows patients to interact directly with their EHR via secure Internet access. Using this portal, a specific diabetes interface was designed to maximize patient engagement by importing the patient's current clinical data in an educational format, providing patient-tailored decision support, and enabling the patient to author a "Diabetes Care Plan." The physician view of the patient's Diabetes Care Plan was designed to be concise and to fit into typical EHR clinical workflow. We successfully designed and implemented a Diabetes Patient portal that allows direct interaction with our system's EHR. We are assessing the impact of this advanced informatics tool for collaborative diabetes care in a clinic-randomized controlled trial among 14 primary care practices within our integrated health care system.

Computational knowledge integration in biopharmaceutical research.

PubMed

Ficenec, David; Osborne, Mark; Pradines, Joel; Richards, Dan; Felciano, Ramon; Cho, Raymond J; Chen, Richard O; Liefeld, Ted; Owen, James; Ruttenberg, Alan; Reich, Christian; Horvath, Joseph; Clark, Tim

2003-09-01

An initiative to increase biopharmaceutical research productivity by capturing, sharing and computationally integrating proprietary scientific discoveries with public knowledge is described. This initiative involves both organisational process change and multiple interoperating software systems. The software components rely on mutually supporting integration techniques. These include a richly structured ontology, statistical analysis of experimental data against stored conclusions, natural language processing of public literature, secure document repositories with lightweight metadata, web services integration, enterprise web portals and relational databases. This approach has already begun to increase scientific productivity in our enterprise by creating an organisational memory (OM) of internal research findings, accessible on the web. Through bringing together these components it has also been possible to construct a very large and expanding repository of biological pathway information linked to this repository of findings which is extremely useful in analysis of DNA microarray data. This repository, in turn, enables our research paradigm to be shifted towards more comprehensive systems-based understandings of drug action.

49 CFR 40.45 - What form is used to document a DOT urine collection?

Code of Federal Regulations, 2011 CFR

2011-10-01

... view this form on the Department's web site (http://www.dot.gov/ost/dapc) or the HHS web site (http... employee (other than a social security number (SSN) or other employee identification (ID) number) to a...

49 CFR 40.45 - What form is used to document a DOT urine collection?

Code of Federal Regulations, 2010 CFR

2010-10-01

... view this form on the Department's web site (http://www.dot.gov/ost/dapc) or the HHS web site (http... employee (other than a social security number (SSN) or other employee identification (ID) number) to a...

The Internet: Past, Present, and Future.

ERIC Educational Resources Information Center

Galbreath, Jeremy, Ed.

1997-01-01

Examines the "reality behind the hype" surrounding the Internet. Discusses its early development; growth and present state; and key applications, including e-mail, voice/video telephony, integrated messaging, electronic commerce, the World Wide Web, and Web commerce, Intranet, Extranet; education and training; security; ownership; and…

Design of web platform for science and engineering in the model of open market

NASA Astrophysics Data System (ADS)

Demichev, A. P.; Kryukov, A. P.

2016-09-01

This paper presents a design and operation algorithms of a web-platform for convenient, secure and effective remote interaction on the principles of the open market of users and providers of scientific application software and databases.

49 CFR 1560.205 - Redress process.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION... may obtain the forms and information necessary to initiate the redress process on the DHS TRIP Web... will provide the necessary forms and information to individuals through its Web site or by mail. (c...

Development of a Web-Based Registry to Support Diabetes Care in Free Medical Clinics

PubMed Central

McFadden, Norman; Daniel, Bryan; Hoyt, Robert; Snider, Dallas

2017-01-01

The United States has more than 1,000 free medical clinics. Because these clinics do not bill Medicare or Medicaid, they are not eligible for federal reimbursement for electronic health record (EHR) adoption. As a result, most do not have EHRs or electronic disease registries. A web-based diabetes registry was created with all open-source components for use in an urban free clinic to manage patients with type 2 diabetes and comorbidities. The registry was modeled after the Chronic Disease Electronic Management System and recommendations of the American Diabetes Association. The software was enhanced to include multiple other features, such as progress notes, so that it can function as a simple EHR. The configuration permits other free clinics to join securely, and the software can be shared. PMID:28566990

A web-based clinical trial management system for a sham-controlled multicenter clinical trial in depression.

PubMed

Durkalski, Valerie; Wenle Zhao; Dillon, Catherine; Kim, Jaemyung

2010-04-01

Clinical trial investigators and sponsors invest vast amounts of resources and energy into conducting trials and often face daily challenges with data management, project management, and data quality control. Rather than waiting months for study progress reports, investigators need the ability to use real-time data for the coordination and management of study activities across all study team members including site investigators, oversight committees, data and safety monitoring boards, and medical safety monitors. Web-based data management systems are beginning to meet this need but what distinguishes one system from the other are user needs/requirements and cost. To illustrate the development and implementation of a web-based data and project management system for a multicenter clinical trial designed to test the superiority of repeated transcranial magnetic stimulation versus sham for the treatment of patients with major depression. The authors discuss the reasons for not using a commercially available system for this study and describe the approach to developing their own web-based system for the OPT-TMS study. Timelines, effort, system architecture, and lessons learned are shared with the hope that this information will direct clinical trial researchers and software developers towards more efficient, user-friendly systems. The developers use a combination of generic and custom application code to allow for the flexibility to adapt the system to the needs of the study. Features of the system include: central participant registration and randomization; secure data entry at the site; participant progress/study calendar; safety data reporting; device accounting; monitor verification; and user-configurable generic reports and built-in customized reports. Hard coding was more time-efficient to address project-specific issues compared with the effort of creating a generic code application. As a consequence of this strategy, the required maintenance of the system is increased and the value of using this system for other trials is reduced. Web-based central computerized systems offer time-saving, secure options for managing clinical trial data. The choice of a commercially available system or an internally developed system is determined by the requirements of the study and users. Pros and cons to both approaches were discussed. If the intention is to use the system for various trials (single and multi-center, phases I-III) across various therapeutic areas, then the overall design should be a generic structure that simplifies the general application with minimal loss of functionality.

Security protection of DICOM medical images using dual-layer reversible watermarking with tamper detection capability.

PubMed

Tan, Chun Kiat; Ng, Jason Changwei; Xu, Xiaotian; Poh, Chueh Loo; Guan, Yong Liang; Sheah, Kenneth

2011-06-01

Teleradiology applications and universal availability of patient records using web-based technology are rapidly gaining importance. Consequently, digital medical image security has become an important issue when images and their pertinent patient information are transmitted across public networks, such as the Internet. Health mandates such as the Health Insurance Portability and Accountability Act require healthcare providers to adhere to security measures in order to protect sensitive patient information. This paper presents a fully reversible, dual-layer watermarking scheme with tamper detection capability for medical images. The scheme utilizes concepts of public-key cryptography and reversible data-hiding technique. The scheme was tested using medical images in DICOM format. The results show that the scheme is able to ensure image authenticity and integrity, and to locate tampered regions in the images.

Web tools for predictive toxicology model building.

PubMed

Jeliazkova, Nina

2012-07-01

The development and use of web tools in chemistry has accumulated more than 15 years of history already. Powered by the advances in the Internet technologies, the current generation of web systems are starting to expand into areas, traditional for desktop applications. The web platforms integrate data storage, cheminformatics and data analysis tools. The ease of use and the collaborative potential of the web is compelling, despite the challenges. The topic of this review is a set of recently published web tools that facilitate predictive toxicology model building. The focus is on software platforms, offering web access to chemical structure-based methods, although some of the frameworks could also provide bioinformatics or hybrid data analysis functionalities. A number of historical and current developments are cited. In order to provide comparable assessment, the following characteristics are considered: support for workflows, descriptor calculations, visualization, modeling algorithms, data management and data sharing capabilities, availability of GUI or programmatic access and implementation details. The success of the Web is largely due to its highly decentralized, yet sufficiently interoperable model for information access. The expected future convergence between cheminformatics and bioinformatics databases provides new challenges toward management and analysis of large data sets. The web tools in predictive toxicology will likely continue to evolve toward the right mix of flexibility, performance, scalability, interoperability, sets of unique features offered, friendly user interfaces, programmatic access for advanced users, platform independence, results reproducibility, curation and crowdsourcing utilities, collaborative sharing and secure access.

WebGLORE: a Web service for Grid LOgistic REgression

PubMed Central

Jiang, Wenchao; Li, Pinghao; Wang, Shuang; Wu, Yuan; Xue, Meng; Ohno-Machado, Lucila; Jiang, Xiaoqian

2013-01-01

WebGLORE is a free web service that enables privacy-preserving construction of a global logistic regression model from distributed datasets that are sensitive. It only transfers aggregated local statistics (from participants) through Hypertext Transfer Protocol Secure to a trusted server, where the global model is synthesized. WebGLORE seamlessly integrates AJAX, JAVA Applet/Servlet and PHP technologies to provide an easy-to-use web service for biomedical researchers to break down policy barriers during information exchange. Availability and implementation: http://dbmi-engine.ucsd.edu/webglore3/. WebGLORE can be used under the terms of GNU general public license as published by the Free Software Foundation. Contact: x1jiang@ucsd.edu PMID:24072732

77 FR 46773 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-06

... SECURITIES AND EXCHANGE COMMISSION Proposed Collection; Comment Request Upon Written Request, Copies Available From: Securities and Exchange Commission, Office of Investor Education and Advocacy... specified financial information to the Commission and post it on their corporate Web sites, if any, in...

32 CFR 310.32 - System notices.

Code of Federal Regulations, 2010 CFR

2010-07-01

... identified. (5) If the social security number is being collected and maintained, E.O. 9397 (“Numbering... public Web site (http://www.defenselink.mil/privacy/cfr-rules.html). (3) The individual may also be... to a public Web site (see http://www.defenselink.mil/privacy/notices). ...

32 CFR 310.32 - System notices.

Code of Federal Regulations, 2011 CFR

2011-07-01

... identified. (5) If the social security number is being collected and maintained, E.O. 9397 (“Numbering... public Web site (http://www.defenselink.mil/privacy/cfr-rules.html). (3) The individual may also be... to a public Web site (see http://www.defenselink.mil/privacy/notices). ...

Task Force on the Future of Military Health Care

DTIC Science & Technology

2007-12-01

Navigator. Service programs are supported by the Military Health System Population Health Portal (MHSPHP), a centralized, secure, web-based population...Congress on March 1, 2008.66 64 Air Force Medical Support Agency, Population Health Support Division. MHS Population Health Portal Methods. July 2007...HEDIS metrics using the MHS Population Health Portal and reporting in the service systems and the Tri- Service Business Planning tool. DoD has several

Current Experiences with Internet Telepathology and Possible Evolution in the Next Generation of Internet Services

PubMed Central

Della Mea, V.; Beltrami, C. A.

2000-01-01

The last five years experience has definitely demonstrated the possible applications of the Internet for telepathology. They may be listed as follows: (a) teleconsultation via multimedia e‐mail; (b) teleconsultation via web‐based tools; (c) distant education by means of World Wide Web; (d) virtual microscope management through Web and Java interfaces; (e) real‐time consultations through Internet‐based videoconferencing. Such applications have led to the recognition of some important limits of the Internet, when dealing with telemedicine: (i) no guarantees on the quality of service (QoS); (ii) inadequate security and privacy; (iii) for some countries, low bandwidth and thus low responsiveness for real‐time applications. Currently, there are several innovations in the world of the Internet. Different initiatives have been aimed at an amelioration of the Internet protocols, in order to have quality of service, multimedia support, security and other advanced services, together with greater bandwidth. The forthcoming Internet improvements, although induced by electronic commerce, video on demand, and other commercial needs, are of real interest also for telemedicine, because they solve the limits currently slowing down the use of Internet. When such new services will be available, telepathology applications may switch from research to daily practice in a fast way. PMID:11339559

Making a web based ulcer record work by aligning architecture, legislation and users - a formative evaluation study.

PubMed

Ekeland, Anne G; Skipenes, Eva; Nyheim, Beate; Christiansen, Ellen K

2011-01-01

The University Hospital of North Norway selected a web-based ulcer record used in Denmark, available from mobile phones. Data was stored in a common database and easily accessible. According to Norwegian legislation, only employees of the organization that owns an IT system can access the system, and use of mobile units requires strong security solutions. The system had to be changed. The paper addresses interactions in order to make the system legal, and assesses regulations that followed. By addressing conflicting scripts and the contingent nature of knowledge, we conducted a formative evaluation aiming at improving the object being studied. Participatory observation in a one year process, minutes from meetings and information from participants, constitute the data material. In the technological domain, one database was replaced by four. In the health care delivery domain, easy access was replaced by a more complicated log on procedure, and in the domain of law and security, a clarification of risk levels was obtained, thereby allowing for access by mobile phones with today's authentication mechanisms. Flexibility concerning predefined scripts was important in all domains. Changes were made that improved the platform for further development of legitimate communication of patient data via mobile units. The study also shows the value of formative evaluations in innovations.

Secure web-based access to radiology: forms and databases for fast queries

NASA Astrophysics Data System (ADS)

McColl, Roderick W.; Lane, Thomas J.

2002-05-01

Currently, Web-based access to mini-PACS or similar databases commonly utilizes either JavaScript, Java applets or ActiveX controls. Many sites do not permit applets or controls or other binary objects for fear of viruses or worms sent by malicious users. In addition, the typical CGI query mechanism requires several parameters to be sent with the http GET/POST request, which may identify the patient in some way; this in unacceptable for privacy protection. Also unacceptable are pages produced by server-side scripts which can be cached by the browser, since these may also contain sensitive information. We propose a simple mechanism for access to patient information, including images, which guarantees security of information, makes it impossible to bookmark the page, or to return to the page after some defined length of time. In addition, this mechanism is simple, therefore permitting rapid access without the need to initially download an interface such as an applet or control. In addition to image display, the design of the site allows the user to view and save movies of multi-phasic data, or to construct multi-frame datasets from entire series. These capabilities make the site attractive for research purposes such as teaching file preparation.

Innovative Quality-Assurance Strategies for Tuberculosis Surveillance in the United States

PubMed Central

Manangan, Lilia Ponce; Tryon, Cheryl; Magee, Elvin; Miramontes, Roque

2012-01-01

Introduction. The Centers for Disease Control and Prevention (CDC)'s National Tuberculosis Surveillance System (NTSS) is the national repository of tuberculosis (TB) data in the United States. Jurisdictions report to NTSS through the Report of Verified Case of Tuberculosis (RVCT) form that transitioned to a web-based system in 2009. Materials and Methods. To improve RVCT data quality, CDC conducted a quality assurance (QA) needs assessment to develop QA strategies. These include QA components (case detection, data accuracy, completeness, timeliness, data security, and confidentiality); sample tools such as National TB Indicators Project (NTIP) to identify TB case reporting discrepancies; comprehensive training course; resource guide and toolkit. Results and Discussion. During July–September 2011, 73 staff from 34 (57%) of 60 reporting jurisdictions participated in QA training. Participants stated usefulness of sharing jurisdictions' QA methods; 66 (93%) wrote that the QA tools will be effective for their activities. Several jurisdictions reported implementation of QA tools pertinent to their programs. Data showed >8% increase in NTSS and NTIP enrollment through Secure Access Management Services, which monitors system usage, from August 2011–February 2012. Conclusions. Despite challenges imposed by web-based surveillance systems, QA strategies can be developed with innovation and collaboration. These strategies can also be used by other disease programs to ensure high data quality. PMID:22685648

Web-Based Geospatial Tools to Address Hazard Mitigation, Natural Resource Management, and Other Societal Issues

USGS Publications Warehouse

Hearn,, Paul P.

2009-01-01

Federal, State, and local government agencies in the United States face a broad range of issues on a daily basis. Among these are natural hazard mitigation, homeland security, emergency response, economic and community development, water supply, and health and safety services. The U.S. Geological Survey (USGS) helps decision makers address these issues by providing natural hazard assessments, information on energy, mineral, water and biological resources, maps, and other geospatial information. Increasingly, decision makers at all levels are challenged not by the lack of information, but by the absence of effective tools to synthesize the large volume of data available, and to utilize the data to frame policy options in a straightforward and understandable manner. While geographic information system (GIS) technology has been widely applied to this end, systems with the necessary analytical power have been usable only by trained operators. The USGS is addressing the need for more accessible, manageable data tools by developing a suite of Web-based geospatial applications that will incorporate USGS and cooperating partner data into the decision making process for a variety of critical issues. Examples of Web-based geospatial tools being used to address societal issues follow.

ProXL (Protein Cross-Linking Database): A Platform for Analysis, Visualization, and Sharing of Protein Cross-Linking Mass Spectrometry Data

PubMed Central

2016-01-01

ProXL is a Web application and accompanying database designed for sharing, visualizing, and analyzing bottom-up protein cross-linking mass spectrometry data with an emphasis on structural analysis and quality control. ProXL is designed to be independent of any particular software pipeline. The import process is simplified by the use of the ProXL XML data format, which shields developers of data importers from the relative complexity of the relational database schema. The database and Web interfaces function equally well for any software pipeline and allow data from disparate pipelines to be merged and contrasted. ProXL includes robust public and private data sharing capabilities, including a project-based interface designed to ensure security and facilitate collaboration among multiple researchers. ProXL provides multiple interactive and highly dynamic data visualizations that facilitate structural-based analysis of the observed cross-links as well as quality control. ProXL is open-source, well-documented, and freely available at https://github.com/yeastrc/proxl-web-app. PMID:27302480

Standards-based sensor interoperability and networking SensorWeb: an overview

NASA Astrophysics Data System (ADS)

Bolling, Sam

2012-06-01

The War fighter lacks a unified Intelligence, Surveillance, and Reconnaissance (ISR) environment to conduct mission planning, command and control (C2), tasking, collection, exploitation, processing, and data discovery of disparate sensor data across the ISR Enterprise. Legacy sensors and applications are not standardized or integrated for assured, universal access. Existing tasking and collection capabilities are not unified across the enterprise, inhibiting robust C2 of ISR including near-real time, cross-cueing operations. To address these critical needs, the National Measurement and Signature Intelligence (MASINT) Office (NMO), and partnering Combatant Commands and Intelligence Agencies are developing SensorWeb, an architecture that harmonizes heterogeneous sensor data to a common standard for users to discover, access, observe, subscribe to and task sensors. The SensorWeb initiative long term goal is to establish an open commercial standards-based, service-oriented framework to facilitate plug and play sensors. The current development effort will produce non-proprietary deliverables, intended as a Government off the Shelf (GOTS) solution to address the U.S. and Coalition nations' inability to quickly and reliably detect, identify, map, track, and fully understand security threats and operational activities.

ProXL (Protein Cross-Linking Database): A Platform for Analysis, Visualization, and Sharing of Protein Cross-Linking Mass Spectrometry Data.

PubMed

Riffle, Michael; Jaschob, Daniel; Zelter, Alex; Davis, Trisha N

2016-08-05

ProXL is a Web application and accompanying database designed for sharing, visualizing, and analyzing bottom-up protein cross-linking mass spectrometry data with an emphasis on structural analysis and quality control. ProXL is designed to be independent of any particular software pipeline. The import process is simplified by the use of the ProXL XML data format, which shields developers of data importers from the relative complexity of the relational database schema. The database and Web interfaces function equally well for any software pipeline and allow data from disparate pipelines to be merged and contrasted. ProXL includes robust public and private data sharing capabilities, including a project-based interface designed to ensure security and facilitate collaboration among multiple researchers. ProXL provides multiple interactive and highly dynamic data visualizations that facilitate structural-based analysis of the observed cross-links as well as quality control. ProXL is open-source, well-documented, and freely available at https://github.com/yeastrc/proxl-web-app .

Web-based video monitoring of CT and MRI procedures

NASA Astrophysics Data System (ADS)

Ratib, Osman M.; Dahlbom, Magdalena; Kho, Hwa T.; Valentino, Daniel J.; McCoy, J. Michael

2000-05-01

A web-based video transmission of images from CT and MRI consoles was implemented in an Intranet environment for real- time monitoring of ongoing procedures. Images captured from the consoles are compressed to video resolution and broadcasted through a web server. When called upon, the attending radiologists can view these live images on any computer within the secured Intranet network. With adequate compression, these images can be displayed simultaneously in different locations at a rate of 2 to 5 images/sec through standard LAN. The quality of the images being insufficient for diagnostic purposes, our users survey showed that they were suitable for supervising a procedure, positioning the imaging slices and for routine quality checking before completion of a study. The system was implemented at UCLA to monitor 9 CTs and 6 MRIs distributed in 4 buildings. This system significantly improved the radiologists productivity by saving precious time spent in trips between reading rooms and examination rooms. It also improved patient throughput by reducing the waiting time for the radiologists to come to check a study before moving the patient from the scanner.

A Connection Model between the Positioning Mechanism and Ultrasonic Measurement System via a Web Browser to Assess Acoustic Target Strength

NASA Astrophysics Data System (ADS)

Ishii, Ken; Imaizumi, Tomohito; Abe, Koki; Takao, Yoshimi; Tamura, Shuko

This paper details a network-controlled measurement system for use in fisheries engineering. The target strength (TS) of fish is important in order to convert acoustic integration values obtained during acoustic surveys into estimates of fish abundance. The target strength pattern is measured with the combination of the rotation system for the aspect of the sample and the echo data acquisition system using the underwater supersonic wave. The user interface of the network architecture is designed for collaborative use with researchers in other organizations. The flexible network architecture is based on the web direct-access model for the rotation mechanism. The user interface is available for monitoring and controlling via a web browser that is installed in any terminal PC (personal computer). Previously the combination of two applications was performed not by a web browser but by the exclusive interface program. So a connection model is proposed between two applications by indirect communication via the DCOM (Distributed Component Object Model) server and added in the web direct-access model. A prompt report system in the TS measurement system and a positioning and measurement system using an electric flatcar via a web browser are developed. By a secure network architecture, DCOM communications via both Intranet and LAN are successfully certificated.

Wisconsin’s Environmental Public Health Tracking Network: Information Systems Design for Childhood Cancer Surveillance

PubMed Central

Hanrahan, Lawrence P.; Anderson, Henry A.; Busby, Brian; Bekkedal, Marni; Sieger, Thomas; Stephenson, Laura; Knobeloch, Lynda; Werner, Mark; Imm, Pamela; Olson, Joseph

2004-01-01

In this article we describe the development of an information system for environmental childhood cancer surveillance. The Wisconsin Cancer Registry annually receives more than 25,000 incident case reports. Approximately 269 cases per year involve children. Over time, there has been considerable community interest in understanding the role the environment plays as a cause of these cancer cases. Wisconsin’s Public Health Information Network (WI-PHIN) is a robust web portal integrating both Health Alert Network and National Electronic Disease Surveillance System components. WI-PHIN is the information technology platform for all public health surveillance programs. Functions include the secure, automated exchange of cancer case data between public health–based and hospital-based cancer registrars; web-based supplemental data entry for environmental exposure confirmation and hypothesis testing; automated data analysis, visualization, and exposure–outcome record linkage; directories of public health and clinical personnel for role-based access control of sensitive surveillance information; public health information dissemination and alerting; and information technology security and critical infrastructure protection. For hypothesis generation, cancer case data are sent electronically to WI-PHIN and populate the integrated data repository. Environmental data are linked and the exposure–disease relationships are explored using statistical tools for ecologic exposure risk assessment. For hypothesis testing, case–control interviews collect exposure histories, including parental employment and residential histories. This information technology approach can thus serve as the basis for building a comprehensive system to assess environmental cancer etiology. PMID:15471739

Web-based self-management for patients with multiple sclerosis: a practical, randomized trial.

PubMed

Miller, Deborah M; Moore, Shirley M; Fox, Robert J; Atreja, Ashish; Fu, Alex Z; Lee, Jar-Chi; Saupe, Welf; Stadtler, Maria; Chakraborty, Swati; Harris, C M; Rudick, Richard A

2011-01-01

No studies have addressed the use of electronic personal health records (e-PHRs) for self-management in complex neurological disorders. We assessed and tested an Internet-based self-management system that utilized the e-PHR and determined its impact on self-assessed well-being, clinician-assessed well-being, and healthcare utilization in patients with multiple sclerosis (MS). Subjects were randomized to usual care (a secure Web-based messaging system) or active intervention, which included secure messaging, self-monitoring, self-management of MS symptoms, and communication about upcoming clinic visits. Computers and Internet access were provided. Subjects were included if they had MS, lived within the county or region surrounding our MS center, had at least two appointments at our center in the previous 12 months, and demonstrated basic typing and computer skills. Study duration was 12 months. Of 220 subjects completing informed consent, 206 met the inclusion criteria. At the study's end, 83 subjects remained in the usual care group and 84 in the enhanced care group. Both groups used the available system components. The groups did not significantly differ on the primary endpoints or healthcare utilization. Self-management support is an emerging aspect of chronic care management. We established the feasibility of conducting a randomized, controlled trial using e-PHRs for patient self-management. We did not find that e-PHR-enabled self-management augmented multidisciplinary MS center-based care, possibly because the differences between interventions were not great enough.

Distributing medical images with internet technologies: a DICOM web server and a DICOM java viewer.

PubMed

Fernàndez-Bayó, J; Barbero, O; Rubies, C; Sentís, M; Donoso, L

2000-01-01

With the advent of filmless radiology, it becomes important to be able to distribute radiologic images digitally throughout an entire hospital. A new approach based on World Wide Web technologies was developed to accomplish this objective. This approach involves a Web server that allows the query and retrieval of images stored in a Digital Imaging and Communications in Medicine (DICOM) archive. The images can be viewed inside a Web browser with use of a small Java program known as the DICOM Java Viewer, which is executed inside the browser. The system offers several advantages over more traditional picture archiving and communication systems (PACS): It is easy to install and maintain, is platform independent, allows images to be manipulated and displayed efficiently, and is easy to integrate with existing systems that are already making use of Web technologies. The system is user-friendly and can easily be used from outside the hospital if a security policy is in place. The simplicity and flexibility of Internet technologies makes them highly preferable to the more complex PACS workstations. The system works well, especially with magnetic resonance and computed tomographic images, and can help improve and simplify interdepartmental relationships in a filmless hospital environment.

Cyber-Security Curricula for Basic Users

DTIC Science & Technology

2013-09-01

like cyberbullying , digital cheating, and safety and security concerns‖ [7]. The need to teach security principles to this age demographic is at an...addresses the following topics: Cyberbullying , Inappropriate content, 25 Predators, Revealing too much Information, Spyware, spam, and scams. Each...emerging technology, surfing the web, video gaming, the dark side – cyberbullying . Each topic is covered by providing facts for the teacher to present

75 FR 23829 - Self-Regulatory Organizations; National Stock Exchange, Inc.; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-04

... Liquidity Adding Rebate for Securities Priced Under One Dollar April 28, 2010. Pursuant to Section 19(b)(1... securities priced under one dollar. The text of the proposed rule change is available on the Exchange's Web... Schedule to adjust the liquidity adding rebate for securities priced under one dollar in both the Automatic...

Applications of Multi-Channel Safety Authentication Protocols in Wireless Networks.

PubMed

Chen, Young-Long; Liau, Ren-Hau; Chang, Liang-Yu

2016-01-01

People can use their web browser or mobile devices to access web services and applications which are built into these servers. Users have to input their identity and password to login the server. The identity and password may be appropriated by hackers when the network environment is not safe. The multiple secure authentication protocol can improve the security of the network environment. Mobile devices can be used to pass the authentication messages through Wi-Fi or 3G networks to serve as a second communication channel. The content of the message number is not considered in a multiple secure authentication protocol. The more excessive transmission of messages would be easier to collect and decode by hackers. In this paper, we propose two schemes which allow the server to validate the user and reduce the number of messages using the XOR operation. Our schemes can improve the security of the authentication protocol. The experimental results show that our proposed authentication protocols are more secure and effective. In regard to applications of second authentication communication channels for a smart access control system, identity identification and E-wallet, our proposed authentication protocols can ensure the safety of person and property, and achieve more effective security management mechanisms.

A web based Foundations of Radiological Physics for diagnostic radiology residents.

PubMed

Blackmon, Kevin N; Huda, Walter; Lewis, Madelene C; Tipnis, Sameer; Mah, Eugene; Frey, Donald G

2013-03-01

RATIONALE AND OBJECTS: We describe a new web-based physics course for radiology residents preparing for the Exam of the Future (EOF). A course was developed with a total of 12 web-based modules. Six modules were focused on "imaging" and six on "radiation." A module was subdivided into nine short "nuggets." Traditional lectures were replaced by modules using prerecorded lectures (Tegrity) to a secure website (WebCT). Each module was accompanied by three quizzes, each consisting of ten questions designed to reinforce covered materials. All online modules were accompanied by a noon conference that employed an Audience Response System (Turning Point). Seventeen first-year residents over 2 consecutive years beginning in July 2010 took this new course, and participated in an anonymous online follow-up survey (Survey Monkey). The recorded 12 modules had an overall average duration of 72 ± 19 minutes. Ten of 17 residents expressed a preference of 15 minutes for nugget duration. Highest personal assessment scores of each resident's understanding were obtained in human radiation risks and radiation protection. Residents considered supplemental noon conferences to be important for learning radiological physics. Satisfaction level was largely positive, with five residents highly satisfied, nine residents somewhat satisfied, two residents neutral, and only one resident somewhat dissatisfied. Our Foundations of Radiological Physics course was well received and served as the springboard for mastering x-ray-based imaging modalities of radiography, mammography, fluoroscopy, interventional radiology, and computed tomography. Copyright © 2013 AUR. Published by Elsevier Inc. All rights reserved.

Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP

NASA Astrophysics Data System (ADS)

Laghi, Maria Chiara; Amoretti, Michele; Conte, Gianni

The effective convergence of service-oriented architectures (SOA) and peer-to-peer (P2P) is an urgent task, with many important applications ranging from e-business to ambient intelligence. A considerable standardization effort is being carried out from both SOA and P2P communities, but a complete platform for the development of secure, distributed applications is still missing. In this context, the result of our research and development activity is JXTA-SOAP, an official extension for JXTA enabling Web Service sharing in peer-to-peer networks. Recently we focused on security aspects, providing JXTA-SOAP with a general security management system, and specialized policies that target both J2SE and J2ME versions of the component. Among others, we implemented a policy based on Multimedia Internet KEYing (MIKEY), which can be used to create a key pair and all the required parameters for encryption and decryption of service messages in consumer and provider peers running on resource-constrained devices.

Secure Encapsulation and Publication of Biological Services in the Cloud Computing Environment

PubMed Central

Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

2013-01-01

Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved. PMID:24078906

Secure encapsulation and publication of biological services in the cloud computing environment.

PubMed

Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

2013-01-01

Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

Eye Can See for Miles and Miles.

ERIC Educational Resources Information Center

School Planning & Management, 2002

2002-01-01

Describes how a New Hampshire school system eliminated internal school vandalism and bomb threats, and reduced the number of false alarms, by using video security software (WebEyeAlert security solution) that is accessible via a variety of methods from remote locations. (Author/EV)

Network Science Research Laboratory (NSRL) Telemetry Warehouse

DTIC Science & Technology

2016-06-01

Functionality and architecture of the NSRL Telemetry Warehouse are also described as well as the web interface, data structure, security aspects, and...Experiment Controller 6 4.5 Telemetry Sensors 7 4.6 Custom Data Processing Nodes 7 5. Web Interface 8 6. Data Structure 8 6.1 Measurements 8...telemetry in comma-separated value (CSV) format from the web interface or via custom applications developed by researchers using the client application

Critical Issues of Web-Enabled Technologies in Modern Organizations.

ERIC Educational Resources Information Center

Khosrow-Pour, Mehdi; Herman, Nancy

2001-01-01

Discusses results of a Delphi study that explored issues related to the utilization and management of Web-enabled technologies by modern organizations. Topics include bandwidth restrictions; security; data integrity; inadequate search facilities; system incompatibilities; failure to adhere to standards; email; use of metadata; privacy and…

Enhancing Web applications in radiology with Java: estimating MR imaging relaxation times.

PubMed

Dagher, A P; Fitzpatrick, M; Flanders, A E; Eng, J

1998-01-01

Java is a relatively new programming language that has been used to develop a World Wide Web-based tool for estimating magnetic resonance (MR) imaging relaxation times, thereby demonstrating how Java may be used for Web-based radiology applications beyond improving the user interface of teaching files. A standard processing algorithm coded with Java is downloaded along with the hypertext markup language (HTML) document. The user (client) selects the desired pulse sequence and inputs data obtained from a region of interest on the MR images. The algorithm is used to modify selected MR imaging parameters in an equation that models the phenomenon being evaluated. MR imaging relaxation times are estimated, and confidence intervals and a P value expressing the accuracy of the final results are calculated. Design features such as simplicity, object-oriented programming, and security restrictions allow Java to expand the capabilities of HTML by offering a more versatile user interface that includes dynamic annotations and graphics. Java also allows the client to perform more sophisticated information processing and computation than is usually associated with Web applications. Java is likely to become a standard programming option, and the development of stand-alone Java applications may become more common as Java is integrated into future versions of computer operating systems.

Using intervention mapping for the development of a targeted secure web-based outreach strategy named SafeFriend, for Chlamydia trachomatis testing in young people at risk

PubMed Central

2013-01-01

Background Many young people at high risk for Chlamydia trachomatis (Ct) are not reached by current sexual health care systems, such as general practitioners and public sexual health care centres (sexually transmitted infection clinics).Ct is the most frequently diagnosed bacterial sexually transmitted infection (STI) among sexually active people and in particular young heterosexuals. Innovative screening strategies are needed to interrupt the transmission of Ct among young people and connect the hidden cases to care. Methods Intervention Mapping (IM), a systematic approach to develop theory- and evidence-based interventions, was used to develop a strategy to target Ct testing towards young people who are currently hidden to care in The Netherlands. Both clinical users (i.e. sexual health care nurses) and public users (i.e., young people at risk for Ct) were closely involved in the IM process. A needs assessment study was carried out using semi-structured interviews among users (N = 21), a literature search and by taking lessons learned from existing screening programmes. Theoretical methods and practical applications to reach high risk young people and influence testing were selected and translated into specific programme components. Results The IM approach resulted in the development of a secure and web-based outreach Ct screening strategy, named SafeFriend. It is developed to target groups of high-risk young people who are currently hidden to care. Key methods include web-based Respondent Driven Sampling, starting from young Ct positive sexual health care centre clients, to reach and motivate peers (i.e., sex partners and friends) to get tested for Ct. Testing and the motivation of peers were proposed as the desired behavioural outcomes and the Precaution Adoption Process Model was chosen as theoretical framework. End users, i.e., young people and sexual health care nurses were interviewed and included in the development process to increase the success of implementation. Conclusions IM proved useful to develop an intervention for targeted Ct testing among young people. We believe this to be the first web-based outreach screening strategy which combines chain referral sampling with the delivery of targeted Ct testing to high risk young people within their sexual and social networks. PMID:24148656

Using intervention mapping for the development of a targeted secure web-based outreach strategy named SafeFriend, for Chlamydia trachomatis testing in young people at risk.

PubMed

Theunissen, Kevin A T M; Hoebe, Christian J P A; Crutzen, Rik; Kara-Zaïtri, Chakib; de Vries, Nanne K; van Bergen, Jan E A M; van der Sande, Marianne A B; Dukers-Muijrers, Nicole H T M

2013-10-22

Many young people at high risk for Chlamydia trachomatis (Ct) are not reached by current sexual health care systems, such as general practitioners and public sexual health care centres (sexually transmitted infection clinics).Ct is the most frequently diagnosed bacterial sexually transmitted infection (STI) among sexually active people and in particular young heterosexuals. Innovative screening strategies are needed to interrupt the transmission of Ct among young people and connect the hidden cases to care. Intervention Mapping (IM), a systematic approach to develop theory- and evidence-based interventions, was used to develop a strategy to target Ct testing towards young people who are currently hidden to care in The Netherlands. Both clinical users (i.e. sexual health care nurses) and public users (i.e., young people at risk for Ct) were closely involved in the IM process. A needs assessment study was carried out using semi-structured interviews among users (N = 21), a literature search and by taking lessons learned from existing screening programmes. Theoretical methods and practical applications to reach high risk young people and influence testing were selected and translated into specific programme components. The IM approach resulted in the development of a secure and web-based outreach Ct screening strategy, named SafeFriend. It is developed to target groups of high-risk young people who are currently hidden to care. Key methods include web-based Respondent Driven Sampling, starting from young Ct positive sexual health care centre clients, to reach and motivate peers (i.e., sex partners and friends) to get tested for Ct. Testing and the motivation of peers were proposed as the desired behavioural outcomes and the Precaution Adoption Process Model was chosen as theoretical framework. End users, i.e., young people and sexual health care nurses were interviewed and included in the development process to increase the success of implementation. IM proved useful to develop an intervention for targeted Ct testing among young people. We believe this to be the first web-based outreach screening strategy which combines chain referral sampling with the delivery of targeted Ct testing to high risk young people within their sexual and social networks.

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

NASA Technical Reports Server (NTRS)

Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

Poster — Thur Eve — 52: A Web-based Platform for Collaborative Document Management in Radiotherapy

DOE Office of Scientific and Technical Information (OSTI.GOV)

Kildea, J.; Joseph, A.

We describe DepDocs, a web-based platform that we have developed to manage the committee meetings, policies, procedures and other documents within our otherwise paperless radiotherapy clinic. DepDocs is essentially a document management system based on the popular Drupal content management software. For security and confidentiality, it is hosted on a linux server internal to our hospital network such that documents are never sent to the cloud or outside of the hospital firewall. We used Drupal's in-built role-based user rights management system to assign a role, and associated document editing rights, to each user. Documents are accessed for viewing using eithermore » a simple Google-like search or by generating a list of related documents from a taxonomy of categorization terms. Our system provides document revision tracking and an document review and approval mechanism for all official policies and procedures. Committee meeting schedules, agendas and minutes are maintained by committee chairs and are restricted to committee members. DepDocs has been operational within our department for over six months and has already 45 unique users and an archive of over 1000 documents, mostly policies and procedures. Documents are easily retrievable from the system using any web browser within our hospital's network.« less

Securing the anonymity of content providers in the World Wide Web

NASA Astrophysics Data System (ADS)

Demuth, Thomas; Rieke, Andreas

1999-04-01

Nowadays the World Wide Web (WWW) is an established service used by people all over the world. Most of them do not recognize the fact that they reveal plenty of information about themselves or their affiliation and computer equipment to the providers of web pages they connect to. As a result, a lot of services offer users to access web pages unrecognized or without risk of being backtracked, respectively. This kind of anonymity is called user or client anonymity. But on the other hand, an equivalent protection for content providers does not exist, although this feature is desirable for many situations in which the identity of a publisher or content provider shall be hidden. We call this property server anonymity. We will introduce the first system with the primary target to offer anonymity for providers of information in the WWW. Beside this property, it provides also client anonymity. Based on David Chaum's idea of mixes and in relation to the context of the WWW, we explain the term 'server anonymity' motivating the system JANUS which offers both client and server anonymity.

Baiting Inside Attackers using Decoy Documents

DTIC Science & Technology

2008-09-16

viewed. Animated images allow the senders to monitor how long the message was displayed. The web bugs operate without alerting the user of the...Military Computer Security Policies”. IEEE Symposium on Security and Privacy, 1987. [5] Demers, A., Gehrke, J., Hong, M., Panda , B., Riedewald, M., Sharma

32 CFR 806.15 - FOIA exemptions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... safeguarding social security numbers (SSN). It states: “SSNs are personal and unique to each individual... accessible DoD web sites unless to do so is clearly authorized by law and implementing regulation and policy. Personal information should not be posted at nonpublicly accessible web sites unless it is mission...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2010 CFR

2010-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... subsidy application from our Internet Web site where the requirements set forth in § 418.3230 are met. ...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2011 CFR

2011-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... subsidy application from our Internet Web site where the requirements set forth in § 418.3230 are met. ...

Cyberspace as a Theater of Conflict: Federal Law, National Strategy and the Departments of Defense and Homeland Security

DTIC Science & Technology

2007-06-01

short period of time. When web search organizations canvas the web looking for sites to catalog, they will discover your systems and create registry... Fingerprint & DNA Databases, INTERPOL & National Law Enforcement Communication Systems, Firearms Registration Records, Drivers License, Birth

75 FR 70957 - Self-Regulatory Organizations; Chicago Board Options Exchange, Incorporated; Order Approving...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-19

... the Financial Industry Regulatory Authority's (``FINRA'') Central Registration Depository System (``WebCRD''), and must pass the General Securities Representative examination (``Series 7'') to function... individual associated persons \\11\\ not already registered in WebCRD to register under Rule 3.6A within 60...

49 CFR 393.102 - What are the minimum performance criteria for cargo securement devices and systems?

Code of Federal Regulations, 2010 CFR

2010-10-01

... chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening... acceleration in a lateral direction. (2) Working Load limit. Tiedown assemblies (including chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening devices used to...

49 CFR 393.102 - What are the minimum performance criteria for cargo securement devices and systems?

Code of Federal Regulations, 2011 CFR

2011-10-01

... chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening... acceleration in a lateral direction. (2) Working Load limit. Tiedown assemblies (including chains, wire rope, steel strapping, synthetic webbing, and cordage) and other attachment or fastening devices used to...

WebViz:A Web-based Collaborative Interactive Visualization System for large-Scale Data Sets

NASA Astrophysics Data System (ADS)

Yuen, D. A.; McArthur, E.; Weiss, R. M.; Zhou, J.; Yao, B.

2010-12-01

WebViz is a web-based application designed to conduct collaborative, interactive visualizations of large data sets for multiple users, allowing researchers situated all over the world to utilize the visualization services offered by the University of Minnesota’s Laboratory for Computational Sciences and Engineering (LCSE). This ongoing project has been built upon over the last 3 1/2 years .The motivation behind WebViz lies primarily with the need to parse through an increasing amount of data produced by the scientific community as a result of larger and faster multicore and massively parallel computers coming to the market, including the use of general purpose GPU computing. WebViz allows these large data sets to be visualized online by anyone with an account. The application allows users to save time and resources by visualizing data ‘on the fly’, wherever he or she may be located. By leveraging AJAX via the Google Web Toolkit (http://code.google.com/webtoolkit/), we are able to provide users with a remote, web portal to LCSE's (http://www.lcse.umn.edu) large-scale interactive visualization system already in place at the University of Minnesota. LCSE’s custom hierarchical volume rendering software provides high resolution visualizations on the order of 15 million pixels and has been employed for visualizing data primarily from simulations in astrophysics to geophysical fluid dynamics . In the current version of WebViz, we have implemented a highly extensible back-end framework built around HTTP "server push" technology. The web application is accessible via a variety of devices including netbooks, iPhones, and other web and javascript-enabled cell phones. Features in the current version include the ability for users to (1) securely login (2) launch multiple visualizations (3) conduct collaborative visualization sessions (4) delegate control aspects of a visualization to others and (5) engage in collaborative chats with other users within the user interface of the web application. These features are all in addition to a full range of essential visualization functions including 3-D camera and object orientation, position manipulation, time-stepping control, and custom color/alpha mapping.

Consumer trust to a Web site: moderating effect of attitudes toward online shopping.

PubMed

San Martín, Sonia; Camarero, Carmen

2008-10-01

In this paper, authors suggest a model that reflects the role played by the Web site characteristics and the previous level of satisfaction as determinant factors of trust in the Web site. Also, authors consider the moderating effects of consumers' motives and inhibitors to purchase online. Results show that satisfaction with previous purchases, the Web site security and privacy policies, and service quality are the main determinants of trust. Also, the motives and inhibitors the individuals perceive when buying online determine the type of signals they consider to trust.

Air Markets Program Data (AMPD)

EPA Pesticide Factsheets

The Air Markets Program Data tool allows users to search EPA data to answer scientific, general, policy, and regulatory questions about industry emissions. Air Markets Program Data (AMPD) is a web-based application that allows users easy access to both current and historical data collected as part of EPA's emissions trading programs. This site allows you to create and view reports and to download emissions data for further analysis. AMPD provides a query tool so users can create custom queries of industry source emissions data, allowance data, compliance data, and facility attributes. In addition, AMPD provides interactive maps, charts, reports, and pre-packaged datasets. AMPD does not require any additional software, plug-ins, or security controls and can be accessed using a standard web browser.

Usage of insecure E-mail services among researchers with different scientific background.

PubMed

Solić, Kresimir; Grgić, Krešimir; Ilakovac, Vesna; Zagar, Drago

2011-08-01

Free web‑based e-mail services are considered to have more security flaws than institutional ones, but they are frequently used among scientific researchers for professional communication. The aim of this study was to analyze frequency of usage of the insecure free e-mail services for professional communication among biomedical, economical and technical researchers, who published papers in one of three different journals: Croatian Medical Journal, Automatika and Economic Research. Contact details of the authors who provided their e‑mail address from the papers published in those three journals during one year period were collected. These e‑mail addresses were collected from the electronic archive of the journals in question. The domains of all e‑mail addresses were assessed and contacts were categorized into three groups according to the following types: world-wide known free web‑based e‑mail services, national Internet Service Provider (ISP) e-mail services, and institutional or corporate e-mail addresses. The proportion of authors using free web-based e-mail services, the least secure group type, was highest among biomedical researchers (17.8%) while every e‑mail address collected from the technical journal belonged to the secured institutional e‑mail group type. It seems that all researchers from the technical scientific field and most of the researchers from the economical field value good security practice and use more secure systems for professional communication. High percentage of the biomedical researchers who use insecure e‑mail services may mean that they need to be warned of the possible security disadvantages of those kinds of e‑mail addresses.

Secure Sensor Semantic Web and Information Fusion

DTIC Science & Technology

2014-06-25

data acquired and transmitted by wireless sensor networks (WSNs). In a WSN, due to a need for robustness of monitoring and low cost of the nodes...3 S. Ozdemir and Y. Xiao, “Secure data aggregation in wireless sensor networks : A comprehensive overview...Elisa Bertino, and Somesh Jha: Secure data aggregation technique for wireless sensor networks in the presence of collusion attacks. To appear in

Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

NASA Astrophysics Data System (ADS)

Ahmad, Mushtaq

Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

A Prospective Evaluation of ENT Telemedicine in Remote Military Populations Seeking Specialty Care

DTIC Science & Technology

2002-01-01

wee con - MTFs ashore provides an opportunity to study ducted by an ENT specialty physician. The data telemedicine use by military medical personnel...medical officers ( GMOs ), IDCs, and telemedicine network completed telephone in- TELEMEDICINE AND MILITARY SPECIALTY CARE 303 terviews. These were...consisted of 2 GMOs , 3 primary and recorded via a secure Web-based applica- care physicians, and 3 specialty physicians tion installed for Region 9. When a

WebBee: A Platform for Secure Coordination and Communication in Crisis Scenarios

DTIC Science & Technology

2008-04-16

implemented through database triggers. The Webbee Database Server contains an Information Server, which is a Postgres database with PostGIS [5] extension...sends it to the target user. The heavy lifting for this mechanism is done through an extension of Postgres triggers (Figures 6.1 and 6.2), resulting...in fewer queries and better performance. Trigger support in Postgres is table-based and comparatively primitive: with n table triggers, an update

Migration of the Three-dimensional Wind Field (3DWF) Model from Linux to Windows and Mobile Platforms

DTIC Science & Technology

2017-11-01

7 Fig. 10 Build executable code ........................................................................... 8 Fig. 11 3DWF GUI’s main web ...can be designed in any Windows operating system with internet access via Microsoft’s Internet Explorer (IE) web browser. For this particular project...Therefore, it is advised to have network security safeguards in place and operate only in a trusted PC. The GUI’s Hypertext Markup Language (HTML) web

Achieving Better Buying Power for Mobile Open Architecture Software Systems Through Diverse Acquisition Scenarios

DTIC Science & Technology

2016-04-30

software (OSS) and proprietary (CSS) software elements or remote services (Scacchi, 2002, 2010), eventually including recent efforts to support Web ...specific platforms, including those operating on secured Web /mobile devices.  Common Development Technology provides AC development tools and common...transition to OA systems and OSS software elements, specifically for Web and Mobile devices within the realm of C3CB. OA, Open APIs, OSS, and CSS OA

Methods for open innovation on a genome-design platform associating scientific, commercial, and educational communities in synthetic biology.

PubMed

Toyoda, Tetsuro

2011-01-01

Synthetic biology requires both engineering efficiency and compliance with safety guidelines and ethics. Focusing on the rational construction of biological systems based on engineering principles, synthetic biology depends on a genome-design platform to explore the combinations of multiple biological components or BIO bricks for quickly producing innovative devices. This chapter explains the differences among various platform models and details a methodology for promoting open innovation within the scope of the statutory exemption of patent laws. The detailed platform adopts a centralized evaluation model (CEM), computer-aided design (CAD) bricks, and a freemium model. It is also important for the platform to support the legal aspects of copyrights as well as patent and safety guidelines because intellectual work including DNA sequences designed rationally by human intelligence is basically copyrightable. An informational platform with high traceability, transparency, auditability, and security is required for copyright proof, safety compliance, and incentive management for open innovation in synthetic biology. GenoCon, which we have organized and explained here, is a competition-styled, open-innovation method involving worldwide participants from scientific, commercial, and educational communities that aims to improve the designs of genomic sequences that confer a desired function on an organism. Using only a Web browser, a participating contributor proposes a design expressed with CAD bricks that generate a relevant DNA sequence, which is then experimentally and intensively evaluated by the GenoCon organizers. The CAD bricks that comprise programs and databases as a Semantic Web are developed, executed, shared, reused, and well stocked on the secure Semantic Web platform called the Scientists' Networking System or SciNetS/SciNeS, based on which a CEM research center for synthetic biology and open innovation should be established. Copyright © 2011 Elsevier Inc. All rights reserved.

Is Domain Highlighting Actually Helpful in Identifying Phishing Web Pages?

PubMed

Xiong, Aiping; Proctor, Robert W; Yang, Weining; Li, Ninghui

2017-06-01

To evaluate the effectiveness of domain highlighting in helping users identify whether Web pages are legitimate or spurious. As a component of the URL, a domain name can be overlooked. Consequently, browsers highlight the domain name to help users identify which Web site they are visiting. Nevertheless, few studies have assessed the effectiveness of domain highlighting, and the only formal study confounded highlighting with instructions to look at the address bar. We conducted two phishing detection experiments. Experiment 1 was run online: Participants judged the legitimacy of Web pages in two phases. In Phase 1, participants were to judge the legitimacy based on any information on the Web page, whereas in Phase 2, they were to focus on the address bar. Whether the domain was highlighted was also varied. Experiment 2 was conducted similarly but with participants in a laboratory setting, which allowed tracking of fixations. Participants differentiated the legitimate and fraudulent Web pages better than chance. There was some benefit of attending to the address bar, but domain highlighting did not provide effective protection against phishing attacks. Analysis of eye-gaze fixation measures was in agreement with the task performance, but heat-map results revealed that participants' visual attention was attracted by the highlighted domains. Failure to detect many fraudulent Web pages even when the domain was highlighted implies that users lacked knowledge of Web page security cues or how to use those cues. Potential applications include development of phishing prevention training incorporating domain highlighting with other methods to help users identify phishing Web pages.

20 CFR 401.45 - Verifying your identity.

Code of Federal Regulations, 2010 CFR

2010-04-01

....45 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND... online access option, such as a standard e-mail comment form on our Web site, and encryption is not being used, we alert you that personally identifiable information (such as your social security number...

20 CFR 401.45 - Verifying your identity.

Code of Federal Regulations, 2011 CFR

2011-04-01

....45 Employees' Benefits SOCIAL SECURITY ADMINISTRATION PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND... online access option, such as a standard e-mail comment form on our Web site, and encryption is not being used, we alert you that personally identifiable information (such as your social security number...

77 FR 44306 - Service Delivery Plan

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-27

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0048] Service Delivery Plan AGENCY: Social... publicly available. Do not include in your comments any personal information, such as Social Security... function of the Web page to find docket number SSA-2012-0048. The system will issue you a tracking number...

77 FR 16846 - Published Privacy Impact Assessments on the Web

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-22

... Security Advanced Research Projects Agency (HSARPA), S&T Directorate seeks to develop physiological and behavioral screening technologies that will enable security officials to test the effectiveness of current... FAST research is adding a new type of research, the Passive Methods for Precision Behavioral Screening...

Web-Altairis: An Internet-Enabled Ground System

NASA Technical Reports Server (NTRS)

Miller, Phil; Coleman, Jason; Gemoets, Darren; Hughes, Kevin

2000-01-01

This paper describes Web-Altairis, an Internet-enabled ground system software package funded by the Advanced Automation and Architectures Branch (Code 588) of NASA's Goddard Space Flight Center. Web-Altairis supports the trend towards "lights out" ground systems, where the control center is unattended and problems are resolved by remote operators. This client/server software runs on most popular platforms and provides for remote data visualization using the rich functionality of the VisAGE toolkit. Web-Altairis also supports satellite commanding over the Internet. This paper describes the structure of Web-Altairis and VisAGE, the underlying technologies, the provisions for security, and our experiences in developing and testing the software.

Development of a Smart Mobile Data Module for Fetal Monitoring in E-Healthcare.

PubMed

Houzé de l'Aulnoit, Agathe; Boudet, Samuel; Génin, Michaël; Gautier, Pierre-François; Schiro, Jessica; Houzé de l'Aulnoit, Denis; Beuscart, Régis

2018-03-23

The fetal heart rate (FHR) is a marker of fetal well-being in utero (when monitoring maternal and/or fetal pathologies) and during labor. Here, we developed a smart mobile data module for the remote acquisition and transmission (via a Wi-Fi or 4G connection) of FHR recordings, together with a web-based viewer for displaying the FHR datasets on a computer, smartphone or tablet. In order to define the features required by users, we modelled the fetal monitoring procedure (in home and hospital settings) via semi-structured interviews with midwives and obstetricians. Using this information, we developed a mobile data transfer module based on a Raspberry Pi. When connected to a standalone fetal monitor, the module acquires the FHR signal and sends it (via a Wi-Fi or a 3G/4G mobile internet connection) to a secure server within our hospital information system. The archived, digitized signal data are linked to the patient's electronic medical records. An HTML5/JavaScript web viewer converts the digitized FHR data into easily readable and interpretable graphs for viewing on a computer (running Windows, Linux or MacOS) or a mobile device (running Android, iOS or Windows Phone OS). The data can be viewed in real time or offline. The application includes tools required for correct interpretation of the data (signal loss calculation, scale adjustment, and precise measurements of the signal's characteristics). We performed a proof-of-concept case study of the transmission, reception and visualization of FHR data for a pregnant woman at 30 weeks of amenorrhea. She was hospitalized in the pregnancy assessment unit and FHR data were acquired three times a day with a Philips Avalon® FM30 fetal monitor. The prototype (Raspberry Pi) was connected to the fetal monitor's RS232 port. The emission and reception of prerecorded signals were tested and the web server correctly received the signals, and the FHR recording was visualized in real time on a computer, a tablet and smartphones (running Android and iOS) via the web viewer. This process did not perturb the hospital's computer network. There was no data delay or loss during a 60-min test. The web viewer was tested successfully in the various usage situations. The system was as user-friendly as expected, and enabled rapid, secure archiving. We have developed a system for the acquisition, transmission, recording and visualization of RCF data. Healthcare professionals can view the FHR data remotely on their computer, tablet or smartphone. Integration of FHR data into a hospital information system enables optimal, secure, long-term data archiving.

Research on the technology of detecting the SQL injection attack and non-intrusive prevention in WEB system

NASA Astrophysics Data System (ADS)

Hu, Haibin

2017-05-01

Among numerous WEB security issues, SQL injection is the most notable and dangerous. In this study, characteristics and procedures of SQL injection are analyzed, and the method for detecting the SQL injection attack is illustrated. The defense resistance and remedy model of SQL injection attack is established from the perspective of non-intrusive SQL injection attack and defense. Moreover, the ability of resisting the SQL injection attack of the server has been comprehensively improved through the security strategies on operation system, IIS and database, etc.. Corresponding codes are realized. The method is well applied in the actual projects.

Filtering SPAM in P2PSIP Communities with Web of Trust

NASA Astrophysics Data System (ADS)

Heikkilä, Juho; Gurtov, Andrei

Spam is a dominant problem on email systems today. One of the reasons is the lack of infrastructure for security and trust. As Voice over IP (VoIP) communication becomes increasingly popular, proliferation of spam calls is only a matter of time. As SIP identity scheme is practically similar to email, those share the same threats. We utilized Host Identity Protocol (HIP) to provide basic security, such as end-to-end encryption. To provide call filtering, however, other tools are needed. In this paper, we suggest applying trust paths familiar from the PGP web of trust to prevent unwanted communication in P2PSIP communities.

Design and implementation of website information disclosure assessment system.

PubMed

Cho, Ying-Chiang; Pan, Jen-Yi

2015-01-01

Internet application technologies, such as cloud computing and cloud storage, have increasingly changed people's lives. Websites contain vast amounts of personal privacy information. In order to protect this information, network security technologies, such as database protection and data encryption, attract many researchers. The most serious problems concerning web vulnerability are e-mail address and network database leakages. These leakages have many causes. For example, malicious users can steal database contents, taking advantage of mistakes made by programmers and administrators. In order to mitigate this type of abuse, a website information disclosure assessment system is proposed in this study. This system utilizes a series of technologies, such as web crawler algorithms, SQL injection attack detection, and web vulnerability mining, to assess a website's information disclosure. Thirty websites, randomly sampled from the top 50 world colleges, were used to collect leakage information. This testing showed the importance of increasing the security and privacy of website information for academic websites.

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2012 CFR

2012-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2011 CFR

2011-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

Genesis: A Framework for Achieving Software Component Diversity

DTIC Science & Technology

2007-01-01

correctly—the initial filters develop to fix the Hotmail vulnerability could be circumvented by using alternate character encodings4. Hence, we focus on...Remotely Exploitable Cross-Site Scripting in Hotmail and Yahoo, (March 2004); http://www.greymagic.com/security/advisories/gm005-mc/. 4...EyeonSecurity, Microsoft Passport Account Hijack Attack: Hacking Hotmail and More, Hacker’s Digest. 5. Y.-W. Huang et al., Web Application Security Assessment by

CrossTalk: The Journal of Defense Software Engineering. Volume 19, Number 5

DTIC Science & Technology

2006-05-01

Coming Events Web Sites Call for Articles Visit CrossTalk at the SSTC BackTalk Transforming: Business , Security ,Warfighting CrossTalk 76 SMXG CO-SPONSOR...theme “Transforming: Business , Security , Warfighting.” Transformation is not just the current buzzword: Many industries and the military have...systems. Transforming: Business , Security ,Warfighting Characteristic edocfosenilnoillim001-01eziS Number of external interfaces 30-300 Number of

78 FR 63159 - Amendment to Certification of Nebraska's Central Filing System

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-23

... system for Nebraska to permit the conversion of all debtor social security and taxpayer identification... automatically convert social security numbers and taxpayer identification numbers into ten number unique... certified central filing systems is available through the Internet on the GIPSA Web site ( http://www.gipsa...

75 FR 77876 - Sunshine Act Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-14

... the Board's Web page at http://www.federalreserve.gov on the day of the meeting. If you plan to attend..., and social security number (SSN) or passport number. You may provide this information by calling (202... voluntary; however, failure to provide your name, date of birth, and social security number or passport...

U.S.-Mexican Security Cooperation: the Merida Initiative and Beyond

DTIC Science & Technology

2010-07-29

Department to USAID for implementation. 71 “Cárteles Perturban al Sistema Carcelario,” El Universal, June 18, 2010. 72 Silvia Otero, “No Investigan 95...a Web .” Milenio. July 28, 2010. U.S.-Mexican Security Cooperation: the Mérida Initiative and Beyond Congressional Research Service 27 Similar

U.S.- Mexican Security Cooperation: The Merida Initiative and Beyond

DTIC Science & Technology

2010-07-29

Department to USAID for implementation. 71 “Cárteles Perturban al Sistema Carcelario,” El Universal, June 18, 2010. 72 Silvia Otero, “No Investigan 95...a Web .” Milenio. July 28, 2010. U.S.-Mexican Security Cooperation: the Mérida Initiative and Beyond Congressional Research Service 27 Similar

U.S.-Mexican Security Cooperation: the Merida Initiative and Beyond

DTIC Science & Technology

2010-08-16

2010, those funds had yet to be transferred from the State Department to USAID for implementation. 71 “Cárteles Perturban al Sistema Carcelario,” El...Quejas a Web .” Milenio. July 28, 2010. U.S.-Mexican Security Cooperation: the Mérida Initiative and Beyond Congressional Research Service 27

5 CFR 2606.201 - Requests for access.

Code of Federal Regulations, 2011 CFR

2011-01-01

... on OGE's Web site at http://www.usoge.gov, or upon request from OGE's Office of General Counsel and... Office of Federal Register at the GPO Access Web site (http://www.access.gpo.gov/su_docs/aces/PrivacyAct... individual's full name (including her maiden name, if pertinent), dates of employment, social security number...

32 CFR 537.12 - Settlement authority.

Code of Federal Regulations, 2010 CFR

2010-07-01

... samples posted at the USARCS Web site (for the address see the Note to § 537.1). USARCS may waive the... Affairs, Social Security disability, and any other government benefits accruing to the injured party. (iv... to the sample posted at the USARCS Web site (for the address see the Note to § 537.1). However, the...

6 CFR 5.21 - Requests for access to records.

Code of Federal Regulations, 2011 CFR

2011-01-01

... accessed electronically at the Government Printing Office's World Wide Web site (which can be found at http... Printing Office's World Wide Web site (which can be found at http://www.access.gpo.gov/su_docs). (c... requested records, you may also, at your option, include your social security number. (e) Verification of...

28 CFR 16.41 - Requests for access to records.

Code of Federal Regulations, 2010 CFR

2010-07-01

... the Government Printing Office's World Wide Web site (which can be found at http://www.access.gpo.gov... accessed electronically at the Government Printing Office's World Wide Web site (which can be found at http... requested records, you may also, at your option, include your social security number. (e) Verification of...

17 CFR Appendix A to Subpart A of... - Forms

Code of Federal Regulations, 2011 CFR

2011-04-01

... information that the institution collects and shares. All institutions must use the term “Social Security... the applicable opt-out methods described: telephone, such as by a toll-free number; a Web site; or use... appropriate. An institution that allows consumers to opt out online must provide either a specific Web address...

77 FR 22806 - Notice of Availability of Funds and Solicitation for Grant Applications for Cooperative...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-17

... and adults with disabilities who are unemployed, underemployed, and/or receiving Social Security... connection with this solicitation are described in further detail on ETA's Web site at http://www.doleta.gov/grants/ or on http://www.grants.gov . The Web sites provide application information, eligibility...

12 CFR Appendix A to Part 332 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... information that the institution collects and shares. All institutions must use the term “Social Security... the applicable opt-out methods described: Telephone, such as by a toll-free number; a Web site; or use... appropriate. An institution that allows consumers to opt out online must provide either a specific Web address...

12 CFR Appendix A to Part 216 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... information that the institution collects and shares. All institutions must use the term “Social Security... appropriate. An institution that allows consumers to opt out online must provide either a specific Web address that takes consumers directly to the opt-out page or a general Web address that provides a clear and...

32 CFR 537.12 - Settlement authority.

Code of Federal Regulations, 2011 CFR

2011-07-01

... samples posted at the USARCS Web site (for the address see the Note to § 537.1). USARCS may waive the... Affairs, Social Security disability, and any other government benefits accruing to the injured party. (iv... to the sample posted at the USARCS Web site (for the address see the Note to § 537.1). However, the...

6 CFR 5.21 - Requests for access to records.

Code of Federal Regulations, 2010 CFR

2010-01-01

... accessed electronically at the Government Printing Office's World Wide Web site (which can be found at http... Printing Office's World Wide Web site (which can be found at http://www.access.gpo.gov/su_docs). (c... requested records, you may also, at your option, include your social security number. (e) Verification of...

28 CFR 16.41 - Requests for access to records.

Code of Federal Regulations, 2011 CFR

2011-07-01

... the Government Printing Office's World Wide Web site (which can be found at http://www.access.gpo.gov... accessed electronically at the Government Printing Office's World Wide Web site (which can be found at http... requested records, you may also, at your option, include your social security number. (e) Verification of...

49 CFR 571.209 - Standard No. 209; Seat belt assemblies.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... (1) Eye bolts, shoulder bolts, or other bolt used to secure the pelvic restraint of seat belt... connecting webbing to an eye bolt shall be provided with a retaining latch or keeper which shall not move...) Single attachment hook for connecting webbing to any eye bolt shall be tested in the following manner...

49 CFR 393.104 - What standards must cargo securement devices and systems meet in order to satisfy the...

Code of Federal Regulations, 2010 CFR

2010-10-01

... tiedown assemblies. Tiedown assemblies (including chains, wire rope, steel strapping, synthetic webbing... . . . Must conform to . . . (1) Steel strapping 1,2 Standard Specification for Strapping, Flat Steel and... Association of Chain Manufacturers' Welded Steel Chain Specifications, dated September 28, 2005. 4 (3) Webbing...

49 CFR 393.104 - What standards must cargo securement devices and systems meet in order to satisfy the...

Code of Federal Regulations, 2011 CFR

2011-10-01

... tiedown assemblies. Tiedown assemblies (including chains, wire rope, steel strapping, synthetic webbing... . . . Must conform to . . . (1) Steel strapping 1,2 Standard Specification for Strapping, Flat Steel and... Association of Chain Manufacturers' Welded Steel Chain Specifications, dated September 28, 2005. 4 (3) Webbing...

76 FR 75890 - Agency Information Collection Activities: Solicitation of Proposal Information for Award of...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-05

... burden. DHS S&T uses a secure Web site which the public can propose SBIR research topics and submit... submit SBIR research topics and submit response to DHS SBIR solicitations. Additionally, electronic web... Innovative Research (SBIR) and Small Business Technology Transfer (STTR) programs 15 U.S.C. 628. For...

75 FR 71475 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-23

... the Exchange's Web site http://www.ise.com , at the principal office of the Exchange, and at the...'') and various forms of alternative trading systems (``ATSs''), including dark pools and electronic..., please use only one method. The Commission will post all comments on the Commissions Internet Web site...

78 FR 3940 - Self-Regulatory Organizations; The NASDAQ Stock Market LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-17

... Report regarding a Nasdaq security through the NasdaqTrader.com Web site shall be determined in... improvement of web functionality and the inclusion of supplementary equity information, but has not increased... dark pools and electronic communication networks (``ECNs''). Each SRO market competes to produce...

Joint Force Quarterly. Issue 62, 3rd Quarter, July 2011

DTIC Science & Technology

2011-07-01

academic publishing house. It publishes books, journals, policy briefs, occasional papers , monographs, and special reports on national security strategy...to the link on the NDU Press Web site or write to: Editor, Joint Force Quarterly National Defense University Press 260 Fifth Avenue, S.W. (Building...military professionalism and has made them available on its Web site.1 INSEL is in the process of posting on its Web site a video of all the conference

Importance-Performance Analysis of Personal Health Records in Taiwan: A Web-Based Survey

PubMed Central

Rau, Hsiao-Hsien; Chen, Kang-Hua

2017-01-01

Background Empowering personal health records (PHRs) provides basic human right, awareness, and intention for health promotion. As health care delivery changes toward patient-centered services, PHRs become an indispensable platform for consumers and providers. Recently, the government introduced “My health bank,” a Web-based electronic medical records (EMRs) repository for consumers. However, it is not yet a PHR. To date, we do not have a platform that can let patients manage their own PHR. Objective This study creates a vision of a value-added platform for personal health data analysis and manages their health record based on the contents of the "My health bank." This study aimed to examine consumer expectation regarding PHR, using the importance-performance analysis. The purpose of this study was to explore consumer perception regarding this type of a platform: it would try to identify the key success factors and important aspects by using the importance-performance analysis, and give some suggestions for future development based on it. Methods This is a cross-sectional study conducted in Taiwan. Web-based invitation to participate in this study was distributed through Facebook. Respondents were asked to watch an introductory movie regarding PHR before filling in the questionnaire. The questionnaire was focused on 2 aspects, including (1) system functions, and (2) system design and security and privacy. The questionnaire would employ 12 and 7 questions respectively. The questionnaire was designed following 5-points Likert scale ranging from 1 (“disagree strongly”) to 5 (“Agree strongly”). Afterwards, the questionnaire data was sorted using IBM SPSS Statistics 21 for descriptive statistics and the importance-performance analysis. Results This research received 350 valid questionnaires. Most respondents were female (219 of 350 participants, 62.6%), 21-30 years old (238 of 350 participants, 68.0%), with a university degree (228 of 350 participants, 65.1%). They were still students (195 out of 350 participants, 56.6%), with a monthly income of less than NT $30,000 (230 of 350 participants, 65.7%), and living in the North Taiwan (236 of 350 participants, 67.4%), with a good self-identified health status (171 of 350 participants, 48.9%). After performing the importance-performance analysis, we found the following: (1) instead of complex functions, people just want to have a platform that can let them integrate and manage their medical visit, health examination, and life behavior records; (2) they do not care whether their PHR is shared with others; and (3) most of the participants think the system security design is not important, but they also do not feel satisfied with the current security design. Conclusions Overall, the issues receiving the most user attention were the system functions, circulation, integrity, ease of use, and continuity of the PHRs, data security, and privacy protection. PMID:28450273

Clinical benchmarking for the office practitioner enabled by the online health record

PubMed Central

Ricciardi, TN; Masarie, FE; Landholt, T; Middleton, B

2000-01-01

Payer organizations, regulatory entities, and delivery networks are placing increasing pressure on physicians to report aggregate information about their patients and practice of medicine. Historically, clinicians have been ill-equipped to respond to these pressures when their practices have relied upon payer records for clinical information management. Key Industry Drivers: Physicians need specific information from their practices for the purposes of contract management, preventive care, office productivity, and utilization reviews. Value Statement: Clinical data captured at the point of care can support reporting requirements, and supplement or replace laboriously-collected data derived from billing and other administrative systems. Information from the Online Health Record can empower the individual physician to assess what is going on in their practice of medicine, as opposed to being "profiled" by an external entity. We created a secure web-based system that provides access to a clinical data mart, to allow online benchmarking for the individual or office practitioner. Providers used a web-enabled documentation system to document the clinical facts of the encounter. A nightly set of routines extracts data from the online chart into the clinical data mart built in a relational database. The system uses a clinical vocabulary server to map provider-entered strings to normalized clinical concepts. The system loads chart data into a dimensional data model, to simplify data representation and ensure fast query performance. Providers can access their own profiles from a secure web browser. PMID:11080030

A Road Paved with Safe Intentions: Increasing Intentions to Use Alcohol Protective Behavioral Strategies via Deviance Regulation Theory

PubMed Central

Dvorak, Robert D.; Pearson, Matthew R.; Neighbors, Clayton; Martens, Matthew P.; Stevenson, Brittany L.; Kuvaas, Nicholas J.

2015-01-01

OBJECTIVE Drinking remains a problem across college campuses. Changing this behavior requires interventions that can be easily and widely dispersed. Several theories place intentions as a proximal predictor of behavior change. The current study examines the effects of a web-based Deviance Regulation Theory (DRT) intervention on (1) intentions to use alcohol protective behavior strategies (PBS) and (2) associations between these intentions and actual behavior. METHODS Participants (n = 76) completed a six-week, web-based, study examining drinking behaviors. Participants were randomly assigned to receive a positive frame about individuals who use PBS or a negative frame about individuals who do not. They also reported normative perceptions of PBS use among college students. They subsequently logged onto a secure server each week to report on alcohol involvement, use of three types of PBS (Manner of Drinking, Stopping/Limiting, and Serious Harm Reduction), and intentions to use these PBS the following week. RESULTS Consistent with DRT, negative frames resulted in higher PBS use intentions if individuals held high normative beliefs about PBS use. Positive frames resulted in higher Manner of Drinking PBS use intentions if individuals held low normative beliefs about PBS use, but only if individuals endorsed a high belief in the frame. In addition, there was a DRT consistent increase in intention-action associations, but only for Stopping/Limiting PBS. DISCUSSION A brief web-based DRT intervention was effective at increasing PBS intentions and increasing PBS intention-action associations. DRT may provide a mechanism to additively or synergistically improve other web-based interventions for college drinking. PMID:26914646

Real-Time Remote Monitoring with Data Acquisition System

NASA Astrophysics Data System (ADS)

Faizal Zainal Abidin, Ahmad; Huzaimy Jusoh, Mohammad; James, Elster; Junid, Syed Abdul Mutalib Al; Mohd Yassin, Ahmad Ihsan

2015-11-01

The purpose of this system is to provide monitoring system for an electrical device and enable remote monitoring via web based application. This monitoring system allow the user to monitor the device condition from anywhere as the information will be synchronised to the website. The current and voltage reading of the monitored equipment, ambient temperature and humidity level are monitored and recorded. These parameters will be updated on the web page. All these sensor are connected to the microcontroller and the data will saved in micro secure digital (SD) card and send all the gathered information to a web page using the GPRS service connection synchronously. The collected data will be displayed on the website and the user enable to download the data directly from the website. The system will help user to monitor the devices condition and ambient changes with ease. The system is successfully developed, tested and has been installed at residential area in Taman Cahaya Alam, Section U12, Shah Alam, Selangor, Malaysia.

An end-to-end secure patient information access card system.

PubMed

Alkhateeb, A; Singer, H; Yakami, M; Takahashi, T

2000-03-01

The rapid development of the Internet and the increasing interest in Internet-based solutions has promoted the idea of creating Internet-based health information applications. This will force a change in the role of IC cards in healthcare card systems from a data carrier to an access key medium. At the Medical Informatics Department of Kyoto University Hospital we are developing a smart card patient information project where patient databases are accessed via the Internet. Strong end-to-end data encryption is performed via Secure Socket Layers, transparent to transmit patient information. The smart card is playing the crucial role of access key to the database: user authentication is performed internally without ever revealing the actual key. For easy acceptance by healthcare professionals, the user interface is integrated as a plug-in for two familiar Web browsers, Netscape Navigator and MS Internet Explorer.

Connecting to success: practice management on the Net.

PubMed

Freydberg, B K

2001-08-15

Profound changes in the way dental practices manage data, patient records, and communication are beginning to unfold. Sooner than most of us can imagine, secured patient medical and dental records will reside on the Internet. Additionally, communication between health care providers and patients will become virtually 100% electronic. As the Application Service Provider (ASP) dental models mature, practices will transition from paper to "paperless" to "web-based" management and clinical systems. This article examines and explains these future frontiers.

Analysis of Department of Defense Social Media Policy and Its Impact on Operational Security

DTIC Science & Technology

2015-06-01

1976, Generation Y was born between 1977 and 1994, and Generation Z was born after 1995 (Schroer, n.d.). 6 With over 1.3 billion users , Facebook...social media platforms, such as Twitter, Instagram , LinkedIn, and Pinterest, have shown significant user growth over the last six years (Duggan et al... generated content , social software, Web-based email, instant messaging, and discussion forum. Some examples of IbC include YouTube, Facebook, Flickr

Internet research in an international context.

PubMed

Baernholdt, Marianne; Clarke, Sean P

2006-02-01

Computers and the Internet provide researchers with new options in surveying. When using electronic surveys, several practical and methodological issues need to be considered such as whether the majority of the surveyed population has Internet access and whether an e-mail or a Web-based survey is most appropriate. Other important considerations relate to Internet security issues and, in international research, the possibility of language barriers. Despite these challenges, electronic surveys offer a promising alternative to conventional mail surveys.

Summary of ADTT Website Functionality and Features

NASA Technical Reports Server (NTRS)

Hawke, Veronica; Duong, Trang; Liang, Lawrence; Gage, Peter; Lawrence, Scott (Technical Monitor)

2001-01-01

This report summarizes development of the ADTT web-based design environment by the ELORET team in 2000. The Advanced Design Technology Testbed had been in development for several years, with demonstration applications restricted to aerodynamic analyses of subsonic aircraft. The key changes achieved this year were improvements in Web-based accessibility, evaluation of collaborative visualization, remote invocation of geometry updates and performance analysis, and application to aerospace system analysis. Significant effort was also devoted to post-processing of data, chiefly through comparison of similar data for alternative vehicle concepts. Such comparison is an essential requirement for designers to make informed choices between alternatives. The next section of this report provides more discussion of the goals for ADTT development. Section 3 provides screen shots from a sample session in the ADTT environment, including Login and navigation to the project of interest, data inspection, analysis execution and output evaluation. The following section provides discussion of implementation details and recommendations for future development of the software and information technologies that provide the key functionality of the ADTT system. Section 5 discusses the integration architecture for the system, which links machines running different operating systems and provides unified access to data stored in distributed locations. Security is a significant issue for this system, especially for remote access to NAS machines, so Section 6 discusses several architectural considerations with respect to security. Additional details of some aspects of ADTT development are included in Appendices.

Local food web management increases resilience and buffers against global change effects on freshwaters

NASA Astrophysics Data System (ADS)

Urrutia-Cordero, Pablo; Ekvall, Mattias K.; Hansson, Lars-Anders

2016-07-01

A major challenge for ecological research is to identify ways to improve resilience to climate-induced changes in order to secure the ecosystem functions of natural systems, as well as ecosystem services for human welfare. With respect to aquatic ecosystems, interactions between climate warming and the elevated runoff of humic substances (brownification) may strongly affect ecosystem functions and services. However, we hitherto lack the adaptive management tools needed to counteract such global-scale effects on freshwater ecosystems. Here we show, both experimentally and using monitoring data, that predicted climatic warming and brownification will reduce freshwater quality by exacerbating cyanobacterial growth and toxin levels. Furthermore, in a model based on long-term data from a natural system, we demonstrate that food web management has the potential to increase the resilience of freshwater systems against the growth of harmful cyanobacteria, and thereby that local efforts offer an opportunity to secure our water resources against some of the negative impacts of climate warming and brownification. This allows for novel policy action at a local scale to counteract effects of global-scale environmental change, thereby providing a buffer period and a safer operating space until climate mitigation strategies are effectively established.

Providing Web Interfaces to the NSF EarthScope USArray Transportable Array

NASA Astrophysics Data System (ADS)

Vernon, Frank; Newman, Robert; Lindquist, Kent

2010-05-01

Since April 2004 the EarthScope USArray seismic network has grown to over 850 broadband stations that stream multi-channel data in near real-time to the Array Network Facility in San Diego. Providing secure, yet open, access to real-time and archived data for a broad range of audiences is best served by a series of platform agnostic low-latency web-based applications. We present a framework of tools that mediate between the world wide web and Boulder Real Time Technologies Antelope Environmental Monitoring System data acquisition and archival software. These tools provide comprehensive information to audiences ranging from network operators and geoscience researchers, to funding agencies and the general public. This ranges from network-wide to station-specific metadata, state-of-health metrics, event detection rates, archival data and dynamic report generation over a station's two year life span. Leveraging open source web-site development frameworks for both the server side (Perl, Python and PHP) and client-side (Flickr, Google Maps/Earth and jQuery) facilitates the development of a robust extensible architecture that can be tailored on a per-user basis, with rapid prototyping and development that adheres to web-standards. Typical seismic data warehouses allow online users to query and download data collected from regional networks, without the scientist directly visually assessing data coverage and/or quality. Using a suite of web-based protocols, we have recently developed an online seismic waveform interface that directly queries and displays data from a relational database through a web-browser. Using the Python interface to Datascope and the Python-based Twisted network package on the server side, and the jQuery Javascript framework on the client side to send and receive asynchronous waveform queries, we display broadband seismic data using the HTML Canvas element that is globally accessible by anyone using a modern web-browser. We are currently creating additional interface tools to create a rich-client interface for accessing and displaying seismic data that can be deployed to any system running the Antelope Real Time System. The software is freely available from the Antelope contributed code Git repository (http://www.antelopeusersgroup.org).

A National Crop Progress Monitoring System Based on NASA Earth Science Results

NASA Astrophysics Data System (ADS)

Di, L.; Yu, G.; Zhang, B.; Deng, M.; Yang, Z.

2011-12-01

Crop progress is an important piece of information for food security and agricultural commodities. Timely monitoring and reporting are mandated for the operation of agricultural statistical agencies. Traditionally, the weekly reporting issued by the National Agricultural Statistics Service (NASS) of the United States Department of Agriculture (USDA) is based on reports from the knowledgeable state and county agricultural officials and farmers. The results are spatially coarse and subjective. In this project, a remote-sensing-supported crop progress monitoring system is being developed intensively using the data and derived products from NASA Earth Observing satellites. Moderate Resolution Imaging Spectroradiometer (MODIS) Level 3 product - MOD09 (Surface Reflectance) is used for deriving daily normalized vegetation index (NDVI), vegetation condition index (VCI), and mean vegetation condition index (MVCI). Ratio change to previous year and multiple year mean can be also produced on demand. The time-series vegetation condition indices are further combined with the NASS' remote-sensing-derived Cropland Data Layer (CDL) to estimate crop condition and progress crop by crop. To facilitate the operational requirement and increase the accessibility of data and products by different users, each component of the system has being developed and implemented following open specifications under the Web Service reference model of Open Geospatial Consortium Inc. Sensor observations and data are accessed through Web Coverage Service (WCS), Web Feature Service (WFS), or Sensor Observation Service (SOS) if available. Products are also served through such open-specification-compliant services. For rendering and presentation, Web Map Service (WMS) is used. A Web-service based system is set up and deployed at dss.csiss.gmu.edu/NDVIDownload. Further development will adopt crop growth models, feed the models with remotely sensed precipitation and soil moisture information, and incorporate the model results with vegetation-index time series for crop progress stage estimation.

Globus Identity, Access, and Data Management: Platform Services for Collaborative Science

NASA Astrophysics Data System (ADS)

Ananthakrishnan, R.; Foster, I.; Wagner, R.

2016-12-01

Globus is software-as-a-service for research data management, developed at, and operated by, the University of Chicago. Globus, accessible at www.globus.org, provides high speed, secure file transfer; file sharing directly from existing storage systems; and data publication to institutional repositories. 40,000 registered users have used Globus to transfer tens of billions of files totaling hundreds of petabytes between more than 10,000 storage systems within campuses and national laboratories in the US and internationally. Web, command line, and REST interfaces support both interactive use and integration into applications and infrastructures. An important component of the Globus system is its foundational identity and access management (IAM) platform service, Globus Auth. Both Globus research data management and other applications use Globus Auth for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and a range of clients, including web, mobile, and desktop applications, and other services. Compliant with important standards such as OAuth, OpenID, and SAML, Globus Auth provides mechanisms required for an extensible, integrated ecosystem of services and clients for the research and education community. It underpins projects such as the US National Science Foundation's XSEDE system, NCAR's Research Data Archive, and the DOE Systems Biology Knowledge Base. Current work is extending Globus services to be compliant with FEDRAMP standards for security assessment, authorization, and monitoring for cloud services. We will present Globus IAM solutions and give examples of Globus use in various projects for federated access to resources. We will also describe how Globus Auth and Globus research data management capabilities enable rapid development and low-cost operations of secure data sharing platforms that leverage Globus services and integrate them with local policy and security.

Data-Driven Software Framework for Web-Based ISS Telescience

NASA Technical Reports Server (NTRS)

Tso, Kam S.

2005-01-01

Software that enables authorized users to monitor and control scientific payloads aboard the International Space Station (ISS) from diverse terrestrial locations equipped with Internet connections is undergoing development. This software reflects a data-driven approach to distributed operations. A Web-based software framework leverages prior developments in Java and Extensible Markup Language (XML) to create portable code and portable data, to which one can gain access via Web-browser software on almost any common computer. Open-source software is used extensively to minimize cost; the framework also accommodates enterprise-class server software to satisfy needs for high performance and security. To accommodate the diversity of ISS experiments and users, the framework emphasizes openness and extensibility. Users can take advantage of available viewer software to create their own client programs according to their particular preferences, and can upload these programs for custom processing of data, generation of views, and planning of experiments. The same software system, possibly augmented with a subset of data and additional software tools, could be used for public outreach by enabling public users to replay telescience experiments, conduct their experiments with simulated payloads, and create their own client programs and other custom software.

A World Wide Web-based antimicrobial stewardship program improves efficiency, communication, and user satisfaction and reduces cost in a tertiary care pediatric medical center.

PubMed

Agwu, Allison L; Lee, Carlton K K; Jain, Sanjay K; Murray, Kara L; Topolski, Jason; Miller, Robert E; Townsend, Timothy; Lehmann, Christoph U

2008-09-15

Antimicrobial stewardship programs aim to reduce inappropriate hospital antimicrobial use. At the Johns Hopkins Children's Medical and Surgical Center (Baltimore, MD), we implemented a World Wide Web-based antimicrobial restriction program to address problems with the existing restriction program. A user survey identified opportunities for improvement of an existing antimicrobial restriction program and resulted in subsequent design, implementation, and evaluation of a World Wide Web-based antimicrobial restriction program at a 175-bed, tertiary care pediatric teaching hospital. The program provided automated clinical decision support, facilitated approval, and enhanced real-time communication among prescribers, pharmacists, and pediatric infectious diseases fellows. Approval status, duration, and rationale; missing request notifications; and expiring approvals were stored in a database that is accessible via a secure Intranet site. Before and after implementation of the program, user satisfaction, reports of missed and/or delayed doses, antimicrobial dispensing times, and cost were evaluated. After implementation of the program, there was a $370,069 reduction in projected annual cost associated with restricted antimicrobial use and an 11.6% reduction in the number of dispensed doses. User satisfaction increased from 22% to 68% and from 13% to 69% among prescribers and pharmacists, respectively. There were 21% and 32% reductions in the number of prescriber reports of missed and delayed doses, respectively, and there was a 37% reduction in the number of pharmacist reports of delayed approvals; measured dispensing times were unchanged (P = .24). In addition, 40% fewer restricted antimicrobial-related phone calls were noted by the pharmacy. The World Wide Web-based antimicrobial approval program led to improved communication, more-efficient antimicrobial administration, increased user satisfaction, and significant cost savings. Integrated tools, such as this World Wide Web-based antimicrobial approval program, will effectively enhance antimicrobial stewardship programs.

A Weakest Precondition Approach to Robustness

NASA Astrophysics Data System (ADS)

Balliu, Musard; Mastroeni, Isabella

With the increasing complexity of information management computer systems, security becomes a real concern. E-government, web-based financial transactions or military and health care information systems are only a few examples where large amount of information can reside on different hosts distributed worldwide. It is clear that any disclosure or corruption of confidential information in these contexts can result fatal. Information flow controls constitute an appealing and promising technology to protect both data confidentiality and data integrity. The certification of the security degree of a program that runs in untrusted environments still remains an open problem in the area of language-based security. Robustness asserts that an active attacker, who can modify program code in some fixed points (holes), is unable to disclose more private information than a passive attacker, who merely observes unclassified data. In this paper, we extend a method recently proposed for checking declassified non-interference in presence of passive attackers only, in order to check robustness by means of weakest precondition semantics. In particular, this semantics simulates the kind of analysis that can be performed by an attacker, i.e., from public output towards private input. The choice of semantics allows us to distinguish between different attacks models and to characterize the security of applications in different scenarios.

T-Check in Technologies for Interoperability: Web Services and Security--Single Sign-On

DTIC Science & Technology

2007-12-01

following tools: • Apache Tomcat 6.0—a Java Servlet container to host the Web services and a simple Web client application [Apache 2007a] • Apache Axis...Eclipse. Eclipse – an open development platform. http://www.eclipse.org/ (2007) [Hunter 2001] Hunter, Jason. Java Servlet Programming, 2nd Edition...Citation SAML 1.1 Java Toolkit SAML Ping Identity’s SAML-1.1 implementation [SourceID 2006] OpenSAML SAML An open source implementation of SAML 1.1

DOE Office of Scientific and Technical Information (OSTI.GOV)

Casella, R.

RESTful (REpresentational State Transfer) web services are an alternative implementation to SOAP/RPC web services in a client/server model. BNLs IT Division has started deploying RESTful Web Services for enterprise data retrieval and manipulation. Data is currently used by system administrators for tracking configuration information and as it is expanded will be used by Cyber Security for vulnerability management and as an aid to cyber investigations. This talk will describe the implementation and outstanding issues as well as some of the reasons for choosing RESTful over SOAP/RPC and future directions.

16 CFR Appendix A to Part 313 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-01-01

... “Social Security number” in the first bullet. (2) Institutions must use five (5) of the following terms to... the applicable opt-out methods described: telephone, such as by a toll-free number; a Web site; or use... appropriate. An institution that allows consumers to opt out online must provide either a specific Web address...

17 CFR Appendix A to Part 160 - Model Privacy Form

Code of Federal Regulations, 2011 CFR

2011-04-01

... institutions must use the term “Social Security number” in the first bullet. (2) Institutions must use five (5... consumers to opt out online must provide either a specific Web address that takes consumers directly to the opt-out page or a general Web address that provides a clear and conspicuous direct link to the opt-out...

76 FR 9636 - Notice of Open Public Hearing and Roundtable Discussion

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... China's domestic economic, social and security issues and how the Chinese government is addressing them... obtained from the USCC Web Site http://www.uscc.gov . Date and Time: Friday, February 25, 2011, 8:45 a.m... to the Commission's Web Site at http://www.uscc.gov as soon as available. ADDRESSES: The hearing will...

75 FR 40864 - Notice of Fiscal Year 2010 Border Grant Funding and Solicitation for Applications

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-14

... Federal Grant Web site, http://www.grants.gov . Eligible projects for funding with BEG are identified in... applications for BEG funding at the Federal Grant Web site, http://www.grants.gov . FOR FURTHER INFORMATION... the MOE explanation, http://www.fmcsa.dot.gov/safety-security/grants/beg/moe.aspx . The Border...

29 CFR 1926.756 - Beams and columns.

Code of Federal Regulations, 2012 CFR

2012-07-01

...) General. (1) During the final placing of solid web structural members, the load shall not be released from... bracing. Solid web structural members used as diagonal bracing shall be secured by at least one bolt per... (.46 m) from the extreme outer face of the column in each direction at the top of the column shaft. (e...

29 CFR 1926.756 - Beams and columns.

Code of Federal Regulations, 2013 CFR

2013-07-01

...) General. (1) During the final placing of solid web structural members, the load shall not be released from... bracing. Solid web structural members used as diagonal bracing shall be secured by at least one bolt per... (.46 m) from the extreme outer face of the column in each direction at the top of the column shaft. (e...

29 CFR 1926.756 - Beams and columns.

Code of Federal Regulations, 2011 CFR

2011-07-01

...) General. (1) During the final placing of solid web structural members, the load shall not be released from... bracing. Solid web structural members used as diagonal bracing shall be secured by at least one bolt per... (.46 m) from the extreme outer face of the column in each direction at the top of the column shaft. (e...

29 CFR 1926.756 - Beams and columns.

Code of Federal Regulations, 2014 CFR

2014-07-01

...) General. (1) During the final placing of solid web structural members, the load shall not be released from... bracing. Solid web structural members used as diagonal bracing shall be secured by at least one bolt per... (.46 m) from the extreme outer face of the column in each direction at the top of the column shaft. (e...

Web-PE: Internet-Delivered Prolonged Exposure Therapy for PTSD

DTIC Science & Technology

2015-10-01

order to meet the growing demand for effective and efficient treatment for posttraumatic stress disorder ( PTSD ) in a timely manner. Web-treatments...posttraumatic stress disorder ( PTSD ) in a timely manner. Effective EBTs for PTSD are available, but barriers to accessing care can deter military...Exposure, combat, psychological treatment, military, psychotherapy, trauma, posttraumatic stress , posttraumatic stress disorder 16. SECURITY

75 FR 76505 - Self-Regulatory Organizations; Notice of Filing and Immediate Effectiveness of a Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-08

... available from NASDAQ's Web site at http://nasdaq.cchwallstreet.com/Filings/ , at NASDAQ's principal office... in dark pools. Securities Exchange Act Release No. 61358 (January 14, 2010), 75 FR 3594 (January 21... Speech,'' available on the Commission Web site) (comments of Commission Chairman on what she viewed as a...