Computing Game-Theoretic Solutions for Security in the Medium Term

DTIC Science & Technology

This project concerns the design of algorithms for computing game- theoretic solutions . (Game theory concerns how to act in a strategically optimal...way in environments with other agents who also seek to act optimally but have different , and possibly opposite, interests .) Such algorithms have...recently found application in a number of real-world security applications, including among others airport security, scheduling Federal Air Marshals, and

17 CFR 210.9-01 - Application of §§ 210.9-01 to 210.9-07

Code of Federal Regulations, 2010 CFR

2010-04-01

... COMMISSION FORM AND CONTENT OF AND REQUIREMENTS FOR FINANCIAL STATEMENTS, SECURITIES ACT OF 1933, SECURITIES....9-01 Application of §§ 210.9-01 to 210.9-07 This article is applicable to consolidated financial statements filed for bank holding companies and to any financial statements of banks that are included in...

A Component-Based Approach for Securing Indoor Home Care Applications

PubMed Central

Estévez, Elisabet

2017-01-01

eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public’s confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home. PMID:29278370

A Component-Based Approach for Securing Indoor Home Care Applications.

PubMed

Agirre, Aitor; Armentia, Aintzane; Estévez, Elisabet; Marcos, Marga

2017-12-26

eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.

20 CFR 422.101 - Material included in this subpart.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Section 422.101 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND PROCEDURES General... applications for and assignment of social security numbers, maintenance of earnings records of individuals by the Social Security Administration, requests for statements of earnings or for revision of earnings...

Using Mathematics to Make Computing on Encrypted Data Secure and Practical

DTIC Science & Technology

2015-12-01

LLL) lattice basis reduction algorithm, G-Lattice, Cryptography , Security, Gentry-Szydlo Algorithm, Ring-LWE 16. SECURITY CLASSIFICATION OF: 17...with symmetry be further developed, in order to quantify the security of lattice-based cryptography , including especially the security of homomorphic...the Gentry-Szydlo algorithm, and the ideas should be applicable to a range of questions in cryptography . The new algorithm of Lenstra and Silverberg

12 CFR 563g.12 - Securities sale report.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Securities sale report. 563g.12 Section 563g.12....12 Securities sale report. (a) Within 30 days after the first sale of the securities, every six... application of the proceeds, which shall include all of the information required by Form G-12 set forth at...

Spline-Screw Payload-Fastening System

NASA Technical Reports Server (NTRS)

Vranish, John M.

1994-01-01

Payload handed off securely between robot and vehicle or structure. Spline-screw payload-fastening system includes mating female and male connector mechanisms. Clockwise (or counter-clockwise) rotation of splined male driver on robotic end effector causes connection between robot and payload to tighten (or loosen) and simultaneously causes connection between payload and structure to loosen (or tighten). Includes mechanisms like those described in "Tool-Changing Mechanism for Robot" (GSC-13435) and "Self-Aligning Mechanical and Electrical Coupling" (GSC-13430). Designed for use in outer space, also useful on Earth in applications needed for secure handling and secure mounting of equipment modules during storage, transport, and/or operation. Particularly useful in machine or robotic applications.

SPOT: Optimization Tool for Network Adaptable Security

NASA Astrophysics Data System (ADS)

Ksiezopolski, Bogdan; Szalachowski, Pawel; Kotulski, Zbigniew

Recently we have observed the growth of the intelligent application especially with its mobile character, called e-anything. The implementation of these applications provides guarantee of security requirements of the cryptographic protocols which are used in the application. Traditionally the protocols have been configured with the strongest possible security mechanisms. Unfortunately, when the application is used by means of the mobile devices, the strongest protection can lead to the denial of services for them. The solution of this problem is introducing the quality of protection models which will scale the protection level depending on the actual threat level. In this article we would like to introduce the application which manages the protection level of the processes in the mobile environment. The Security Protocol Optimizing Tool (SPOT) optimizes the cryptographic protocol and defines the protocol version appropriate to the actual threat level. In this article the architecture of the SPOT is presented with a detailed description of the included modules.

49 CFR 1580.203 - Reporting significant security concerns.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Reporting significant security concerns. 1580.203... concerns. (a) Applicability. This section applies to: (1) Each passenger railroad carrier, including each... potential threats and significant security concerns to DHS by telephoning the Freedom Center at 1-866-615...

Marketing Plan for Demonstration and Validation Assets

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

The National Security Preparedness Project (NSPP), is to be sustained by various programs, including technology demonstration and evaluation (DEMVAL). This project assists companies in developing technologies under the National Security Technology Incubator program (NSTI) through demonstration and validation of technologies applicable to national security created by incubators and other sources. The NSPP also will support the creation of an integrated demonstration and validation environment. This report documents the DEMVAL marketing and visibility plan, which will focus on collecting information about, and expanding the visibility of, DEMVAL assets serving businesses with national security technology applications in southern New Mexico.

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Integer programming applications: Bond trading, mortgage backed security financing, and FASB 115 accounting

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nauss, R.

1994-12-31

In this review we describe three integer programming applications involving fixed income securities. A bond trading model is presented that features a number of possible different objectives and collections of constraints including future interest rate scenarios. A mortgage backed security (MBS) financing model that accounts for potential defaults in the MBS is also presented. Finally we describe an approach to allocate collections of bank securities into three categories: hold to maturity, available for sale, or trading. Placement of securities in these categories affects the capital, net income, and liquidity of a bank according to new accounting rules promulgated by themore » Financial Accounting Standards Board.« less

A systematic literature review on security and privacy of electronic health record systems: technical perspectives.

PubMed

Rezaeibagha, Fatemeh; Win, Khin Than; Susilo, Willy

Even though many safeguards and policies for electronic health record (EHR) security have been implemented, barriers to the privacy and security protection of EHR systems persist. This article presents the results of a systematic literature review regarding frequently adopted security and privacy technical features of EHR systems. Our inclusion criteria were full articles that dealt with the security and privacy of technical implementations of EHR systems published in English in peer-reviewed journals and conference proceedings between 1998 and 2013; 55 selected studies were reviewed in detail. We analysed the review results using two International Organization for Standardization (ISO) standards (29100 and 27002) in order to consolidate the study findings. Using this process, we identified 13 features that are essential to security and privacy in EHRs. These included system and application access control, compliance with security requirements, interoperability, integration and sharing, consent and choice mechanism, policies and regulation, applicability and scalability and cryptography techniques. This review highlights the importance of technical features, including mandated access control policies and consent mechanisms, to provide patients' consent, scalability through proper architecture and frameworks, and interoperability of health information systems, to EHR security and privacy requirements.

20 CFR 703.204 - Decision on insurance carrier's application; minimum amount of deposit.

Code of Federal Regulations, 2011 CFR

2011-04-01

... INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.204 Decision on insurance... determining the extent of an insurance carrier's unsecured LHWCA obligations and fixing the amount of security... number of factors in setting the security deposit amount including, but not limited to, the— (1...

20 CFR 703.204 - Decision on insurance carrier's application; minimum amount of deposit.

Code of Federal Regulations, 2012 CFR

2012-04-01

... INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.204 Decision on insurance... determining the extent of an insurance carrier's unsecured LHWCA obligations and fixing the amount of security... number of factors in setting the security deposit amount including, but not limited to, the— (1...

Two RFID standard-based security protocols for healthcare environments.

PubMed

Picazo-Sanchez, Pablo; Bagheri, Nasour; Peris-Lopez, Pedro; Tapiador, Juan E

2013-10-01

Radio Frequency Identification (RFID) systems are widely used in access control, transportation, real-time inventory and asset management, automated payment systems, etc. Nevertheless, the use of this technology is almost unexplored in healthcare environments, where potential applications include patient monitoring, asset traceability and drug administration systems, to mention just a few. RFID technology can offer more intelligent systems and applications, but privacy and security issues have to be addressed before its adoption. This is even more dramatical in healthcare applications where very sensitive information is at stake and patient safety is paramount. In Wu et al. (J. Med. Syst. 37:19, 43) recently proposed a new RFID authentication protocol for healthcare environments. In this paper we show that this protocol puts location privacy of tag holders at risk, which is a matter of gravest concern and ruins the security of this proposal. To facilitate the implementation of secure RFID-based solutions in the medical sector, we suggest two new applications (authentication and secure messaging) and propose solutions that, in contrast to previous proposals in this field, are fully based on ISO Standards and NIST Security Recommendations.

6 CFR 37.11 - Application and documents the applicant must provide.

Code of Federal Regulations, 2011 CFR

2011-01-01

... filed with a State Office of Vital Statistics or equivalent agency in the individual's State of birth... present at least one document included in paragraph (c) of this section. (e) Social security number (SSN... documents listed in § 37.11(c)(1) and (2) must present his or her Social Security Administration account...

Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications.

PubMed

Fernández-Caramés, Tiago M; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

2016-12-24

The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.

Reverse Engineering and Security Evaluation of Commercial Tags for RFID-Based IoT Applications

PubMed Central

Fernández-Caramés, Tiago M.; Fraga-Lamas, Paula; Suárez-Albela, Manuel; Castedo, Luis

2016-01-01

The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol. PMID:28029119

10 CFR 73.54 - Protection of digital computer and communication systems and networks.

Code of Federal Regulations, 2011 CFR

2011-01-01

....90 of this chapter, a cyber security plan that satisfies the requirements of this section for.... Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current... Commission prior to the effective date of this rule must amend their applications to include a cyber security...

10 CFR 73.54 - Protection of digital computer and communication systems and networks.

Code of Federal Regulations, 2010 CFR

2010-01-01

....90 of this chapter, a cyber security plan that satisfies the requirements of this section for.... Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current... Commission prior to the effective date of this rule must amend their applications to include a cyber security...

10 CFR 73.54 - Protection of digital computer and communication systems and networks.

Code of Federal Regulations, 2014 CFR

2014-01-01

....90 of this chapter, a cyber security plan that satisfies the requirements of this section for.... Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current... Commission prior to the effective date of this rule must amend their applications to include a cyber security...

10 CFR 73.54 - Protection of digital computer and communication systems and networks.

Code of Federal Regulations, 2012 CFR

2012-01-01

....90 of this chapter, a cyber security plan that satisfies the requirements of this section for.... Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current... Commission prior to the effective date of this rule must amend their applications to include a cyber security...

75 FR 62592 - Applications and Amendments to Facility Operating Licenses Involving Proposed No Significant...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-12

... Operating Licenses include: (1) The proposed Cyber Security Plan for CCNPP, Ginna, and NMPNS, (2) an... provisions of the Nuclear Regulatory Commission-approved Cyber Security Plan for CCNPP, Ginna, and NMPNS as... Communication Systems and Networks,'' establish the requirements for a cyber security program. This regulation...

10 CFR 73.54 - Protection of digital computer and communication systems and networks.

Code of Federal Regulations, 2013 CFR

2013-01-01

....90 of this chapter, a cyber security plan that satisfies the requirements of this section for.... Implementation of the licensee's cyber security program must be consistent with the approved schedule. Current... Commission prior to the effective date of this rule must amend their applications to include a cyber security...

Graduate Research Assistant Program for Professional Development at Oak Ridge National Laboratory (ORNL) Global Nuclear Security Technology Division (GNSTD)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Eipeldauer, Mary D; Shelander Jr, Bruce R

2012-01-01

The southeast is a highly suitable environment for establishing a series of nuclear safety, security and safeguards 'professional development' courses. Oak Ridge National Laboratory (ORNL) provides expertise in the research component of these subjects while the Y-12 Nuclear Security Complex handles safeguards/security and safety applications. Several universities (i.e., University of Tennessee, Knoxville (UTK), North Carolina State University, University of Michigan, and Georgia Technology Institute) in the region, which offer nuclear engineering and public policy administration programs, and the Howard Baker Center for Public Policy make this an ideal environment for learning. More recently, the Institute for Nuclear Security (INS) wasmore » established between ORNL, Y-12, UTK and Oak Ridge Associate Universities (ORAU), with a focus on five principal areas. These areas include policy, law, and diplomacy; education and training; science and technology; operational and intelligence capability building; and real-world missions and applications. This is a new approach that includes professional development within the graduate research assistant program addressing global needs in nuclear security, safety and safeguards.« less

Secure voice for mobile satellite applications

NASA Technical Reports Server (NTRS)

Vaisnys, Arvydas; Berner, Jeff

1990-01-01

The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

Application distribution model and related security attacks in VANET

NASA Astrophysics Data System (ADS)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Secure authentication protocol for Internet applications over CATV network

NASA Astrophysics Data System (ADS)

Chin, Le-Pond

1998-02-01

An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

U27 : real-time commercial vehicle safety & security monitoring final report.

DOT National Transportation Integrated Search

2012-12-01

Accurate real-time vehicle tracking has a wide range of applications including fleet management, drug/speed/law enforcement, transportation planning, traffic safety, air quality, electronic tolling, and national security. While many alternative track...

Comparison of secure messaging application (WhatsApp) and standard telephone usage for consultations on Length of Stay in the ED. A prospective randomized controlled study.

PubMed

Gulacti, Umut; Lok, Ugur

2017-07-19

Consultation, the process of an Emergency Physician seeking an opinion from other specialties, occurs frequently in the Emergency Department (ED). The aim of this study was to determine the effect of secure messaging application (WhatsApp) usage for medical consultations on Emergency Department Length of Stay (ED LOS) and consult time. We conducted a prospective, randomized controlled trial in the ED using allocation concealment over three months. Consultations requested in the ED were allocated into two groups: consultations requested via the secure messaging application and consultations requested by telephone as verbal. A total of 439 consultations requested in the ED were assessed for eligibility and 345 were included in the final analysis: 173 consultations were conducted using secure messaging application and 172 consultations were conducted using standard telephone communications. The median ED LOS was 240 minutes (IQR:230-270, 95% CI:240 to 255.2) for patients in the secure messaging application group and 277 minutes (IQR:270-287.8, 95% CI:277 to 279) for patients in the telephone group. The median total ED LOS was significantly lower among consults conducted using Secure messaging application relative to consults conducted by telephone (median dif: -30, 95%CI:-37to-25, p<0.0001). The median consult time was 158 minutes (IQR:133 to 177.25, 95% CI:150 to 169) for patients in the Secure messaging application group and 170 minutes (IQR:165 to 188.5, 95% CI:170-171) for patients in the Telephone group (median dif: -12, 95%CI:-19 to-7,p<0.0001). Consultations completed without ED arrival was 61.8% in the secure messaging group and 33.1% in the Telephone group (dif: 28.7, 95% CI:48.3 to 66, p<0.001). Use of secure messaging application for consultations in the ED reduces the total ED LOS and consultation time. Consultation with secure messaging application eliminated more than half of in-person ED consultation visits.

Coordinating UAV information for executing national security-oriented collaboration

NASA Astrophysics Data System (ADS)

Isenor, Anthony W.; Allard, Yannick; Lapinski, Anna-Liesa S.; Demers, Hugues; Radulescu, Dan

2014-10-01

Unmanned Aerial Vehicles (UAVs) are being used by numerous nations for defence-related missions. In some cases, the UAV is considered a cost-effective means to acquire data such as imagery over a location or object. Considering Canada's geographic expanse, UAVs are also being suggested as a potential platform for use in surveillance of remote areas, such as northern Canada. However, such activities are typically associated with security as opposed to defence. The use of a defence platform for security activities introduces the issue of information exchange between the defence and security communities and their software applications. This paper explores the flow of information from the system used by the UAVs employed by the Royal Canadian Navy. Multiple computers are setup, each with the information system used by the UAVs, including appropriate communication between the systems. Simulated data that may be expected from a typical maritime UAV mission is then fed into the information system. The information structures common to the Canadian security community are then used to store and transfer the simulated data. The resulting data flow from the defence-oriented UAV system to the security-oriented information structure is then displayed using an open source geospatial application. Use of the information structures and applications relevant to the security community avoids the distribution restrictions often associated with defence-specific applications.

Digital security technology simplified.

PubMed

Scaglione, Bernard J

2007-01-01

Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

U.S. Patent Pending, Information Security Analysis Using Game Theory and Simulation, U.S. Patent Application No.: 14/097,840

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Schlicher, Bob G

Vulnerability in security of an information system is quantitatively predicted. The information system may receive malicious actions against its security and may receive corrective actions for restoring the security. A game oriented agent based model is constructed in a simulator application. The game ABM model represents security activity in the information system. The game ABM model has two opposing participants including an attacker and a defender, probabilistic game rules and allowable game states. A specified number of simulations are run and a probabilistic number of the plurality of allowable game states are reached in each simulation run. The probability ofmore » reaching a specified game state is unknown prior to running each simulation. Data generated during the game states is collected to determine a probability of one or more aspects of security in the information system.« less

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2010 CFR

2010-04-01

..., form of proxy or other communication to such holders, including to the extent known or reasonably... provided for under applicable state law identifying the proposal or other corporate action that will be the subject of the security holder's solicitation or communication and attesting that: (i) The security holder...

MEMS and MOEMS for national security applications

NASA Astrophysics Data System (ADS)

Scott, Marion W.

2003-01-01

Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

Overview of Climate Confluence Security Issues

NASA Astrophysics Data System (ADS)

Reisman, J. P.

2011-12-01

Presentation will focus on an overview of the security perspectives based on the confluence considerations including energy, economics and climate change. This will include perspectives from reports generated by the Quadrennial Defense Review, Joint Forces Command, the Center for Strategic International Studies, MIT, the Inter-agency Climate Change Adaptation Task Force, the Central Intelligence Agency, the Center for Naval Analysis, and other relevant reports. The presentation will highlight the connections between resource issues and climate change which can be interpreted into security concerns. General discussion of global issues, contextual review of AR4 WGII may be included and any other report updates as applicable. The purpose of this presentation is to give a rounded view of the general qualitative and quantitative perspectives regarding climate related security considerations.

Bayesian performance metrics and small system integration in recent homeland security and defense applications

NASA Astrophysics Data System (ADS)

Jannson, Tomasz; Kostrzewski, Andrew; Patton, Edward; Pradhan, Ranjit; Shih, Min-Yi; Walter, Kevin; Savant, Gajendra; Shie, Rick; Forrester, Thomas

2010-04-01

In this paper, Bayesian inference is applied to performance metrics definition of the important class of recent Homeland Security and defense systems called binary sensors, including both (internal) system performance and (external) CONOPS. The medical analogy is used to define the PPV (Positive Predictive Value), the basic Bayesian metrics parameter of the binary sensors. Also, Small System Integration (SSI) is discussed in the context of recent Homeland Security and defense applications, emphasizing a highly multi-technological approach, within the broad range of clusters ("nexus") of electronics, optics, X-ray physics, γ-ray physics, and other disciplines.

Thin Client Architecture: The Promise and the Problems.

ERIC Educational Resources Information Center

Machovec, George S.

1997-01-01

Describes thin clients, a networking technology that allows organizations to provide software applications over networked workstations connected to a central server. Topics include corporate settings; major advantages, including cost effectiveness and increased computer security; problems; and possible applications for large public and academic…

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

NASA Technical Reports Server (NTRS)

Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

National Security Technology Incubator Business Plan

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

This document contains a business plan for the National Security Technology Incubator (NSTI), developed as part of the National Security Preparedness Project (NSPP) and performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This business plan describes key features of the NSTI, including the vision and mission, organizational structure and staffing, services, evaluation criteria, marketing strategies, client processes, a budget, incubator evaluation criteria, and a development schedule. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with nationalmore » security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland. The NSTI is operated and managed by the Arrowhead Center, responsible for leading the economic development mission of New Mexico State University (NMSU). The Arrowhead Center will recruit business with applications for national security technologies recruited for the NSTI program. The Arrowhead Center and its strategic partners will provide business incubation services, including hands-on mentoring in general business matters, marketing, proposal writing, management, accounting, and finance. Additionally, networking opportunities and technology development assistance will be provided.« less

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2010 CFR

2010-01-01

... industry affected, including pertinent information regarding companies and their plants, locations... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE NATIONAL SECURITY INDUSTRIAL BASE... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of...

Secondary Market Disclosure.

ERIC Educational Resources Information Center

Jones, Robert J.; Zehner, Mark R.

1996-01-01

In late 1994, the United States Securities and Exchange Commission (SEC) issued new rules applicable to issuers of municipal securities (including school districts) concerning disclosure to the investment community. Describes how SEC's existing Rule 15c2-12 has been implemented. Discusses its purpose, jurisdiction, obligated persons, written…

Common Operating Picture: UAV Security Study

NASA Technical Reports Server (NTRS)

2004-01-01

This initial communication security study is a top-level assessment of basic security issues related to the operation of Unmanned Aerial Vehicles (UAVs) in the National Airspace System (NAS). Security considerations will include information relating to the use of International Civil Aviation Organization (ICAO) Aeronautical Telecommunications Network (ATN) protocols and applications identifying their maturity, as well as the use of IPV4 and a version of mobile IPV6. The purpose of this assessment is to provide an initial analysis of the security implications of introducing UAVs into the NAS.

The Design Process of Physical Security as Applied to a U.S. Border Port of Entry

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wagner, G.G.

1999-02-22

This paper details the application of a standard physical security system design process to a US Border Port of Entry (PoE) for vehicle entry/exit. The physical security design methodology is described as well as the physical security similarities to facilities currently at a US Border PoE for vehicles. The physical security design process description includes the various elements that make up the methodologies well as the considerations that must be taken into account when dealing with system integration of those elements. The distinctions between preventing unlawful entry/exit of illegal contraband and personnel are described. The potential to enhance the functionsmore » of drug/contraband detection in the Pre-Primary Inspection area through the application of emerging technologies are also addressed.« less

On securing wireless sensor network--novel authentication scheme against DOS attacks.

PubMed

Raja, K Nirmal; Beno, M Marsaline

2014-10-01

Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2013 CFR

2013-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2011 CFR

2011-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2014 CFR

2014-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

15 CFR Supplement No. 5 to Part 742 - Encryption Registration

Code of Federal Regulations, 2012 CFR

2012-01-01

... registration, i.e., the information as described in this Supplement, submitted as a support documentation... (h) Smartcards or other identity management (i) Computer or network forensics (j) Software (i) Operating systems (ii) Applications (k) Toolkits/ASICs/components (l) Information security including secure...

Future prospects of luminescent nanomaterial based security inks: from synthesis to anti-counterfeiting applications

NASA Astrophysics Data System (ADS)

Kumar, Pawan; Singh, Satbir; Gupta, Bipin Kumar

2016-07-01

Counterfeiting of valuable documents, currency and branded products is a challenging problem that has serious economic, security and health ramifications for governments, businesses and consumers all over the world. It is estimated that counterfeiting represents a multi-billion dollar underground economy with counterfeit products being produced on a large scale every year. Counterfeiting is an increasingly high-tech crime and calls for high-tech solutions to prevent and deter the acts of counterfeiting. The present review briefly outlines and addresses the key challenges in this area, including the above mentioned concerns for anti-counterfeiting applications. This article describes a unique combination of all possible kinds of security ink formulations based on lanthanide doped luminescent nanomaterials, quantum dots (semiconductor and carbon based), metal organic frameworks as well as plasmonic nanomaterials for their possible use in anti-counterfeiting applications. Moreover, in this review, we have briefly discussed and described the historical background of luminescent nanomaterials, basic concepts and detailed synthesis methods along with their characterization. Furthermore, we have also discussed the methods adopted for the fabrication and design of luminescent security inks, various security printing techniques and their anti-counterfeiting applications.

Field test of quantum key distribution in the Tokyo QKD Network.

PubMed

Sasaki, M; Fujiwara, M; Ishizuka, H; Klaus, W; Wakui, K; Takeoka, M; Miki, S; Yamashita, T; Wang, Z; Tanaka, A; Yoshino, K; Nambu, Y; Takahashi, S; Tajima, A; Tomita, A; Domeki, T; Hasegawa, T; Sakai, Y; Kobayashi, H; Asai, T; Shimizu, K; Tokura, T; Tsurumaru, T; Matsui, M; Honjo, T; Tamaki, K; Takesue, H; Tokura, Y; Dynes, J F; Dixon, A R; Sharpe, A W; Yuan, Z L; Shields, A J; Uchikoga, S; Legré, M; Robyr, S; Trinkler, P; Monat, L; Page, J-B; Ribordy, G; Poppe, A; Allacher, A; Maurhart, O; Länger, T; Peev, M; Zeilinger, A

2011-05-23

A secure communication network with quantum key distribution in a metropolitan area is reported. Six different QKD systems are integrated into a mesh-type network. GHz-clocked QKD links enable us to demonstrate the world-first secure TV conferencing over a distance of 45km. The network includes a commercial QKD product for long-term stable operation, and application interface to secure mobile phones. Detection of an eavesdropper, rerouting into a secure path, and key relay via trusted nodes are demonstrated in this network.

Final Technical Report. Project Boeing SGS

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bell, Thomas E.

Boeing and its partner, PJM Interconnection, teamed to bring advanced “defense-grade” technologies for cyber security to the US regional power grid through demonstration in PJM’s energy management environment. Under this cooperative project with the Department of Energy, Boeing and PJM have developed and demonstrated a host of technologies specifically tailored to the needs of PJM and the electric sector as a whole. The team has demonstrated to the energy industry a combination of processes, techniques and technologies that have been successfully implemented in the commercial, defense, and intelligence communities to identify, mitigate and continuously monitor the cyber security of criticalmore » systems. Guided by the results of a Cyber Security Risk-Based Assessment completed in Phase I, the Boeing-PJM team has completed multiple iterations through the Phase II Development and Phase III Deployment phases. Multiple cyber security solutions have been completed across a variety of controls including: Application Security, Enhanced Malware Detection, Security Incident and Event Management (SIEM) Optimization, Continuous Vulnerability Monitoring, SCADA Monitoring/Intrusion Detection, Operational Resiliency, Cyber Range simulations and hands on cyber security personnel training. All of the developed and demonstrated solutions are suitable for replication across the electric sector and/or the energy sector as a whole. Benefits identified include; Improved malware and intrusion detection capability on critical SCADA networks including behavioral-based alerts resulting in improved zero-day threat protection; Improved Security Incident and Event Management system resulting in better threat visibility, thus increasing the likelihood of detecting a serious event; Improved malware detection and zero-day threat response capability; Improved ability to systematically evaluate and secure in house and vendor sourced software applications; Improved ability to continuously monitor and maintain secure configuration of network devices resulting in reduced vulnerabilities for potential exploitation; Improved overall cyber security situational awareness through the integration of multiple discrete security technologies into a single cyber security reporting console; Improved ability to maintain the resiliency of critical systems in the face of a targeted cyber attack of other significant event; Improved ability to model complex networks for penetration testing and advanced training of cyber security personnel« less

Introduction to FPGA Devices and The Challenges for Critical Application - A User's Perspective

NASA Technical Reports Server (NTRS)

Berg, Melanie; LaBel, Kenneth

2015-01-01

This presentation is an introduction to Field Programmable Gate Array (FPGA) devices and the challenges of critical application including: safety, reliability, availability, recoverability, and security.

12 CFR 591.2 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... includes transfers of real property subject to a real property loan by assumptions, installment land sales... other like transfers.“Completed credit application” has the same meaning as completed application for... security instrument upon a sale of transfer of all or any part of the real property securing the loan...

12 CFR 591.2 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... includes transfers of real property subject to a real property loan by assumptions, installment land sales... other like transfers.“Completed credit application” has the same meaning as completed application for... security instrument upon a sale of transfer of all or any part of the real property securing the loan...

PixonVision real-time video processor

NASA Astrophysics Data System (ADS)

Puetter, R. C.; Hier, R. G.

2007-09-01

PixonImaging LLC and DigiVision, Inc. have developed a real-time video processor, the PixonVision PV-200, based on the patented Pixon method for image deblurring and denoising, and DigiVision's spatially adaptive contrast enhancement processor, the DV1000. The PV-200 can process NTSC and PAL video in real time with a latency of 1 field (1/60 th of a second), remove the effects of aerosol scattering from haze, mist, smoke, and dust, improve spatial resolution by up to 2x, decrease noise by up to 6x, and increase local contrast by up to 8x. A newer version of the processor, the PV-300, is now in prototype form and can handle high definition video. Both the PV-200 and PV-300 are FPGA-based processors, which could be spun into ASICs if desired. Obvious applications of these processors include applications in the DOD (tanks, aircraft, and ships), homeland security, intelligence, surveillance, and law enforcement. If developed into an ASIC, these processors will be suitable for a variety of portable applications, including gun sights, night vision goggles, binoculars, and guided munitions. This paper presents a variety of examples of PV-200 processing, including examples appropriate to border security, battlefield applications, port security, and surveillance from unmanned aerial vehicles.

A review of video security training and assessment-systems and their applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Cellucci, J.; Hall, R.J.

1991-01-01

This paper reports that during the last 10 years computer-aided video data collection and playback systems have been used as nuclear facility security training and assessment tools with varying degrees of success. These mobile systems have been used by trained security personnel for response force training, vulnerability assessment, force-on-force exercises and crisis management. Typically, synchronous recordings from multiple video cameras, communications audio, and digital sensor inputs; are played back to the exercise participants and then edited for training and briefing. Factors that have influence user acceptance include: frequency of use, the demands placed on security personnel, fear of punishment, usermore » training requirements and equipment cost. The introduction of S-VHS video and new software for scenario planning, video editing and data reduction; should bring about a wider range of security applications and supply the opportunity for significant cost sharing with other user groups.« less

Comment on "Secure quantum private information retrieval using phase-encoded queries"

NASA Astrophysics Data System (ADS)

Shi, Run-hua; Mu, Yi; Zhong, Hong; Zhang, Shun

2016-12-01

In this Comment, we reexamine the security of phase-encoded quantum private query (QPQ). We find that the current phase-encoded QPQ protocols, including their applications, are vulnerable to a probabilistic entangle-and-measure attack performed by the owner of the database. Furthermore, we discuss how to overcome this security loophole and present an improved cheat-sensitive QPQ protocol without losing the good features of the original protocol.

U.S. Patent Pending, Cyberspace Security System for Complex Systems, U.S. Patent Application No.: 14/134,949

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Mili, Ali

A computer implemented method monetizes the security of a cyber-system in terms of losses each stakeholder may expect to lose if a security break down occurs. A non-transitory media stores instructions for generating a stake structure that includes costs that each stakeholder of a system would lose if the system failed to meet security requirements and generating a requirement structure that includes probabilities of failing requirements when computer components fails. The system generates a vulnerability model that includes probabilities of a component failing given threats materializing and generates a perpetrator model that includes probabilities of threats materializing. The system generatesmore » a dot product of the stakes structure, the requirement structure, the vulnerability model and the perpetrator model. The system can further be used to compare, contrast and evaluate alternative courses of actions best suited for the stakeholders and their requirements.« less

APPLICATIONS OF CFD SIMULATIONS OF POLLUTANT TRANSPORT AND DISPERSION WITHIN AMBIENT URBAN BUILDING ENVIRONMENTS: INCLUDING HOMELAND SECURITY

EPA Science Inventory

There is presently much focus on Homeland Security and the need to understand how potential sources of toxic material are transported and dispersed in the urban environment. Material transport and dispersion within these urban centers is highly influenced by the buildings. Compu...

76 FR 14794 - Special Conditions: Boeing Model 747-8 Airplanes, Systems and Data Networks Security-Isolation or...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-18

... Networks Security--Isolation or Protection From Unauthorized Passenger Domain Systems Access AGENCY... systems and data networks. The applicable airworthiness regulations do not contain adequate or appropriate... connected networks. The network architecture would be used for a diverse set of functions, including: 1...

20 CFR 418.3210 - What is a prescribed application for a subsidy?

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false What is a prescribed application for a subsidy? 418.3210 Section 418.3210 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... prescribed application may include a printed form, an application our employees complete on computer screens...

20 CFR 418.3210 - What is a prescribed application for a subsidy?

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false What is a prescribed application for a subsidy? 418.3210 Section 418.3210 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... prescribed application may include a printed form, an application our employees complete on computer screens...

20 CFR 418.3210 - What is a prescribed application for a subsidy?

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false What is a prescribed application for a subsidy? 418.3210 Section 418.3210 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... prescribed application may include a printed form, an application our employees complete on computer screens...

20 CFR 418.3210 - What is a prescribed application for a subsidy?

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false What is a prescribed application for a subsidy? 418.3210 Section 418.3210 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... prescribed application may include a printed form, an application our employees complete on computer screens...

20 CFR 418.3210 - What is a prescribed application for a subsidy?

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false What is a prescribed application for a subsidy? 418.3210 Section 418.3210 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... prescribed application may include a printed form, an application our employees complete on computer screens...

Photonic sensor opportunities for distributed and wireless systems in security applications

NASA Astrophysics Data System (ADS)

Krohn, David

2006-10-01

There are broad ranges of homeland security sensing applications that can be facilitated by distributed fiber optic sensors and photonics integrated wireless systems. These applications include [1]: Pipeline, (Monitoring, Security); Smart structures (Bridges, Tunnels, Dams, Public spaces); Power lines (Monitoring, Security); Transportation security; Chemical/biological detection; Wide area surveillance - perimeter; and Port Security (Underwater surveillance, Cargo container). Many vital assets which cover wide areas, such as pipeline and borders, are under constant threat of being attacked or breached. There is a rapidly emerging need to be able to provide identification of intrusion threats to such vital assets. Similar problems exit for monitoring the basic infrastructure such as water supply, power utilities, communications systems as well as transportation. There is a need to develop a coordinated and integrated solution for the detection of threats. From a sensor standpoint, consideration must not be limited to detection, but how does detection lead to intervention and deterrence. Fiber optic sensor technology must be compatible with other surveillance technologies such as wireless mote technology to facilitate integration. In addition, the multi-functionality of fiber optic sensors must be expanded to include bio-chemical detection. There have been a number of barriers for the acceptance and broad use of smart fiber optic sensors. Compared to telecommunications, the volume is low. This fact coupled with proprietary and custom specifications has kept the price of fiber optic sensors high. There is a general lack of a manufacturing infrastructure and lack of standards for packaging and reliability. Also, there are several competing technologies; some photonic based and other approaches based on conventional non-photonic technologies.

Security culture for nuclear facilities

NASA Astrophysics Data System (ADS)

Gupta, Deeksha; Bajramovic, Edita

2017-01-01

Natural radioactive elements are part of our environment and radioactivity is a natural phenomenon. There are numerous beneficial applications of radioactive elements (radioisotopes) and radiation, starting from power generation to usages in medical, industrial and agriculture applications. But the risk of radiation exposure is always attached to operational workers, the public and the environment. Hence, this risk has to be assessed and controlled. The main goal of safety and security measures is to protect human life, health, and the environment. Currently, nuclear security considerations became essential along with nuclear safety as nuclear facilities are facing rapidly increase in cybersecurity risks. Therefore, prevention and adequate protection of nuclear facilities from cyberattacks is the major task. Historically, nuclear safety is well defined by IAEA guidelines while nuclear security is just gradually being addressed by some new guidance, especially the IAEA Nuclear Security Series (NSS), IEC 62645 and some national regulations. At the overall level, IAEA NSS 7 describes nuclear security as deterrence and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear, other radioactive substances and their associated facilities. Nuclear security should be included throughout nuclear facilities. Proper implementation of a nuclear security culture leads to staff vigilance and a high level of security posture. Nuclear security also depends on policy makers, regulators, managers, individual employees and members of public. Therefore, proper education and security awareness are essential in keeping nuclear facilities safe and secure.

A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

NASA Astrophysics Data System (ADS)

Hassan, Ahmed A.; Bahgat, Waleed M.

2010-01-01

Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Antolak, Arlyn J.

Particle accelerators play a key role in a broad set of defense and security applications including war-fighter and asset protection, cargo inspection, nonproliferation, materials characterization and stockpile stewardship. Accelerators can replace the high activity radioactive sources that pose a security threat for developing a radiological dispersal device and be used to produce isotopes for medical, industrial, and re-search purposes. Lastly, we present an overview of current and emerging accelerator technologies relevant to addressing the needs of defense and security.

Field test of a practical secure communication network with decoy-state quantum cryptography.

PubMed

Chen, Teng-Yun; Liang, Hao; Liu, Yang; Cai, Wen-Qi; Ju, Lei; Liu, Wei-Yue; Wang, Jian; Yin, Hao; Chen, Kai; Chen, Zeng-Bing; Peng, Cheng-Zhi; Pan, Jian-Wei

2009-04-13

We present a secure network communication system that operated with decoy-state quantum cryptography in a real-world application scenario. The full key exchange and application protocols were performed in real time among three nodes, in which two adjacent nodes were connected by approximate 20 km of commercial telecom optical fiber. The generated quantum keys were immediately employed and demonstrated for communication applications, including unbreakable real-time voice telephone between any two of the three communication nodes, or a broadcast from one node to the other two nodes by using one-time pad encryption.

75 FR 45179 - Virtus Opportunities Trust, et al.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-02

... Opportunities Trust, et al.; Notice of Application Date: July 27, 2010. AGENCY: Securities and Exchange... of other registered open-end management investment companies and unit investment trusts (``UITs... under common control with PVA. Applicants: (a) Virtus Opportunities Trust (the ``Trust''), including the...

Additional Security Considerations for Grid Management

NASA Technical Reports Server (NTRS)

Eidson, Thomas M.

2003-01-01

The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

24 CFR 5.661 - Section 8 project-based assistance programs: Approval for police or other security personnel to...

Code of Federal Regulations, 2010 CFR

2010-04-01

.... (iii) Full disclosure of any family relationship between the owner and any security personnel. For this... with Disabilities: Family Income and Family Payment; Occupancy Requirements for Section 8 Project-Based... 8 families residing in the project. (2) The owner's application must include the following...

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2014 CFR

2014-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2013 CFR

2013-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

29 CFR 2570.35 - Information to be included in applications for individual exemptions only.

Code of Federal Regulations, 2012 CFR

2012-07-01

... exemptions only. 2570.35 Section 2570.35 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS... INCOME SECURITY ACT OF 1974 PROCEDURAL REGULATIONS UNDER THE EMPLOYEE RETIREMENT INCOME SECURITY ACT... felony involving abuse or misuse of such person's position or employment with an employee benefit plan or...

76 FR 39927 - Order Granting Temporary Exemptions Under the Securities Exchange Act of 1934 in Connection With...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-07

... generally subject to certain antifraud and anti-manipulation provisions under the Exchange Act. This is... specific antifraud and anti-manipulation provisions (including Exchange Act section 10(b)).\\25\\ Accordingly... application of those Exchange Act antifraud and anti-manipulation provisions, as well as Securities Act...

Authentication techniques for smart cards

DOE Office of Scientific and Technical Information (OSTI.GOV)

Nelson, R.A.

1994-02-01

Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thoroughmore » understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system.« less

Practical issues in quantum-key-distribution postprocessing

NASA Astrophysics Data System (ADS)

Fung, Chi-Hang Fred; Ma, Xiongfeng; Chau, H. F.

2010-01-01

Quantum key distribution (QKD) is a secure key generation method between two distant parties by wisely exploiting properties of quantum mechanics. In QKD, experimental measurement outcomes on quantum states are transformed by the two parties to a secret key. This transformation is composed of many logical steps (as guided by security proofs), which together will ultimately determine the length of the final secret key and its security. We detail the procedure for performing such classical postprocessing taking into account practical concerns (including the finite-size effect and authentication and encryption for classical communications). This procedure is directly applicable to realistic QKD experiments and thus serves as a recipe that specifies what postprocessing operations are needed and what the security level is for certain lengths of the keys. Our result is applicable to the BB84 protocol with a single or entangled photon source.

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance

PubMed Central

Watzlaf, Valerie J.M.; Moeini, Sohrab; Firouzan, Patti

2010-01-01

Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR. PMID:25945172

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance.

PubMed

Watzlaf, Valerie J M; Moeini, Sohrab; Firouzan, Patti

2010-01-01

Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR.

49 CFR 451.1 - Application for approval.

Code of Federal Regulations, 2012 CFR

2012-10-01

... SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.1 Application for approval. (a) Any owner of an existing container may apply for approval to... to any Approval Authority. (b) Each application must include the following for each container: (1...

49 CFR 451.1 - Application for approval.

Code of Federal Regulations, 2010 CFR

2010-10-01

... SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.1 Application for approval. (a) Any owner of an existing container may apply for approval to... to any Approval Authority. (b) Each application must include the following for each container: (1...

49 CFR 451.1 - Application for approval.

Code of Federal Regulations, 2011 CFR

2011-10-01

... SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.1 Application for approval. (a) Any owner of an existing container may apply for approval to... to any Approval Authority. (b) Each application must include the following for each container: (1...

Access Control of Web and Java Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

Security Issues for Mobile Medical Imaging: A Primer.

PubMed

Choudhri, Asim F; Chatterjee, Arindam R; Javan, Ramin; Radvany, Martin G; Shih, George

2015-10-01

The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager-controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field. © RSNA, 2015.

15 CFR 19.1 - What definitions apply to the regulations in this Part?

Code of Federal Regulations, 2010 CFR

2010-01-01

... bureaus currently include the Bureau of Industry and Security, the Economics and Statistics Administration... applicable agreement or instrument (including a post-delinquency payment agreement) unless other satisfactory...

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

10 CFR 25.17 - Approval for processing applicants for access authorization.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Approval for processing applicants for access... Authorizations § 25.17 Approval for processing applicants for access authorization. (a) Access authorizations... request by a letter that includes the name, Social Security number and level of access authorization. (c...

12 CFR 563b.150 - What must I include in my application for conversion?

Code of Federal Regulations, 2010 CFR

2010-01-01

... legal opinion indicating that any marketing materials comply with all applicable securities laws. (4) An..., attorney, investment banker, appraiser, or other professional who prepared, reviewed, passed upon, or... requests. (b) OTS will not accept for filing, and will return, any application for conversion that is...

49 CFR 451.1 - Application for approval.

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.1 Application for approval. (a) Any owner of an existing container may apply for approval to.... (b) Each application must include the following for each container: (1) Date and place of manufacture...

49 CFR 451.1 - Application for approval.

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY SAFETY APPROVAL OF CARGO CONTAINERS TESTING AND APPROVAL OF CONTAINERS Approval of Existing Containers § 451.1 Application for approval. (a) Any owner of an existing container may apply for approval to.... (b) Each application must include the following for each container: (1) Date and place of manufacture...

Teleradiology applications with DICOM-e-mail.

PubMed

Weisser, G; Engelmann, U; Ruggiero, S; Runa, A; Schröter, A; Baur, S; Walz, M

2007-05-01

For the connection of several partners to a Dicom-e-mail based teleradiology network concepts were developed to allow the integration of different teleradiology applications. The organisational and technical needs for such an integration were analysed. More than 60 institutions including 23 hospitals in the Rhein-Neckar-Region, Germany were connected. The needed functionality was grouped in six teleradiology applications (emergency consultation, tele-guided examinations, expert consultations, cooperative work, scientific cooperations and homework with on call services) and their technical and organisational needs according to availability, speed of transfer, workflow definitions and data security needs was analysed. For the local integration of teleradiology services the setup and workflow is presented for a standalone teleradiology workstation and a server based teleradiology gateway. The line type needed for different groups of applications and users is defined. The security concept and fallback strategies are laid out, potential security problems and sources of errors are discussed. The specialties for the emergency teleradiology application are presented. The DICOM-e-mail protocol is a flexible and powerful protocol that can be used for a variety of teleradiology applications. It can meet the conditions for emergency applications but is limited if synchronous applications like teleconferences are needed.

Optimizing Security of Cloud Computing within the DoD

DTIC Science & Technology

2010-12-01

information security governance and risk management; application security; cryptography; security architecture and design; operations security; business ...governance and risk management; application security; cryptography; security architecture and design; operations security; business continuity...20 7. Operational Security (OPSEC).........................................................20 8. Business Continuity Planning (BCP) and Disaster

A systematic approach for analysis and design of secure health information systems.

PubMed

Blobel, B; Roger-France, F

2001-06-01

A toolset using object-oriented techniques including the nowadays popular unified modelling language (UML) approach has been developed to facilitate the different users' views for security analysis and design of health care information systems. Paradigm and concepts used are based on the component architecture of information systems and on a general layered security model. The toolset was developed in 1996/1997 within the ISHTAR project funded by the European Commission as well as through international standardisation activities. Analysing and systematising real health care scenarios, only six and nine use case types could be found in the health and the security-related view, respectively. By combining these use case types, the analysis and design of any thinkable system architecture can be simplified significantly. Based on generic schemes, the environment needed for both communication and application security can be established by appropriate sets of security services and mechanisms. Because of the importance and the basic character of electronic health care record (EHCR) systems, the understanding of the approach is facilitated by (incomplete) examples for this application.

Summary Report for the Radiation Detection for Nuclear Security Summer School 2012

DOE Office of Scientific and Technical Information (OSTI.GOV)

Runkle, Robert C.; Baciak, James E.; Stave, Jean A.

The Pacific Northwest National Laboratory (PNNL) hosted students from across the United States at the inaugural Radiation Detection for Nuclear Security Summer School from June 11 – 22, 2012. The summer school provided students with a unique understanding of nuclear security challenges faced in the field and exposed them to the technical foundations, analyses, and insight that will be required by future leaders in technology development and implementation. The course heavily emphasized laboratory and field demonstrations including direct measurements of special nuclear material. The first week of the summer school focused on the foundational knowledge required by technology practitioners; themore » second week focused on contemporary applications. Student evaluations and feedback from student advisors indicates that the summer school achieved its objectives of 1) exposing students to the range of nuclear security applications for which radiation detection is necessary, 2) articulating the relevance of student research into the broader context, and 3) exciting students about the possibility of future careers in nuclear security.« less

SPACE: Enhancing Life on Earth. Proceedings Report

NASA Technical Reports Server (NTRS)

Hobden, Alan (Editor); Hobden, Beverly (Editor); Bagley, Larry E. (Editor); Bolton, Ed (Editor); Campaigne, Len O. (Editor); Cole, Ron (Editor); France, Marty (Editor); Hand, Rich (Editor); McKinley, Cynthia (Editor); Zimkas, Chuck (Editor)

1996-01-01

The proceedings of the 12th National Space Symposium on Enhancing Life on Earth is presented. Technological areas discussed include: Space applications and cooperation; Earth sensing, communication, and navigation applications; Global security interests in space; and International space station and space launch capabilities. An appendices that include featured speakers, program participants, and abbreviation & acronyms glossary is also attached.

Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

PubMed

Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

2017-09-18

Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

78 FR 41443 - BofA Funds Series Trust, et al., Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-10

... offices physically separate from MLPF&S. 3. Investment decisions for the Funds are determined solely by... securities which are eligible for purchase by money market funds under rule 2a-7, including conventional... have the security in inventory and be in a position to quote a purchase and sale price that is the best...

Coordination and organization of security software process for power information application environment

NASA Astrophysics Data System (ADS)

Wang, Qiang

2017-09-01

As an important part of software engineering, the software process decides the success or failure of software product. The design and development feature of security software process is discussed, so is the necessity and the present significance of using such process. Coordinating the function software, the process for security software and its testing are deeply discussed. The process includes requirement analysis, design, coding, debug and testing, submission and maintenance. In each process, the paper proposed the subprocesses to support software security. As an example, the paper introduces the above process into the power information platform.

Security implications and governance of cognitive neuroscience.

PubMed

Kosal, Margaret E; Huang, Jonathan Y

2015-01-01

In recent years, significant efforts have been made toward elucidating the potential of the human brain. Spanning fields as disparate as psychology, biomedicine, computer science, mathematics, electrical engineering, and chemistry, research venturing into the growing domains of cognitive neuroscience and brain research has become fundamentally interdisciplinary. Among the most interesting and consequential applications to international security are the military and defense community's interests in the potential of cognitive neuroscience findings and technologies. In the United States, multiple governmental agencies are actively pursuing such endeavors, including the Department of Defense, which has invested over $3 billion in the last decade to conduct research on defense-related innovations. This study explores governance and security issues surrounding cognitive neuroscience research with regard to potential security-related applications and reports scientists' views on the role of researchers in these areas through a survey of over 200 active cognitive neuroscientists.

Photonic sensor applications in transportation security

NASA Astrophysics Data System (ADS)

Krohn, David A.

2007-09-01

There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically address transportation security, photonic sensors fall into two categories: fixed point monitoring and mobile tracking. In fixed point monitoring, the sensors monitor bridge and tunnel structural health and environment problems such as toxic gases in a tunnel. Mobile tracking sensors are being designed to track cargo such as shipboard cargo containers and trucks. Mobile tracking sensor systems have multifunctional sensor requirements including intrusion (tampering), biochemical, radiation and explosives detection. This paper will review the state of the art of photonic sensor technologies and their ability to meet the challenges of transportation security.

A SOPC-BASED Evaluation of AES for 2.4 GHz Wireless Network

NASA Astrophysics Data System (ADS)

Ken, Cai; Xiaoying, Liang

In modern systems, data security is needed more than ever before and many cryptographic algorithms are utilized for security services. Wireless Sensor Networks (WSN) is an example of such technologies. In this paper an innovative SOPC-based approach for the security services evaluation in WSN is proposed that addresses the issues of scalability, flexible performance, and silicon efficiency for the hardware acceleration of encryption system. The design includes a Nios II processor together with custom designed modules for the Advanced Encryption Standard (AES) which has become the default choice for various security services in numerous applications. The objective of this mechanism is to present an efficient hardware realization of AES using very high speed integrated circuit hardware description language (Verilog HDL) and expand the usability for various applications. As compared to traditional customize processor design, the mechanism provides a very broad range of cost/performance points.

Secure and Efficient Reactive Video Surveillance for Patient Monitoring.

PubMed

Braeken, An; Porambage, Pawani; Gurtov, Andrei; Ylianttila, Mika

2016-01-02

Video surveillance is widely deployed for many kinds of monitoring applications in healthcare and assisted living systems. Security and privacy are two promising factors that align the quality and validity of video surveillance systems with the caliber of patient monitoring applications. In this paper, we propose a symmetric key-based security framework for the reactive video surveillance of patients based on the inputs coming from data measured by a wireless body area network attached to the human body. Only authenticated patients are able to activate the video cameras, whereas the patient and authorized people can consult the video data. User and location privacy are at each moment guaranteed for the patient. A tradeoff between security and quality of service is defined in order to ensure that the surveillance system gets activated even in emergency situations. In addition, the solution includes resistance against tampering with the device on the patient's side.

Secure and Efficient Reactive Video Surveillance for Patient Monitoring

PubMed Central

Braeken, An; Porambage, Pawani; Gurtov, Andrei; Ylianttila, Mika

2016-01-01

Video surveillance is widely deployed for many kinds of monitoring applications in healthcare and assisted living systems. Security and privacy are two promising factors that align the quality and validity of video surveillance systems with the caliber of patient monitoring applications. In this paper, we propose a symmetric key-based security framework for the reactive video surveillance of patients based on the inputs coming from data measured by a wireless body area network attached to the human body. Only authenticated patients are able to activate the video cameras, whereas the patient and authorized people can consult the video data. User and location privacy are at each moment guaranteed for the patient. A tradeoff between security and quality of service is defined in order to ensure that the surveillance system gets activated even in emergency situations. In addition, the solution includes resistance against tampering with the device on the patient’s side. PMID:26729130

Secure Web-Site Access with Tickets and Message-Dependent Digests

USGS Publications Warehouse

Donato, David I.

2008-01-01

Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

PubMed

Das, Ashok Kumar; Goswami, Adrijit

2013-06-01

Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

A study of IEEE 802.15.4 security framework for wireless body area networks.

PubMed

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

PubMed Central

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

Ad-Hoc Networks and the Mobile Application Security System (MASS)

DTIC Science & Technology

2006-01-01

solution to this problem that addresses critical aspects of security in ad-hoc mobile application networks. This approach involves preventing unauthorized...modification of a mobile application , both by other applications and by hosts, and ensuring that mobile code is authentic and authorized. These...capabilities constitute the Mobile Application Security System (MASS). The MASS applies effective, robust security to mobile application -based systems

17 CFR 30.11 - Applicability of state law.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Applicability of state law. 30... FUTURES AND FOREIGN OPTIONS TRANSACTIONS § 30.11 Applicability of state law. Pursuant to section 12(e)(2) of the Act, the provisions of any state law, including any rule or regulation thereunder, may be...

17 CFR 30.11 - Applicability of state law.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Applicability of state law. 30... FUTURES AND FOREIGN OPTIONS TRANSACTIONS § 30.11 Applicability of state law. Pursuant to section 12(e)(2) of the Act, the provisions of any state law, including any rule or regulation thereunder, may be...

17 CFR 30.11 - Applicability of state law.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Applicability of state law. 30... FUTURES AND FOREIGN OPTIONS TRANSACTIONS § 30.11 Applicability of state law. Pursuant to section 12(e)(2) of the Act, the provisions of any state law, including any rule or regulation thereunder, may be...

6 CFR 37.11 - Application and documents the applicant must provide.

Code of Federal Regulations, 2010 CFR

2010-01-01

... subsequent visits. (c) Identity. (1) To establish identity, the applicant must present at least one of the... present at least one document included in paragraph (c) of this section. (e) Social security number (SSN). (1) Except as provided in paragraph (e)(3) of this section, individuals presenting the identity...

12 CFR 263.402 - Removal, suspension, or debarment.

Code of Federal Regulations, 2011 CFR

2011-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in... violation of applicable professional standards in circumstances in which an accountant knows, or should know...

12 CFR 19.243 - Removal, suspension, or debarment.

Code of Federal Regulations, 2014 CFR

2014-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Public Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged... results in a violation of applicable professional standards in circumstances in which an accountant knows...

12 CFR 308.602 - Removal, suspension, or debarment.

Code of Federal Regulations, 2014 CFR

2014-01-01

... in conduct that results in a violation of applicable professional standards, including those... Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in negligent conduct... applicable professional standards in circumstances in which an accountant knows, or should know, that...

12 CFR 263.402 - Removal, suspension, or debarment.

Code of Federal Regulations, 2014 CFR

2014-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in... violation of applicable professional standards in circumstances in which an accountant knows, or should know...

12 CFR 308.602 - Removal, suspension, or debarment.

Code of Federal Regulations, 2013 CFR

2013-01-01

... in conduct that results in a violation of applicable professional standards, including those... Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in negligent conduct... applicable professional standards in circumstances in which an accountant knows, or should know, that...

12 CFR 19.243 - Removal, suspension, or debarment.

Code of Federal Regulations, 2013 CFR

2013-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Public Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged... results in a violation of applicable professional standards in circumstances in which an accountant knows...

12 CFR 308.602 - Removal, suspension, or debarment.

Code of Federal Regulations, 2012 CFR

2012-01-01

... in conduct that results in a violation of applicable professional standards, including those... Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in negligent conduct... applicable professional standards in circumstances in which an accountant knows, or should know, that...

12 CFR 263.402 - Removal, suspension, or debarment.

Code of Federal Regulations, 2012 CFR

2012-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in... violation of applicable professional standards in circumstances in which an accountant knows, or should know...

12 CFR 19.243 - Removal, suspension, or debarment.

Code of Federal Regulations, 2011 CFR

2011-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Public Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged... results in a violation of applicable professional standards in circumstances in which an accountant knows...

12 CFR 19.243 - Removal, suspension, or debarment.

Code of Federal Regulations, 2012 CFR

2012-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Public Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged... results in a violation of applicable professional standards in circumstances in which an accountant knows...

12 CFR 308.602 - Removal, suspension, or debarment.

Code of Federal Regulations, 2011 CFR

2011-01-01

... in conduct that results in a violation of applicable professional standards, including those... Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in negligent conduct... applicable professional standards in circumstances in which an accountant knows, or should know, that...

12 CFR 263.402 - Removal, suspension, or debarment.

Code of Federal Regulations, 2013 CFR

2013-01-01

... recklessly engaged in conduct that results in a violation of applicable professional standards, including... Company Accounting Oversight Board and the Securities and Exchange Commission; (iii) Has engaged in... violation of applicable professional standards in circumstances in which an accountant knows, or should know...

Upgrading a CD-ROM Network for Multimedia Applications.

ERIC Educational Resources Information Center

Sylvia, Margaret

1995-01-01

Addresses issues to consider when upgrading library CD-ROM networks for multimedia applications. Topics includes security issues; workstation requirements such as soundboards and monitors; local area network configurations that avoid bottlenecks: Asynchronous Transfer Mode, Ethernet, and Integrated Services Digital Network; server performance…

Security issues in healthcare applications using wireless medical sensor networks: a survey.

PubMed

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

PubMed Central

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

18 CFR 34.1 - Applicability; definitions; exemptions in case of certain State regulation, certain short-term...

Code of Federal Regulations, 2013 CFR

2013-04-01

... Commission's regulations; and (2) Public utilities pursuant to section 204 of the Federal Power Act (49 Stat... Power Act; (2) The term securities includes any note, stock, treasury stock, bond, or debenture or other... regulations under this part, with respect to such securities. (2) This part does not apply to the issue or...

18 CFR 34.1 - Applicability; definitions; exemptions in case of certain State regulation, certain short-term...

Code of Federal Regulations, 2011 CFR

2011-04-01

... Commission's regulations; and (2) Public utilities pursuant to section 204 of the Federal Power Act (49 Stat... Power Act; (2) The term securities includes any note, stock, treasury stock, bond, or debenture or other... regulations under this part, with respect to such securities. (2) This part does not apply to the issue or...

18 CFR 34.1 - Applicability; definitions; exemptions in case of certain State regulation, certain short-term...

Code of Federal Regulations, 2012 CFR

2012-04-01

... Commission's regulations; and (2) Public utilities pursuant to section 204 of the Federal Power Act (49 Stat... Power Act; (2) The term securities includes any note, stock, treasury stock, bond, or debenture or other... regulations under this part, with respect to such securities. (2) This part does not apply to the issue or...

18 CFR 34.1 - Applicability; definitions; exemptions in case of certain State regulation, certain short-term...

Code of Federal Regulations, 2010 CFR

2010-04-01

... Commission's regulations; and (2) Public utilities pursuant to section 204 of the Federal Power Act (49 Stat... Power Act; (2) The term securities includes any note, stock, treasury stock, bond, or debenture or other... regulations under this part, with respect to such securities. (2) This part does not apply to the issue or...

18 CFR 34.1 - Applicability; definitions; exemptions in case of certain State regulation, certain short-term...

Code of Federal Regulations, 2014 CFR

2014-04-01

... Commission's regulations; and (2) Public utilities pursuant to section 204 of the Federal Power Act (49 Stat... Power Act; (2) The term securities includes any note, stock, treasury stock, bond, or debenture or other... regulations under this part, with respect to such securities. (2) This part does not apply to the issue or...

76 FR 50529 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-15

... or more, to include criteria based on an SLP's Average Daily Volume (``ADV'') in added liquidity in... liquidity in the applicable month for all assigned SLP securities, as follows: \\5\\ \\5\\ See Securities... is more than 10 million shares but not more than 20 million shares.\\6\\ \\6\\ For all other SLP...

National Security Implications of Virtual Currency: Examining the Potential for Non-state Actor Deployment

DTIC Science & Technology

2015-02-01

Centralization . . . . . . . . . . . . . . . . . . . . . . 43 “Anonymity”: A Bitcoin Case Study...been a case of x National Security Implications of Virtual Currency such a non-state actor deployment; in this report, we aim to high- light...development of VCs may advance, including a gen- eral increased sophistication in cryptographic applications. More gen- erally, we make the case that the main

Integrating QoS and security functions in an IP-VPN gateway

NASA Astrophysics Data System (ADS)

Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

2001-10-01

IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

Code of Federal Regulations, 2011 CFR

2011-04-01

... information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities....609 Registration of securities information processors: form of application and amendments. (a) An application for the registration of a securities information processor shall be filed on Form SIP (§ 249.1001...

17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

Code of Federal Regulations, 2010 CFR

2010-04-01

... information processors: form of application and amendments. 242.609 Section 242.609 Commodity and Securities....609 Registration of securities information processors: form of application and amendments. (a) An application for the registration of a securities information processor shall be filed on Form SIP (§ 249.1001...

Surface-enhanced Raman spectroscopy and homeland security: a perfect match?

PubMed

Golightly, Rebecca S; Doering, William E; Natan, Michael J

2009-10-27

This Nano Focus article reviews recent developments in surface-enhanced Raman spectroscopy (SERS) and its application to homeland security. It is based on invited talks given at the "Nanorods and Microparticles for Homeland Security" symposium, which was organized by one of the authors and presented at the 238th ACS National Meeting and Exhibition in Washington, DC. The three-day symposium included approximately 25 experts from academia, industry, and national laboratories and included both SERS and non-SERS approaches to detection of chemical and biological substances relevant to homeland security, as well as fundamental advances. Here, we focus on SERS and how it is uniquely positioned to have an impact in a field whose importance is increasing rapidly. We describe some technical challenges that remain and offer a glimpse of what form solutions might take.

20 CFR 627.315 - Benefits and working conditions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... to work for employers which do not comply with applicable labor laws, including wage and hour... with respect to injuries suffered by participants. Where a State's workers' compensation law is not applicable, recipients and subrecipients shall secure insurance coverage for injuries suffered by such...

17 CFR 200.602 - Application.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Application. 200.602 Section 200.602 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT... Programs or Activities Conducted by the Securities and Exchange Commission § 200.602 Application. This...

17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

Code of Federal Regulations, 2011 CFR

2011-04-01

... registration as a securities information processor or to amend such an application or registration. 249.1001..., SECURITIES EXCHANGE ACT OF 1934 Form for Registration of, and Reporting by Securities Information Processors § 249.1001 Form SIP, for application for registration as a securities information processor or to amend...

17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

Code of Federal Regulations, 2010 CFR

2010-04-01

... registration as a securities information processor or to amend such an application or registration. 249.1001..., SECURITIES EXCHANGE ACT OF 1934 Form for Registration of, and Reporting by Securities Information Processors § 249.1001 Form SIP, for application for registration as a securities information processor or to amend...

KENNEDY SPACE CENTER, FLA. - Research team members aboard one of the watercraft being utilized to conduct underwater acoustic research in the Launch Complex 39 turn basin secure some of the project's equipment back into the vessel. Several government agencies, including NASA, NOAA, the Navy, the Coast Guard, and the Florida Fish and Wildlife Commission are involved in the testing. The research involves demonstrations of passive and active sensor technologies, with applications in fields ranging from marine biological research to homeland security. The work is also serving as a pilot project to assess the cooperation between the agencies involved. Equipment under development includes a passive acoustic monitor developed by NASA’s Jet Propulsion Laboratory, and mobile robotic sensors from the Navy’s Mobile Diving and Salvage Unit.

NASA Image and Video Library

2003-08-19

KENNEDY SPACE CENTER, FLA. - Research team members aboard one of the watercraft being utilized to conduct underwater acoustic research in the Launch Complex 39 turn basin secure some of the project's equipment back into the vessel. Several government agencies, including NASA, NOAA, the Navy, the Coast Guard, and the Florida Fish and Wildlife Commission are involved in the testing. The research involves demonstrations of passive and active sensor technologies, with applications in fields ranging from marine biological research to homeland security. The work is also serving as a pilot project to assess the cooperation between the agencies involved. Equipment under development includes a passive acoustic monitor developed by NASA’s Jet Propulsion Laboratory, and mobile robotic sensors from the Navy’s Mobile Diving and Salvage Unit.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

PubMed Central

Alajmi, Naser; Elleithy, Khaled

2015-01-01

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable. PMID:26610499

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

PubMed

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Communications Processors: Categories, Applications, and Trends

DTIC Science & Technology

1976-03-01

allow switching from BSC to SDLC .(12) Standard protocols would ease the requirement that communications processor software convert from one...COMMANDER c^/g^_ (^-»M-^ V »*-^ FRANK J. EMMA, Colonel, USAF Director, information Systems Technology Applications Office Deputy for Command...guidelines in selecting a device for a specific application are included, with manufacturer models presented as illustrations. UNCLASSIFIED SECURITY

17 CFR 201.193 - Applications by barred individuals for consent to associate.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Applications by barred individuals for consent to associate. 201.193 Section 201.193 Commodity and Securities Exchanges SECURITIES... securities dealers, government securities brokers, government securities dealers, investment advisers...

Adversarial Feature Selection Against Evasion Attacks.

PubMed

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

NASA Astrophysics Data System (ADS)

Green, Mary W.

1997-01-01

As problems of violence and crime become more prevalent in our schools, more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense US social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti- graffiti methods, and duress alarms can all be effective, given they are used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more tot he general 'order maintenance' of the facility than could be achieved by separate measures not integrated or related.

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2013 CFR

2013-01-01

... performance standards and potential modes of terrorist attack including, as applicable, vehicle-borne explosive devices, water-borne explosive devices, ground assault, or other modes or potential modes...

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2014 CFR

2014-01-01

... performance standards and potential modes of terrorist attack including, as applicable, vehicle-borne explosive devices, water-borne explosive devices, ground assault, or other modes or potential modes...

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2012 CFR

2012-01-01

... performance standards and potential modes of terrorist attack including, as applicable, vehicle-borne explosive devices, water-borne explosive devices, ground assault, or other modes or potential modes...

49 CFR 1572.9 - Applicant information required for HME security threat assessment.

Code of Federal Regulations, 2011 CFR

2011-10-01

... threat assessment. 1572.9 Section 1572.9 Transportation Other Regulations Relating to Transportation... TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Procedures and General Standards § 1572.9 Applicant information required for HME security threat assessment. An applicant must supply the information...

Hardware Acceleration for Cyber Security

DTIC Science & Technology

2010-11-01

perform different approaches. It includes behavioral analysis, by means of NetFlow monitoring, as well as packet content analysis, so called Deep...Interface (API). The example of such application is NetFlow exporter described in [5]. • We provide modified libpcap library using libsze2 API. This...cards. The software applications using NIFIC include FlowMon NetFlow /IPFIX generator, Wireshark packet analyzer, iptables - Linux kernel firewall, deep

7 CFR 765.205 - Subordination of liens.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Subordination of liens. (a) Borrower application requirements. The borrower must submit the following, unless it... application for subordination form; (2) A current financial statement, including, in the case of an entity..., expenses, and debt repayment plan; and (6) Verification of all debts. (b) Real estate security. For loans...

25 CFR 11.600 - Marriages.

Code of Federal Regulations, 2012 CFR

2012-04-01

... application shall include the following information: (1) Name, sex, occupation, address, social security... relationship; and (5) The name and date of birth of any child of which both parties are parents, born before the making of the application, unless their parental rights and the parent and child relationship with...

25 CFR 11.600 - Marriages.

Code of Federal Regulations, 2011 CFR

2011-04-01

... application shall include the following information: (1) Name, sex, occupation, address, social security... relationship; and (5) The name and date of birth of any child of which both parties are parents, born before the making of the application, unless their parental rights and the parent and child relationship with...

25 CFR 11.600 - Marriages.

Code of Federal Regulations, 2010 CFR

2010-04-01

... application shall include the following information: (1) Name, sex, occupation, address, social security... relationship; and (5) The name and date of birth of any child of which both parties are parents, born before the making of the application, unless their parental rights and the parent and child relationship with...

25 CFR 11.600 - Marriages.

Code of Federal Regulations, 2013 CFR

2013-04-01

... application shall include the following information: (1) Name, sex, occupation, address, social security... relationship; and (5) The name and date of birth of any child of which both parties are parents, born before the making of the application, unless their parental rights and the parent and child relationship with...

25 CFR 11.600 - Marriages.

Code of Federal Regulations, 2014 CFR

2014-04-01

... application shall include the following information: (1) Name, sex, occupation, address, social security... relationship; and (5) The name and date of birth of any child of which both parties are parents, born before the making of the application, unless their parental rights and the parent and child relationship with...

Proceedings of the Second Annual NASA Science Internet User Working Group Conference

NASA Technical Reports Server (NTRS)

Jackson, Lenore A. (Editor); Gary, J. Patrick (Editor)

1991-01-01

Copies of the agenda, list of attendees, meeting summaries, and all presentations and exhibit material are contained. Included are plenary sessions, exhibits of advanced networking applications, and user subgroup meetings on NASA Science Internet policy, networking, security, and user services and applications topics.

Secure distribution for high resolution remote sensing images

NASA Astrophysics Data System (ADS)

Liu, Jin; Sun, Jing; Xu, Zheng Q.

2010-09-01

The use of remote sensing images collected by space platforms is becoming more and more widespread. The increasing value of space data and its use in critical scenarios call for adoption of proper security measures to protect these data against unauthorized access and fraudulent use. In this paper, based on the characteristics of remote sensing image data and application requirements on secure distribution, a secure distribution method is proposed, including users and regions classification, hierarchical control and keys generation, and multi-level encryption based on regions. The combination of the three parts can make that the same remote sensing images after multi-level encryption processing are distributed to different permission users through multicast, but different permission users can obtain different degree information after decryption through their own decryption keys. It well meets user access control and security needs in the process of high resolution remote sensing image distribution. The experimental results prove the effectiveness of the proposed method which is suitable for practical use in the secure transmission of remote sensing images including confidential information over internet.

Development and Application of Skill Standards for Security Practitioners

DTIC Science & Technology

2006-07-01

Development and Application of Skill Standards for Security Practitioners Henry K. Simpson Northrop Grumman Technical Services Lynn F. Fischer...and Application of Skill Standards for Security Practitioners Henry K. Simpson, Northrop Grumman Technical Services Lynn F. Fischer, Defense...described in the present report was driven by a JSTC tasking to develop skill standards for security practitioners in seven different security

A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications

NASA Astrophysics Data System (ADS)

Badan, Stephen; Probst, Julien; Jaton, Markus; Vionnet, Damien; Wagen, Jean-Frédéric; Litzistorf, Gérald

Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.

Revolution in nuclear detection affairs

NASA Astrophysics Data System (ADS)

Stern, Warren M.

2014-05-01

The detection of nuclear or radioactive materials for homeland or national security purposes is inherently difficult. This is one reason detection efforts must be seen as just one part of an overall nuclear defense strategy which includes, inter alia, material security, detection, interdiction, consequence management and recovery. Nevertheless, one could argue that there has been a revolution in detection affairs in the past several decades as the innovative application of new technology has changed the character and conduct of detection operations. This revolution will likely be most effectively reinforced in the coming decades with the networking of detectors and innovative application of anomaly detection algorithms.

20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 4 2012-04-01 2012-04-01 false Application for security deposit...' COMPENSATION ACT AND RELATED STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.203 Application for security deposit determination; information to be submitted; other...

20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 3 2011-04-01 2011-04-01 false Application for security deposit...' COMPENSATION ACT AND RELATED STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.203 Application for security deposit determination; information to be submitted; other...

Contributions and future of radioisotopes in medical, industrial, and space applications

NASA Astrophysics Data System (ADS)

Tingey, G. L.; Dix, G. P.; Wahlquist, E. J.

1990-11-01

There are 333 isotopes that have a half-life between 1 day and 100,000 years that have a wide variety of applications including public health, medicine, industrial technology, food technology and packaging, agriculture, energy supply, and national security. This paper provides an overview of some of the most extensive applications of radioisotopes including some observations of future uses. Examples are discussed that indicate that the use of radioisotopes is almost unlimited and will continue to grow. There is a growing need for future applications development and production.

Wireless Technology Infrastructures for Authentication of Patients: PKI that Rings

PubMed Central

Sax, Ulrich; Kohane, Isaac; Mandl, Kenneth D.

2005-01-01

As the public interest in consumer-driven electronic health care applications rises, so do concerns about the privacy and security of these applications. Achieving a balance between providing the necessary security while promoting user acceptance is a major obstacle in large-scale deployment of applications such as personal health records (PHRs). Robust and reliable forms of authentication are needed for PHRs, as the record will often contain sensitive and protected health information, including the patient's own annotations. Since the health care industry per se is unlikely to succeed at single-handedly developing and deploying a large scale, national authentication infrastructure, it makes sense to leverage existing hardware, software, and networks. This report proposes a new model for authentication of users to health care information applications, leveraging wireless mobile devices. Cell phones are widely distributed, have high user acceptance, and offer advanced security protocols. The authors propose harnessing this technology for the strong authentication of individuals by creating a registration authority and an authentication service, and examine the problems and promise of such a system. PMID:15684133

Wireless technology infrastructures for authentication of patients: PKI that rings.

PubMed

Sax, Ulrich; Kohane, Isaac; Mandl, Kenneth D

2005-01-01

As the public interest in consumer-driven electronic health care applications rises, so do concerns about the privacy and security of these applications. Achieving a balance between providing the necessary security while promoting user acceptance is a major obstacle in large-scale deployment of applications such as personal health records (PHRs). Robust and reliable forms of authentication are needed for PHRs, as the record will often contain sensitive and protected health information, including the patient's own annotations. Since the health care industry per se is unlikely to succeed at single-handedly developing and deploying a large scale, national authentication infrastructure, it makes sense to leverage existing hardware, software, and networks. This report proposes a new model for authentication of users to health care information applications, leveraging wireless mobile devices. Cell phones are widely distributed, have high user acceptance, and offer advanced security protocols. The authors propose harnessing this technology for the strong authentication of individuals by creating a registration authority and an authentication service, and examine the problems and promise of such a system.

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the...

20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 3 2010-04-01 2010-04-01 false Application for security deposit... AND RELATED STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.203 Application for security deposit determination; information to be submitted; other requirements. (a) Each...

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the...

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the...

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the...

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Applications and other forms used in Social Security Administration programs. 422.501 Section 422.501 Employees' Benefits SOCIAL SECURITY... used in Social Security Administration programs. This subpart lists the applications and some of the...

Application of metamaterial concepts to sensors and chipless RFID

NASA Astrophysics Data System (ADS)

Martín, F.; Herrojo, C.; Vélez, P.; Su, L.; Mata-Contreras, J.; Paredes, F.

2018-02-01

Several strategies for the implementation of microwave sensors based on the use of metamaterial-inspired resonators are pointed out, and examples of applications, including sensors for dielectric characterization and sensors for the measurement of spatial variables, are provided. It will be also shown that novel microwave encoders for chipless RFID systems with very high data capacity can be implemented. The fields of applications of the devices discussed in this talk include dielectric characterization of solids and liquids, angular velocity sensors for space applications, and near-field chipless RFID systems for secure paper applications, among others.

MEMS scanner mirror based system for retina scanning and in eye projection

NASA Astrophysics Data System (ADS)

Woittennek, Franziska; Knobbe, Jens; Pügner, Tino; Dallmann, Hans-Georg; Schelinski, Uwe; Grüger, Heinrich

2015-02-01

Many applications could benefit from miniaturized systems to scan blood vessels behind the retina in the human eye, so called "retina scanning". This reaches from access control to sophisticated security applications and medical devices. High volume systems for consumer applications require low cost and a user friendly operation. For example this includes no need for removal of glasses and self-adjustment, in turn guidance of focus and point of attraction by simultaneous projection for the user. A new system has been designed based on the well-known resonantly driven 2-d scanner mirror of Fraunhofer IPMS. A combined NIR and VIS laser system illuminates the eye through an eye piece designed for an operating distance allowing the use of glasses and granting sufficient field of view. This usability feature was considered to be more important than highest miniaturization. The modulated VIS laser facilitates the projection of an image directly onto the retina. The backscattered light from the continuous NIR laser contains the information of the blood vessels and is detected by a highly sensitive photo diode. A demonstrational setup has been realized including readout and driving electronics. The laser power was adjusted to an eye-secure level. Additional security features were integrated. Test measurements revealed promising results. In a first demonstration application the detection of biometric pattern of the blood vessels was evaluated for issues authentication in.

25 CFR Appendix A to Part 276 - Principles for Determining Costs Applicable to Grants

Code of Federal Regulations, 2010 CFR

2010-04-01

... responsible for the efficient and effective administration of grant programs through the application of sound... government and is not allowable. 2. Advertising. Advertising media includes newspapers, magazines, radio and... or expenses for social security, employees' life and health insurance plans, unemployment insurance...

77 FR 46776 - Self-Regulatory Organizations; International Securities Exchange, LLC; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-06

... with greater ease. \\4\\ Trading Application Software fees include Installation fees, Software License... Application Software fees; \\4\\ Proposed Section VI contains Access Service fees; \\5\\ Proposed Section VII... the QCC and Solicitation Rebate, Index License Surcharge, Market Maker Tiers, Payment for Order Flow...

20 CFR 404.2118 - Applicability of these provisions to alternate participants.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Applicability of these provisions to alternate participants. 404.2118 Section 404.2118 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... CFR part 74 or 41 CFR parts 1-15 as appropriate; and (b) Any disputes, including appeals of audit...

20 CFR 404.2118 - Applicability of these provisions to alternate participants.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Applicability of these provisions to alternate participants. 404.2118 Section 404.2118 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... CFR part 74 or 41 CFR parts 1-15 as appropriate; and (b) Any disputes, including appeals of audit...

20 CFR 416.2218 - Applicability of these provisions to alternate participants.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Applicability of these provisions to alternate participants. 416.2218 Section 416.2218 Employees' Benefits SOCIAL SECURITY ADMINISTRATION... CFR part 74 or 41 CFR part 1-15 as appropriate; and (b) Any disputes, including appeals of audit...

20 CFR 416.2218 - Applicability of these provisions to alternate participants.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Applicability of these provisions to alternate participants. 416.2218 Section 416.2218 Employees' Benefits SOCIAL SECURITY ADMINISTRATION... CFR part 74 or 41 CFR part 1-15 as appropriate; and (b) Any disputes, including appeals of audit...

49 CFR 1572.5 - Standards for security threat assessments.

Code of Federal Regulations, 2011 CFR

2011-10-01

... the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that... assessment includes biometric identification and a biometric credential. (2) To apply for a comparability... process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a...

49 CFR 1572.5 - Standards for security threat assessments.

Code of Federal Regulations, 2014 CFR

2014-10-01

... the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that... assessment includes biometric identification and a biometric credential. (2) To apply for a comparability... process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a...

49 CFR 1572.5 - Standards for security threat assessments.

Code of Federal Regulations, 2010 CFR

2010-10-01

... the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that... assessment includes biometric identification and a biometric credential. (2) To apply for a comparability... process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a...

49 CFR 1572.5 - Standards for security threat assessments.

Code of Federal Regulations, 2013 CFR

2013-10-01

... the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that... assessment includes biometric identification and a biometric credential. (2) To apply for a comparability... process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a...

49 CFR 1572.5 - Standards for security threat assessments.

Code of Federal Regulations, 2012 CFR

2012-10-01

... the FMCSA rules at 49 CFR 383.51. If records indicate that an applicant has committed an offense that... assessment includes biometric identification and a biometric credential. (2) To apply for a comparability... process and provide biometric information to obtain a TWIC, if the applicant seeks unescorted access to a...

17 CFR 249.1 - Form 1, for application for, and amendments to applications for, registration as a national...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Form 1, for application for, and amendments to applications for, registration as a national securities exchange or exemption from registration pursuant to Section 5 of the Exchange Act. 249.1 Section 249.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ...

17 CFR 249.1 - Form 1, for application for, and amendments to applications for, registration as a national...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Form 1, for application for, and amendments to applications for, registration as a national securities exchange or exemption from registration pursuant to Section 5 of the Exchange Act. 249.1 Section 249.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ...

17 CFR 249.1 - Form 1, for application for, and amendments to applications for, registration as a national...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form 1, for application for, and amendments to applications for, registration as a national securities exchange or exemption from registration pursuant to Section 5 of the Exchange Act. 249.1 Section 249.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ...

17 CFR 249.1 - Form 1, for application for, and amendments to applications for, registration as a national...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Form 1, for application for, and amendments to applications for, registration as a national securities exchange or exemption from registration pursuant to Section 5 of the Exchange Act. 249.1 Section 249.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ...

17 CFR 249.1 - Form 1, for application for, and amendments to applications for, registration as a national...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form 1, for application for, and amendments to applications for, registration as a national securities exchange or exemption from registration pursuant to Section 5 of the Exchange Act. 249.1 Section 249.1 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ...

Defence and security applications of quantum cascade lasers

NASA Astrophysics Data System (ADS)

Grasso, Robert J.

2016-09-01

Quantum Cascade Lasers (QCL) have seen tremendous recent application in the realm of Defence and Security. And, in many instances replacing traditional solid state lasers as the source of choice for Countermeasures, Remote Sensing, In-situ Sensing, Through-Barrier Sensing, and many others. Following their development and demonstration in the early 1990's, QCL's reached some maturity and specific defence and security application prior to 2005; with much initial development fostered by DARPA initiatives in the US, dstl, MoD, and EOARD funding initiatives in the UK, and University level R&D such as those by Prof Manijeh Razeghi at Northwestern University [1], and Prof Ted Masselink at Humboldt University [2]. As QCL's provide direct mid-IR laser output for electrical input, they demonstrate high quantum efficiency compared with diode pumped solid state lasers with optical parametric oscillators (OPOs) to generate mid-Infrared output. One particular advantage of QCL's is their very broad operational bandwidth, extending from the terahertz to the near-infrared spectral regions. Defence and Security areas benefiting from QCL's include: Countermeasures, Remote Sensing, Through-the-Wall Sensing, and Explosive Detection. All information used to construct this paper obtained from open sources.

Decision Aids Using Heterogeneous Intelligence Analysis

DTIC Science & Technology

2010-08-20

developing a Geocultural service, a software framework and inferencing engine for the Transparent Urban Structures program. The scope of the effort...has evolved as the program has matured and is including multiple data sources, as well as interfaces out to the ONR architectural framework . Tasks...Interface; Application Program Interface; Application Programmer Interface CAF Common Application Framework EDA Event Driven Architecture a 16. SECURITY

Nuclear Security Education Program at the Pennsylvania State University

DOE Office of Scientific and Technical Information (OSTI.GOV)

Uenlue, Kenan; The Pennsylvania State University, Department of Mechanical and Nuclear Engineering, University Park, PA 16802-2304; Jovanovic, Igor

The availability of trained and qualified nuclear and radiation security experts worldwide has decreased as those with hands-on experience have retired while the demand for these experts and skills have increased. The U.S. Department of Energy's National Nuclear Security Administration's (NNSA) Global Threat Reduction Initiative (GTRI) has responded to the continued loss of technical and policy expertise amongst personnel and students in the security field by initiating the establishment of a Nuclear Security Education Initiative, in partnership with Pennsylvania State University (PSU), Texas A and M (TAMU), and Massachusetts Institute of Technology (MIT). This collaborative, multi-year initiative forms the basismore » of specific education programs designed to educate the next generation of personnel who plan on careers in the nonproliferation and security fields with both domestic and international focus. The three universities worked collaboratively to develop five core courses consistent with the GTRI mission, policies, and practices. These courses are the following: Global Nuclear Security Policies, Detectors and Source Technologies, Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Nuclear Security Laboratory, Threat Analysis and Assessment, and Design and Analysis of Security Systems for Nuclear and Radiological Facilities. The Pennsylvania State University (PSU) Nuclear Engineering Program is a leader in undergraduate and graduate-level nuclear engineering education in the USA. The PSU offers undergraduate and graduate programs in nuclear engineering. The PSU undergraduate program in nuclear engineering is the largest nuclear engineering programs in the USA. The PSU Radiation Science and Engineering Center (RSEC) facilities are being used for most of the nuclear security education program activities. Laboratory space and equipment was made available for this purpose. The RSEC facilities include the Penn State Breazeale Reactor (PSBR), gamma irradiation facilities (in-pool irradiator, dry irradiator, and hot cells), neutron beam laboratory, radiochemistry laboratories, and various radiation detection and measurement laboratories. A new nuclear security education laboratory was created with DOE NNSA- GTRI funds at RSEC. The nuclear security graduate level curriculum enables the PSU to educate and train future nuclear security experts, both within the United States as well as worldwide. The nuclear security education program at Penn State will grant a Master's degree in nuclear security starting fall 2015. The PSU developed two courses: Nuclear Security- Detector And Source Technologies and Nuclear Security- Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements (Laboratory). Course descriptions and course topics of these courses are described briefly: - Nuclear Security - Detector and Source Technologies; - Nuclear Security - Applications of Detectors/Sensors/Sources for Radiation Detection and Measurements Laboratory.« less

49 CFR 1542.1 - Applicability of this part.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY General § 1542.1 Applicability of this part. This part describes aviation security rules governing: (a) The operation of airports.... (c) Each airport operator that receives a Security Directive or Information Circular and each person...

49 CFR 1542.1 - Applicability of this part.

Code of Federal Regulations, 2010 CFR

2010-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY General § 1542.1 Applicability of this part. This part describes aviation security rules governing: (a) The operation of airports.... (c) Each airport operator that receives a Security Directive or Information Circular and each person...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2013 CFR

2013-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1542.1 - Applicability of this part.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY General § 1542.1 Applicability of this part. This part describes aviation security rules governing: (a) The operation of airports.... (c) Each airport operator that receives a Security Directive or Information Circular and each person...

49 CFR 1542.1 - Applicability of this part.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY General § 1542.1 Applicability of this part. This part describes aviation security rules governing: (a) The operation of airports.... (c) Each airport operator that receives a Security Directive or Information Circular and each person...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2014 CFR

2014-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1542.1 - Applicability of this part.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY General § 1542.1 Applicability of this part. This part describes aviation security rules governing: (a) The operation of airports.... (c) Each airport operator that receives a Security Directive or Information Circular and each person...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2012 CFR

2012-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2011 CFR

2011-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

An approach to quality and security of supply for single-use bioreactors.

PubMed

Barbaroux, Magali; Gerighausen, Susanne; Hackel, Heiko

2014-01-01

Single-use systems (also referred to as disposables) have become a huge part of the bioprocessing industry, which raised concern in the industry regarding quality and security of supply. Processes must be in place to assure the supply and control of outsourced activities and quality of purchased materials along the product life cycle. Quality and security of supply for single-use bioreactors (SUBs) are based on a multidisciplinary approach. Developing a state-of-the-art SUB-system based on quality by design (QbD) principles requires broad expertise and know-how including the cell culture application, polymer chemistry, regulatory requirements, and a deep understanding of the biopharmaceutical industry. Using standardized products reduces the complexity and strengthens the robustness of the supply chain. Well-established supplier relations including risk mitigation strategies are the basis for achieving long-term security of supply. Well-developed quality systems including change control approaches aligned with the requirements of the biopharmaceutical industry are a key factor in supporting long-term product availability. This chapter outlines the approach to security of supply for key materials used in single-use production processes for biopharmaceuticals from a supplier perspective.

Creation of security engineering programs by the Southwest Surety Institute

NASA Astrophysics Data System (ADS)

Romero, Van D.; Rogers, Bradley; Winfree, Tim; Walsh, Dan; Garcia, Mary Lynn

1998-12-01

The Southwest Surety Institute includes Arizona State University (ASU), Louisiana State University (LSU), New Mexico Institute of Mining and Technology (NM Tech), New Mexico State University (NMSU), and Sandia National Laboratories (SNL). The universities currently offer a full spectrum of post-secondary programs in security system design and evaluation, including an undergraduate minor, a graduate program, and continuing education programs. The programs are based on the methodology developed at Sandia National Laboratories over the past 25 years to protect critical nuclear assets. The programs combine basic concepts and principles from business, criminal justice, and technology to create an integrated performance-based approach to security system design and analysis. Existing university capabilities in criminal justice (NMSU), explosives testing and technology (NM Tech and LSU), and engineering technology (ASU) are leveraged to provide unique science-based programs that will emphasize the use of performance measures and computer analysis tools to prove the effectiveness of proposed systems in the design phase. Facility managers may then balance increased protection against the cost of implementation and risk mitigation, thereby enabling effective business decisions. Applications expected to benefit from these programs include corrections, law enforcement, counter-terrorism, critical infrastructure protection, financial and medical care fraud, industrial security, and border security.

Measuring the Fractal Dimensions of Empirical Cartographic Curves,

DTIC Science & Technology

1982-01-01

SECURITY CLASSIFICATION OF THIS PAGE (URifu Detso".4 _________________ of REPRi CaM§ rtorp Cu S. GOTACSINN. RPIEMN’ CAOG HUPORu R 7. AUTNORrq...AgencyI.NMEROPAS St. Louis APS, MO 63118 ______________ 14. MONITORING AGENCY NAME & ADDRESS(It different bom Cmntrolling Office) Is. SECURITY CLASS. (of Oio~I...approximated. Potential applications for this todNtlqu Include a new means for curvilinear data compresion description of plankmetric feature boundary

Beyond grid security

NASA Astrophysics Data System (ADS)

Hoeft, B.; Epting, U.; Koenig, T.

2008-07-01

While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls.

From Secure Memories to Smart Card Security

NASA Astrophysics Data System (ADS)

Handschuh, Helena; Trichina, Elena

Non-volatile memory is essential in most embedded security applications. It will store the key and other sensitive materials for cryptographic and security applications. In this chapter, first an overview is given of current flash memory architectures. Next the standard security features which form the basis of so-called secure memories are described in more detail. Smart cards are a typical embedded application that is very vulnerable to attacks and that at the same time has a high need for secure non-volatile memory. In the next part of this chapter, the secure memories of so-called flash-based high-density smart cards are described. It is followed by a detailed analysis of what the new security challenges for such objects are.

38 CFR 21.9520 - Basic eligibility.

Code of Federal Regulations, 2010 CFR

2010-07-01

... excluding entry level and skill training (to determine when entry level and skill training may be included..., social security number, and address); (ii) If applicable, an election to receive benefits under chapter...

17 CFR 229.1122 - (Item 1122) Compliance with applicable servicing criteria.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 1122) Compliance with applicable servicing criteria. 229.1122 Section 229.1122 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES...

17 CFR 229.1122 - (Item 1122) Compliance with applicable servicing criteria.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 1122) Compliance with applicable servicing criteria. 229.1122 Section 229.1122 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES...

20 CFR 404.611 - How do I file an application for Social Security benefits?

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must apply...

20 CFR 404.611 - How do I file an application for Social Security benefits?

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must apply...

20 CFR 404.611 - How do I file an application for Social Security benefits?

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must apply...

20 CFR 404.611 - How do I file an application for Social Security benefits?

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must apply...

20 CFR 404.611 - How do I file an application for Social Security benefits?

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD... § 404.611 How do I file an application for Social Security benefits? (a) General rule. You must apply...

Quantum solution to a class of two-party private summation problems

NASA Astrophysics Data System (ADS)

Shi, Run-Hua; Zhang, Shun

2017-09-01

In this paper, we define a class of special two-party private summation (S2PPS) problems and present a common quantum solution to S2PPS problems. Compared to related classical solutions, our solution has advantages of higher security and lower communication complexity, and especially it can ensure the fairness of two parties without the help of a third party. Furthermore, we investigate the practical applications of our proposed S2PPS protocol in many privacy-preserving settings with big data sets, including private similarity decision, anonymous authentication, social networks, secure trade negotiation, secure data mining.

Metamorphic Testing for Cybersecurity.

PubMed

Chen, Tsong Yueh; Kuo, Fei-Ching; Ma, Wenjuan; Susilo, Willy; Towey, Dave; Voas, Jeffrey; Zhou, Zhi Quan

2016-06-01

Testing is a major approach for the detection of software defects, including vulnerabilities in security features. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct negative testing as well as to alleviate the oracle problem in the testing of security-related functionality and behavior. As demonstrated by the effectiveness of MT in detecting previously unknown bugs in real-world critical applications such as compilers and code obfuscators, we conclude that software testing of security-related features should be conducted from diverse perspectives in order to achieve greater cybersecurity.

Metamorphic Testing for Cybersecurity

PubMed Central

Chen, Tsong Yueh; Kuo, Fei-Ching; Ma, Wenjuan; Susilo, Willy; Towey, Dave; Voas, Jeffrey

2016-01-01

Testing is a major approach for the detection of software defects, including vulnerabilities in security features. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct negative testing as well as to alleviate the oracle problem in the testing of security-related functionality and behavior. As demonstrated by the effectiveness of MT in detecting previously unknown bugs in real-world critical applications such as compilers and code obfuscators, we conclude that software testing of security-related features should be conducted from diverse perspectives in order to achieve greater cybersecurity. PMID:27559196

Integrating security in a group oriented distributed system

NASA Technical Reports Server (NTRS)

Reiter, Michael; Birman, Kenneth; Gong, LI

1992-01-01

A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

6 CFR 11.1 - General application.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false General application. 11.1 Section 11.1 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLAIMS § 11.1 General application. (a) Application of Debt Collection Standards. The provisions of 31 CFR parts 285, 900-904, as amended by the...

76 FR 8755 - Privacy Act of 1974; Department of Homeland Security/ALL-032 Official Passport Application and...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-15

... 1974; Department of Homeland Security/ALL--032 Official Passport Application and Maintenance Records.../ ALL--032 Official Passport Application and Maintenance Records System of Records.'' This system of... passport application or maintenance record on Department of Homeland Security employees and former...

6 CFR 25.9 - Procedures for certification of approved products for Homeland Security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Procedures for certification of approved products for Homeland Security. (a) Application Procedure. An applicant seeking a Certification of anti-terrorism Technology as an Approved Product for Homeland Security... application for renewal must be made using the “Application for Certification of an Approved Product for...

National Security Technology Incubator Evaluation Process

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

This report describes the process by which the National Security Technology Incubator (NSTI) will be evaluated. The technology incubator is being developed as part of the National Security Preparedness Project (NSPP), funded by a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the components, steps, and measures of the proposed evaluation process. The purpose of the NSPP is to promote national security technologies through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages ofmore » early development. An effective evaluation process of the NSTI is an important step as it can provide qualitative and quantitative information on incubator performance over a given period. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety and security. The mission of the NSTI is to identify, incubate, and accelerate technologies with national security applications at various stages of development by providing hands-on mentoring and business assistance to small businesses and emerging or growing companies. To achieve success for both incubator businesses and the NSTI program, an evaluation process is essential to effectively measure results and implement corrective processes in the incubation design if needed. The evaluation process design will collect and analyze qualitative and quantitative data through performance evaluation system.« less

Revolution in Detection Affairs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stern W.

The detection of nuclear or radioactive materials for homeland or national security purposes is inherently difficult. This is one reason detection efforts must be seen as just one part of an overall nuclear defense strategy which includes, inter alia, material security, detection, interdiction, consequence management and recovery. Nevertheless, one could argue that there has been a revolution in detection affairs in the past several decades as the innovative application of new technology has changed the character and conduct of detection operations. This revolution will likely be most effectively reinforced in the coming decades with the networking of detectors and innovativemore » application of anomaly detection algorithms.« less

Revolution in nuclear detection affairs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stern, Warren M.

The detection of nuclear or radioactive materials for homeland or national security purposes is inherently difficult. This is one reason detection efforts must be seen as just one part of an overall nuclear defense strategy which includes, inter alia, material security, detection, interdiction, consequence management and recovery. Nevertheless, one could argue that there has been a revolution in detection affairs in the past several decades as the innovative application of new technology has changed the character and conduct of detection operations. This revolution will likely be most effectively reinforced in the coming decades with the networking of detectors and innovativemore » application of anomaly detection algorithms.« less

Incorporating voltage security into the planning, operation and monitoring of restructured electric energy markets

NASA Astrophysics Data System (ADS)

Nair, Nirmal-Kumar

As open access market principles are applied to power systems, significant changes are happening in their planning, operation and control. In the emerging marketplace, systems are operating under higher loading conditions as markets focus greater attention to operating costs than stability and security margins. Since operating stability is a basic requirement for any power system, there is need for newer tools to ensure stability and security margins being strictly enforced in the competitive marketplace. This dissertation investigates issues associated with incorporating voltage security into the unbundled operating environment of electricity markets. It includes addressing voltage security in the monitoring, operational and planning horizons of restructured power system. This dissertation presents a new decomposition procedure to estimate voltage security usage by transactions. The procedure follows physical law and uses an index that can be monitored knowing the state of the system. The expression derived is based on composite market coordination models that have both PoolCo and OpCo transactions, in a shared stressed transmission grid. Our procedure is able to equitably distinguish the impacts of individual transactions on voltage stability, at load buses, in a simple and fast manner. This dissertation formulates a new voltage stability constrained optimal power flow (VSCOPF) using a simple voltage security index. In modern planning, composite power system reliability analysis that encompasses both adequacy and security issues is being developed. We have illustrated the applicability of our VSCOPF into composite reliability analysis. This dissertation also delves into the various applications of voltage security index. Increasingly, FACT devices are being used in restructured markets to mitigate a variety of operational problems. Their control effects on voltage security would be demonstrated using our VSCOPF procedure. Further, this dissertation investigates the application of steady state voltage stability index to detect potential dynamic voltage collapse. Finally, this dissertation examines developments in representation, standardization, communication and exchange of power system data. Power system data is the key input to all analytical engines for system operation, monitoring and control. Data exchange and dissemination could impact voltage security evaluation and therefore needs to be critically examined.

78 FR 72124 - Information Collection Request; Submission for OMB Review

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-02

... INFORMATION: Method: Applicants gain access to the form via a secure online portal. Applicants have to... perform the essential functions of a Peace Corps Volunteer and complete a tour of service without undue... functions of the Peace Corps, including whether the information will have practical use; the accuracy of the...

Contributions and Future of Radioisotopes in Medical, Industrial and Space Applications

DOE R&D Accomplishments Database

Tingey, G. L.; Dix, G. P.; Wahlquist, E. J.

1990-11-01

There are 333 isotopes that have a half-life between 1 day and 100,000 years that have a wide variety of applications including public health, medicine,industrial technology, food technology and packaging, agriculture, energy supply, and national security. This paper provides an overview of some of the most extensive applications of radioisotopes including some observations of future uses. Examples are discussed that indicate that the use of radioisotopes is almost unlimited and will continue to grow. There is a growing need for future applications development and production. 12 refs., 1 tab. (BM)

77 FR 40637 - Smurfit-Stone Container Corporation, Containerboard Mill, Including On-Site Leased Workers From...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-10

... Corporation, Containerboard Mill, Including On-Site Leased Workers From KMW Enterprises and General Security... Assistance on May 6, 2010, applicable to workers of Smurfit-Stone Container Corporation, Containerboard Mill... Ontonagon, Michigan location of Smurfit-Stone Container Corporation, Containerboard Mill, Ontonagon...

77 FR 1965 - Central Securities Corporation; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

...)(19) of the Act (``Non-interested Directors''), and six Employees (as defined below), including three..., officers and other personnel various types of non-cash, deferred compensation, including opportunities for... Eligible Persons who are Employees.\\4\\ Under the Plan, dividend equivalents could be awarded in connection...

7 CFR 1767.21 - Operating income.

Code of Federal Regulations, 2010 CFR

2010-01-01

... amortization charges applicable to amounts included in the electric plant accounts for limited-term franchises..., franchise taxes, Federal excise taxes, social security taxes, and all other taxes assessed by Federal, state... include, as approved by RUS, amounts relating to gains from the disposition of future use utility plant...

An Application of Computerized Axial Tomography (CAT) Technology to Mass Raid Tracking

DTIC Science & Technology

1989-08-01

ESD-TR-89-305 MTR-10542 An Application of Computerized Axial Tomography ( CAT ) Technology to Mass Raid Tracking By John K. Barr August 1989...NO 11. TITLE (Include Security Classification) An Application of Computerized Axial Tomography ( CAT ) Technology to Mass Raid Tracking 12...by block number) Computerized Axial Tomography ( CAT ) Scanner Electronic Support Measures (ESM) Fusion (continued) 19. ABSTRACT (Continue on

Applications of Laser Scattering Probes to Turbulent Diffusion Flames

DTIC Science & Technology

1983-11-01

APPLICATIONS OF LASER SCATTERING PROBES TO TURBULENT DIFFUSION FLAMES u ^ j FINAL REPORT Contract N00014-80-C-0882 Submitted to Office of...Include Security Classification) Applications of Laser Scattering Probes to Turbulent Diffusion Flames PROJECT NO. TASK NO. WORK UNIT NO. 12...for a co-flowing jet turbulent diffusion flame, and planar laser-induced fluorescence to provide two- dimensional instantaneous images of the flame

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Green, M.W.

As problems of violence and crime become more prevalent in our schools (or at least the perception of their prevalence), more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense U.S. social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti-graffiti methods, and duress alarms can all be effective, given they aremore » used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems (`big picture`) approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more to the general `order maintenance` of the facility than could be achieved by separate measures not integrated or related.« less

Security Vulnerability Profiles of Mission Critical Software: Empirical Analysis of Security Related Bug Reports

NASA Technical Reports Server (NTRS)

Goseva-Popstojanova, Katerina; Tyo, Jacob

2017-01-01

While some prior research work exists on characteristics of software faults (i.e., bugs) and failures, very little work has been published on analysis of software applications vulnerabilities. This paper aims to contribute towards filling that gap by presenting an empirical investigation of application vulnerabilities. The results are based on data extracted from issue tracking systems of two NASA missions. These data were organized in three datasets: Ground mission IVV issues, Flight mission IVV issues, and Flight mission Developers issues. In each dataset, we identified security related software bugs and classified them in specific vulnerability classes. Then, we created the security vulnerability profiles, i.e., determined where and when the security vulnerabilities were introduced and what were the dominating vulnerabilities classes. Our main findings include: (1) In IVV issues datasets the majority of vulnerabilities were code related and were introduced in the Implementation phase. (2) For all datasets, around 90 of the vulnerabilities were located in two to four subsystems. (3) Out of 21 primary classes, five dominated: Exception Management, Memory Access, Other, Risky Values, and Unused Entities. Together, they contributed from 80 to 90 of vulnerabilities in each dataset.

Person and gesture tracking with smart stereo cameras

NASA Astrophysics Data System (ADS)

Gordon, Gaile; Chen, Xiangrong; Buck, Ron

2008-02-01

Physical security increasingly involves sophisticated, real-time visual tracking of a person's location inside a given environment, often in conjunction with biometrics and other security-related technologies. However, demanding real-world conditions like crowded rooms, changes in lighting and physical obstructions have proved incredibly challenging for 2D computer vision technology. In contrast, 3D imaging technology is not affected by constant changes in lighting and apparent color, and thus allows tracking accuracy to be maintained in dynamically lit environments. In addition, person tracking with a 3D stereo camera can provide the location and movement of each individual very precisely, even in a very crowded environment. 3D vision only requires that the subject be partially visible to a single stereo camera to be correctly tracked; multiple cameras are used to extend the system's operational footprint, and to contend with heavy occlusion. A successful person tracking system, must not only perform visual analysis robustly, but also be small, cheap and consume relatively little power. The TYZX Embedded 3D Vision systems are perfectly suited to provide the low power, small footprint, and low cost points required by these types of volume applications. Several security-focused organizations, including the U.S Government, have deployed TYZX 3D stereo vision systems in security applications. 3D image data is also advantageous in the related application area of gesture tracking. Visual (uninstrumented) tracking of natural hand gestures and movement provides new opportunities for interactive control including: video gaming, location based entertainment, and interactive displays. 2D images have been used to extract the location of hands within a plane, but 3D hand location enables a much broader range of interactive applications. In this paper, we provide some background on the TYZX smart stereo cameras platform, describe the person tracking and gesture tracking systems implemented on this platform, and discuss some deployed applications.

Balancing the Need for Clinical Photography With Patient Privacy Issues: The Search for a Secure SmartPhone Application to Take and Store Clinical Photographs.

PubMed

Dumestre, Danielle O; Fraulin, Frankie O G

2017-11-01

Physicians are increasingly using smartphones to take clinical photographs. This study evaluates a smartphone application for clinical photography that prioritizes and facilitates patient security. Ethics approval was obtained to trial a smartphone clinical photography application, PicSafe Medi. Calgary plastic surgeons and residents used the application to obtain informed consent and photograph patients. Surveys gauging the application's usability, consent process, and photograph storage/sharing were then sent to surgeons and patients. Over a 6-month trial period, 15 plastic surgeons and residents used the application to photograph 86 patients. Over half of the patients (57%) completed the survey. The majority of patients (96%) were satisfied with the application's consent process, and all felt their photographs were secure. The majority (93%) of surgeons/residents completed the survey. The application was felt to overcome issues with current photography practices: inadequate consent and storage of photographs (100%), risk to patient confidentiality (92%), and unsecure photograph sharing (93%). Barriers to regular use of the application included need for cellphone service/Internet (54%), sanitary concerns due to the need for patients to sign directly on the phone (46%), inability to obtain proactive/retroactive consent (85%), and difficulty viewing photographs (80%). The majority of surgeons (85%) believe a smartphone application would be suitable for clinical patient photography, but due to its limitations, only 23% would use the trialed application. A smartphone clinical photography application addresses the patient confidentiality risks of current photography methods; however, limitations of the trialed application prevent its broad implementation.

Investigation on application of genetic algorithms to optimal reactive power dispatch of power systems

NASA Astrophysics Data System (ADS)

Wu, Q. H.; Ma, J. T.

1993-09-01

A primary investigation into application of genetic algorithms in optimal reactive power dispatch and voltage control is presented. The application was achieved, based on (the United Kingdom) National Grid 48 bus network model, using a novel genetic search approach. Simulation results, compared with that obtained using nonlinear programming methods, are included to show the potential of applications of the genetic search methodology in power system economical and secure operations.

20 CFR 606.22 - Application for cap.

Code of Federal Regulations, 2012 CFR

2012-04-01

... FEDERAL UNEMPLOYMENT TAX ACT; ADVANCES UNDER TITLE XII OF THE SOCIAL SECURITY ACT Relief From Tax Credit... payable in such 12-month period, including the effect of interaction among program actions, and with...

20 CFR 606.22 - Application for cap.

Code of Federal Regulations, 2013 CFR

2013-04-01

... FEDERAL UNEMPLOYMENT TAX ACT; ADVANCES UNDER TITLE XII OF THE SOCIAL SECURITY ACT Relief From Tax Credit... payable in such 12-month period, including the effect of interaction among program actions, and with...

20 CFR 606.22 - Application for cap.

Code of Federal Regulations, 2011 CFR

2011-04-01

... FEDERAL UNEMPLOYMENT TAX ACT; ADVANCES UNDER TITLE XII OF THE SOCIAL SECURITY ACT Relief From Tax Credit... payable in such 12-month period, including the effect of interaction among program actions, and with...

20 CFR 606.22 - Application for cap.

Code of Federal Regulations, 2014 CFR

2014-04-01

... FEDERAL UNEMPLOYMENT TAX ACT; ADVANCES UNDER TITLE XII OF THE SOCIAL SECURITY ACT Relief From Tax Credit... payable in such 12-month period, including the effect of interaction among program actions, and with...

20 CFR 606.22 - Application for cap.

Code of Federal Regulations, 2010 CFR

2010-04-01

... FEDERAL UNEMPLOYMENT TAX ACT; ADVANCES UNDER TITLE XII OF THE SOCIAL SECURITY ACT Relief From Tax Credit... payable in such 12-month period, including the effect of interaction among program actions, and with...

Remote sensing applications of wildland fire and air quality in China

Treesearch

John J. Qu; Xianjun Hao; Yongqiang Liu; Allen R. Riebau; Haoruo Yi; Xianlin Qin

2009-01-01

As one of the most populous and geographically largest countries, China faces many problems including industrial growth, economic sustainability, food security, climate change, and air pollution. Interwoven with these challenges,...

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods

PubMed Central

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users’ security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users’ behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals’ awareness of the consequences of security threats. By comparing participants’ behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users’ security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones. PMID:28297719

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

PubMed

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Smartphone users: Understanding how security mechanisms are perceived and new persuasive methods.

PubMed

Alsaleh, Mansour; Alomar, Noura; Alarifi, Abdulrahman

2017-01-01

Protecting smartphones against security threats is a multidimensional problem involving human and technological factors. This study investigates how smartphone users' security- and privacy-related decisions are influenced by their attitudes, perceptions, and understanding of various security threats. In this work, we seek to provide quantified insights into smartphone users' behavior toward multiple key security features including locking mechanisms, application repositories, mobile instant messaging, and smartphone location services. To the best of our knowledge, this is the first study that reveals often unforeseen correlations and dependencies between various privacy- and security-related behaviors. Our work also provides evidence that making correct security decisions might not necessarily correlate with individuals' awareness of the consequences of security threats. By comparing participants' behavior and their motives for adopting or ignoring certain security practices, we suggest implementing additional persuasive approaches that focus on addressing social and technological aspects of the problem. On the basis of our findings and the results presented in the literature, we identify the factors that might influence smartphone users' security behaviors. We then use our understanding of what might drive and influence significant behavioral changes to propose several platform design modifications that we believe could improve the security levels of smartphones.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

PubMed Central

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

Access Control of Web- and Java-Based Applications

NASA Technical Reports Server (NTRS)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

ESnet authentication services and trust federations

NASA Astrophysics Data System (ADS)

Muruganantham, Dhivakaran; Helm, Mike; Genovese, Tony

2005-01-01

ESnet provides authentication services and trust federation support for SciDAC projects, collaboratories, and other distributed computing applications. The ESnet ATF team operates the DOEGrids Certificate Authority, available to all DOE Office of Science programs, plus several custom CAs, including one for the National Fusion Collaboratory and one for NERSC. The secure hardware and software environment developed to support CAs is suitable for supporting additional custom authentication and authorization applications that your program might require. Seamless, secure interoperation across organizational and international boundaries is vital to collaborative science. We are fostering the development of international PKI federations by founding the TAGPMA, the American regional PMA, and the worldwide IGTF Policy Management Authority (PMA), as well as participating in European and Asian regional PMAs. We are investigating and prototyping distributed authentication technology that will allow us to support the "roaming scientist" (distributed wireless via eduroam), as well as more secure authentication methods (one-time password tokens).

The Role of Healthcare Technology Management in Facilitating Medical Device Cybersecurity.

PubMed

Busdicker, Mike; Upendra, Priyanka

2017-09-02

This article discusses the role of healthcare technology management (HTM) in medical device cybersecurity and outlines concepts that are applicable to HTM professionals at a healthcare delivery organization or at an integrated delivery network, regardless of size. It provides direction for HTM professionals who are unfamiliar with the security aspects of managing healthcare technologies but are familiar with standards from The Joint Commission (TJC). It provides a useful set of recommendations, including relevant references for incorporating good security practices into HTM practice. Recommendations for policies, procedures, and processes referencing TJC standards are easily applicable to HTM departments with limited resources and to those with no resource concerns. The authors outline processes from their organization as well as best practices learned through information sharing at AAMI, National Health Information Sharing and Analysis Center (NH-ISAC), and Medical Device Innovation, Safety, and Security Consortium (MDISS) conferences and workshops.

75 FR 70738 - Gulf Oil Limited Partnership; Supplemental Notice That Initial Market-Based Rate Filing Includes...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-18

... Limited Partnership; Supplemental Notice That Initial Market-Based Rate Filing Includes Request for... proceeding of Gulf Oil Limited Partnership's application for market-based rate authority, with an... CFR Part 34, of future issuances of securities and assumptions of liability. Any person desiring to...

49 CFR 1522.107 - Application.

Code of Federal Regulations, 2010 CFR

2010-10-01

... security threat assessments. (8) A statement acknowledging that all personnel of the applicant who must successfully complete a security threat assessment under the requirements of this part must do so before the... the Security Coordinator successfully completes a security threat assessment, TSA will provide to the...

E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

PubMed Central

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs. PMID:22438729

E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks.

PubMed

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans' physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals' hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients' medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

76 FR 65192 - Agency Information Collection Activities: Proposed Collection Renewals; Comment Request (3064-0022)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-20

... methods: http://www.FDIC.gov/regulations/laws/federal/notices.html . E-mail: [email protected] . Include... collection of information: Title: Uniform Application/Uniform Termination for Municipal Securities Principal...

Acoustic detection and monitoring for transportation infrastructure security.

DOT National Transportation Integrated Search

2009-09-01

Acoustical methods have been extensively used to locate, identify, and track objects underwater. Some of these applications include detecting and tracking submarines, marine mammal detection and identification, detection of mines and ship wrecks and ...

5 CFR 844.201 - General requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... withdrawal of an application for social security disability benefits. (c) An agency may consider the... the Social Security Act; or (ii) An official statement from the Social Security Administration that... Social Security Act. (2) A disability retirement application under this part will be dismissed when OPM...

Secure and Cost-Effective Distributed Aggregation for Mobile Sensor Networks

PubMed Central

Guo, Kehua; Zhang, Ping; Ma, Jianhua

2016-01-01

Secure data aggregation (SDA) schemes are widely used in distributed applications, such as mobile sensor networks, to reduce communication cost, prolong the network life cycle and provide security. However, most SDA are only suited for a single type of statistics (i.e., summation-based or comparison-based statistics) and are not applicable to obtaining multiple statistic results. Most SDA are also inefficient for dynamic networks. This paper presents multi-functional secure data aggregation (MFSDA), in which the mapping step and coding step are introduced to provide value-preserving and order-preserving and, later, to enable arbitrary statistics support in the same query. MFSDA is suited for dynamic networks because these active nodes can be counted directly from aggregation data. The proposed scheme is tolerant to many types of attacks. The network load of the proposed scheme is balanced, and no significant bottleneck exists. The MFSDA includes two versions: MFSDA-I and MFSDA-II. The first one can obtain accurate results, while the second one is a more generalized version that can significantly reduce network traffic at the expense of less accuracy loss. PMID:27120599

Printable, scannable biometric templates for secure documents and materials

NASA Astrophysics Data System (ADS)

Cambier, James L.; Musgrave, Clyde

2000-04-01

Biometric technology has been widely acknowledged as an effective means for enhancing private and public security through applications in physical access control, computer and computer network access control, medical records protection, banking security, public identification programs, and others. Nearly all of these applications involve use of a biometric token to control access to a physical entity or private information. There are also unique benefits to be derived from attaching a biometric template to a physical entity such as a document, package, laboratory sample, etc. Such an association allows fast, reliable, and highly accurate association of an individual person's identity to the physical entity, and can be used to enhance security, convenience, and privacy in many types of transactions. Examples include authentication of documents, tracking of laboratory samples in a testing environment, monitoring the movement of physical evidence within the criminal justice system, and authenticating the identity of both sending and receiving parties in shipment of high value parcels. A system is described which combines a biometric technology based on iris recognition with a printing and scanning technology for high-density bar codes.

Deficit Reduction Act of 1984: provisions related to the OASDI and SSI programs.

PubMed

1984-11-01

This article summarizes the provisions of the Deficit Reduction Act of 1984 (Public Law 98-369) that relate to the Old-Age, Survivors, and Disability Insurance (OASDI) and Supplemental Security Income (SSI) programs. With regard to the OASDI program, the new law includes provisions relating to Social Security coverage of employees of the executive and legislative branches of the Government, and a provision allowing churches and church-related organizations to be exempt from Social Security employer taxes. Other OASDI provisions clarify or modify the Social Security Amendments of 1983 (Public Law 98-21). SSI program changes include provisions to increase the countable assets limit, to limit the rate of recovery for overpayments in nonfraud situations, and to waive certain overpayments that result from countable resources exceeding the applicable limits by +50 or less. The new law also contains amendments based on recommendations by the Grace Commission that will affect the administration of various programs of the Department of Health and Human Services.

8 CFR 232.2 - Examination in the United States of alien applicants for benefits under the immigration laws and...

Code of Federal Regulations, 2010 CFR

2010-01-01

... where the applicant has been found to be afflicted with active or inactive tuberculosis or an infectious... Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS DETENTION OF ALIENS FOR PHYSICAL AND..., including clinics and local, county and state health departments employing qualified civil surgeons, as he...

8 CFR 232.2 - Examination in the United States of alien applicants for benefits under the immigration laws and...

Code of Federal Regulations, 2012 CFR

2012-01-01

... where the applicant has been found to be afflicted with active or inactive tuberculosis or an infectious... Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS DETENTION OF ALIENS FOR PHYSICAL AND..., including clinics and local, county and state health departments employing qualified civil surgeons, as he...

8 CFR 232.2 - Examination in the United States of alien applicants for benefits under the immigration laws and...

Code of Federal Regulations, 2011 CFR

2011-01-01

... where the applicant has been found to be afflicted with active or inactive tuberculosis or an infectious... Nationality DEPARTMENT OF HOMELAND SECURITY IMMIGRATION REGULATIONS DETENTION OF ALIENS FOR PHYSICAL AND..., including clinics and local, county and state health departments employing qualified civil surgeons, as he...

Equitable Estoppel: Its Genesis, Development, and Application in Government Contracting

DTIC Science & Technology

1988-09-30

NO. CCESSION NO. ,1. T:ITLE (include Security Classification) (UNCLASSIFIED) Equitable Estoppel : Its Genesis, Development, and Application in...sE.UkRm/ CLASSIFICATION OF THIS PAGE AFIT/CI’ "OVERPRINT" Equitable Estoppel : Its Genesis, Development, and Application in Government CoritractingQ By...John Cibinic,Jr. and Ralph C. Nash,Jr. Professors of Law 90 02 12 031 -Table of Contents 1. The Doctrine of Equitable Estoppel -................... 1

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2014 CFR

2014-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2010 CFR

2010-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2012 CFR

2012-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2011 CFR

2011-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

12 CFR 19.121 - Application for exemption.

Code of Federal Regulations, 2013 CFR

2013-01-01

... application for an exemption order to the Securities and Corporate Practices Division, Office of the... the public interest or the protection of investors. The Securities and Corporate Practices Division... PROCEDURE Exemption Hearings Under Section 12(h) of the Securities Exchange Act of 1934 § 19.121 Application...

Nano/micromotors for security/defense applications. A review.

PubMed

Singh, Virendra V; Wang, Joseph

2015-12-14

The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, 'on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

Index of cyber integrity

NASA Astrophysics Data System (ADS)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

Nano/micromotors for security/defense applications. A review

NASA Astrophysics Data System (ADS)

Singh, Virendra V.; Wang, Joseph

2015-11-01

The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, `on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

A COTS-MQS shipborne EO/IR imaging system

NASA Astrophysics Data System (ADS)

Hutchinson, Mark A.; Miller, John L.; Weaver, James

2005-05-01

The Sea Star SAFIRE is a commercially developed, off the shelf, military qualified system (COTS-MQS) consisting of a 640 by 480 InSb infrared imager, laser rangefinder and visible imager in a gyro-stabilized platform designed for shipborne applications. These applications include search and rescue, surveillance, fire control, fisheries patrol, harbor security, and own-vessel perimeter security and self protection. Particularly challenging considerations unique to shipborne systems include the demanding environment conditions, man-machine interfaces, and effects of atmospheric conditions on sensor performance. Shipborne environmental conditions requiring special attention include electromagnetic fields, as well as resistance to rain, ice and snow, shock, vibration, and salt. Features have been implemented to withstand exposure to water and high humidity; anti-ice/de-ice capability for exposure to snow and ice; wash/wipe of external windows; corrosion resistance for exposure to water and salt spray. A variety of system controller configurations provide man-machine interfaces suitable for operation on ships. EO sensor developments that address areas of haze penetration, glint, and scintillation will be presented.

Teaching Web Security Using Portable Virtual Labs

ERIC Educational Resources Information Center

Chen, Li-Chiou; Tao, Lixin

2012-01-01

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Smart sensing surveillance system

NASA Astrophysics Data System (ADS)

Hsu, Charles; Chu, Kai-Dee; O'Looney, James; Blake, Michael; Rutar, Colleen

2010-04-01

Unattended ground sensor (UGS) networks have been widely used in remote battlefield and other tactical applications over the last few decades due to the advances of the digital signal processing. The UGS network can be applied in a variety of areas including border surveillance, special force operations, perimeter and building protection, target acquisition, situational awareness, and force protection. In this paper, a highly-distributed, fault-tolerant, and energyefficient Smart Sensing Surveillance System (S4) is presented to efficiently provide 24/7 and all weather security operation in a situation management environment. The S4 is composed of a number of distributed nodes to collect, process, and disseminate heterogeneous sensor data. Nearly all S4 nodes have passive sensors to provide rapid omnidirectional detection. In addition, Pan- Tilt- Zoom- (PTZ) Electro-Optics EO/IR cameras are integrated to selected nodes to track the objects and capture associated imagery. These S4 camera-connected nodes will provide applicable advanced on-board digital image processing capabilities to detect and track the specific objects. The imaging detection operations include unattended object detection, human feature and behavior detection, and configurable alert triggers, etc. In the S4, all the nodes are connected with a robust, reconfigurable, LPI/LPD (Low Probability of Intercept/ Low Probability of Detect) wireless mesh network using Ultra-wide band (UWB) RF technology, which can provide an ad-hoc, secure mesh network and capability to relay network information, communicate and pass situational awareness and messages. The S4 utilizes a Service Oriented Architecture such that remote applications can interact with the S4 network and use the specific presentation methods. The S4 capabilities and technologies have great potential for both military and civilian applications, enabling highly effective security support tools for improving surveillance activities in densely crowded environments and near perimeters and borders. The S4 is compliant with Open Geospatial Consortium - Sensor Web Enablement (OGC-SWE®) standards. It would be directly applicable to solutions for emergency response personnel, law enforcement, and other homeland security missions, as well as in applications requiring the interoperation of sensor networks with handheld or body-worn interface devices.

Security in MANETs using reputation-adjusted routing

NASA Astrophysics Data System (ADS)

Ondi, Attila; Hoffman, Katherine; Perez, Carlos; Ford, Richard; Carvalho, Marco; Allen, William

2009-04-01

Mobile Ad-Hoc Networks enable communication in various dynamic environments, including military combat operations. Their open and shared communication medium enables new forms of attack that are not applicable for traditional wired networks. Traditional security mechanisms and defense techniques are not prepared to cope with the new attacks and the lack of central authorities make identity verifications difficult. This work extends our previous work in the Biologically Inspired Tactical Security Infrastructure to provide a reputation-based weighing mechanism for linkstate routing protocols to protect the network from attackers that are corrupting legitimate network traffic. Our results indicate that the approach is successful in routing network traffic around compromised computers.

Enhancing Heart-Beat-Based Security for mHealth Applications.

PubMed

Seepers, Robert M; Strydis, Christos; Sourdis, Ioannis; De Zeeuw, Chris I

2017-01-01

In heart-beat-based security, a security key is derived from the time difference between consecutive heart beats (the inter-pulse interval, IPI), which may, subsequently, be used to enable secure communication. While heart-beat-based security holds promise in mobile health (mHealth) applications, there currently exists no work that provides a detailed characterization of the delivered security in a real system. In this paper, we evaluate the strength of IPI-based security keys in the context of entity authentication. We investigate several aspects that should be considered in practice, including subjects with reduced heart-rate variability (HRV), different sensor-sampling frequencies, intersensor variability (i.e., how accurate each entity may measure heart beats) as well as average and worst-case-authentication time. Contrary to the current state of the art, our evaluation demonstrates that authentication using multiple, less-entropic keys may actually increase the key strength by reducing the effects of intersensor variability. Moreover, we find that the maximal key strength of a 60-bit key varies between 29.2 bits and only 5.7 bits, depending on the subject's HRV. To improve security, we introduce the inter-multi-pulse interval (ImPI), a novel method of extracting entropy from the heart by considering the time difference between nonconsecutive heart beats. Given the same authentication time, using the ImPI for key generation increases key strength by up to 3.4 × (+19.2 bits) for subjects with limited HRV, at the cost of an extended key-generation time of 4.8 × (+45 s).

Development of a Secure Mobile GPS Tracking and Management System

ERIC Educational Resources Information Center

Liu, Anyi

2012-01-01

With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

17 CFR 201.510 - Temporary cease-and-desist orders: Application process.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Temporary cease-and-desist orders: Application process. 201.510 Section 201.510 Commodity and Securities Exchanges SECURITIES AND... § 201.510 Temporary cease-and-desist orders: Application process. (a) Procedure. A request for entry of...

17 CFR 201.510 - Temporary cease-and-desist orders: Application process.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Temporary cease-and-desist orders: Application process. 201.510 Section 201.510 Commodity and Securities Exchanges SECURITIES AND... § 201.510 Temporary cease-and-desist orders: Application process. (a) Procedure. A request for entry of...

17 CFR 201.510 - Temporary cease-and-desist orders: Application process.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Temporary cease-and-desist orders: Application process. 201.510 Section 201.510 Commodity and Securities Exchanges SECURITIES AND... § 201.510 Temporary cease-and-desist orders: Application process. (a) Procedure. A request for entry of...

Remotely Monitored Sealing Array Software

DOE Office of Scientific and Technical Information (OSTI.GOV)

2012-09-12

The Remotely Monitored Sealing Array (RMSA) utilizes the Secure Sensor Platform (SSP) framework to establish the fundamental operating capabilities for communication, security, power management, and cryptography. In addition to the SSP framework the RMSA software has unique capabilities to support monitoring a fiber optic seal. Fiber monitoring includes open and closed as well as parametric monitoring to detect tampering attacks. The fiber monitoring techniques, using the SSP power management processes, allow the seals to last for years while maintaining the security requirements of the monitoring application. The seal is enclosed in a tamper resistant housing with software to support activemore » tamper monitoring. New features include LED notification of fiber closure, the ability to retrieve the entire fiber optic history via translator command, separate memory storage for fiber optic events, and a more robust method for tracking and resending failed messages.« less

Fluid Mechanics and Homeland Security

NASA Astrophysics Data System (ADS)

Settles, Gary S.

2006-01-01

Homeland security involves many applications of fluid mechanics and offers many opportunities for research and development. This review explores a wide selection of fluids topics in counterterrorism and suggests future directions. Broad topics range from preparedness and deterrence of impending terrorist attacks to detection, response, and recovery. Specific topics include aircraft hardening, blast mitigation, sensors and sampling, explosive detection, microfluidics and labs-on-a-chip, chemical plume dispersal in urban settings, and building ventilation. Also discussed are vapor plumes and standoff detection, nonlethal weapons, airborne disease spread, personal protective equipment, and decontamination. Involvement in these applications requires fluid dynamicists to think across the traditional boundaries of the field and to work with related disciplines, especially chemistry, biology, aerosol science, and atmospheric science.

32 CFR 245.22 - Policy for application of EATPL.

Code of Federal Regulations, 2012 CFR

2012-07-01

... that have reached the point of no return, including foreign air carrier flights en route to safe haven... eight, a Security Control Authorization may be granted on a case-by-case basis. Requests for SCAs will...

32 CFR 245.22 - Policy for application of EATPL.

Code of Federal Regulations, 2014 CFR

2014-07-01

... that have reached the point of no return, including foreign air carrier flights en route to safe haven... eight, a Security Control Authorization may be granted on a case-by-case basis. Requests for SCAs will...

32 CFR 245.22 - Policy for application of EATPL.

Code of Federal Regulations, 2011 CFR

2011-07-01

... that have reached the point of no return, including foreign air carrier flights en route to safe haven... eight, a Security Control Authorization may be granted on a case-by-case basis. Requests for SCAs will...

32 CFR 245.22 - Policy for application of EATPL.

Code of Federal Regulations, 2013 CFR

2013-07-01

... that have reached the point of no return, including foreign air carrier flights en route to safe haven... eight, a Security Control Authorization may be granted on a case-by-case basis. Requests for SCAs will...

17 CFR 240.6a-2 - Amendments to application.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Amendments to application. 240.6a-2 Section 240.6a-2 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

17 CFR 240.6a-2 - Amendments to application.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Amendments to application. 240.6a-2 Section 240.6a-2 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

17 CFR 240.6a-2 - Amendments to application.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Amendments to application. 240.6a-2 Section 240.6a-2 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

77 FR 42017 - AmericaFirst Quantitative Trust and AmericaFirst Securities, Inc.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-17

... SECURITIES AND EXCHANGE COMMISSION [Investment Company Act Release No. 30134; 812-14005] AmericaFirst Quantitative Trust and AmericaFirst Securities, Inc.; Notice of Application July 10, 2012. AGENCY...: AmericaFirst Quantitative Trust (the ``AmericaFirst Trust'') and AmericaFirst Securities, Inc. (``AFSI...

49 CFR 1515.3 - Terms used in this part.

Code of Federal Regulations, 2010 CFR

2010-10-01

.... Applicant means an individual who has applied for one of the security threat assessments identified in 49... for the security threat assessment but TSA later determined that the individual poses a security.... Security threat assessment means the threat assessment for which the applicant has applied, as described in...

Multimedia Security System for Security and Medical Applications

ERIC Educational Resources Information Center

Zhou, Yicong

2010-01-01

This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

The President Has No Clothes: The Case for Broader Application of Red Teaming within Homeland Security

DTIC Science & Technology

2010-06-01

CLOTHES: THE CASE FOR BROADER APPLICATION OF RED TEAMING WITHIN HOMELAND SECURITY by A. Bentley Nettles June 2010 Thesis Advisor...Red Teaming Within Homeland Security 6. AUTHOR(S) A. Bentley Nettles 5. FUNDING NUMBERS 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES...APPLICATION OF RED TEAMING WITHIN HOMELAND SECURITY A. Bentley Nettles Colonel, United States Army B.A., Texas A&M University, 1985 J.D. South

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krishnamurthy, Dheepak

This paper is an overview of Power System Simulation Toolbox (psst). psst is an open-source Python application for the simulation and analysis of power system models. psst simulates the wholesale market operation by solving a DC Optimal Power Flow (DCOPF), Security Constrained Unit Commitment (SCUC) and a Security Constrained Economic Dispatch (SCED). psst also includes models for the various entities in a power system such as Generator Companies (GenCos), Load Serving Entities (LSEs) and an Independent System Operator (ISO). psst features an open modular object oriented architecture that will make it useful for researchers to customize, expand, experiment beyond solvingmore » traditional problems. psst also includes a web based Graphical User Interface (GUI) that allows for user friendly interaction and for implementation on remote High Performance Computing (HPCs) clusters for parallelized operations. This paper also provides an illustrative application of psst and benchmarks with standard IEEE test cases to show the advanced features and the performance of toolbox.« less

77 FR 11146 - Intent To Request Renewal From OMB of One Current Public Collection of Information: Certified...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-24

...The Transportation Security Administration (TSA) invites public comment on one currently approved Information Collection Request (ICR), OMB control number 1652-0053, abstracted below that we will submit to the Office of Management and Budget (OMB) for renewal in compliance with the Paperwork Reduction Act. The ICR describes the nature of the information collection and its expected burden. The collections include: (1) Applications from entities that wish to become Certified Cargo Screening Facilities (CCSF); (2) personal information to allow TSA to conduct security threat assessments on key individuals employed by the CCSFs; (3) acceptance of a standard security program or submission of a proposed modified security program; (4) information on the amount of cargo screened; and (5) recordkeeping requirements for CCSFs. TSA is seeking the renewal of the ICR for the continuation of the program in order to secure passenger aircraft carrying cargo.

Thermal infrared panoramic imaging sensor

NASA Astrophysics Data System (ADS)

Gutin, Mikhail; Tsui, Eddy K.; Gutin, Olga; Wang, Xu-Ming; Gutin, Alexey

2006-05-01

Panoramic cameras offer true real-time, 360-degree coverage of the surrounding area, valuable for a variety of defense and security applications, including force protection, asset protection, asset control, security including port security, perimeter security, video surveillance, border control, airport security, coastguard operations, search and rescue, intrusion detection, and many others. Automatic detection, location, and tracking of targets outside protected area ensures maximum protection and at the same time reduces the workload on personnel, increases reliability and confidence of target detection, and enables both man-in-the-loop and fully automated system operation. Thermal imaging provides the benefits of all-weather, 24-hour day/night operation with no downtime. In addition, thermal signatures of different target types facilitate better classification, beyond the limits set by camera's spatial resolution. The useful range of catadioptric panoramic cameras is affected by their limited resolution. In many existing systems the resolution is optics-limited. Reflectors customarily used in catadioptric imagers introduce aberrations that may become significant at large camera apertures, such as required in low-light and thermal imaging. Advantages of panoramic imagers with high image resolution include increased area coverage with fewer cameras, instantaneous full horizon detection, location and tracking of multiple targets simultaneously, extended range, and others. The Automatic Panoramic Thermal Integrated Sensor (APTIS), being jointly developed by Applied Science Innovative, Inc. (ASI) and the Armament Research, Development and Engineering Center (ARDEC) combines the strengths of improved, high-resolution panoramic optics with thermal imaging in the 8 - 14 micron spectral range, leveraged by intelligent video processing for automated detection, location, and tracking of moving targets. The work in progress supports the Future Combat Systems (FCS) and the Intelligent Munitions Systems (IMS). The APTIS is anticipated to operate as an intelligent node in a wireless network of multifunctional nodes that work together to serve in a wide range of applications of homeland security, as well as serve the Army in tasks of improved situational awareness (SA) in defense and offensive operations, and as a sensor node in tactical Intelligence Surveillance Reconnaissance (ISR). The novel ViperView TM high-resolution panoramic thermal imager is the heart of the APTIS system. It features an aberration-corrected omnidirectional imager with small optics designed to match the resolution of a 640x480 pixels IR camera with improved image quality for longer range target detection, classification, and tracking. The same approach is applicable to panoramic cameras working in the visible spectral range. Other components of the ATPIS system include network communications, advanced power management, and wakeup capability. Recent developments include image processing, optical design being expanded into the visible spectral range, and wireless communications design. This paper describes the development status of the APTIS system.

Potential impact of HITECH security regulations on medical imaging.

PubMed

Prior, Fred; Ingeholm, Mary Lou; Levine, Betty A; Tarbox, Lawrence

2009-01-01

Title XIII of Division A and Title IV of Division B of the American Recovery and Reinvestment Act (ARRA) of 2009 [1] include a provision commonly referred to as the "Health Information Technology for Economic and Clinical Health Act" or "HITECH Act" that is intended to promote the electronic exchange of health information to improve the quality of health care. Subtitle D of the HITECH Act includes key amendments to strengthen the privacy and security regulations issued under the Health Insurance Portability and Accountability Act (HIPAA). The HITECH act also states that "the National Coordinator" must consult with the National Institute of Standards and Technology (NIST) in determining what standards are to be applied and enforced for compliance with HIPAA. This has led to speculation that NIST will recommend that the government impose the Federal Information Security Management Act (FISMA) [2], which was created by NIST for application within the federal government, as requirements to the public Electronic Health Records (EHR) community in the USA. In this paper we will describe potential impacts of FISMA on medical image sharing strategies such as teleradiology and outline how a strict application of FISMA or FISMA-based regulations could have significant negative impacts on information sharing between care providers.

Simultaneous multiplexing and encoding of multiple images based on a double random phase encryption system

NASA Astrophysics Data System (ADS)

Alfalou, Ayman; Mansour, Ali

2009-09-01

Nowadays, protecting information is a major issue in any transmission system, as showed by an increasing number of research papers related to this topic. Optical encoding methods, such as a Double Random Phase encryption system i.e. DRP, are widely used and cited in the literature. DRP systems have very simple principle and they are easily applicable to most images (B&W, gray levels or color). Moreover, some applications require an enhanced encoding level based on multiencryption scheme and including biometric keys (as digital fingerprints). The enhancement should be done without increasing transmitted or stored information. In order to achieve that goal, a new approach for simultaneous multiplexing & encoding of several target images is developed in this manuscript. By introducing two additional security levels, our approach enhances the security level of a classic "DRP" system. Our first security level consists in using several independent image-keys (randomly and structurally) along with a new multiplexing algorithm. At this level, several target images (multiencryption) are used. This part can reduce needed information (encoding information). At the second level a standard DRP system is included. Finally, our approach can detect if any vandalism attempt has been done on transmitted encrypted images.

LCS Content Document Application

NASA Technical Reports Server (NTRS)

Hochstadt, Jake

2011-01-01

My project at KSC during my spring 2011 internship was to develop a Ruby on Rails application to manage Content Documents..A Content Document is a collection of documents and information that describes what software is installed on a Launch Control System Computer. It's important for us to make sure the tools we use everyday are secure, up-to-date, and properly licensed. Previously, keeping track of the information was done by Excel and Word files between different personnel. The goal of the new application is to be able to manage and access the Content Documents through a single database backed web application. Our LCS team will benefit greatly with this app. Admin's will be able to login securely to keep track and update the software installed on each computer in a timely manner. We also included exportability such as attaching additional documents that can be downloaded from the web application. The finished application will ease the process of managing Content Documents while streamlining the procedure. Ruby on Rails is a very powerful programming language and I am grateful to have the opportunity to build this application.

33 CFR 165.9 - Geographic application of limited and controlled access areas and regulated navigation areas.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., including the territorial sea to a seaward limit of 12 nautical miles from the baseline. (c) Security zones..., including the territorial sea to a seaward limit of 12 nautical miles from the baseline. (d) Naval vessel..., including the territorial sea to a seaward limit of 12 nautical miles from the baseline. [USCG-2001-9044, 68...

Controller–Pilot Data Link Communication Security

PubMed Central

Polishchuk, Tatiana; Wernberg, Max

2018-01-01

The increased utilization of the new types of cockpit communications, including controller–pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system. PMID:29783791

Controller⁻Pilot Data Link Communication Security.

PubMed

Gurtov, Andrei; Polishchuk, Tatiana; Wernberg, Max

2018-05-20

The increased utilization of the new types of cockpit communications, including controller⁻pilot data link communications (CPDLC), puts the airplane at higher risk of hacking or interference than ever before. We review the technological characteristics and properties of the CPDLC and construct the corresponding threat model. Based on the limitations imposed by the system parameters, we propose several solutions for the improved security of the data messaging communication used in air traffic management (ATM). We discuss the applicability of elliptical curve cryptography (ECC), protected aircraft communications addressing and reporting systems (PACARs) and the Host Identity Protocol (HIP) as possible countermeasures to the identified security threats. In addition, we consider identity-defined networking (IDN) as an example of a genuine security solution which implies global changes in the whole air traffic communication system.

17 CFR 249.1100 - Form MSD, application for registration as a municipal securities dealer pursuant to rule 15Ba2-1...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form MSD, application for... of Municipal Securities Dealers § 249.1100 Form MSD, application for registration as a municipal... Exchange Act of 1934 (the “Act”), or to amend such application. Note: Copies of Form MSD have been filed...

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

A single-pixel X-ray imager concept and its application to secure radiographic inspections

DOE PAGES

Gilbert, Andrew J.; Miller, Brian W.; Robinson, Sean M.; ...

2017-07-01

Imaging technology is generally considered too invasive for arms control inspections due to the concern that it cannot properly secure sensitive features of the inspected item. But, this same sensitive information, which could include direct information on the form and function of the items under inspection, could be used for robust arms control inspections. The single-pixel X-ray imager (SPXI) is introduced as a method to make such inspections, capturing the salient spatial information of an object in a secure manner while never forming an actual image. We built this method on the theory of compressive sensing and the single pixelmore » optical camera. The performance of the system is quantified using simulated inspections of simple objects. Measures of the robustness and security of the method are introduced and used to determine how robust and secure such an inspection would be. Particularly, it is found that an inspection with low noise (<1%) and high undersampling (>256×) exhibits high robustness and security.« less

Small Technology Business Incubation Needs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None, None

2007-12-31

This report contains a summary of typical business incubation needs of small technology companies. This document will serve as a guide in the design and implementation of services offered by the National Security Technology Incubator (NSTI), an incubator program being designed and developed as part of the National Security Preparedness Project (NSPP), performed under a Department of Energy (DOE)/National Nuclear Security Administration (NNSA) grant. This report includes a brief description of the methodology used to perform the needs assessment and services proposed to meet the needs of client companies. The purpose of the NSPP is to promote national security technologiesmore » through business incubation, technology demonstration and validation, and workforce development. The NSTI will focus on serving businesses with national security technology applications by nurturing them through critical stages of early development. The vision of the NSTI is to be a successful incubator of technologies and private enterprise that assist the NNSA in meeting new challenges in national safety, security, and protection of the homeland.« less

Security of electronic mental health communication and record-keeping in the digital age.

PubMed

Elhai, Jon D; Frueh, B Christopher

2016-02-01

The mental health field has seen a trend in recent years of the increased use of information technology, including mobile phones, tablets, and laptop computers, to facilitate clinical treatment delivery to individual patients and for record keeping. However, little attention has been paid to ensuring that electronic communication with patients is private and secure. This is despite potentially deleterious consequences of a data breach, which are reported in the news media very frequently in modern times. In this article, we present typical security concerns associated with using technology in clinical services or research. We also discuss enhancing the privacy and security of electronic communication with clinical patients and research participants. We offer practical, easy-to-use software application solutions for clinicians and researchers to secure patient communication and records. We discuss such issues as using encrypted wireless networks, secure e-mail, encrypted messaging and videoconferencing, privacy on social networks, and others. © Copyright 2015 Physicians Postgraduate Press, Inc.

A single-pixel X-ray imager concept and its application to secure radiographic inspections

NASA Astrophysics Data System (ADS)

Gilbert, Andrew J.; Miller, Brian W.; Robinson, Sean M.; White, Timothy A.; Pitts, William Karl; Jarman, Kenneth D.; Seifert, Allen

2017-07-01

Imaging technology is generally considered too invasive for arms control inspections due to the concern that it cannot properly secure sensitive features of the inspected item. However, this same sensitive information, which could include direct information on the form and function of the items under inspection, could be used for robust arms control inspections. The single-pixel X-ray imager (SPXI) is introduced as a method to make such inspections, capturing the salient spatial information of an object in a secure manner while never forming an actual image. The method is built on the theory of compressive sensing and the single pixel optical camera. The performance of the system is quantified using simulated inspections of simple objects. Measures of the robustness and security of the method are introduced and used to determine how robust and secure such an inspection would be. In particular, it is found that an inspection with low noise ( < 1 %) and high undersampling ( > 256 ×) exhibits high robustness and security.

Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.

PubMed

Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F

2018-06-05

Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

12 CFR 350.12 - Disclosure required by applicable banking or securities law or regulations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 12 Banks and Banking 4 2010-01-01 2010-01-01 false Disclosure required by applicable banking or securities law or regulations. 350.12 Section 350.12 Banks and Banking FEDERAL DEPOSIT INSURANCE CORPORATION... STATE NONMEMBER BANKS § 350.12 Disclosure required by applicable banking or securities law or...

Special Reports; Homeland Security and Information Management; The Development of Electronic Government in the United States: The Federal Policy Experience; Digital Rights Management: Why Libraries Should Be Major Players; The Current State and Future Promise of Portal Applications; Recruitment and Retention: A Professional Concern.

ERIC Educational Resources Information Center

Relyea, Harold C.; Halchin, L. Elaine; Hogue, Henry B.; Agnew, Grace; Martin, Mairead; Schottlaender, Brian E. C.; Jackson, Mary E.

2003-01-01

Theses five reports address five special issues: the effects of the September 11 attacks on information management, including homeland security, Web site information removal, scientific and technical information, and privacy concerns; federal policy for electronic government information; digital rights management and libraries; library Web portal…

10 CFR 30.4 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... access control measures that are not related to the safe use of, or security of, radiological materials... individual, corporation, partnership, firm, association, trust, estate, public or private institution, group... technical nature into practical application for experimental and demonstration purposes, including the...

Secure and private sensing for driver authentication and transportation safety : final report.

DOT National Transportation Integrated Search

2017-08-01

Recent technology trends have allowed affordable and efficient collection of driver data. This has enabled a variety of potential applications, including more accurate pricing determinations for insurance and finer grained traffic planning for improv...

17 CFR 400.5 - Amendments to application for registration and to notice of status as a government securities...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Amendments to application for registration and to notice of status as a government securities broker or dealer. 400.5 Section 400.5 Commodity and Securities Exchanges DEPARTMENT OF THE TREASURY REGULATIONS UNDER SECTION 15C OF THE SECURITIES EXCHANGE ACT OF 1934 RULES OF GENERAL...

17 CFR 400.5 - Amendments to application for registration and to notice of status as a government securities...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Amendments to application for registration and to notice of status as a government securities broker or dealer. 400.5 Section 400.5 Commodity and Securities Exchanges DEPARTMENT OF THE TREASURY REGULATIONS UNDER SECTION 15C OF THE SECURITIES EXCHANGE ACT OF 1934 RULES OF GENERAL...

17 CFR 400.5 - Amendments to application for registration and to notice of status as a government securities...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Amendments to application for registration and to notice of status as a government securities broker or dealer. 400.5 Section 400.5 Commodity and Securities Exchanges DEPARTMENT OF THE TREASURY REGULATIONS UNDER SECTION 15C OF THE SECURITIES EXCHANGE ACT OF 1934 RULES OF GENERAL...

17 CFR 400.5 - Amendments to application for registration and to notice of status as a government securities...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Amendments to application for registration and to notice of status as a government securities broker or dealer. 400.5 Section 400.5 Commodity and Securities Exchanges DEPARTMENT OF THE TREASURY REGULATIONS UNDER SECTION 15C OF THE SECURITIES EXCHANGE ACT OF 1934 RULES OF GENERAL...

17 CFR 400.5 - Amendments to application for registration and to notice of status as a government securities...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Amendments to application for registration and to notice of status as a government securities broker or dealer. 400.5 Section 400.5 Commodity and Securities Exchanges DEPARTMENT OF THE TREASURY REGULATIONS UNDER SECTION 15C OF THE SECURITIES EXCHANGE ACT OF 1934 RULES OF GENERAL...

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

Temporal and Spatial Distribution of Ecological Security in Arid Region Based on GIS: A Case Study in Xinjiang

NASA Astrophysics Data System (ADS)

Zhang, Q.; Song, W.; Yang, J.

2017-12-01

Ecological security is close related to the people's survival and development. In the context of the global warming, with the increasingly frequent human activities, ecological and environmental problems have become increasingly prominent. Ecological security has aroused widespread concern, especially in the arid region. It has an important role in national security as well as political security, military security, economic security, social security. Taken Xinjiang as the research area, which is a typical arid region in China, this study establishes an ecological safety assessment indicator system from perspective of the generic process and the formation mechanism of the ecosystem. The framework is based on natural resources dimensions, natural environment dimensions and human disturbance dimensions. Water is the restrictive factor for the development of arid region, so the water resources carrying capacity is the main natural resource of the study area. The natural environment includes SPI(standardized precipitation index), dryness index, landscape vulnerability, NDVI. Human disturbance includes urbanization rate, population density, afforestation area, per capita GDP, water-saving irrigation area, fertilizer and pesticide application, agriculture Mechanical power, energy consumption. The expert scoring method and the coefficient of variation method are used to determine the weight of each indicator, and finally a comprehensive index is constructed to evaluate the ecological security of Xinjiang, that is, the ecological security index. The results indicate that the ecological security of Xinjiang is 0.43, which is in the critical area. The ecological security of Hami, Turpan and Karamay is the lowest, and the ecological security of the Arabian and Yili is the highest. The ecological security of the south in the Xinjiang is higher than that in the north. In short, ecological environment of Xinjiang is in a sensitive period. Effective ecological protection policy will ameliorate the ecological environment, on the contrary, high-intensity human activities will make it tends to deteriorate. This research would provide scientific guidance and suggestions for the ecological environment protection and sustainable development of Xinjiang.

Dual-surface dielectric depth detector for holographic millimeter-wave security scanners

NASA Astrophysics Data System (ADS)

McMakin, Douglas L.; Keller, Paul E.; Sheen, David M.; Hall, Thomas E.

2009-05-01

The Transportation Security Administration (TSA) is presently deploying millimeter-wave whole body scanners at over 20 airports in the United States. Threats that may be concealed on a person are displayed to the security operator of this scanner. "Passenger privacy is ensured through the anonymity of the image. The officer attending the passenger cannot view the image, and the officer viewing the image is remotely located and cannot see the passenger. Additionally, the image cannot be stored, transmitted or printed and is deleted immediately after being viewed. Finally, the facial area of the image has been blurred to further ensure privacy." Pacific Northwest National Laboratory (PNNL) originated research into this novel security technology which has been independently commercialized by L-3 Communications, SafeView, Inc. PNNL continues to perform fundamental research into improved software techniques which are applicable to the field of holographic security screening technology. This includes performing significant research to remove human features from the imagery. Both physical and software imaging techniques have been employed. The physical imaging techniques include polarization diversity illumination and reception, dual frequency implementation, and high frequency imaging at 100 GHz. This paper will focus on a software privacy technique using a dual surface dielectric depth detector method.

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

PubMed

Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

2015-09-01

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to other related schemes. As a result, our scheme is very appropriate for practical applications in TMIS.

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability. Contracting Officers are responsible for ensuring that all information technology acquisitions comply with the Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

A Method of Signal Scrambling to Secure Data Storage for Healthcare Applications.

PubMed

Bao, Shu-Di; Chen, Meng; Yang, Guang-Zhong

2017-11-01

A body sensor network that consists of wearable and/or implantable biosensors has been an important front-end for collecting personal health records. It is expected that the full integration of outside-hospital personal health information and hospital electronic health records will further promote preventative health services as well as global health. However, the integration and sharing of health information is bound to bring with it security and privacy issues. With extensive development of healthcare applications, security and privacy issues are becoming increasingly important. This paper addresses the potential security risks of healthcare data in Internet-based applications and proposes a method of signal scrambling as an add-on security mechanism in the application layer for a variety of healthcare information, where a piece of tiny data is used to scramble healthcare records. The former is kept locally and the latter, along with security protection, is sent for cloud storage. The tiny data can be derived from a random number generator or even a piece of healthcare data, which makes the method more flexible. The computational complexity and security performance in terms of theoretical and experimental analysis has been investigated to demonstrate the efficiency and effectiveness of the proposed method. The proposed method is applicable to all kinds of data that require extra security protection within complex networks.

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

Applications of spatially offset Raman spectroscopy to defense and security

NASA Astrophysics Data System (ADS)

Guicheteau, Jason; Hopkins, Rebecca

2016-05-01

Spatially offset Raman spectroscopy (SORS) allows for sub-surface and through barrier detection and has applications in drug analysis, cancer detection, forensic science, as well as defense and security. This paper reviews previous efforts in SORS and other through barrier Raman techniques and presents a discussion on current research in defense and security applications.

20 CFR 217.7 - Claim filed with the Social Security Administration.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 1 2011-04-01 2011-04-01 false Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the Social...

20 CFR 217.7 - Claim filed with the Social Security Administration.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 1 2012-04-01 2012-04-01 false Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the Social...

20 CFR 217.7 - Claim filed with the Social Security Administration.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 1 2013-04-01 2012-04-01 true Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the Social...

20 CFR 217.7 - Claim filed with the Social Security Administration.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 1 2014-04-01 2012-04-01 true Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the Social...

20 CFR 217.7 - Claim filed with the Social Security Administration.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 1 2010-04-01 2010-04-01 false Claim filed with the Social Security... RETIREMENT ACT APPLICATION FOR ANNUITY OR LUMP SUM Applications § 217.7 Claim filed with the Social Security Administration. (a) Claim is for life benefits. An application for life benefits under title II of the Social...

Adaptation of the U.S. Food Security Survey Module for Low-Income Pregnant Latinas: Qualitative Phase.

PubMed

Hromi-Fiedler, Amber; Bermúdez-Millán, Angela; Segura-Pérez, Sofia; Damio, Grace; Pérez-Escamilla, Rafael

2009-01-01

The objectives of this study were to: 1) assessed the face validity of the 18-items US Household Food Security Scale Module (US HFSSM) among low-income pregnant Latinas and 2) adapt the US HFSSM to the target population. This study was conducted in the United States in Hartford, Connecticut where 40% of residents are of Latina descent. Three focus groups (N=14(total)) were held with pregnant and postpartum Latinas from April - June 2004 to assess the understanding and applicability (face validity) of the US HFSSM as well as adapt the US HFSSM based on their recommendations. This was followed by pre-testing (N=7) to make final adaptations to the US HFSSM. Overall, the items in the US HFSSM were clear and understandable to participants, but some questions sounded repetitive to them. Participants felt the questions were applicable to other pregnant Latinas in their community and shared food security related experiences and strategies. Participants recommendations led to key adaptations to the US HFSSM including reducing the scale to 15-items, wording statements as questions, including two time periods, replacing the term "balanced meals" with "healthy and varied", replacing the term "low cost foods" with "cheap foods" and including a definition of the term, and including a coping mechanism of avoiding running out of food. The adapted US HFSSM was found to have good face validity among pregnant Latinas and can be used to assess food insecurity among this vulnerable population.

17 CFR 240.15Ba2-2 - Application for registration of non-bank municipal securities dealers whose business is...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Application for registration of non-bank municipal securities dealers whose business is exclusively intrastate. 240.15Ba2-2... registration of non-bank municipal securities dealers whose business is exclusively intrastate. (a) An...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2012 CFR

2012-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2013 CFR

2013-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) A cyber security plan in accordance with the criteria set forth in § 73.54 of this chapter; (iv) A... cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan, shall protect the plans and...

10 CFR 52.79 - Contents of applications; technical information in final safety analysis report.

Code of Federal Regulations, 2014 CFR

2014-01-01

... B to 10 CFR part 73. (iii) A cyber security plan in accordance with the criteria set forth in § 73..., training and qualification plan, and cyber security plan; and (v) Each applicant who prepares a physical security plan, a safeguards contingency plan, a training and qualification plan, or a cyber security plan...

17 CFR 240.6a-1 - Application for registration as a national securities exchange or exemption from registration...

Code of Federal Regulations, 2010 CFR

2010-04-01

... as a national securities exchange or exemption from registration based on limited volume. 240.6a-1... national securities exchange or exemption from registration based on limited volume. (a) An application for registration as a national securities exchange, or for exemption from such registration based on limited volume...

17 CFR 240.6a-1 - Application for registration as a national securities exchange or exemption from registration...

Code of Federal Regulations, 2011 CFR

2011-04-01

... as a national securities exchange or exemption from registration based on limited volume. 240.6a-1... national securities exchange or exemption from registration based on limited volume. (a) An application for registration as a national securities exchange, or for exemption from such registration based on limited volume...

Accelerators for Discovery Science and Security applications

NASA Astrophysics Data System (ADS)

Todd, A. M. M.; Bluem, H. P.; Jarvis, J. D.; Park, J. H.; Rathke, J. W.; Schultheiss, T. J.

2015-05-01

Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15-50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug-cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

Smart sensing surveillance system

NASA Astrophysics Data System (ADS)

Hsu, Charles; Chu, Kai-Dee; O'Looney, James; Blake, Michael; Rutar, Colleen

2010-04-01

An effective public safety sensor system for heavily-populated applications requires sophisticated and geographically-distributed infrastructures, centralized supervision, and deployment of large-scale security and surveillance networks. Artificial intelligence in sensor systems is a critical design to raise awareness levels, improve the performance of the system and adapt to a changing scenario and environment. In this paper, a highly-distributed, fault-tolerant, and energy-efficient Smart Sensing Surveillance System (S4) is presented to efficiently provide a 24/7 and all weather security operation in crowded environments or restricted areas. Technically, the S4 consists of a number of distributed sensor nodes integrated with specific passive sensors to rapidly collect, process, and disseminate heterogeneous sensor data from near omni-directions. These distributed sensor nodes can cooperatively work to send immediate security information when new objects appear. When the new objects are detected, the S4 will smartly select the available node with a Pan- Tilt- Zoom- (PTZ) Electro-Optics EO/IR camera to track the objects and capture associated imagery. The S4 provides applicable advanced on-board digital image processing capabilities to detect and track the specific objects. The imaging detection operations include unattended object detection, human feature and behavior detection, and configurable alert triggers, etc. Other imaging processes can be updated to meet specific requirements and operations. In the S4, all the sensor nodes are connected with a robust, reconfigurable, LPI/LPD (Low Probability of Intercept/ Low Probability of Detect) wireless mesh network using Ultra-wide band (UWB) RF technology. This UWB RF technology can provide an ad-hoc, secure mesh network and capability to relay network information, communicate and pass situational awareness and messages. The Service Oriented Architecture of S4 enables remote applications to interact with the S4 network and use the specific presentation methods. In addition, the S4 is compliant with Open Geospatial Consortium - Sensor Web Enablement (OGC-SWE) standards to efficiently discover, access, use, and control heterogeneous sensors and their metadata. These S4 capabilities and technologies have great potential for both military and civilian applications, enabling highly effective security support tools for improving surveillance activities in densely crowded environments. The S4 system is directly applicable to solutions for emergency response personnel, law enforcement, and other homeland security missions, as well as in applications requiring the interoperation of sensor networks with handheld or body-worn interface devices.

Evaluation of dressings used with local anaesthetic cream and for peripheral venous cannulation.

PubMed

Needham, Rowan; Strehle, Eugen-Matthias

2008-10-01

To compare four polyurethane dressings manufactured by two different companies for use in children. Seventy-eight dressings were applied to secure either local anaesthetic creams (n = 62) or intravenous cannulae (n = 16). Each dressing was evaluated for ease of application, security and ease of removal, using a simple scoring system. 84 per cent of Opsite flexigrid and 90 per cent of Tegaderm local anaesthetic cream dressings were rated as easy or very easy to apply. Opsite flexigrid was felt to be more secure, whereas Tegaderm was easier to remove. The Tegaderm cannula dressing was easier to apply than the iv3000 dressing. There was little difference between the two brands, including costs.

Technology Requirements and Selection for Securely Partitioning OBSW

NASA Astrophysics Data System (ADS)

Mendham, Peter; Windsor, James; Eckstein, Knut

2010-08-01

The Securely Partitioning Spacecraft Computing Resources project is a current ESA TRP activity investigating the application of secure time and space partitioning (TSP) technologies to enable multi-use missions from a single platform. Secure TSP technologies are used in a number of application areas outside the space domain and an opportunity exists to 'spin-in' a suitable solution. The selection of a technology for use within space the European space industry relies on an understanding of the requirements for the application of secure TSP, of which this paper presents a summary. Further, the paper outlines the selection process taken by the project and highlights promising solutions for use today.

Application of the JDL data fusion process model for cyber security

NASA Astrophysics Data System (ADS)

Giacobe, Nicklaus A.

2010-04-01

A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

75 FR 7925 - Truth in Lending

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-22

... Credit Card Act and incorporated in the new final rule. Therefore, the Board is withdrawing the January... for open-end (not home- secured) credit, including credit cards. The rule made comprehensive changes... disclosures: Credit card applications and solicitations, account-opening disclosures, periodic statements...

10 CFR Appendix B to Subpart B of... - Training and Qualification for Security Skills and Knowledge

Code of Federal Regulations, 2012 CFR

2012-01-01

... maintain mandated certification, if applicable. Such personnel include, but are not limited to, flight... exercise shall be prepared for management review and planning and retained for a period of 1 year, unless a...

10 CFR Appendix B to Subpart B of... - Training and Qualification for Security Skills and Knowledge

Code of Federal Regulations, 2011 CFR

2011-01-01

... maintain mandated certification, if applicable. Such personnel include, but are not limited to, flight... exercise shall be prepared for management review and planning and retained for a period of 1 year, unless a...

10 CFR Appendix B to Subpart B of... - Training and Qualification for Security Skills and Knowledge

Code of Federal Regulations, 2013 CFR

2013-01-01

... maintain mandated certification, if applicable. Such personnel include, but are not limited to, flight... exercise shall be prepared for management review and planning and retained for a period of 1 year, unless a...

10 CFR Appendix B to Subpart B of... - Training and Qualification for Security Skills and Knowledge

Code of Federal Regulations, 2010 CFR

2010-01-01

... maintain mandated certification, if applicable. Such personnel include, but are not limited to, flight... exercise shall be prepared for management review and planning and retained for a period of 1 year, unless a...

Intelligent Facial Recognition Systems: Technology advancements for security applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beer, C.L.

1993-07-01

Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g.,more » fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.« less

Mobile health requires mobile security: challenges, solutions, and standardization.

PubMed

Pharow, Peter; Blobel, Bernd

2008-01-01

Extended communication and advanced cooperation in a permanently growing healthcare and welfare domain require a well-defined set of security services provided by an interoperable security infrastructure based on international and European standards. Any communication and collaboration procedure requires a purpose. But such legal purpose-binding is definitely not the only aspect to carefully be observed and investigated. More and more, aspects of security, safety, privacy, ethics, and quality reach importance while discussing about future-proof health information systems and health networks - regardless whether local, regional or even pan-European networks. During the course of the current paradigm change from an organization-centered to a process-related and to a person-centered health system, different new technologies including mobile solutions need to be applied in order to meet challenges arising from both legal and technical circumstances. Beside the typical Information and Communication Technology systems and applications, the extended use of modern technologies includes large medical devices like, e.g., MRI and CT but also small devices like sensors worn by a person or included in clothing. Security and safety are on top of the priority list. The paper addresses the identification of some specific aspects like mobile technology and safety when moving both IT and people towards mobile health aiming at increasing citizens and patients awareness, confidence, and acceptance in future mobile care - a world often still beyond the horizon.

40 CFR 142.307 - What terms and conditions must be included in a small system variance?

Code of Federal Regulations, 2012 CFR

2012-07-01

... improvements to comply with the small system variance technology, secure an alternative source of water, or... included in a small system variance? 142.307 Section 142.307 Protection of Environment ENVIRONMENTAL... IMPLEMENTATION Variances for Small System Review of Small System Variance Application § 142.307 What terms and...

40 CFR 142.307 - What terms and conditions must be included in a small system variance?

Code of Federal Regulations, 2013 CFR

2013-07-01

... improvements to comply with the small system variance technology, secure an alternative source of water, or... included in a small system variance? 142.307 Section 142.307 Protection of Environment ENVIRONMENTAL... IMPLEMENTATION Variances for Small System Review of Small System Variance Application § 142.307 What terms and...

40 CFR 142.307 - What terms and conditions must be included in a small system variance?

Code of Federal Regulations, 2014 CFR

2014-07-01

... improvements to comply with the small system variance technology, secure an alternative source of water, or... included in a small system variance? 142.307 Section 142.307 Protection of Environment ENVIRONMENTAL... IMPLEMENTATION Variances for Small System Review of Small System Variance Application § 142.307 What terms and...

40 CFR 142.307 - What terms and conditions must be included in a small system variance?

Code of Federal Regulations, 2011 CFR

2011-07-01

... improvements to comply with the small system variance technology, secure an alternative source of water, or... included in a small system variance? 142.307 Section 142.307 Protection of Environment ENVIRONMENTAL... IMPLEMENTATION Variances for Small System Review of Small System Variance Application § 142.307 What terms and...

Final report for the Integrated and Robust Security Infrastructure (IRSI) laboratory directed research and development project

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hutchinson, R.L.; Hamilton, V.A.; Istrail, G.G.

1997-11-01

This report describes the results of a Sandia-funded laboratory-directed research and development project titled {open_quotes}Integrated and Robust Security Infrastructure{close_quotes} (IRSI). IRSI was to provide a broad range of commercial-grade security services to any software application. IRSI has two primary goals: application transparency and manageable public key infrastructure. IRSI must provide its security services to any application without the need to modify the application to invoke the security services. Public key mechanisms are well suited for a network with many end users and systems. There are many issues that make it difficult to deploy and manage a public key infrastructure. IRSImore » addressed some of these issues to create a more manageable public key infrastructure.« less

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

77 FR 76770 - Proposed Exemptions From Certain Prohibited Transaction Restrictions

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-28

...This document contains notices of pendency before the Department of Labor (the Department) of proposed exemptions from certain of the prohibited transaction restrictions of the Employee Retirement Income Security Act of 1974 (ERISA or the Act) and/or the Internal Revenue Code of 1986 (the Code). This notice includes the following proposed exemptions: D-11664, Atlas Energy, Inc. Employee Stock Ownership Plan (the Plan); D-11718, Notice of Proposed Amendment to Prohibited Transaction Exemption (PTE) 2007-05, Involving Prudential Securities Incorporated; L-11720, The Mo-Kan Teamsters Apprenticeship and Training Fund (the Fund); L-11738, The Coca-Cola Company (TCCC) and Red Re, Inc. (Red Re) (together, the Applicants); and D-11671, Silchester International Investors LLP (Silchester or the Applicant).

Privacy Is Become with, Data Perturbation

NASA Astrophysics Data System (ADS)

Singh, Er. Niranjan; Singhai, Niky

2011-06-01

Privacy is becoming an increasingly important issue in many data mining applications that deal with health care, security, finance, behavior and other types of sensitive data. Is particularly becoming important in counterterrorism and homeland security-related applications. We touch upon several techniques of masking the data, namely random distortion, including the uniform and Gaussian noise, applied to the data in order to protect it. These perturbation schemes are equivalent to additive perturbation after the logarithmic Transformation. Due to the large volume of research in deriving private information from the additive noise perturbed data, the security of these perturbation schemes is questionable Many artificial intelligence and statistical methods exist for data analysis interpretation, Identifying and measuring the interestingness of patterns and rules discovered, or to be discovered is essential for the evaluation of the mined knowledge and the KDD process as a whole. While some concrete measurements exist, assessing the interestingness of discovered knowledge is still an important research issue. As the tool for the algorithm implementations we chose the language of choice in industrial world MATLAB.

Leveraging multi-channel x-ray detector technology to improve quality metrics for industrial and security applications

NASA Astrophysics Data System (ADS)

Jimenez, Edward S.; Thompson, Kyle R.; Stohn, Adriana; Goodner, Ryan N.

2017-09-01

Sandia National Laboratories has recently developed the capability to acquire multi-channel radio- graphs for multiple research and development applications in industry and security. This capability allows for the acquisition of x-ray radiographs or sinogram data to be acquired at up to 300 keV with up to 128 channels per pixel. This work will investigate whether multiple quality metrics for computed tomography can actually benefit from binned projection data compared to traditionally acquired grayscale sinogram data. Features and metrics to be evaluated include the ability to dis- tinguish between two different materials with similar absorption properties, artifact reduction, and signal-to-noise for both raw data and reconstructed volumetric data. The impact of this technology to non-destructive evaluation, national security, and industry is wide-ranging and has to potential to improve upon many inspection methods such as dual-energy methods, material identification, object segmentation, and computer vision on radiographs.

A Policy Based Approach for the Management of Web Browser Resources to Prevent Anonymity Attacks in Tor

NASA Astrophysics Data System (ADS)

Navarro-Arribas, Guillermo; Garcia-Alfaro, Joaquin

Web browsers are becoming the universal interface to reach applications and services related with these systems. Different browsing contexts may be required in order to reach them, e.g., use of VPN tunnels, corporate proxies, anonymisers, etc. By browsing context we mean how the user browsers the Web, including mainly the concrete configuration of its browser. When the context of the browser changes, its security requirements also change. In this work, we present the use of authorisation policies to automatise the process of controlling the resources of a Web browser when its context changes. The objective of our proposal is oriented towards easing the adaptation to the security requirements of the new context and enforce them in the browser without the need for user intervention. We present a concrete application of our work as a plug-in for the adaption of security requirements in Mozilla/Firefox browser when a context of anonymous navigation through the Tor network is enabled.

Study terrestrial applications of solar cell powered systems

NASA Technical Reports Server (NTRS)

Ravin, J. W.

1973-01-01

Terrestrial applications of solar cells and design systems are considered for those applications that show the most promise for becoming practical and accepted by users within the next five years. The study includes the definition, categorization, evaluation and screening of the most attractive potential terrestrial applications for solar cells. Potential markets are initially grouped and categorized in a general sense and are weighted in priority by their business volume, present and future. From a categorized list including marine, transportation, security, communication, meteorological and others, 66 potential solar cell applications have been cataloged. A methodology was formulated to include the criteria for evaluation and screening. The evaluation process covers all parts and components of the complete system required for each application and gives consideration to all factors, such as engineering, economic, production, marketing and other factors that may have an influence on the acceptance of the system.

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2011 CFR

2011-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

17 CFR 200.551 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Applicability. 200.551 Section 200.551 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Regulations Pertaining to the Protection of the Environment...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

Security aspects of electronic data interchange between a state health department and a hospital emergency department.

PubMed

Magnuson, J A; Klockner, Rocke; Ladd-Wilson, Stephen; Zechnich, Andrew; Bangs, Christopher; Kohn, Melvin A

2004-01-01

Electronic emergency department reporting provides the potential for enhancing local and state surveillance capabilities for a wide variety of syndromes and reportable conditions. The task of protecting data confidentiality and integrity while developing electronic data interchange between a hospital emergency department and a state public health department proved more complex than expected. This case study reports on the significant challenges that had to be resolved to accomplish this goal; these included application restrictions and incompatibilities, technical malfunctions, changing standards, and insufficient dedicated resources. One of the key administrative challenges was that of coordinating project security with enterprise security. The original project has evolved into an ongoing pilot, with the health department currently receiving secure data from the emergency department at four-hour intervals. Currently, planning is underway to add more emergency departments to the project.

Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

NASA Astrophysics Data System (ADS)

Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

2018-05-01

This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

75 FR 38557 - Application Nos. and Proposed Exemptions; D-11489, Morgan Stanley & Co., Incorporated; L-11609...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-02

...; (b) The term ``Auction Rate Security'' or ``ARS'' means a security: (1) That is either a debt... Securities (ARS). The applicant describes ARS and the arrangement by which ARS are bought and sold as follows. ARS are securities (issued as debt or preferred stock) with an interest rate or dividend that is reset...

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

NASA Astrophysics Data System (ADS)

Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

Measuring food and nutrition security: tools and considerations for use among people living with HIV.

PubMed

Fielden, Sarah J; Anema, Aranka; Fergusson, Pamela; Muldoon, Katherine; Grede, Nils; de Pee, Saskia

2014-10-01

As an increasing number of countries implement integrated food and nutrition security (FNS) and HIV programs, global stakeholders need clarity on how to best measure FNS at the individual and household level. This paper reviews prominent FNS measurement tools, and describes considerations for interpretation in the context of HIV. There exist a range of FNS measurement tools and many have been adapted for use in HIV-endemic settings. Considerations in selecting appropriate tools include sub-types (food sufficiency, dietary diversity and food safety); scope/level of application; and available resources. Tools need to reflect both the needs of PLHIV and affected households and FNS program objectives. Generalized food sufficiency and dietary diversity tools may provide adequate measures of FNS in PLHIV for programmatic applications. Food consumption measurement tools provide further data for clinical or research applications. Measurement of food safety is an important, but underdeveloped aspect of assessment, especially for PLHIV.

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

PubMed

You, Ilsun; Kwon, Soonhyun; Choudhary, Gaurav; Sharma, Vishal; Seo, Jung Taek

2018-06-08

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).

A Study of Defense Applications of Space Solar Power

NASA Astrophysics Data System (ADS)

Jaffe, Paul

2010-01-01

Space solar power (SSP) is generally considered to be the collection in space of energy from the sun and its wireless transmission from space for use on earth. It has been observed that the implementation of such a system could offer energy security, environmental, and technological advantages to those who would undertake its development. A study conducted by the Naval Research Laboratory (NRL) sought to determine if unique, cost effective, and efficient approaches exist for supplying significant power on demand for Navy, Marine Corps, or other Department of Defense applications by employing a space-based solar power system. The study was initiated by and prepared for top NRL management in part as a result of the publication of the National Security Space Office's (NSSO) report "Space-Based Solar Power as an Opportunity for Strategic Security." The NSSO report's recommendations included statements calling for the U.S. Government to conduct analyses, retire technical risk, and become an early demonstrator for SBSP. It should be noted that the principal objective of the NRL study differed significantly from that of the multitude of previous studies performed in reference to SBSP in that it focused on defense rather than utility grid applications.

A Test-Bed of Secure Mobile Cloud Computing for Military Applications

DTIC Science & Technology

2016-09-13

searching databases. This kind of applications is a typical example of mobile cloud computing (MCC). MCC has lots of applications in the military...Release; Distribution Unlimited UU UU UU UU 13-09-2016 1-Aug-2014 31-Jul-2016 Final Report: A Test-bed of Secure Mobile Cloud Computing for Military...Army Research Office P.O. Box 12211 Research Triangle Park, NC 27709-2211 Test-bed, Mobile Cloud Computing , Security, Military Applications REPORT

Application of the API/NPRA SVA methodology to transportation security issues.

PubMed

Moore, David A

2006-03-17

Security vulnerability analysis (SVA) is becoming more prevalent as the issue of chemical process security is of greater concern. The American Petroleum Institute (API) and the National Petrochemical and Refiner's Association (NPRA) have developed a guideline for conducting SVAs of petroleum and petrochemical facilities in May 2003. In 2004, the same organizations enhanced the guidelines by adding the ability to evaluate transportation security risks (pipeline, truck, and rail). The importance of including transportation and value chain security in addition to fixed facility security in a SVA is that these issues may be critically important to understanding the total risk of the operation. Most of the SVAs done using the API/NPRA SVA and other SVA methods were centered on the fixed facility and the operations within the plant fence. Transportation interfaces alone are normally studied as a part of the facility SVA, and the entire transportation route impacts and value chain disruption are not commonly considered. Particularly from a national, regional, or local infrastructure analysis standpoint, understanding the interdependencies is critical to the risk assessment. Transportation risks may include weaponization of the asset by direct attack en route, sabotage, or a Trojan Horse style attack into a facility. The risks differ in the level of access control and the degree of public exposures, as well as the dynamic nature of the assets. The public exposures along the transportation route need to be carefully considered. Risks may be mitigated by one of many strategies including internment, staging, prioritization, conscription, or prohibition, as well as by administrative security measures and technology for monitoring and isolating the assets. This paper illustrates how these risks can be analyzed by the API/NPRA SVA methodology. Examples are given of a pipeline operation, and other examples are found in the guidelines.

Security model for VM in cloud

NASA Astrophysics Data System (ADS)

Kanaparti, Venkataramana; Naveen K., R.; Rajani, S.; Padmvathamma, M.; Anitha, C.

2013-03-01

Cloud computing is a new approach emerged to meet ever-increasing demand for computing resources and to reduce operational costs and Capital Expenditure for IT services. As this new way of computation allows data and applications to be stored away from own corporate server, it brings more issues in security such as virtualization security, distributed computing, application security, identity management, access control and authentication. Even though Virtualization forms the basis for cloud computing it poses many threats in securing cloud. As most of Security threats lies at Virtualization layer in cloud we proposed this new Security Model for Virtual Machine in Cloud (SMVC) in which every process is authenticated by Trusted-Agent (TA) in Hypervisor as well as in VM. Our proposed model is designed to with-stand attacks by unauthorized process that pose threat to applications related to Data Mining, OLAP systems, Image processing which requires huge resources in cloud deployed on one or more VM's.

Routing architecture and security for airborne networks

NASA Astrophysics Data System (ADS)

Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

2009-05-01

Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

32 CFR 154.2 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-07-01

... , Director of Central Intelligence Directive (DCID) 1/14 2 and regulations of the National Security Agency. 1... Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION General Provisions § 154.2 Applicability. (a) This part implements the...

76 FR 60100 - The Singapore Fund, Inc.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-28

... SECURITIES AND EXCHANGE COMMISSION [Investment Company Act Release No. 29817; 812-13944] The Singapore Fund, Inc.; Notice of Application September 22, 2011. AGENCY: Securities and Exchange Commission.... ADDRESSES: Secretary, Securities and Exchange Commission, 100 F Street, NE., Washington, DC 20549-1090...

17 CFR 200.111 - Prohibitions; application; definitions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Prohibitions; application; definitions. 200.111 Section 200.111 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Code of Behavior Governing Ex Parte...

17 CFR 200.111 - Prohibitions; application; definitions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Prohibitions; application; definitions. 200.111 Section 200.111 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Code of Behavior Governing Ex Parte...

17 CFR 200.111 - Prohibitions; application; definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Prohibitions; application; definitions. 200.111 Section 200.111 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Code of Behavior Governing Ex Parte...

17 CFR 200.111 - Prohibitions; application; definitions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Prohibitions; application; definitions. 200.111 Section 200.111 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Code of Behavior Governing Ex Parte...

Roadmap on optical security

NASA Astrophysics Data System (ADS)

Javidi, Bahram; Carnicer, Artur; Yamaguchi, Masahiro; Nomura, Takanori; Pérez-Cabré, Elisabet; Millán, María S.; Nishchal, Naveen K.; Torroba, Roberto; Fredy Barrera, John; He, Wenqi; Peng, Xiang; Stern, Adrian; Rivenson, Yair; Alfalou, A.; Brosseau, C.; Guo, Changliang; Sheridan, John T.; Situ, Guohai; Naruse, Makoto; Matsumoto, Tsutomu; Juvells, Ignasi; Tajahuerce, Enrique; Lancis, Jesús; Chen, Wen; Chen, Xudong; Pinkse, Pepijn W. H.; Mosk, Allard P.; Markman, Adam

2016-08-01

Information security and authentication are important challenges facing society. Recent attacks by hackers on the databases of large commercial and financial companies have demonstrated that more research and development of advanced approaches are necessary to deny unauthorized access to critical data. Free space optical technology has been investigated by many researchers in information security, encryption, and authentication. The main motivation for using optics and photonics for information security is that optical waveforms possess many complex degrees of freedom such as amplitude, phase, polarization, large bandwidth, nonlinear transformations, quantum properties of photons, and multiplexing that can be combined in many ways to make information encryption more secure and more difficult to attack. This roadmap article presents an overview of the potential, recent advances, and challenges of optical security and encryption using free space optics. The roadmap on optical security is comprised of six categories that together include 16 short sections written by authors who have made relevant contributions in this field. The first category of this roadmap describes novel encryption approaches, including secure optical sensing which summarizes double random phase encryption applications and flaws [Yamaguchi], the digital holographic encryption in free space optical technique which describes encryption using multidimensional digital holography [Nomura], simultaneous encryption of multiple signals [Pérez-Cabré], asymmetric methods based on information truncation [Nishchal], and dynamic encryption of video sequences [Torroba]. Asymmetric and one-way cryptosystems are analyzed by Peng. The second category is on compression for encryption. In their respective contributions, Alfalou and Stern propose similar goals involving compressed data and compressive sensing encryption. The very important area of cryptanalysis is the topic of the third category with two sections: Sheridan reviews phase retrieval algorithms to perform different attacks, whereas Situ discusses nonlinear optical encryption techniques and the development of a rigorous optical information security theory. The fourth category with two contributions reports how encryption could be implemented at the nano- or micro-scale. Naruse discusses the use of nanostructures in security applications and Carnicer proposes encoding information in a tightly focused beam. In the fifth category, encryption based on ghost imaging using single-pixel detectors is also considered. In particular, the authors [Chen, Tajahuerce] emphasize the need for more specialized hardware and image processing algorithms. Finally, in the sixth category, Mosk and Javidi analyze in their corresponding papers how quantum imaging can benefit optical encryption systems. Sources that use few photons make encryption systems much more difficult to attack, providing a secure method for authentication.

Potential uses of a wireless network in physical security systems.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Witzke, Edward L.

2010-07-01

Many possible applications requiring or benefiting from a wireless network are available for bolstering physical security and awareness at high security installations or facilities. These enhancements are not always straightforward and may require careful analysis, selection, tuning, and implementation of wireless technologies. In this paper, an introduction to wireless networks and the task of enhancing physical security is first given. Next, numerous applications of a wireless network are brought forth. The technical issues that arise when using a wireless network to support these applications are then discussed. Finally, a summary is presented.

Develop 3G Application with The J2ME SATSA API

NASA Astrophysics Data System (ADS)

JunWu, Xu; JunLing, Liang

This paper describes research in the use of the Security and Trust Services API for J2ME (SATSA) to develop mobile applications. for 3G networks. SATSA defines a set of APIs that allows J2ME applications to communicate with and access functionality, secure storage and cryptographic operations provided by security elements such as smart cards and Wireless Identification Modules (WIM). A Java Card application could also work as an authentication module in a J2ME-based e-bank application. The e-bank application would allow its users to access their bank accounts using their cell phones.

LISA, the next generation: from a web-based application to a fat client.

PubMed

Pierlet, Noëlla; Aerts, Werner; Vanautgaerden, Mark; Van den Bosch, Bart; De Deurwaerder, André; Schils, Erik; Noppe, Thomas

2008-01-01

The LISA application, developed by the University Hospitals Leuven, permits referring physicians to consult the electronic medical records of their patients over the internet in a highly secure way. We decided to completely change the way we secured the application, discard the existing web application and build a completely new application, based on the in-house developed hospital information system, used in the University Hospitals Leuven. The result is a fat Java client, running on a Windows Terminal Server, secured by a commercial SSL-VPN solution.

The Internet: Past, Present, and Future.

ERIC Educational Resources Information Center

Galbreath, Jeremy, Ed.

1997-01-01

Examines the "reality behind the hype" surrounding the Internet. Discusses its early development; growth and present state; and key applications, including e-mail, voice/video telephony, integrated messaging, electronic commerce, the World Wide Web, and Web commerce, Intranet, Extranet; education and training; security; ownership; and…

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or affiliated...). [33 FR 18995, Dec. 20, 1968] Editorial Note: For Federal Register citations affecting Form X-15AA-1...

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or affiliated...). [33 FR 18995, Dec. 20, 1968] Editorial Note: For Federal Register citations affecting Form X-15AA-1...

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or affiliated...). [33 FR 18995, Dec. 20, 1968] Editorial Note: For Federal Register citations affecting Form X-15AA-1...

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or affiliated...). [33 FR 18995, Dec. 20, 1968] Editorial Note: For Federal Register citations affecting Form X-15AA-1...

17 CFR 249.801 - Form X-15AA-1, for application for registration as a national securities association or...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Form X-15AA-1, for application....801 Form X-15AA-1, for application for registration as a national securities association or affiliated...). [33 FR 18995, Dec. 20, 1968] Editorial Note: For Federal Register citations affecting Form X-15AA-1...

The (in)adequacy of applicative use of quantum cryptography in wireless sensor networks

NASA Astrophysics Data System (ADS)

Turkanović, Muhamed; Hölbl, Marko

2014-10-01

Recently quantum computation and cryptography principles are exploited in the design of security systems for wireless sensor networks (WSNs), which are consequently named as quantum WSN. Quantum cryptography is presumably secure against any eavesdropper and thus labeled as providing unconditional security. This paper tries to analyze the aspect of the applicative use of quantum principles in WSN. The outcome of the analysis elaborates a summary about the inadequacy of applicative use of quantum cryptography in WSN and presents an overview of all possible applicative challenges and problems while designing quantum-based security systems for WSN. Since WSNs are highly complex frameworks, with many restrictions and constraints, every security system has to be fully compatible and worthwhile. The aim of the paper was to contribute a verdict about this topic, backed up by equitable facts.

20 CFR 416.325 - When an application is considered filed.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false When an application is considered filed. 416.325 Section 416.325 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.325 When an application is...

20 CFR 416.325 - When an application is considered filed.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false When an application is considered filed. 416.325 Section 416.325 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.325 When an application is...

20 CFR 416.325 - When an application is considered filed.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false When an application is considered filed. 416.325 Section 416.325 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.325 When an application is...

20 CFR 416.325 - When an application is considered filed.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false When an application is considered filed. 416.325 Section 416.325 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.325 When an application is...

20 CFR 416.325 - When an application is considered filed.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false When an application is considered filed. 416.325 Section 416.325 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.325 When an application is...

20 CFR 416.315 - Who may sign an application.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Who may sign an application. 416.315 Section 416.315 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Applications § 416.315 Who may sign an application. We will...

17 CFR 41.43 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... such security future is a stock, the product of the daily settlement price of such security future as shown by any regularly published reporting or quotation service, and the applicable number of shares per... regulations applicable to financial relations between a security futures intermediary and a customer with...

49 CFR 1540.201 - Applicability and terms used in this subpart.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 9 2014-10-01 2014-10-01 false Applicability and terms used in this subpart. 1540.201 Section 1540.201 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY CIVIL AVIATION...

78 FR 26407 - Notice of an Application of W2007 Grace Acquisition I, Inc. Under Section 12(h) of the Securities...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-06

... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-69477; File No. 81-939] Notice of an Application of W2007 Grace Acquisition I, Inc. Under Section 12(h) of the Securities Exchange Act of 1934 April 30, 2013. The Securities and Exchange Commission gives notice that W2007 Grace Acquisition I, Inc...

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems

PubMed Central

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D.

2016-01-01

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems. PMID:27463718

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems.

PubMed

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D

2016-07-25

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems.

Application of Multi-Frequency Modulation (MFM) for High-Speed Data Communications to a Voice Frequency Channel

DTIC Science & Technology

1990-06-01

reader is cautioned that computer programs developed in this research may not have been exercised for all cases of interest. While every effort has been...Source of Funding Numbers _. Program Element No Project No I Task No I Work Unit Accession No 11 Title (Include security classflcation) APPLICATION OF...formats. Previous applications of these encoding formats were on industry standard computers (PC) over a 16-20 klIz channel. This report discusses the

The informatics superhighway: prototyping on the World Wide Web.

PubMed

Cimino, J J; Socratous, S A; Grewal, R

1995-01-01

We have experimented with developing a prototype Surgeon's Workstation which makes use of the World Wide Web client-server architecture. Although originally intended merely as a means for obtaining user feedback for use in designing a "real" system, the application has been adopted for use by our Department of Surgery. As they begin to use the application, they have suggested changes and we have responded. This paper illustrates some of the advantages we have found for prototyping with Web-based applications, including security aspects.

Developing the security culture at the SEISMED Reference Centres.

PubMed

Fowler, J

1996-01-01

The paper gives a brief summary of the SEISMED project and the particular role played by the Reference Centres. Details are given of the hardware and application systems in use in the Royal Hospitals (NHS) Trust (RHT), one of the SEISMED Reference Centres. It proposes, without verification, a definition of a Security Culture based on three criteria. These are suggested to be the "Awareness" the "Acceptance" and the "Actions" of the management and staff to improve Information Systems Security throughout the RHT. The way that "Awareness" was increased is shown by the specific initiatives commenced as a result of a CRAMM Risk Analysis and the management and staff training programmes. The specific initiatives mentioned include, an Information Systems Security Policy, a contingency and disaster recovery plan, improvements in the physical protection of equipment and changes to the method of access control. The "Acceptance" by the staff of these measures is considered and the success or failure of "Developing A Security Culture" examined. The role of SEISMED in this process is assessed.

Big data, little security: Addressing security issues in your platform

NASA Astrophysics Data System (ADS)

Macklin, Thomas; Mathews, Joseph

2017-05-01

This paper describes some patterns for information security problems that consistently emerge among traditional enterprise networks and applications, both with respect to cyber threats and data sensitivity. We draw upon cases from qualitative studies and interviews of system developers, network operators, and certifiers of military applications. Specifically, the problems discussed involve sensitivity of data aggregates, training efficacy, and security decision support in the human machine interface. While proven techniques can address many enterprise security challenges, we provide additional recommendations on how to further improve overall security posture, and suggest additional research thrusts to address areas where known gaps remain.

Summary Report for the Radiation Detection for Nuclear Security Summer School 2014

DOE Office of Scientific and Technical Information (OSTI.GOV)

Runkle, Robert C.; Baciak, James E.; Woodring, Mitchell L.

Executive Summary The Pacific Northwest National Laboratory (PNNL) hosted students from across the United States at the 3rd Radiation Detection for Nuclear Security Summer School from 16 – 27 June 2014. The summer school provided students with a unique understanding of nuclear security challenges faced in the field and exposed them to the technical foundations, analyses, and insight that will be required by future leaders in technology development and implementation. The course heavily emphasized laboratory and field demonstrations including direct measurements of special nuclear material. Student evaluations and feedback from student advisors indicates that the summer school achieved its objectivesmore » of 1) exposing students to the range of nuclear security applications for which radiation detection is necessary, 2) articulating the relevance of student research into the broader context, and 3) exciting students about the possibility of future careers in nuclear security. In fact, we are beginning to see previous students both enroll in graduate programs (former undergraduates) and complete internships at agencies like the National Nuclear Security Administration.« less

Bayesian truthing and experimental validation in homeland security and defense

NASA Astrophysics Data System (ADS)

Jannson, Tomasz; Forrester, Thomas; Wang, Wenjian; Kostrzewski, Andrew; Pradhan, Ranjit

2014-05-01

In this paper we discuss relations between Bayesian Truthing (experimental validation), Bayesian statistics, and Binary Sensing in the context of selected Homeland Security and Intelligence, Surveillance, Reconnaissance (ISR) optical and nonoptical application scenarios. The basic Figure of Merit (FoM) is Positive Predictive Value (PPV), as well as false positives and false negatives. By using these simple binary statistics, we can analyze, classify, and evaluate a broad variety of events including: ISR; natural disasters; QC; and terrorism-related, GIS-related, law enforcement-related, and other C3I events.

76 FR 3165 - Proposed Exemptions From Certain Prohibited Transaction Restrictions

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-19

...This document contains notices of pendency before the Department of Labor (the Department) of proposed exemptions from certain of the prohibited transaction restrictions of the Employee Retirement Income Security Act of 1974 (ERISA or the Act) and/or the Internal Revenue Code of 1986 (the Code). This notice includes the following proposed exemptions: D-11580, Robert W. Baird & Co. Incorporated and its Current and Future Affiliates and subsidiaries (collectively, Baird); and D-11611, Security Benefit Mutual Holding Company (MHC) Benefit Life Insurance Company (SBL, and together with the Applicants), et al.

20 CFR 422.525 - Where applications and other forms are available.

Code of Federal Regulations, 2014 CFR

2014-04-01

... available. 422.525 Section 422.525 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND... applications and related forms prescribed for use in the programs administered by the Social Security... described therein. All prescribed forms can be obtained upon request from any social security district...

20 CFR 422.525 - Where applications and other forms are available.

Code of Federal Regulations, 2010 CFR

2010-04-01

... available. 422.525 Section 422.525 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND... applications and related forms prescribed for use in the programs administered by the Social Security... described therein. All prescribed forms can be obtained upon request from any social security district...

20 CFR 422.525 - Where applications and other forms are available.

Code of Federal Regulations, 2011 CFR

2011-04-01

... available. 422.525 Section 422.525 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND... applications and related forms prescribed for use in the programs administered by the Social Security... described therein. All prescribed forms can be obtained upon request from any social security district...

20 CFR 422.525 - Where applications and other forms are available.

Code of Federal Regulations, 2012 CFR

2012-04-01

... available. 422.525 Section 422.525 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND... applications and related forms prescribed for use in the programs administered by the Social Security... described therein. All prescribed forms can be obtained upon request from any social security district...

20 CFR 422.525 - Where applications and other forms are available.

Code of Federal Regulations, 2013 CFR

2013-04-01

... available. 422.525 Section 422.525 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION AND... applications and related forms prescribed for use in the programs administered by the Social Security... described therein. All prescribed forms can be obtained upon request from any social security district...

75 FR 66429 - Proposed Collection; Comment Request for Form 8946

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-28

... PTIN Supplemental Application For Foreign Persons Without a Social Security Number. DATES: Written... Supplemental Application For Foreign Persons Without a Social Security Number. OMB Number: 1545-2189. Form... have a social security number, which will be used to help establish their identity. However, paid...

76 FR 14099 - Withdrawal of the Notice of Proposed Exemption Involving Owens & Minor, Inc. (the Applicant...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-15

... DEPARTMENT OF LABOR Employee Benefits Security Administration [Application Number D-11638.... Ivan L. Strasfeld, Director, Office of Exemption Determinations, Employee Benefits Security... Employee Retirement Income Security Act of 1974, as amended, and from certain taxes imposed by the Internal...

6 CFR 21.3 - Application.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Application. 21.3 Section 21.3 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION ON THE BASIS OF RACE, COLOR, OR NATIONAL ORIGIN IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE FROM THE DEPARTMENT OF...

6 CFR 21.3 - Application.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Application. 21.3 Section 21.3 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION ON THE BASIS OF RACE, COLOR, OR NATIONAL ORIGIN IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE FROM THE DEPARTMENT OF...

6 CFR 21.3 - Application.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 6 Domestic Security 1 2013-01-01 2013-01-01 false Application. 21.3 Section 21.3 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION ON THE BASIS OF RACE, COLOR, OR NATIONAL ORIGIN IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE FROM THE DEPARTMENT OF...

6 CFR 21.3 - Application.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Application. 21.3 Section 21.3 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION ON THE BASIS OF RACE, COLOR, OR NATIONAL ORIGIN IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE FROM THE DEPARTMENT OF...

6 CFR 21.3 - Application.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Application. 21.3 Section 21.3 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY NONDISCRIMINATION ON THE BASIS OF RACE, COLOR, OR NATIONAL ORIGIN IN PROGRAMS OR ACTIVITIES RECEIVING FEDERAL FINANCIAL ASSISTANCE FROM THE DEPARTMENT OF...

Diffractive optics in industry and research: novel components for optical security systems

NASA Astrophysics Data System (ADS)

Laakkonen, Pasi; Turunen, Jari; Pietarinen, Juha; Siitonen, Samuli; Laukkanen, Janne; Jefimovs, Konstantins; Orava, Joni; Ritala, Mikko; Pilvi, Tero; Tuovinen, Hemmo; Ventola, Kalle; Vallius, Tuomas; Kaipiainen, Matti; Kuittinen, Markku

2005-09-01

Design and manufacturing of diffractive optical elements (DOEs) are presented. Mass replication methods for DOEs are explained including UV-replication, micro-injection moulding and reel-to-reel production. Novel applications of diffractive optics including spectroscopic surface relief gratings, antireflection surfaces, infrared light rejection gratings, light incoupling into thin waveguides, and additive diffractive colour mixing are presented.

KENNEDY SPACE CENTER, FLA. - Researchers conduct underwater acoustic research in the Launch Complex 39 turn basin. Several government agencies, including NASA, NOAA, the Navy, the Coast Guard, and the Florida Fish and Wildlife Commission are involved in the testing. The research involves demonstrations of passive and active sensor technologies, with applications in fields ranging from marine biological research to homeland security. The work is also serving as a pilot project to assess the cooperation between the agencies involved. Equipment under development includes a passive acoustic monitor developed by NASA’s Jet Propulsion Laboratory, and mobile robotic sensors from the Navy’s Mobile Diving and Salvage Unit.

NASA Image and Video Library

2003-08-18

KENNEDY SPACE CENTER, FLA. - Researchers conduct underwater acoustic research in the Launch Complex 39 turn basin. Several government agencies, including NASA, NOAA, the Navy, the Coast Guard, and the Florida Fish and Wildlife Commission are involved in the testing. The research involves demonstrations of passive and active sensor technologies, with applications in fields ranging from marine biological research to homeland security. The work is also serving as a pilot project to assess the cooperation between the agencies involved. Equipment under development includes a passive acoustic monitor developed by NASA’s Jet Propulsion Laboratory, and mobile robotic sensors from the Navy’s Mobile Diving and Salvage Unit.

Multiple Object Based RFID System Using Security Level

NASA Astrophysics Data System (ADS)

Kim, Jiyeon; Jung, Jongjin; Ryu, Ukjae; Ko, Hoon; Joe, Susan; Lee, Yongjun; Kim, Boyeon; Chang, Yunseok; Lee, Kyoonha

2007-12-01

RFID systems are increasingly applied for operational convenience in wide range of industries and individual life. However, it is uneasy for a person to control many tags because common RFID systems have the restriction that a tag used to identify just a single object. In addition, RFID systems can make some serious problems in violation of privacy and security because of their radio frequency communication. In this paper, we propose a multiple object RFID tag which can keep multiple object identifiers for different applications in a same tag. The proposed tag allows simultaneous access for their pair applications. We also propose an authentication protocol for multiple object tag to prevent serious problems of security and privacy in RFID applications. Especially, we focus on efficiency of the authentication protocol by considering security levels of applications. In the proposed protocol, the applications go through different authentication procedures according to security level of the object identifier stored in the tag. We implemented the proposed RFID scheme and made experimental results about efficiency and stability for the scheme.

77 FR 14839 - Harris & Harris Group, Inc.; Notice of Application

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-13

... SECURITIES AND EXCHANGE COMMISSION [Investment Company Act Release No. 29976; 812-13313] Harris & Harris Group, Inc.; Notice of Application March 7, 2012. AGENCY: Securities and Exchange Commission... from section 23(c) of the Act. SUMMARY OF THE APPLICATION: Harris & Harris Group, Inc. (``Applicant...

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2012 CFR

2012-01-01

... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of... national security, and shall contain the following information to the fullest extent possible: (1... industry affected, including pertinent information regarding companies and their plants, locations...

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2013 CFR

2013-01-01

... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of... national security, and shall contain the following information to the fullest extent possible: (1... industry affected, including pertinent information regarding companies and their plants, locations...

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2011 CFR

2011-01-01

... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of... national security, and shall contain the following information to the fullest extent possible: (1... industry affected, including pertinent information regarding companies and their plants, locations...

15 CFR 705.5 - Request or application for an investigation.

Code of Federal Regulations, 2014 CFR

2014-01-01

... shall be filed with the Director, Office of Technology Evaluation, Room H-1093, U.S. Department of... national security, and shall contain the following information to the fullest extent possible: (1... industry affected, including pertinent information regarding companies and their plants, locations...

44 CFR 80.13 - Application information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... HOMELAND SECURITY INSURANCE AND HAZARD MITIGATION National Flood Insurance Program PROPERTY ACQUISITION AND... acquisition of property for the purpose of open space must include: (1) A photograph that represents the... language, which shall be consistent with the FEMA model deed restriction that the local government will...

77 FR 33794 - Self-Regulatory Organizations; The Options Clearing Corporation; Notice of Filing of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-07

... to explicitly include index-linked securities.\\5\\ \\4\\ ``NMS stock'' is defined in Rule 600(b)(47) of... to Certain Rules Applicable to Stock Futures June 1, 2012. Pursuant to Section 19(b)(1) of the... [[Page 33795

A sensor monitoring system for telemedicine, safety and security applications

NASA Astrophysics Data System (ADS)

Vlissidis, Nikolaos; Leonidas, Filippos; Giovanis, Christos; Marinos, Dimitrios; Aidinis, Konstantinos; Vassilopoulos, Christos; Pagiatakis, Gerasimos; Schmitt, Nikolaus; Pistner, Thomas; Klaue, Jirka

2017-02-01

A sensor system capable of medical, safety and security monitoring in avionic and other environments (e.g. homes) is examined. For application inside an aircraft cabin, the system relies on an optical cellular network that connects each seat to a server and uses a set of database applications to process data related to passengers' health, safety and security status. Health monitoring typically encompasses electrocardiogram, pulse oximetry and blood pressure, body temperature and respiration rate while safety and security monitoring is related to the standard flight attendance duties, such as cabin preparation for take-off, landing, flight in regions of turbulence, etc. In contrast to previous related works, this article focuses on the system's modules (medical and safety sensors and associated hardware), the database applications used for the overall control of the monitoring function and the potential use of the system for security applications. Further tests involving medical, safety and security sensing performed in an real A340 mock-up set-up are also described and reference is made to the possible use of the sensing system in alternative environments and applications, such as health monitoring within other means of transport (e.g. trains or small passenger sea vessels) as well as for remotely located home users, over a wired Ethernet network or the Internet.

The U.S. Government’s Employment of Private Security Companies Abroad

DTIC Science & Technology

2012-03-14

discharges by PSCs from May 2008 to February 2009. These incidents included reported responses to attacks and negligent discharges.36 Military...ICoC into contracts, enabling the use of contract law, other tort law and applicable criminal law to enforce those standards in court . . . Some...enforcement of these standards through applicable tort and criminal law.97 In conclusion, PSCs will likely remain a part of the Operational

ICRP Publication 125: Radiological Protection in Security Screening.

PubMed

Cool, D A; Lazo, E; Tattersall, P; Simeonov, G; Niu, S

2014-07-01

The use of technologies to provide security screening for individuals and objects has been increasing rapidly, in keeping with the significant increase in security concerns worldwide. Within the spectrum of technologies, the use of ionizing radiation to provide backscatter and transmission screening capabilities has also increased. The Commission has previously made a number of statements related to the general topic of deliberate exposures of individuals in non-medical settings. This report provides advice on how the radiological protection principles recommended by the Commission should be applied within the context of security screening. More specifically, the principles of justification, optimisation of protection, and dose limitation for planned exposure situations are directly applicable to the use of ionising radiation in security screening. In addition, several specific topics are considered in this report, including the situation in which individuals may be exposed because they are concealed (‘stowaways’) in a cargo container or conveyance that may be subject to screening. The Commission continues to recommend that careful justification of screening should be considered before decisions are made to employ the technology. If a decision is made that its use is justified, the framework for protection as a planned exposure situation should be employed, including optimization of protection with the use of dose constraints and the appropriate provisions for authorisation and inspection.

mCare: using secure mobile technology to support soldier reintegration and rehabilitation.

PubMed

Poropatich, Ronald K; Pavliscsak, Holly H; Tong, James C; Little, Jeanette R; McVeigh, Francis L

2014-06-01

The U.S. Army Medical Department conducted a pilot mobile health project to determine the requirements for coordination of care for "Wounded Warriors" using mobile messaging. The primary objective was to determine if a secure mobile health (mhealth) intervention provided to geographically dispersed patients would improve contact rates and positively impact the military healthcare system. Over 21 months, volunteers enrolled in a Health Insurance Portability and Accountability Act-compliant, secure mobile messaging initiative called mCare. The study included males and females, 18-61 years old, with a minimum of 60 days of outpatient recovery. Volunteers were required to have a compatible phone. The mhealth intervention included appointment reminders, health and wellness tips, announcements, and other relevant information to this population exchanged between care teams and patients. Provider respondents reported that 85% would refer patients to mCare, and 56% noted improvement in appointment attendance (n=90). Patient responses also revealed high acceptability of mCare and refined the frequency and delivery times (n=114). The pilot project resulted in over 84,000 outbound messages and improved contact rates by 176%. The mCare pilot project demonstrated the feasibility and administrative effectiveness of a scalable mhealth application using secure mobile messaging and information exchanges, including personalized patient education.

Security systems engineering overview

NASA Astrophysics Data System (ADS)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

Hybrid architecture for building secure sensor networks

NASA Astrophysics Data System (ADS)

Owens, Ken R., Jr.; Watkins, Steve E.

2012-04-01

Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

Ecological Monitoring and Compliance Program 2015 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hall, Derek B.; Ostler, W. Kent; Anderson, David C.

The Ecological Monitoring and Compliance Program (EMAC), funded through the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO), monitors the ecosystem of the Nevada National Security Site (NNSS) and ensures compliance with laws and regulations pertaining to NNSS biota. This report summarizes the program’s activities conducted by National Security Technologies, LLC (NSTec), during calendar year 2015. Program activities included (a) biological surveys at proposed activity sites, (b) desert tortoise compliance, (c) ecosystem monitoring, (d) sensitive plant species monitoring, (e) sensitive and protected/regulated animal monitoring, and (f) habitat restoration monitoring. During 2015, all applicable laws, regulations, andmore » permit requirements were met, enabling EMAC to achieve its intended goals and objectives.« less

Ecological Monitoring and Compliance Program 2013 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hall, Derek B.; Anderson, David C.; Greger, Paul D.

The Ecological Monitoring and Compliance Program (EMAC), funded through the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO, formerly Nevada Site Office), monitors the ecosystem of the Nevada National Security Site (NNSS) and ensures compliance with laws and regulations pertaining to NNSS biota. This report summarizes the program’s activities conducted by National Security Technologies, LLC (NSTec), during calendar year 2013. Program activities included (a) biological surveys at proposed activity sites, (b) desert tortoise compliance, (c) ecosystem monitoring, (d) sensitive plant species monitoring, (e) sensitive and protected/regulated animal monitoring, and (f) habitat restoration monitoring. During 2013, allmore » applicable laws, regulations, and permit requirements were met, enabling EMAC to achieve its intended goals and objectives.« less

Ecological Monitoring and Compliance Program 2011 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hansen, D. J.; Anderson, D. C.; Hall, D. B.

The Ecological Monitoring and Compliance (EMAC) Program, funded through the U.S. Department of Energy, National Nuclear Security Administration Nevada Site Office, monitors the ecosystem of the Nevada National Security Site and ensures compliance with laws and regulations pertaining to NNSS biota. This report summarizes the program's activities conducted by National Security Technologies, LLC, during calendar year 2011. Program activities included (a) biological surveys at proposed construction sites, (b) desert tortoise compliance, (c) ecosystem monitoring, (d) sensitive plant species monitoring, (e) sensitive and protected/regulated animal monitoring, (f) habitat restoration monitoring, and (g) monitoring of the Nonproliferation Test and Evaluation Complex. Duringmore » 2011, all applicable laws, regulations, and permit requirements were met, enabling EMAC to achieve its intended goals and objectives.« less

Ecological Monitoring and Compliance Program 2016 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hall, Derek; Perry, Jeanette; Ostler, W. Kent

The Ecological Monitoring and Compliance Program (EMAC), funded through the U.S. Department of Energy, National Nuclear Security Administration Nevada Field Office (NNSA/NFO), monitors the ecosystem of the Nevada National Security Site (NNSS) and ensures compliance with laws and regulations pertaining to NNSS biota. This report summarizes the program’s activities conducted by National Security Technologies, LLC (NSTec), during calendar year 2016. Program activities included (a) biological surveys at proposed activity sites, (b) desert tortoise compliance, (c) ecosystem monitoring, (d) sensitive plant species monitoring, (e) sensitive and protected/regulated animal monitoring, and (f) habitat restoration monitoring. During 2016, all applicable laws, regulations, andmore » permit requirements were met, enabling EMAC to achieve its intended goals and objectives.« less

75 FR 66428 - Proposed Collection; Comment Request for Form 8945

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-28

... PTIN Supplemental Application For U.S. Citizens Without A Social Security Number Due To Conscientious... Supplemental Application For U.S. Citizens Without A Social Security Number Due To Conscientious Reasons. OMB... Identification Number (PTIN) will have a social security number, which will be used to help establish their...

8 CFR 1003.47 - Identity, law enforcement, or security investigations or examinations relating to applications...

Code of Federal Regulations, 2010 CFR

2010-01-01

... 8 Aliens and Nationality 1 2010-01-01 2010-01-01 false Identity, law enforcement, or security investigations or examinations relating to applications for immigration relief, protection, or restriction on... Procedure § 1003.47 Identity, law enforcement, or security investigations or examinations relating to...

75 FR 34796 - Order Granting Application for Extension of a Temporary Conditional Exemption Pursuant to Section...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-18

... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-62280] Order Granting Application for Extension... International Securities Exchange, LLC Relating to the Ownership Interest of International Securities Exchange Holdings, Inc. in an Electronic Communications Network June 11, 2010. I. Introduction On December 22, 2008...

78 FR 17702 - Agency Information Collection Activities: Application for Action on an Approved Application or...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-22

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services [OMB Control Number 1615... Department of Homeland Security (DHS), U.S. Citizenship and Immigration Services (USCIS) invites the general....S. Citizenship and Immigration Services, Department of Homeland Security. [FR Doc. 2013-06582 Filed...

Neutron and Gamma Imaging for National Security Applications

NASA Astrophysics Data System (ADS)

Hornback, Donald

2017-09-01

The Department of Energy, National Nuclear Security Administration (NNSA), Office of Defense Nuclear Nonproliferation Research and Development (DNN R&D/NA-22) possesses, in part, the mission to develop technologies in support of nuclear security efforts in coordination with other U.S. government entities, such as the Department of Defense and the Department of Homeland Security. DNN R&D has long supported research in nuclear detection at national labs, universities, and through the small business innovation research (SBIR) program. Research topics supported include advanced detector materials and electronics, detection algorithm development, and advanced gamma/neutron detection systems. Neutron and gamma imaging, defined as the directional detection of radiation as opposed to radiography, provides advanced detection capabilities for the NNSA mission in areas of emergency response, international safeguards, and nuclear arms control treaty monitoring and verification. A technical and programmatic overview of efforts in this field of research will be summarized.

Derived virtual devices: a secure distributed file system mechanism

NASA Technical Reports Server (NTRS)

VanMeter, Rodney; Hotz, Steve; Finn, Gregory

1996-01-01

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

Home security system using internet of things

NASA Astrophysics Data System (ADS)

Anitha, A.

2017-11-01

IoT refers to the infrastructure of connected physical devices which is growing at a rapid rate as huge number of devices and objects are getting associated to the Internet. Home security is a very useful application of IoT and we are using it to create an inexpensive security system for homes as well as industrial use. The system will inform the owner about any unauthorized entry or whenever the door is opened by sending a notification to the user. After the user gets the notification, he can take the necessary actions. The security system will use a microcontroller known as Arduino Uno to interface between the components, a magnetic Reed sensor to monitor the status, a buzzer for sounding the alarm, and a WiFi module, ESP8266 to connect and communicate using the Internet. The main advantages of such a system includes the ease of setting up, lower costs and low maintenance.

Architecture of security management unit for safe hosting of multiple agents

NASA Astrophysics Data System (ADS)

Gilmont, Tanguy; Legat, Jean-Didier; Quisquater, Jean-Jacques

1999-04-01

In such growing areas as remote applications in large public networks, electronic commerce, digital signature, intellectual property and copyright protection, and even operating system extensibility, the hardware security level offered by existing processors is insufficient. They lack protection mechanisms that prevent the user from tampering critical data owned by those applications. Some devices make exception, but have not enough processing power nor enough memory to stand up to such applications (e.g. smart cards). This paper proposes an architecture of secure processor, in which the classical memory management unit is extended into a new security management unit. It allows ciphered code execution and ciphered data processing. An internal permanent memory can store cipher keys and critical data for several client agents simultaneously. The ordinary supervisor privilege scheme is replaced by a privilege inheritance mechanism that is more suited to operating system extensibility. The result is a secure processor that has hardware support for extensible multitask operating systems, and can be used for both general applications and critical applications needing strong protection. The security management unit and the internal permanent memory can be added to an existing CPU core without loss of performance, and do not require it to be modified.

20 CFR 416.355 - Withdrawal of an application.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Withdrawal of an application. 416.355 Section 416.355 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SUPPLEMENTAL SECURITY INCOME FOR THE AGED, BLIND, AND DISABLED Filing of Applications Withdrawal of Application § 416.355 Withdrawal of an...

Do You Ignore Information Security in Your Journal Website?

PubMed

Dadkhah, Mehdi; Borchardt, Glenn; Lagzian, Mohammad

2017-08-01

Nowadays, web-based applications extend to all businesses due to their advantages and easy usability. The most important issue in web-based applications is security. Due to their advantages, most academic journals are now using these applications, with papers being submitted and published through their websites. As these websites are resources for knowledge, information security is primary for maintaining their integrity. In this opinion piece, we point out vulnerabilities in certain websites and introduce the potential for future threats. We intend to present how some journals are vulnerable and what will happen if a journal can be infected by attackers. This opinion is not a technical manual in information security, it is a short inspection that we did to improve the security of academic journals.

Application of Framework for Integrating Safety, Security and Safeguards (3Ss) into the Design Of Used Nuclear Fuel Storage Facility

DOE Office of Scientific and Technical Information (OSTI.GOV)

Badwan, Faris M.; Demuth, Scott F

Department of Energy’s Office of Nuclear Energy, Fuel Cycle Research and Development develops options to the current commercial fuel cycle management strategy to enable the safe, secure, economic, and sustainable expansion of nuclear energy while minimizing proliferation risks by conducting research and development focused on used nuclear fuel recycling and waste management to meet U.S. needs. Used nuclear fuel is currently stored onsite in either wet pools or in dry storage systems, with disposal envisioned in interim storage facility and, ultimately, in a deep-mined geologic repository. The safe management and disposition of used nuclear fuel and/or nuclear waste is amore » fundamental aspect of any nuclear fuel cycle. Integrating safety, security, and safeguards (3Ss) fully in the early stages of the design process for a new nuclear facility has the potential to effectively minimize safety, proliferation, and security risks. The 3Ss integration framework could become the new national and international norm and the standard process for designing future nuclear facilities. The purpose of this report is to develop a framework for integrating the safety, security and safeguards concept into the design of Used Nuclear Fuel Storage Facility (UNFSF). The primary focus is on integration of safeguards and security into the UNFSF based on the existing Nuclear Regulatory Commission (NRC) approach to addressing the safety/security interface (10 CFR 73.58 and Regulatory Guide 5.73) for nuclear power plants. The methodology used for adaptation of the NRC safety/security interface will be used as the basis for development of the safeguards /security interface and later will be used as the basis for development of safety and safeguards interface. Then this will complete the integration cycle of safety, security, and safeguards. The overall methodology for integration of 3Ss will be proposed, but only the integration of safeguards and security will be applied to the design of the UNFSF. The framework for integration of safeguards and security into the UNFSF will include 1) identification of applicable regulatory requirements, 2) selection of a common system that share dual safeguard and security functions, 3) development of functional design criteria and design requirements for the selected system, 4) identification and integration of the dual safeguards and security design requirements, and 5) assessment of the integration and potential benefit.« less

Nanostructure based EO/IR sensor development for homeland security applications

NASA Astrophysics Data System (ADS)

Sood, Ashok K.; Welser, Roger E.; Sood, Adam W.; Puri, Yash R.; Manzur, Tariq; Dhar, Nibir K.; Polla, Dennis L.; Wang, Zhong L.; Wijewarnasuriya, Priyalal S.; Anwar, A. F. M.

2011-06-01

Next Generation EO/IR focal plane arrays using nanostructure materials are being developed for a variety of Defense and Homeland Security Sensor Applications. Several different nanomaterials are being evaluated for these applications. These include ZnO nanowires, GaN Nanowires and II-VI nanowires, which have demonstrated large signal to noise ratio as a wide band gap nanostructure material in the UV band. Similarly, the work is under way using Carbon Nanotubes (CNT) for a high speed detector and focal plane array as two-dimensional array as bolometer for IR bands of interest, which can be implemented for the sensors for homeland security applications. In this paper, we will discuss the sensor design and model predicting performance of an EO/IR focal plane array and Sensor that can cover the UV to IR bands of interest. The model can provide a robust means for comparing performance of the EO/IR FPA's and Sensors that can operate in the UV, Visible-NIR (0.4- 1.8μ), SWIR (2.0-2.5μ), MWIR (3-5μ), and LWIR bands (8-14μ). This model can be used as a tool for predicting performance of nanostructure arrays under development. We will also discuss our results on growth and characterization of ZnO nanowires and CNT's for the next generation sensor applications. We also present several approaches for integrated energy harvesting using nanostructure based solar cells and Nanogenerators that can be used to supplement the energy required for nanostructure based sensors.

Practice improvement, part II: update on patient communication technologies.

PubMed

Roett, Michelle A; Coleman, Mary Thoesen

2013-11-01

Patient portals (ie, secure web-based services for patient health record access) and secure messaging to health care professionals are gaining popularity slowly. Advantages of web portals include timely communication and instruction, access to appointments and other services, and high patient satisfaction. Limitations include inappropriate use, security considerations, organizational costs, and exclusion of patients who are uncomfortable with or unable to use computers. Attention to the organization's strategic plan and office policies, patient and staff expectations, workflow and communication integration, training, marketing, and enrollment can facilitate optimal use of this technology. Other communication technologies that can enhance patient care include automated voice or text reminders and brief electronic communications. Social media provide another method of patient outreach, but privacy and access are concerns. Incorporating telehealthcare (health care provided via telephone or Internet), providing health coaching, and using interactive health communication applications can improve patient knowledge and clinical outcomes and provide social support. Written permission from the American Academy of Family Physicians is required for reproduction of this material in whole or in part in any form or medium.

49 CFR 1544.235 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2014 CFR

2014-10-01

... airport security program applicable to their location, and the aircraft operator's security program to the... security-related duties. 1544.235 Section 1544.235 Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION...