Secure videoconferencing equipment switching system and method

DOEpatents

Dirks, David H; Gomes, Diane; Stewart, Corbin J; Fischer, Robert A

2013-04-30

Examples of systems described herein include videoconferencing systems having audio/visual components coupled to a codec. The codec may be configured by a control system. Communication networks having different security levels may be alternately coupled to the codec following appropriate configuration by the control system. The control system may also be coupled to the communication networks.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gilbert, Andrew J.; Miller, Brian W.; Robinson, Sean M.

Imaging technology is generally considered too invasive for arms control inspections due to the concern that it cannot properly secure sensitive features of the inspected item. However, this same sensitive information, which could include direct information on the form and function of the items under inspection, could be used for robust arms control inspections. The single-pixel X-ray imager (SPXI) is introduced as a method to make such inspections, capturing the salient spatial information of an object in a secure manner while never forming an actual image. The method is built on the theory of compressive sensing and the single pixelmore » optical camera. The performance of the system is quantified here using simulated inspections of simple objects. Measures of the robustness and security of the method are introduced and used to determine how such an inspection would be made which can maintain high robustness and security. In particular, it is found that an inspection with low noise (<1%) and high undersampling (>256×) exhibits high robustness and security.« less

Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

PubMed

Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

2017-05-01

This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

Enterotoxin Vaccine Delivery System With Bioadherence. Phase 1.

DTIC Science & Technology

1995-12-05

Microencapsulation 33 Bioadhesive Biodegradable 16. PRICE CODE Perorally Controlled Delivery 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFICATION 19. SECURITY...this magnitude requires a delivery system configured with a bioadhesive polymer that integrates the surface of the microcapsules and the mucosa. SBIR...integrates the surface of the microcapsules and the mucosa. SBIR Phase I Program efforts focused on the development of the most feasible method(s) for

The method of a joint intraday security check system based on cloud computing

NASA Astrophysics Data System (ADS)

Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

2017-01-01

The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

Secure videoconferencing equipment switching system and method

DOEpatents

Hansen, Michael E [Livermore, CA

2009-01-13

A switching system and method are provided to facilitate use of videoconference facilities over a plurality of security levels. The system includes a switch coupled to a plurality of codecs and communication networks. Audio/Visual peripheral components are connected to the switch. The switch couples control and data signals between the Audio/Visual peripheral components and one but nor both of the plurality of codecs. The switch additionally couples communication networks of the appropriate security level to each of the codecs. In this manner, a videoconferencing facility is provided for use on both secure and non-secure networks.

How Attitude toward the Behavior, Subjective Norm, and Perceived Behavioral Control Affects Information Security Behavior Intention

ERIC Educational Resources Information Center

Johnson, David P.

2017-01-01

The education sector is at high risk for information security (InfoSec) breaches and in need of improved security practices. Achieving data protections cannot be through technical means alone. Addressing the human behavior factor is required. Security education, training, and awareness (SETA) programs are an effective method of addressing human…

Controlled quantum secure direct communication by entanglement distillation or generalized measurement

NASA Astrophysics Data System (ADS)

Tan, Xiaoqing; Zhang, Xiaoqian

2016-05-01

We propose two controlled quantum secure communication schemes by entanglement distillation or generalized measurement. The sender Alice, the receiver Bob and the controllers David and Cliff take part in the whole schemes. The supervisors David and Cliff can control the information transmitted from Alice to Bob by adjusting the local measurement angles θ _4 and θ _3. Bob can verify his secret information by classical one-way function after communication. The average amount of information is analyzed and compared for these two methods by MATLAB. The generalized measurement is a better scheme. Our schemes are secure against some well-known attacks because classical encryption and decoy states are used to ensure the security of the classical channel and the quantum channel.

A game-theoretical approach to multimedia social networks security.

PubMed

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders.

A Game-Theoretical Approach to Multimedia Social Networks Security

PubMed Central

Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

2014-01-01

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders. PMID:24977226

A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs

NASA Astrophysics Data System (ADS)

Elahi, Golnaz; Yu, Eric

In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Recently, there is increasing acknowledgement that security is ultimately about trade-offs. One can only aim for "good enough" security, given the competing demands from many parties. In this paper, we examine how conceptual modeling can provide explicit and systematic support for analyzing security trade-offs. After considering the desirable criteria for conceptual modeling methods, we examine several existing approaches for dealing with security trade-offs. From analyzing the limitations of existing methods, we propose an extension to the i* framework for security trade-off analysis, taking advantage of its multi-agent and goal orientation. The method was applied to several case studies used to exemplify existing approaches.

Investigating Item Exposure Control Methods in Computerized Adaptive Testing

ERIC Educational Resources Information Center

Ozturk, Nagihan Boztunc; Dogan, Nuri

2015-01-01

This study aims to investigate the effects of item exposure control methods on measurement precision and on test security under various item selection methods and item pool characteristics. In this study, the Randomesque (with item group sizes of 5 and 10), Sympson-Hetter, and Fade-Away methods were used as item exposure control methods. Moreover,…

The relationship between human security, demand for arms and disarmament in the horn of Africa.

PubMed

Gebrewold, Kiflemariam

2002-01-01

The drive to find security through possession of weapons is linked to the history and culture of a social group. Amongst pastoralists in the Horn of Africa there is a failure of security through state systems such as police and the recent replacement of less-lethal traditional weapons by small arms and other light weapons. A warrior or vendetta culture with these arms leads to violent inter-clan clashes with many casualties, although traditional methods of weapons control still seem operational within clans. Understanding the drive to seek weapons is essential in finding ways to control their use. Improving the capacities of the police must come hand in hand with human rights training and an end to corruption. Further work is required on how traditional methods of arms control can be co-operatively linked with state controls.

Secure distribution for high resolution remote sensing images

NASA Astrophysics Data System (ADS)

Liu, Jin; Sun, Jing; Xu, Zheng Q.

2010-09-01

The use of remote sensing images collected by space platforms is becoming more and more widespread. The increasing value of space data and its use in critical scenarios call for adoption of proper security measures to protect these data against unauthorized access and fraudulent use. In this paper, based on the characteristics of remote sensing image data and application requirements on secure distribution, a secure distribution method is proposed, including users and regions classification, hierarchical control and keys generation, and multi-level encryption based on regions. The combination of the three parts can make that the same remote sensing images after multi-level encryption processing are distributed to different permission users through multicast, but different permission users can obtain different degree information after decryption through their own decryption keys. It well meets user access control and security needs in the process of high resolution remote sensing image distribution. The experimental results prove the effectiveness of the proposed method which is suitable for practical use in the secure transmission of remote sensing images including confidential information over internet.

Access Control based on Attribute Certificates for Medical Intranet Applications

PubMed Central

Georgiadis, Christos; Pangalos, George; Khair, Marie

2001-01-01

Background Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. Objectives To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. Methods We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Results Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Conclusions Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy. PMID:11720951

A secure transmission scheme of streaming media based on the encrypted control message

NASA Astrophysics Data System (ADS)

Li, Bing; Jin, Zhigang; Shu, Yantai; Yu, Li

2007-09-01

As the use of streaming media applications increased dramatically in recent years, streaming media security becomes an important presumption, protecting the privacy. This paper proposes a new encryption scheme in view of characteristics of streaming media and the disadvantage of the living method: encrypt the control message in the streaming media with the high security lever and permute and confuse the data which is non control message according to the corresponding control message. Here the so-called control message refers to the key data of the streaming media, including the streaming media header and the header of the video frame, and the seed key. We encrypt the control message using the public key encryption algorithm which can provide high security lever, such as RSA. At the same time we make use of the seed key to generate key stream, from which the permutation list P responding to GOP (group of picture) is derived. The plain text of the non-control message XORs the key stream and gets the middle cipher text. And then obtained one is permutated according to P. In contrast the decryption process is the inverse process of the above. We have set up a testbed for the above scheme and found our scheme is six to eight times faster than the conventional method. It can be applied not only between PCs but also between handheld devices.

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

PubMed

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-07-24

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

Distributed clinical data sharing via dynamic access-control policy transformation.

PubMed

Rezaeibagha, Fatemeh; Mu, Yi

2016-05-01

Data sharing in electronic health record (EHR) systems is important for improving the quality of healthcare delivery. Data sharing, however, has raised some security and privacy concerns because healthcare data could be potentially accessible by a variety of users, which could lead to privacy exposure of patients. Without addressing this issue, large-scale adoption and sharing of EHR data are impractical. The traditional solution to the problem is via encryption. Although encryption can be applied to access control, it is not applicable for complex EHR systems that require multiple domains (e.g. public and private clouds) with various access requirements. This study was carried out to address the security and privacy issues of EHR data sharing with our novel access-control mechanism, which captures the scenario of the hybrid clouds and need of access-control policy transformation, to provide secure and privacy-preserving data sharing among different healthcare enterprises. We introduce an access-control mechanism with some cryptographic building blocks and present a novel approach for secure EHR data sharing and access-control policy transformation in EHR systems for hybrid clouds. We propose a useful data sharing system for healthcare providers to handle various EHR users who have various access privileges in different cloud environments. A systematic study has been conducted on data sharing in EHR systems to provide a solution to the security and privacy issues. In conclusion, we introduce an access-control method for privacy protection of EHRs and EHR policy transformation that allows an EHR access-control policy to be transformed from a private cloud to a public cloud. This method has never been studied previously in the literature. Furthermore, we provide a protocol to demonstrate policy transformation as an application scenario. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.

This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

Obfuscated authentication systems, devices, and methods

DOEpatents

Armstrong, Robert C; Hutchinson, Robert L

2013-10-22

Embodiments of the present invention are directed toward authentication systems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

Cyber security risk assessment for SCADA and DCS networks.

PubMed

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

NASA Astrophysics Data System (ADS)

Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

2016-12-01

Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

Via generalized function projective synchronization in nonlinear Schrödinger equation for secure communication

NASA Astrophysics Data System (ADS)

Zhao, L. W.; Du, J. G.; Yin, J. L.

2018-05-01

This paper proposes a novel secured communication scheme in a chaotic system by applying generalized function projective synchronization of the nonlinear Schrödinger equation. This phenomenal approach guarantees a secured and convenient communication. Our study applied the Melnikov theorem with an active control strategy to suppress chaos in the system. The transmitted information signal is modulated into the parameter of the nonlinear Schrödinger equation in the transmitter and it is assumed that the parameter of the receiver system is unknown. Based on the Lyapunov stability theory and the adaptive control technique, the controllers are designed to make two identical nonlinear Schrödinger equation with the unknown parameter asymptotically synchronized. The numerical simulation results of our study confirmed the validity, effectiveness and the feasibility of the proposed novel synchronization method and error estimate for a secure communication. The Chaos masking signals of the information communication scheme, further guaranteed a safer and secured information communicated via this approach.

Finding a needle in a haystack: toward a psychologically informed method for aviation security screening.

PubMed

Ormerod, Thomas C; Dando, Coral J

2015-02-01

Current aviation security systems identify behavioral indicators of deception to assess risks to flights, but they lack a strong psychological basis or empirical validation. We present a new method that tests the veracity of passenger accounts. In an in vivo double-blind randomized-control trial conducted in international airports, security agents detected 66% of deceptive passengers using the veracity test method compared with less than 5% using behavioral indicator recognition. As well as revealing advantages of veracity testing over behavioral indicator identification, the study provides the highest levels to date of deception detection in a realistic setting where the known base rate of deceptive individuals is low.

A Pilot Examination of the Methods Used to Counteract Insider Threat Security Risks Associated with the Use of Radioactive Materials in the Research and Clinical Setting.

PubMed

Tsenov, B G; Emery, R J; Whitehead, L W; Gonzalez, J Reingle; Gemeinhardt, G L

2018-03-01

While many organizations maintain multiple layers of security control methodologies to prevent outsiders from gaining unauthorized access, persons such as employees or contractors who have been granted legitimate access can represent an "insider threat" risk. Interestingly, some of the most notable radiological events involving the purposeful contamination or exposure of individuals appear to have been perpetrated by insiders. In the academic and medical settings, radiation safety professionals focus their security efforts on (1) ensuring controls are in place to prevent unauthorized access or removal of sources, and (2) increasing security controls for the unescorted accessing of large sources of radioactivity (known as "quantities of concern"). But these controls may not completely address the threat insiders represent when radioactive materials below these quantities are present. The goal of this research project was to characterize the methodologies currently employed to counteract the insider security threat for the misuse or purposeful divergence of radioactive materials used in the academic and medical settings. A web-based survey was used to assess how practicing radiation safety professionals in academic and medical settings anticipate, evaluate, and control insider threat security risks within their institutions. While all respondents indicated that radioactive sources are being used in amounts below quantities of concern, only 6 % consider insider threat security issues as part of the protocol review for the use of general radioactive materials. The results of this survey identify several opportunities for improvement for institutions to address security gaps.

On the verification of intransitive noninterference in mulitlevel security.

PubMed

Ben Hadj-Alouane, Nejib; Lafrance, Stéphane; Lin, Feng; Mullins, John; Yeddes, Mohamed Moez

2005-10-01

We propose an algorithmic approach to the problem of verification of the property of intransitive noninterference (INI), using tools and concepts of discrete event systems (DES). INI can be used to characterize and solve several important security problems in multilevel security systems. In a previous work, we have established the notion of iP-observability, which precisely captures the property of INI. We have also developed an algorithm for checking iP-observability by indirectly checking P-observability for systems with at most three security levels. In this paper, we generalize the results for systems with any finite number of security levels by developing a direct method for checking iP-observability, based on an insightful observation that the iP function is a left congruence in terms of relations on formal languages. To demonstrate the applicability of our approach, we propose a formal method to detect denial of service vulnerabilities in security protocols based on INI. This method is illustrated using the TCP/IP protocol. The work extends the theory of supervisory control of DES to a new application domain.

Verification of Security Policy Enforcement in Enterprise Systems

NASA Astrophysics Data System (ADS)

Gupta, Puneet; Stoller, Scott D.

Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request’s path through the system; and its enforcement point and enforcement mechanism may be unspecified. Enforcement of a high-level policy may depend on the system architecture and the configurations of a variety of security mechanisms, such as firewalls, host login permissions, file permissions, DBMS access control, and application-specific security mechanisms. This paper presents a framework in which all of these can be conveniently and formally expressed, a method to verify that a high-level policy is enforced, and an algorithm to determine a trusted computing base for each resource.

Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

NASA Technical Reports Server (NTRS)

1985-01-01

The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

PubMed Central

Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

2017-01-01

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

Facilitating Secure Sharing of Personal Health Data in the Cloud

PubMed Central

Nepal, Surya; Glozier, Nick

2016-01-01

Background Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. Objective This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. Methods We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). Results We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. Conclusions We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors. PMID:27234691

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems

PubMed Central

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D.

2016-01-01

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems. PMID:27463718

Computation and Communication Evaluation of an Authentication Mechanism for Time-Triggered Networked Control Systems.

PubMed

Martins, Goncalo; Moondra, Arul; Dubey, Abhishek; Bhattacharjee, Anirban; Koutsoukos, Xenofon D

2016-07-25

In modern networked control applications, confidentiality and integrity are important features to address in order to prevent against attacks. Moreover, network control systems are a fundamental part of the communication components of current cyber-physical systems (e.g., automotive communications). Many networked control systems employ Time-Triggered (TT) architectures that provide mechanisms enabling the exchange of precise and synchronous messages. TT systems have computation and communication constraints, and with the aim to enable secure communications in the network, it is important to evaluate the computational and communication overhead of implementing secure communication mechanisms. This paper presents a comprehensive analysis and evaluation of the effects of adding a Hash-based Message Authentication (HMAC) to TT networked control systems. The contributions of the paper include (1) the analysis and experimental validation of the communication overhead, as well as a scalability analysis that utilizes the experimental result for both wired and wireless platforms and (2) an experimental evaluation of the computational overhead of HMAC based on a kernel-level Linux implementation. An automotive application is used as an example, and the results show that it is feasible to implement a secure communication mechanism without interfering with the existing automotive controller execution times. The methods and results of the paper can be used for evaluating the performance impact of security mechanisms and, thus, for the design of secure wired and wireless TT networked control systems.

Uncertainty-based Estimation of the Secure Range for ISO New England Dynamic Interchange Adjustment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Etingov, Pavel V.; Makarov, Yuri V.; Wu, Di

2014-04-14

The paper proposes an approach to estimate the secure range for dynamic interchange adjustment, which assists system operators in scheduling the interchange with neighboring control areas. Uncertainties associated with various sources are incorporated. The proposed method is implemented in the dynamic interchange adjustment (DINA) tool developed by Pacific Northwest National Laboratory (PNNL) for ISO New England. Simulation results are used to validate the effectiveness of the proposed method.

High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified physical and logical process model of the CPS. Specifically, three main tasks are discussed in this presentation: (i) we first investigate diverse granularity of the interactions inside the CPS and propose feasible cyber attack models to characterize the compromised behavior of the CPS with various measures, from its severity to detectability; (ii) based on this risk information, our approach to securing the CPS addresses both monitoring of and high assurance control design against cyber attacks by developing on-line safety assessment and mitigation algorithms; and (iii) by extending the developed theories and methods from a single CPS to multiple CPSs, we examine the security and safety of multi-CPS network that are strongly dependent on the network topology, cooperation protocols between individual CPSs, etc. The effectiveness of the analytical findings is demonstrated and validated with illustrative examples, especially unmanned aircraft system (UAS) applications.

Secure Cryptographic Key Management System (CKMS) Considerations for Smart Grid Devices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Aldridge, Hal

2011-01-01

In this paper, we examine some unique challenges associated with key management in the Smart Grid and concomitant research initiatives: 1) effectively model security requirements and their implementations, and 2) manage keys and key distribution for very large scale deployments such as Smart Meters over a long period of performance. This will set the stage to: 3) develop innovative, low cost methods to protect keying material, and 4) provide high assurance authentication services. We will present our perspective on key management and will discuss some key issues within the life cycle of a cryptographic key designed to achieve the following:more » 1) control systems designed, installed, operated, and maintained to survive an intentional cyber assault with no loss of critical function, and 2) widespread implementation of methods for secure communication between remote access devices and control centers that are scalable and cost-effective to deploy.« less

Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).

PubMed

Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie

2017-10-30

Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

Aviation Security, Risk Assessment, and Risk Aversion for Public Decisionmaking

ERIC Educational Resources Information Center

Stewart, Mark G.; Mueller, John

2013-01-01

This paper estimates risk reductions for each layer of security designed to prevent commercial passenger airliners from being commandeered by terrorists, kept under control for some time, and then crashed into specific targets. Probabilistic methods are used to characterize the uncertainty of rates of deterrence, detection, and disruption, as well…

The hack attack - Increasing computer system awareness of vulnerability threats

NASA Technical Reports Server (NTRS)

Quann, John; Belford, Peter

1987-01-01

The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).

Cyber Security and Resilient Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments tomore » date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the next generation fighter jets or nuclear material safeguards systems in complex nuclear fuel cycle facilities. It is the intent of this paper to describe the cyber security programs that are currently in place, the experiences and successes achieved in industry including outreach and training, and suggestions about how other sectors and organizations can leverage this national expertise to help their monitoring and control systems become more secure.« less

Integrated Controlling System and Unified Database for High Throughput Protein Crystallography Experiments

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gaponov, Yu.A.; Igarashi, N.; Hiraki, M.

2004-05-12

An integrated controlling system and a unified database for high throughput protein crystallography experiments have been developed. Main features of protein crystallography experiments (purification, crystallization, crystal harvesting, data collection, data processing) were integrated into the software under development. All information necessary to perform protein crystallography experiments is stored (except raw X-ray data that are stored in a central data server) in a MySQL relational database. The database contains four mutually linked hierarchical trees describing protein crystals, data collection of protein crystal and experimental data processing. A database editor was designed and developed. The editor supports basic database functions to view,more » create, modify and delete user records in the database. Two search engines were realized: direct search of necessary information in the database and object oriented search. The system is based on TCP/IP secure UNIX sockets with four predefined sending and receiving behaviors, which support communications between all connected servers and clients with remote control functions (creating and modifying data for experimental conditions, data acquisition, viewing experimental data, and performing data processing). Two secure login schemes were designed and developed: a direct method (using the developed Linux clients with secure connection) and an indirect method (using the secure SSL connection using secure X11 support from any operating system with X-terminal and SSH support). A part of the system has been implemented on a new MAD beam line, NW12, at the Photon Factory Advanced Ring for general user experiments.« less

'Known Secure Sensor Measurements' for Critical Infrastructure Systems: Detecting Falsification of System State

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miles McQueen; Annarita Giani

2011-09-01

This paper describes a first investigation on a low cost and low false alarm, reliable mechanism for detecting manipulation of critical physical processes and falsification of system state. We call this novel mechanism Known Secure Sensor Measurements (KSSM). The method moves beyond analysis of network traffic and host based state information, in fact it uses physical measurements of the process being controlled to detect falsification of state. KSSM is intended to be incorporated into the design of new, resilient, cost effective critical infrastructure control systems. It can also be included in incremental upgrades of already in- stalled systems for enhancedmore » resilience. KSSM is based on known secure physical measurements for assessing the likelihood of an attack and will demonstrate a practical approach to creating, transmitting, and using the known secure measurements for detection.« less

Security Issues for Mobile Medical Imaging: A Primer.

PubMed

Choudhri, Asim F; Chatterjee, Arindam R; Javan, Ramin; Radvany, Martin G; Shih, George

2015-10-01

The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager-controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field. © RSNA, 2015.

Research on offense and defense technology for iOS kernel security mechanism

NASA Astrophysics Data System (ADS)

Chu, Sijun; Wu, Hao

2018-04-01

iOS is a strong and widely used mobile device system. It's annual profits make up about 90% of the total profits of all mobile phone brands. Though it is famous for its security, there have been many attacks on the iOS operating system, such as the Trident apt attack in 2016. So it is important to research the iOS security mechanism and understand its weaknesses and put forward targeted protection and security check framework. By studying these attacks and previous jailbreak tools, we can see that an attacker could only run a ROP code and gain kernel read and write permissions based on the ROP after exploiting kernel and user layer vulnerabilities. However, the iOS operating system is still protected by the code signing mechanism, the sandbox mechanism, and the not-writable mechanism of the system's disk area. This is far from the steady, long-lasting control that attackers expect. Before iOS 9, breaking these security mechanisms was usually done by modifying the kernel's important data structures and security mechanism code logic. However, after iOS 9, the kernel integrity protection mechanism was added to the 64-bit operating system and none of the previous methods were adapted to the new versions of iOS [1]. But this does not mean that attackers can not break through. Therefore, based on the analysis of the vulnerability of KPP security mechanism, this paper implements two possible breakthrough methods for kernel security mechanism for iOS9 and iOS10. Meanwhile, we propose a defense method based on kernel integrity detection and sensitive API call detection to defense breakthrough method mentioned above. And we make experiments to prove that this method can prevent and detect attack attempts or invaders effectively and timely.

Secured web-based video repository for multicenter studies

PubMed Central

Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H. A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

2015-01-01

Background We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Methods Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. Results This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. Conclusions We believe our system can be a model for similar projects that require access to common video resources. PMID:25630890

Three-Dimensional Transient Natural Convection in a Horizontal Cylinder: A Numerical Analysis

DTIC Science & Technology

1980-02-01

A11D 03 _________ 14. MNITORNG AGNCY AME&AORESS(it different from Controlling Office) IS. SECURITY CLASS. (of this report) -~Th /UNCLASSIFIED AISa . OECL...method for the vorticity and - DD IjANඑ 1473 EDITION OF I NOV6 SS OBSOLETE UNCLASSIFIED SECURITY CLASSIFICATION Of THIS PACE,n bt. Nte, -’ ’..r&IeI

Believing Your Eyes: Strengthening the Reliability of Tags and Seals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brim, Cornelia P.; Denlinger, Laura S.

2013-07-01

NNSA’s Office of Nonproliferation and International Security (NIS) is working together with scientific experts at the DOE national laboratories to develop the tools needed to safeguard and secure nuclear material from diversion, theft, and sabotage--tasks critical to support future arms control treaties that may involve the new challenge of monitoring nuclear weapons dismantlement. Use of optically stimulated luminescent material is one method to enhance the security and robustness of existing tamper indicating devices such as tags and seals.

Enterprise systems security management: a framework for breakthrough protection

NASA Astrophysics Data System (ADS)

Farroha, Bassam S.; Farroha, Deborah L.

2010-04-01

Securing the DoD information network is a tremendous task due to its size, access locations and the amount of network intrusion attempts on a daily basis. This analysis investigates methods/architecture options to deliver capabilities for secure information sharing environment. Crypto-binding and intelligent access controls are basic requirements for secure information sharing in a net-centric environment. We introduce many of the new technology components to secure the enterprise. The cooperative mission requirements lead to developing automatic data discovery and data stewards granting access to Cross Domain (CD) data repositories or live streaming data. Multiple architecture models are investigated to determine best-of-breed approaches including SOA and Private/Public Clouds.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wheeler, Timothy A.; Denman, Matthew R.; Williams, R. A.

Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities.more » iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.« less

Towards an Approach of Semantic Access Control for Cloud Computing

NASA Astrophysics Data System (ADS)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

A Conditional Exposure Control Method for Multidimensional Adaptive Testing

ERIC Educational Resources Information Center

Finkelman, Matthew; Nering, Michael L.; Roussos, Louis A.

2009-01-01

In computerized adaptive testing (CAT), ensuring the security of test items is a crucial practical consideration. A common approach to reducing item theft is to define maximum item exposure rates, i.e., to limit the proportion of examinees to whom a given item can be administered. Numerous methods for controlling exposure rates have been proposed…

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education

PubMed Central

2013-01-01

Background Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient’s TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Methods Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO’s standard for information security risk management. Results A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Conclusions Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy. PMID:23937965

Privacy and information security risks in a technology platform for home-based chronic disease rehabilitation and education.

PubMed

Henriksen, Eva; Burkow, Tatjana M; Johnsen, Elin; Vognild, Lars K

2013-08-09

Privacy and information security are important for all healthcare services, including home-based services. We have designed and implemented a prototype technology platform for providing home-based healthcare services. It supports a personal electronic health diary and enables secure and reliable communication and interaction with peers and healthcare personnel. The platform runs on a small computer with a dedicated remote control. It is connected to the patient's TV and to a broadband Internet. The platform has been tested with home-based rehabilitation and education programs for chronic obstructive pulmonary disease and diabetes. As part of our work, a risk assessment of privacy and security aspects has been performed, to reveal actual risks and to ensure adequate information security in this technical platform. Risk assessment was performed in an iterative manner during the development process. Thus, security solutions have been incorporated into the design from an early stage instead of being included as an add-on to a nearly completed system. We have adapted existing risk management methods to our own environment, thus creating our own method. Our method conforms to ISO's standard for information security risk management. A total of approximately 50 threats and possible unwanted incidents were identified and analysed. Among the threats to the four information security aspects: confidentiality, integrity, availability, and quality; confidentiality threats were identified as most serious, with one threat given an unacceptable level of High risk. This is because health-related personal information is regarded as sensitive. Availability threats were analysed as low risk, as the aim of the home programmes is to provide education and rehabilitation services; not for use in acute situations or for continuous health monitoring. Most of the identified threats are applicable for healthcare services intended for patients or citizens in their own homes. Confidentiality risks in home are different from in a more controlled environment such as a hospital; and electronic equipment located in private homes and communicating via Internet, is more exposed to unauthorised access. By implementing the proposed measures, it has been possible to design a home-based service which ensures the necessary level of information security and privacy.

Security analysis of cyber-physical system

NASA Astrophysics Data System (ADS)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

Prototype of smart office system using based security system

NASA Astrophysics Data System (ADS)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

Dynamic video encryption algorithm for H.264/AVC based on a spatiotemporal chaos system.

PubMed

Xu, Hui; Tong, Xiao-Jun; Zhang, Miao; Wang, Zhu; Li, Ling-Hao

2016-06-01

Video encryption schemes mostly employ the selective encryption method to encrypt parts of important and sensitive video information, aiming to ensure the real-time performance and encryption efficiency. The classic block cipher is not applicable to video encryption due to the high computational overhead. In this paper, we propose the encryption selection control module to encrypt video syntax elements dynamically which is controlled by the chaotic pseudorandom sequence. A novel spatiotemporal chaos system and binarization method is used to generate a key stream for encrypting the chosen syntax elements. The proposed scheme enhances the resistance against attacks through the dynamic encryption process and high-security stream cipher. Experimental results show that the proposed method exhibits high security and high efficiency with little effect on the compression ratio and time cost.

Security, protection, and control of power systems with large-scale wind power penetration

NASA Astrophysics Data System (ADS)

Acharya, Naresh

As the number of wind generation facilities in the utility system is fast increasing, many issues associated with their integration into the power system are beginning to emerge. Of the various issues, this dissertation deals with the development of new concepts and computational methods to handle the transmission issues and voltage issues caused by large-scale integration of wind turbines. This dissertation also formulates a probabilistic framework for the steady-state security assessment of wind power incorporating the forecast uncertainty and correlation. Transmission issues are mainly related to the overloading of transmission lines, when all the wind power generated cannot be delivered in full due to prior outage conditions. To deal with this problem, a method to curtail the wind turbine outputs through Energy Management System facilities in the on-line operational environment is proposed. The proposed method, which is based on linear optimization, sends the calculated control signals via the Supervisory Control and Data Acquisition system to wind farm controllers. The necessary ramping of the wind farm outputs is implemented either by the appropriate blade pitch angle control at the turbine level or by switching a certain number of turbines. The curtailment strategy is tested with an equivalent system model of MidAmerican Energy Company. The results show that the line overload in high wind areas can be alleviated by controlling the outputs of the wind farms step-by-step over an allowable period of time. A low voltage event during a system fault can cause a large number of wind turbines to trip, depending on voltages at the wind turbine terminals during the fault and the under-voltage protection setting of wind turbines. As a result, an N-1 contingency may evolve into an N-(K+1) contingency, where K is the number of wind farms tripped due to low voltage conditions. Losing a large amount of wind power following a line contingency might lead to system instabilities. It is important for the system operator to be aware of such limiting events during system operation and be prepared to take proper control actions. This can be achieved by incorporating the wind farm tripping status for each contingency as part of the static security assessment. A methodology to calculate voltages at the wind farm buses during a worst case line fault is proposed, which, along with the protection settings of wind turbines, can be used to determine the tripping of wind farms. The proposed algorithm is implemented in MATLAB and tested with MidAmerican Energy reduced network. The result shows that a large amount of wind capacity can be tripped due to a fault in the lines. Therefore, the technique will find its application in the static security assessment where each line fault can be associated with the tripping of wind farms as determined from the proposed method. A probabilistic framework to handle the uncertainty in day-ahead forecast error in order to correctly assess the steady-state security of the power system is presented. Stochastic simulations are conducted by means of Latin hypercube sampling along with the consideration of correlations. The correlation is calculated from the historical distribution of wind power forecast errors. The results from the deterministic simulation based on point forecast and the stochastic simulation show that security assessment based solely on deterministic simulations can lead to incorrect assessment of system security. With stochastic simulations, each outcome can be assigned a probability and the decision regarding control actions can be made based on the associated probability.

Security Hardened Cyber Components for Nuclear Power Plants: Phase I SBIR Final Technical Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Franusich, Michael D.

SpiralGen, Inc. built a proof-of-concept toolkit for enhancing the cyber security of nuclear power plants and other critical infrastructure with high-assurance instrumentation and control code. The toolkit is based on technology from the DARPA High-Assurance Cyber Military Systems (HACMS) program, which has focused on applying the science of formal methods to the formidable set of problems involved in securing cyber physical systems. The primary challenges beyond HACMS in developing this toolkit were to make the new technology usable by control system engineers and compatible with the regulatory and commercial constraints of the nuclear power industry. The toolkit, packaged as amore » Simulink add-on, allows a system designer to assemble a high-assurance component from formally specified and proven blocks and generate provably correct control and monitor code for that subsystem.« less

Facilitating Secure Sharing of Personal Health Data in the Cloud.

PubMed

Thilakanathan, Danan; Calvo, Rafael A; Chen, Shiping; Nepal, Surya; Glozier, Nick

2016-05-27

Internet-based applications are providing new ways of promoting health and reducing the cost of care. Although data can be kept encrypted in servers, the user does not have the ability to decide whom the data are shared with. Technically this is linked to the problem of who owns the data encryption keys required to decrypt the data. Currently, cloud service providers, rather than users, have full rights to the key. In practical terms this makes the users lose full control over their data. Trust and uptake of these applications can be increased by allowing patients to feel in control of their data, generally stored in cloud-based services. This paper addresses this security challenge by providing the user a way of controlling encryption keys independently of the cloud service provider. We provide a secure and usable system that enables a patient to share health information with doctors and specialists. We contribute a secure protocol for patients to share their data with doctors and others on the cloud while keeping complete ownership. We developed a simple, stereotypical health application and carried out security tests, performance tests, and usability tests with both students and doctors (N=15). We developed the health application as an app for Android mobile phones. We carried out the usability tests on potential participants and medical professionals. Of 20 participants, 14 (70%) either agreed or strongly agreed that they felt safer using our system. Using mixed methods, we show that participants agreed that privacy and security of health data are important and that our system addresses these issues. We presented a security protocol that enables patients to securely share their eHealth data with doctors and nurses and developed a secure and usable system that enables patients to share mental health information with doctors.

Finite Energy and Bounded Attacks on Control System Sensor Signals

DOE Office of Scientific and Technical Information (OSTI.GOV)

Djouadi, Seddik M; Melin, Alexander M; Ferragut, Erik M

Control system networks are increasingly being connected to enterprise level networks. These connections leave critical industrial controls systems vulnerable to cyber-attacks. Most of the effort in protecting these cyber-physical systems (CPS) has been in securing the networks using information security techniques and protection and reliability concerns at the control system level against random hardware and software failures. However, besides these failures the inability of information security techniques to protect against all intrusions means that the control system must be resilient to various signal attacks for which new analysis and detection methods need to be developed. In this paper, sensor signalmore » attacks are analyzed for observer-based controlled systems. The threat surface for sensor signal attacks is subdivided into denial of service, finite energy, and bounded attacks. In particular, the error signals between states of attack free systems and systems subject to these attacks are quantified. Optimal sensor and actuator signal attacks for the finite and infinite horizon linear quadratic (LQ) control in terms of maximizing the corresponding cost functions are computed. The closed-loop system under optimal signal attacks are provided. Illustrative numerical examples are provided together with an application to a power network with distributed LQ controllers.« less

Secure Embedded System Design Methodologies for Military Cryptographic Systems

DTIC Science & Technology

2016-03-31

Fault- Tree Analysis (FTA); Built-In Self-Test (BIST) Introduction Secure access-control systems restrict operations to authorized users via methods...failures in the individual software/processor elements, the question of exactly how unlikely is difficult to answer. Fault- Tree Analysis (FTA) has a...Collins of Sandia National Laboratories for years of sharing his extensive knowledge of Fail-Safe Design Assurance and Fault- Tree Analysis

A Two Step Method to Treat Variable Winds in Fallout Smearing Codes.

DTIC Science & Technology

1982-03-01

measurement netowrk was modest. However, the southward curvature was verified by data from inhabited atolls (Rongerik and Rongelap) downwind of the...Pi and the American Nuclear Society. Permanent Address: 12 Whipple Street Lewiston, Maine 04240 124 UNCLASSIFIED- SECURITY CLASSIFICATION OF THIS PAGE...Controlling Office) 15. SECURITY CLASS. (of this report) UNCLASSIFIED IS. DECLASStFICATIO’OOWNGRAODHG SCHEDULE 16. DISTRIBUTION STATEMENT (of this

Fast Computation and Assessment Methods in Power System Analysis

NASA Astrophysics Data System (ADS)

Nagata, Masaki

Power system analysis is essential for efficient and reliable power system operation and control. Recently, online security assessment system has become of importance, as more efficient use of power networks is eagerly required. In this article, fast power system analysis techniques such as contingency screening, parallel processing and intelligent systems application are briefly surveyed from the view point of their application to online dynamic security assessment.

Impacts of U.S. Export Control Policies on Science and Technology Activities and Competitiveness

DTIC Science & Technology

2009-02-25

coffee table. However, under the current export control regime, the stand was considered ‘ITAR hardware’ and we were required to have two security...should survive without an effective method for pruning items from the control lists when they no longer serve a significant definable national

Controlling Item Exposure Conditional on Ability in Computerized Adaptive Testing.

ERIC Educational Resources Information Center

Stocking, Martha L.; Lewis, Charles

1998-01-01

Ensuring item and pool security in a continuous testing environment is explored through a new method of controlling exposure rate of items conditional on ability level in computerized testing. Properties of this conditional control on exposure rate, when used in conjunction with a particular adaptive testing algorithm, are explored using simulated…

An effective and secure key-management scheme for hierarchical access control in E-medicine system.

PubMed

Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

2013-04-01

Recently several hierarchical access control schemes are proposed in the literature to provide security of e-medicine systems. However, most of them are either insecure against 'man-in-the-middle attack' or they require high storage and computational overheads. Wu and Chen proposed a key management method to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem. Though their scheme improves computational efficiency over Nikooghadam et al.'s approach, it suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication. Recently, Nikooghadam and Zakerolhosseini showed that Wu-Chen's scheme is vulnerable to man-in-the-middle attack. In order to remedy this security weakness in Wu-Chen's scheme, they proposed a secure scheme which is again based on ECC (elliptic curve cryptography) and efficient one-way hash function. However, their scheme incurs huge computational cost for providing verification of public information in the public domain as their scheme uses ECC digital signature which is costly when compared to symmetric-key cryptosystem. In this paper, we propose an effective access control scheme in user hierarchy which is only based on symmetric-key cryptosystem and efficient one-way hash function. We show that our scheme reduces significantly the storage space for both public and private domains, and computational complexity when compared to Wu-Chen's scheme, Nikooghadam-Zakerolhosseini's scheme, and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against different attacks and also man-in-the-middle attack. Moreover, dynamic access control problems in our scheme are also solved efficiently compared to other related schemes, making our scheme is much suitable for practical applications of e-medicine systems.

Sliding Mode Approaches for Robust Control, State Estimation, Secure Communication, and Fault Diagnosis in Nuclear Systems

NASA Astrophysics Data System (ADS)

Ablay, Gunyaz

Using traditional control methods for controller design, parameter estimation and fault diagnosis may lead to poor results with nuclear systems in practice because of approximations and uncertainties in the system models used, possibly resulting in unexpected plant unavailability. This experience has led to an interest in development of robust control, estimation and fault diagnosis methods. One particularly robust approach is the sliding mode control methodology. Sliding mode approaches have been of great interest and importance in industry and engineering in the recent decades due to their potential for producing economic, safe and reliable designs. In order to utilize these advantages, sliding mode approaches are implemented for robust control, state estimation, secure communication and fault diagnosis in nuclear plant systems. In addition, a sliding mode output observer is developed for fault diagnosis in dynamical systems. To validate the effectiveness of the methodologies, several nuclear plant system models are considered for applications, including point reactor kinetics, xenon concentration dynamics, an uncertain pressurizer model, a U-tube steam generator model and a coupled nonlinear nuclear reactor model.

Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

NASA Astrophysics Data System (ADS)

Taha, Ahmad Fayez

Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input observers---observers/estimators for uncertain CPSs---are designed such that the effect of time-delays and cyber-induced perturbations are minimized, enabling secure DSE and risk mitigation in the first two parts. The final part deals with the extreme time-scales encompassed in CPSs, generally, and smart grids, specifically. Operational decisions for long time-scales can adversely affect the security of CPSs for faster time-scales. We present a model that jointly describes steady-state operation and transient stability by combining convex optimal power flow with semidefinite programming formulations of an optimal control problem. This approach can be jointly utilized with the aforementioned parts of the dissertation work, considering time-delays and DSE. The research contributions of this dissertation furnish CPS stakeholders with insights on the design and operation of uncertain CPSs, whilst guaranteeing the system's real-time safety. Finally, although many of the results of this dissertation are tailored to power systems, the results are general enough to be applied for a variety of uncertain CPSs.

Patient-Controlled Attribute-Based Encryption for Secure Electronic Health Records System.

PubMed

Eom, Jieun; Lee, Dong Hoon; Lee, Kwangsu

2016-12-01

In recent years, many countries have been trying to integrate electronic health data managed by each hospital to offer more efficient healthcare services. Since health data contain sensitive information of patients, there have been much research that present privacy preserving mechanisms. However, existing studies either require a patient to perform various steps to secure the data or restrict the patient to exerting control over the data. In this paper, we propose patient-controlled attribute-based encryption, which enables a patient (a data owner) to control access to the health data and reduces the operational burden for the patient, simultaneously. With our method, the patient has powerful control capability of his/her own health data in that he/she has the final say on the access with time limitation. In addition, our scheme provides emergency medical services which allow the emergency staffs to access the health data without the patient's permission only in the case of emergencies. We prove that our scheme is secure under cryptographic assumptions and analyze its efficiency from the patient's perspective.

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

PubMed Central

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Security analysis and improvements of authentication and access control in the Internet of Things.

PubMed

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

Method for secure electronic voting system: face recognition based approach

NASA Astrophysics Data System (ADS)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

Extending key sharing: how to generate a key tightly coupled to a network security policy

NASA Astrophysics Data System (ADS)

Kazantzidis, Matheos

2006-04-01

Current state of the art security policy technologies, besides the small scale limitation and largely manual nature of accompanied management methods, are lacking a) in real-timeliness of policy implementation and b) vulnerabilities and inflexibility stemming from the centralized policy decision making; even if, for example, a policy description or access control database is distributed, the actual decision is often a centralized action and forms a system single point of failure. In this paper we are presenting a new fundamental concept that allows implement a security policy by a systematic and efficient key distribution procedure. Specifically, we extend the polynomial Shamir key splitting. According to this, a global key is split into n parts, any k of which can re-construct the original key. In this paper we present a method that instead of having "any k parts" be able to re-construct the original key, the latter can only be reconstructed if keys are combined as any access control policy describes. This leads into an easily deployable key generation procedure that results a single key per entity that "knows" its role in the specific access control policy from which it was derived. The system is considered efficient as it may be used to avoid expensive PKI operations or pairwise key distributions as well as provides superior security due to its distributed nature, the fact that the key is tightly coupled to the policy, and that policy change may be implemented easier and faster.

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners..., DISTRIBUTORS, AND DISPENSERS OF CONTROLLED SUBSTANCES Security Requirements § 1301.73 Physical security... adequate security for the area or building. If such security requires an alarm, such alarm, upon...

A Secure and Efficient Handover Authentication Protocol for Wireless Networks

PubMed Central

Wang, Weijia; Hu, Lei

2014-01-01

Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an efficient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable efficiency features of PairHand, but enjoys the provable security in the random oracle model. PMID:24971471

Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

PubMed

Smith, Alan D

2009-01-01

Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

School Securitization and Latina/o Educational Progress

ERIC Educational Resources Information Center

Peguero, Anthony A.; Portillos, Edwardo L.; González, Juan Carlos

2015-01-01

Increasing control and security has become a common strategy to address school violence. Some argue, however, that increasing social control has detrimental consequences for racial and ethnic minorities, especially Latinas/os. This study utilizes mixed methods to research the influence of school justice, fairness, order, and discipline may have on…

How much does the Supplemental Nutrition Assistance Program alleviate food insecurity? Evidence from recent programme leavers.

PubMed

Nord, Mark

2012-05-01

To estimate the effect of the US Supplemental Nutrition Assistance Program (SNAP) on the food security (consistent access to adequate food) of recipients, net of the effect of the self-selection of more food-needy households into the programme. The food security of current SNAP recipients and recent leavers is compared in cross-sectional survey data, adjusting for economic and demographic differences using multivariate logistic regression methods. A similar analysis in 2-year longitudinal panels provides additional control for selection on unobserved variables based on food security status in the previous year. Household survey data collected for the US Department of Agriculture by the US Census Bureau. Households interviewed in the Current Population Survey Food Security Supplements from 2001 to 2009. The odds of very low food security among households that continued on SNAP through the end of a survey year were 28 % lower than among those that left SNAP prior to the 30-d period during which food security was assessed. In 2-year panels with controls for the severity of food insecurity in the previous year, the difference in odds was 45 %. The results are consistent with, or somewhat higher than, the estimates from the strongest previous research designs and suggest that the ameliorative effect of SNAP on very low food security is in the range of 20-50 %.

75 FR 71790 - Second Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held December 9, 2010...

75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

76 FR 9632 - Fifth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-18

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held March 10, 2011, from...

76 FR 3931 - Fourth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-21

... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 Meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held February 8, 2011...

75 FR 61819 - First Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-06

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held November 2, 2010...

76 FR 16470 - Sixth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-23

... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems DATES: The meeting will be held April 13, 2011, from...

Methods and protocol of a mixed method quasi-experiment to evaluate the effects of a structural economic and food security intervention on HIV vulnerability in rural Malawi: The SAGE4Health Study.

PubMed

Weinhardt, Lance S; Galvao, Loren W; Mwenyekonde, Thokozani; Grande, Katarina M; Stevens, Patricia; Yan, Alice F; Mkandawire-Valhmu, Lucy; Masanjala, Winford; Kibicho, Jennifer; Ngui, Emmanuel; Emer, Lindsay; Watkins, Susan C

2014-01-01

Poverty and lack of a predictable, stable source of food are two fundamental determinants of ill health, including HIV/AIDS. Conversely, episodes of poor health and death from HIV can disrupt the ability to maintain economic stability in affected households, especially those that rely on subsistence farming. However, little empirical research has examined if, and how, improvements in people's economic status and food security translate into changes in HIV vulnerability. In this paper, we describe in detail the methods and protocol of an academic-NGO collaboration on a quasi-experimental, longitudinal study of the mechanisms and magnitude of the impact of a multilevel economic and food security program (Support to Able-Bodied Vulnerable Groups to Achieve Food Security; SAFE), as implemented by CARE. Primary outcomes include HIV vulnerability (i.e., HIV risk behaviors, HIV infection), economic status (i.e., income, household assets) and food security (including anthropometric measures). We recruited participants from two types of areas of rural central Malawi: traditional authorities (TA) selected by CARE to receive the SAFE program (intervention group) and TAs receiving other unrelated CARE programming (controls). In the intervention TAs, we recruited 598 program participants (398 women, 200 men) and interviewed them at baseline and 18- and 36-month follow-ups; we interviewed 301 control households. In addition, we conducted random surveys (n = 1002) in the intervention and control areas with a 36-month assessment interval, prior to and after implementation of SAFE. Thus, we are examining intervention outcomes both in direct SAFE program participants and their larger communities. We are using multilevel modeling to examine mediators and moderators of the effects of SAFE on HIV outcomes at the individual and community levels and determine the ways in which changes in HIV outcomes feed back into economic outcomes and food security at later interviews. Finally, we are conducting a qualitative end-of-program evaluation consisting of in-depth interviews with 90 SAFE participants. In addition to examining pathways linking structural factors to HIV vulnerability, this research will yield important information for understanding the impact of a multilevel environmental/structural intervention on HIV, with the potential for other sustainable long-term public health benefits.

75 FR 8759 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-25

... rule proposal methods. The FOCUS Report was designed to eliminate the overlapping regulatory reports... SECURITIES AND EXCHANGE COMMISSION [Rule 17a-5; SEC File No. 270-155; OMB Control No. 3235-0123... currently valid control number. Rule 17a-5 (17 CFR 240.17a-5) is the basic financial reporting rule for...

Field testing of tele-operation versus shared and traded control for military assets: an evaluation involving real-time embedded simulation and soldier assessment

NASA Astrophysics Data System (ADS)

Metcalfe, Jason S.; Alban, Jillyn; Cosenzo, Keryl; Johnson, Tony; Capstick, Erin

2010-04-01

Those applying autonomous technologies to military systems strive to enhance human-robot and robot-robot performance. Beyond performance, the military must be concerned with local area security. Characterized as "secure mobility", military systems must enable safe and effective terrain traversal concurrent with maintenance of situational awareness (SA). One approach to interleaving these objectives is supervisory control, with popular options being shared and traded control. Yet, with the scale and expense of military assets, common technical issues such as transition time and safeguarding become critical; especially as they interact with Soldier capabilities. Study is required to enable selection of control methods that optimize Soldier-system performance while safeguarding both individually. The current report describes a study utilizing experimental military vehicles and simulation systems enabling teleoperation and supervisory control. Automated triggering of SA demands was interspersed with a set of challenging driving maneuvers in a 'teleoperation-like' context to examine the influence of supervisory control on Soldier-system performance. Results indicated that direct application of supervisory control, while beneficial under particular demands, requires continued development to be perceived by Soldiers as useful. Future efforts should more tightly couple the information exchanged between the Soldier and system to overcome current challenges not addressed by standard control methods.

Adaptive synchronisation of memristor-based neural networks with leakage delays and applications in chaotic masking secure communication

NASA Astrophysics Data System (ADS)

Liu, Jian; Xu, Rui

2018-04-01

Chaotic synchronisation has caused extensive attention due to its potential application in secure communication. This paper is concerned with the problem of adaptive synchronisation for two different kinds of memristor-based neural networks with time delays in leakage terms. By applying set-valued maps and differential inclusions theories, synchronisation criteria are obtained via linear matrix inequalities technique, which guarantee drive system being synchronised with response system under adaptive control laws. Finally, a numerical example is given to illustrate the feasibility of our theoretical results, and two schemes for secure communication are introduced based on chaotic masking method.

Securing All intraVenous devices Effectively in hospitalised patients—the SAVE trial: study protocol for a multicentre randomised controlled trial

PubMed Central

Rickard, Claire M; Marsh, Nicole; Webster, Joan; Playford, E Geoffrey; McGrail, Matthew R; Larsen, Emily; Keogh, Samantha; McMillan, David; Whitty, Jennifer A; Choudhury, Md Abu; Dunster, Kimble R; Reynolds, Heather; Marshall, Andrea; Crilly, Julia; Young, Jeanine; Thom, Ogilvie; Gowardman, John; Corley, Amanda; Fraser, John F

2015-01-01

Introduction Over 70% of all hospital admissions have a peripheral intravenous device (PIV) inserted; however, the failure rate of PIVs is unacceptably high, with up to 69% of these devices failing before treatment is complete. Failure can be due to dislodgement, phlebitis, occlusion/infiltration and/or infection. This results in interrupted medical therapy; painful phlebitis and reinsertions; increased hospital length of stay, morbidity and mortality from infections; and wasted medical/nursing time. Appropriate PIV dressing and securement may prevent many cases of PIV failure, but little comparative data exist regarding the efficacy of various PIV dressing and securement methods. This trial will investigate the clinical and cost-effectiveness of 4 methods of PIV dressing and securement in preventing PIV failure. Methods and analysis A multicentre, parallel group, superiority randomised controlled trial with 4 arms, 3 experimental groups (tissue adhesive, bordered polyurethane dressing, sutureless securement device) and 1 control (standard polyurethane dressing) is planned. There will be a 3-year recruitment of 1708 adult patients, with allocation concealment until randomisation by a centralised web-based service. The primary outcome is PIV failure which includes any of: dislodgement, occlusion/infiltration, phlebitis and infection. Secondary outcomes include: types of PIV failure, PIV dwell time, costs, device colonisation, skin colonisation, patient and staff satisfaction. Relative incidence rates of device failure per 100 devices and per 1000 device days with 95% CIs will summarise the impact of each dressing, and test differences between groups. Kaplan-Meier survival curves (with log-rank Mantel-Cox test) will compare device failure over time. p Values of <0.05 will be considered significant. Secondary end points will be compared between groups using parametric or non-parametric techniques appropriate to level of measurement. Ethics and dissemination Ethical approval has been received from Queensland Health (HREC/11/QRCH/152) and Griffith University (NRS/46/11/HREC). Results will be published according to the CONSORT statement and presented at relevant conferences. Trial registration number Australian New Zealand Clinical Trial Registry (ACTRN); 12611000769987. PMID:26399574

Secure Utilization of Beacons and UAVs in Emergency Response Systems for Building Fire Hazard

PubMed Central

Seo, Seung-Hyun; Choi, Jung-In; Song, Jinseok

2017-01-01

An intelligent emergency system for hazard monitoring and building evacuation is a very important application area in Internet of Things (IoT) technology. Through the use of smart sensors, such a system can provide more vital and reliable information to first-responders and also reduce the incidents of false alarms. Several smart monitoring and warning systems do already exist, though they exhibit key weaknesses such as a limited monitoring coverage and security, which have not yet been sufficiently addressed. In this paper, we propose a monitoring and emergency response method for buildings by utilizing beacons and Unmanned Aerial Vehicles (UAVs) on an IoT security platform. In order to demonstrate the practicability of our method, we also implement a proof of concept prototype, which we call the UAV-EMOR (UAV-assisted Emergency Monitoring and Response) system. Our UAV-EMOR system provides the following novel features: (1) secure communications between UAVs, smart sensors, the control server and a smartphone app for security managers; (2) enhanced coordination between smart sensors and indoor/outdoor UAVs to expand real-time monitoring coverage; and (3) beacon-aided rescue and building evacuation. PMID:28946659

Secure Utilization of Beacons and UAVs in Emergency Response Systems for Building Fire Hazard.

PubMed

Seo, Seung-Hyun; Choi, Jung-In; Song, Jinseok

2017-09-25

An intelligent emergency system for hazard monitoring and building evacuation is a very important application area in Internet of Things (IoT) technology. Through the use of smart sensors, such a system can provide more vital and reliable information to first-responders and also reduce the incidents of false alarms. Several smart monitoring and warning systems do already exist, though they exhibit key weaknesses such as a limited monitoring coverage and security, which have not yet been sufficiently addressed. In this paper, we propose a monitoring and emergency response method for buildings by utilizing beacons and Unmanned Aerial Vehicles (UAVs) on an IoT security platform. In order to demonstrate the practicability of our method, we also implement a proof of concept prototype, which we call the UAV-EMOR (UAV-assisted Emergency Monitoring and Response) system. Our UAV-EMOR system provides the following novel features: (1) secure communications between UAVs, smart sensors, the control server and a smartphone app for security managers; (2) enhanced coordination between smart sensors and indoor/outdoor UAVs to expand real-time monitoring coverage; and (3) beacon-aided rescue and building evacuation.

Alerting device and method for reminding a person of a risk

DOEpatents

Runyon, Larry [Richland, WA; Gunter, Wayne M [West Richland, WA; Pratt, Richard M [Richland, WA

2001-11-27

An alerting device and method to remind personnel of a risk is disclosed. The device has at least two sensors, a logic controller, a power source, and an annunciator that delivers a visual message, with or without an audible alarm, about a risk to a person when the sensors detect the person exiting a predetermined space. In particular, the present invention reminds a person of a security, safety, or health risk upon exiting a predetermined space. More particularly, the present invention reminds a person of an information security risk relating to sensitive, proprietary, confidential, trade secret, classified, or intellectual property information.

Aerial surveillance vehicles augment security at shipping ports

NASA Astrophysics Data System (ADS)

Huck, Robert C.; Al Akkoumi, Muhammad K.; Cheng, Samuel; Sluss, James J., Jr.; Landers, Thomas L.

2008-10-01

With the ever present threat to commerce, both politically and economically, technological innovations provide a means to secure the transportation infrastructure that will allow efficient and uninterrupted freight-flow operations for trade. Currently, freight coming into United States ports is "spot checked" upon arrival and stored in a container yard while awaiting the next mode of transportation. For the most part, only fences and security patrols protect these container storage yards. To augment these measures, the authors propose the use of aerial surveillance vehicles equipped with video cameras and wireless video downlinks to provide a birds-eye view of port facilities to security control centers and security patrols on the ground. The initial investigation described in this paper demonstrates the use of unmanned aerial surveillance vehicles as a viable method for providing video surveillance of container storage yards. This research provides the foundation for a follow-on project to use autonomous aerial surveillance vehicles coordinated with autonomous ground surveillance vehicles for enhanced port security applications.

[The control of foodstuffs at the beginning of 1993].

PubMed

Babusiaux, C

1992-11-01

The 1st January 1993 the frontiers between the Member States of the European Community and the customs controls will disappear. The abolition of this type of control won't affect the food security. The french administration has strong legal rules to ensure the protection of consumer's health. The regulations prepared by European Community in order to allow the free circulation of goods also ensure a high level of consumer's protection. In case of harmonization, each Member state keeps some rights when there are risks for consumer's health. In absence of community regulations the principal of mutual acknowledgement aiming to avoid the barriers to trade can then not be applied for health and security necessities. The authorities controls are now resolutely inserted in an european context: priority to controls during production, harmonized methods of intervention to promote the required acknowledgement of controls enforced in each Member state, involvement in an european alert system, and development of the cooperation between the national administrative authorities of inspection. Regarding the matter of food security the authorities need the assistance of the scientific community and of its national and international representative organisations. They take an essential part in diagnosing, emergency and advice during the elaboration of regulations. Their power should be even greater with the implementation of the european scientific cooperation.

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

49 CFR 1542.207 - Access control systems.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Transportation Other Regulations Relating to Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.207 Access control... original access medium, if the airport operator follows measures and procedures in the security program...

Chaos based video encryption using maps and Ikeda time delay system

NASA Astrophysics Data System (ADS)

Valli, D.; Ganesan, K.

2017-12-01

Chaos based cryptosystems are an efficient method to deal with improved speed and highly secured multimedia encryption because of its elegant features, such as randomness, mixing, ergodicity, sensitivity to initial conditions and control parameters. In this paper, two chaos based cryptosystems are proposed: one is the higher-dimensional 12D chaotic map and the other is based on the Ikeda delay differential equation (DDE) suitable for designing a real-time secure symmetric video encryption scheme. These encryption schemes employ a substitution box (S-box) to diffuse the relationship between pixels of plain video and cipher video along with the diffusion of current input pixel with the previous cipher pixel, called cipher block chaining (CBC). The proposed method enhances the robustness against statistical, differential and chosen/known plain text attacks. Detailed analysis is carried out in this paper to demonstrate the security and uniqueness of the proposed scheme.

Prescribers' expectations and barriers to electronic prescribing of controlled substances

PubMed Central

Kim, Meelee; McDonald, Ann; Kreiner, Peter; Kelleher, Stephen J; Blackman, Michael B; Kaufman, Peter N; Carrow, Grant M

2011-01-01

Objective To better understand barriers associated with the adoption and use of electronic prescribing of controlled substances (EPCS), a practice recently established by US Drug Enforcement Administration regulation. Materials and methods Prescribers of controlled substances affiliated with a regional health system were surveyed regarding current electronic prescribing (e-prescribing) activities, current prescribing of controlled substances, and expectations and barriers to the adoption of EPCS. Results 246 prescribers (response rate of 64%) represented a range of medical specialties, with 43.1% of these prescribers current users of e-prescribing for non-controlled substances. Reported issues with controlled substances included errors, pharmacy call-backs, and diversion; most prescribers expected EPCS to address many of these problems, specifically reduce medical errors, improve work flow and efficiency of practice, help identify prescription diversion or misuse, and improve patient treatment management. Prescribers expected, however, that it would be disruptive to practice, and over one-third of respondents reported that carrying a security authentication token at all times would be so burdensome as to discourage adoption. Discussion Although adoption of e-prescribing has been shown to dramatically reduce medication errors, challenges to efficient processes and errors still persist from the perspective of the prescriber, that may interfere with the adoption of EPCS. Most prescribers regarded EPCS security measures as a small or moderate inconvenience (other than carrying a security token), with advantages outweighing the burden. Conclusion Prescribers are optimistic about the potential for EPCS to improve practice, but view certain security measures as a burden and potential barrier. PMID:21946239

A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol

PubMed Central

2014-01-01

Background Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. Methods/Design This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. Discussion The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention may be most suitable when offered in a clinical psychiatric outpatient context. Trial registration Current Controlled Trials ISRCTN88988596 PMID:24476106

Analyzing Cases of Resilience Success and Failure - A Research Study

DTIC Science & Technology

2012-12-01

controls [NIST 2012, NIST 2008] ISO 27002 and ISO 27004 Guidelines for initiating, implementing, maintaining, and improving information security...Commission ( ISO /IEC). Information technology—Security techniques—Code of practice for information security management ( ISO /IEC 27002 :2005). ISO /IEC, 2005...security management system and controls or groups of controls [ ISO /IEC 2005, ISO /IEC 2009] CIS Security Metrics Outcome and practice metrics measuring

75 FR 1070 - Cargo Securing Methods for Packages in Transport Vehicles or Freight Containers

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-08

... DEPARTMENT OF HOMELAND SECURITY Coast Guard [Docket No. USCG-2009-1079] Cargo Securing Methods for... for comments. SUMMARY: The Coast Guard seeks comments from the public on methods for securing cargo in... proper condition for transportation. Currently, the specific method for securing cargo is left to the...

Performance Analysis of Cyber Security Awareness Delivery Methods

NASA Astrophysics Data System (ADS)

Abawajy, Jemal; Kim, Tai-Hoon

In order to decrease information security threats caused by human-related vulnerabilities, an increased concentration on information security awareness and training is necessary. There are numerous information security awareness training delivery methods. The purpose of this study was to determine what delivery method is most successful in providing security awareness training. We conducted security awareness training using various delivery methods such as text based, game based and a short video presentation with the aim of determining user preference delivery methods. Our study suggests that a combined delvery methods are better than individual secrity awareness delivery method.

78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-11

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will...

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

32 CFR 2800.4 - General information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... STATES SECURITY PROCEDURES § 2800.4 General information. (a) Staff Security Officer/Top Secret Control... Staff Security Officer will serve as Top Secret Control Officer and Assistant Top Secret Control Officer... responsible for the overall supervision of the Top Secret Control program. They will maintain positive control...

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

2015-01-01

NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

Effectiveness of Taxicab Security Equipment in Reducing Driver Homicide Rates

PubMed Central

Menéndez, Cammie K.C.; Amandus, Harlan E.; Damadi, Parisa; Wu, Nan; Konda, Srinivas; Hendricks, Scott A.

2015-01-01

Background Taxicab drivers historically have had one of the highest work-related homicide rates of any occupation. In 2010 the taxicab driver homicide rate was 7.4 per 100,000 drivers, compared to the overall rate of 0.37 per 100,000 workers. Purpose Evaluate the effectiveness of taxicab security cameras and partitions on citywide taxicab driver homicide rates. Methods Taxicab driver homicide rates were compared in 26 major cities in the U.S. licensing taxicabs with security cameras (n=8); bullet-resistant partitions (n=7); and cities where taxicabs were not equipped with either security cameras or partitions (n=11). News clippings of taxicab driver homicides and the number of licensed taxicabs by city were used to construct taxicab driver homicide rates spanning 15 years (1996–2010). Generalized estimating equations were constructed to model the Poisson-distributed homicide rates on city-specific safety equipment installation status, controlling for city homicide rate and the concurrent decline of homicide rates over time. Data were analyzed in 2012. Results Cities with cameras experienced a threefold reduction in taxicab driver homicides compared with control cities (RR=0.27; 95% CI=0.12, 0.61; p=0.002). There was no difference in homicide rates for cities with partitions compared with control cities (RR=1.15; 95% CI=0.80, 1.64; p=0.575). Conclusions Municipal ordinances and company policies mandating security cameras appear to be highly effective in reducing taxicab driver deaths due to workplace violence. PMID:23790983

Glycemic Control Associated With Secure Patient-Provider Messaging Within a Shared Electronic Medical Record

PubMed Central

Harris, Lynne T.; Koepsell, Thomas D.; Haneuse, Sebastien J.; Martin, Diane P.; Ralston, James D.

2013-01-01

OBJECTIVE To study differences in glycemic control and HbA1c testing associated with use of secure electronic patient-provider messaging. We hypothesized that messaging use would be associated with better glycemic control and a higher rate of adherence to HbA1c testing recommendations. RESEARCH DESIGN AND METHODS Retrospective observational study of secure messaging at Group Health, a large nonprofit health care system. Our analysis included adults with diabetes who had registered for access to a shared electronic medical record (SMR) between 2003 and 2006. We fit log-linear regression models, using generalized estimating equations, to estimate the adjusted rate ratio of meeting three indicators of glycemic control (HbA1c <7%, HbA1c <8%, and HbA1c >9%) and HbA1c testing adherence by level of previous messaging use. Multiple imputation and inverse probability weights were used to account for missing data. RESULTS During the study period, 6,301 adults with diabetes registered for access to the SMR. Of these individuals, 74% used messaging at least once during that time. Frequent use of messaging during the previous calendar quarter was associated with a higher rate of good glycemic control (HbA1c <7%: rate ratio, 1.26 [95% CI, 1.15–1.37]) and a higher rate testing adherence (1.20 [1.15–1.25]). CONCLUSIONS Among SMR users, recent and frequent messaging use was associated with better glycemic control and a higher rate of HbA1c testing adherence. These results suggest that secure messaging may facilitate important processes of care and help some patients to achieve or maintain adequate glycemic control. PMID:23628618

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) CERTIFICATION OF GASEOUS DIFFUSION PLANTS Safeguards and Security § 76.111 Physical security, material control...

76 FR 67019 - Tenth Meeting: RTCA Special Committee 224, Airport Security Access Control

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-28

... 224, Airport Security Access Control AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control. SUMMARY: The... (Pub. L. 92-463, 5 U.S.C., App.), notice is hereby given for a Special Committee 224, Airport Security...

A dynamic access control method based on QoS requirement

NASA Astrophysics Data System (ADS)

Li, Chunquan; Wang, Yanwei; Yang, Baoye; Hu, Chunyang

2013-03-01

A dynamic access control method is put forward to ensure the security of the sharing service in Cloud Manufacturing, according to the application characteristics of cloud manufacturing collaborative task. The role-based access control (RBAC) model is extended according to the characteristics of cloud manufacturing in this method. The constraints are considered, which are from QoS requirement of the task context to access control, based on the traditional static authorization. The fuzzy policy rules are established about the weighted interval value of permissions. The access control authorities of executable service by users are dynamically adjusted through the fuzzy reasoning based on the QoS requirement of task. The main elements of the model are described. The fuzzy reasoning algorithm of weighted interval value based QoS requirement is studied. An effective method is provided to resolve the access control of cloud manufacturing.

Research and realization of info-net security controlling system

NASA Astrophysics Data System (ADS)

Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

2017-03-01

The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

OVERALL view OF CONTROL BUILDING AND SECURITY GATE. view TO EAST. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in Weapons Storage Area, Plattsburgh, Clinton County, NY

OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

OVERALL VIEW OF CONTROL BUILDING AND SECURITY GATE. VIEW TO NORTH. - Plattsburgh Air Force Base, Security Police Entry Control Building, Off Perimeter Road in SAC Alert Area, Plattsburgh, Clinton County, NY

MYSEA: The Monterey Security Architecture

DTIC Science & Technology

2009-01-01

Security and Protection, Organization and Design General Terms: Design; Security Keywords: access controls, authentication, information flow controls...Applicable environments include: mil- itary coalitions, agencies and organizations responding to security emergencies, and mandated sharing in business ...network architecture affords users the abil- ity to securely access information across networks at dif- ferent classifications using standardized

A noise immunity controlled quantum teleportation protocol

NASA Astrophysics Data System (ADS)

Li, Dong-fen; Wang, Rui-jin; Zhang, Feng-li; Baagyere, Edward; Qin, Zhen; Xiong, Hu; Zhan, Huayi

2016-11-01

With the advent of the Internet and information and communication technology, quantum teleportation has become an important field in information security and its application areas. This is because quantum teleportation has the ability to attain a timely secret information delivery and offers unconditional security. And as such, the field of quantum teleportation has become a hot research topic in recent years. However, noise has serious effect on the safety of quantum teleportation within the aspects of information fidelity, channel capacity and information transfer. Therefore, the main purpose of this paper is to address these problems of quantum teleportation. Firstly, in order to resist collective noise, we construct a decoherence-free subspace under different noise scenarios to establish a two-dimensional fidelity quantum teleportation models. And also create quantum teleportation of multiple degree of freedom, and these models ensure the accuracy and availability of the exchange of information and in multiple degree of freedom. Secondly, for easy preparation, measurement and implementation, we use super dense coding features to build an entangled quantum secret exchange channel. To improve the channel utilization and capacity, an efficient super dense coding method based on ultra-entanglement exchange is used. Thirdly, continuous variables of the controlled quantum key distribution were designed for quantum teleportation; in addition, we perform Bell-basis measurement under the collective noise and also prepare the storage technology of quantum states to achieve one-bit key by three-photon encoding to improve its security and efficiency. We use these two methods because they conceal information, resist a third party attack and can detect eavesdropping. Our proposed methods, according to the security analysis, are able to solve the problems associated with the quantum teleportation under various noise environments.

Integrated secure solution for electronic healthcare records sharing

NASA Astrophysics Data System (ADS)

Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

2007-03-01

The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

A security architecture for health information networks.

PubMed

Kailar, Rajashekar; Muralidhar, Vinod

2007-10-11

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today's healthcare enterprise. Recent work on 'nationwide health information network' architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately.

A Security Architecture for Health Information Networks

PubMed Central

Kailar, Rajashekar

2007-01-01

Health information network security needs to balance exacting security controls with practicality, and ease of implementation in today’s healthcare enterprise. Recent work on ‘nationwide health information network’ architectures has sought to share highly confidential data over insecure networks such as the Internet. Using basic patterns of health network data flow and trust models to support secure communication between network nodes, we abstract network security requirements to a core set to enable secure inter-network data sharing. We propose a minimum set of security controls that can be implemented without needing major new technologies, but yet realize network security and privacy goals of confidentiality, integrity and availability. This framework combines a set of technology mechanisms with environmental controls, and is shown to be sufficient to counter commonly encountered network security threats adequately. PMID:18693862

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

33 CFR 151.2043 - Equivalent Reporting Methods for vessels other than those entering the Great Lakes or Hudson...

Code of Federal Regulations, 2011 CFR

2011-07-01

... OR COMMERCIAL WASTE, AND BALLAST WATER Ballast Water Management for Control of Nonindigenous Species... for the Assistant Commandant for Marine Safety, Security, and Stewardship (CG-5) may, upon receipt of...

33 CFR 151.2043 - Equivalent Reporting Methods for vessels other than those entering the Great Lakes or Hudson...

Code of Federal Regulations, 2010 CFR

2010-07-01

... OR COMMERCIAL WASTE, AND BALLAST WATER Ballast Water Management for Control of Nonindigenous Species... for the Assistant Commandant for Marine Safety, Security, and Stewardship (CG-5) may, upon receipt of...

Real Time Quality Control Methods for Cued EMI Data Collection

DTIC Science & Technology

2016-03-14

contents be construed as reflecting the official policy or position of the Department of Defense. Reference herein to any specific commercial product...This project evaluated the effectiveness of in-field quality control (QC) procedures during cued electromagnetic induction (EMI) data collection. The...electromagnetic induction ESTCP Environmental Security Technology Certification Program hr hour ISO Industry Standard Object IVS Instrument

Wireless local area network in a prehospital environment

PubMed Central

Chen, Dongquan; Soong, Seng-jaw; Grimes, Gary J; Orthner, Helmuth F

2004-01-01

Background Wireless local area networks (WLANs) are considered the next generation of clinical data network. They open the possibility for capturing clinical data in a prehospital setting (e.g., a patient's home) using various devices, such as personal digital assistants, laptops, digital electrocardiogram (EKG) machines, and even cellular phones, and transmitting the captured data to a physician or hospital. The transmission rate is crucial to the applicability of the technology in the prehospital setting. Methods We created two separate WLANs to simulate a virtual local are network environment such as in a patient's home or an emergency room (ER). The effects of different methods of data transmission, number of clients, and roaming among different access points on the file transfer rate were determined. Results The present results suggest that it is feasible to transfer small files such as patient demographics and EKG data from the patient's home to the ER at a reasonable speed. Encryption, user control, and access control were implemented and results discussed. Conclusions Implementing a WLAN in a centrally managed and multiple-layer-controlled access control server is the key to ensuring its security and accessibility. Future studies should focus on product capacity, speed, compatibility, interoperability, and security management. PMID:15339336

76 FR 59481 - Ninth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-26

... Control Systems (Update to DO-230B): Agenda October 20, 2011 Welcome/Introductions/Administrative Remarks... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

76 FR 50811 - Eighth Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-16

... Control Systems (Update to DO-230B): Agenda September 15, 2011 Welcome/Introductions/Administrative... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems. SUMMARY...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

21 CFR 1301.75 - Physical security controls for practitioners.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 21 Food and Drugs 9 2014-04-01 2014-04-01 false Physical security controls for practitioners. 1301.75 Section 1301.75 Food and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION....75 Physical security controls for practitioners. (a) Controlled substances listed in Schedule I shall...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

Mixed-Method Quasi-Experimental Study of Outcomes of a Large-Scale Multilevel Economic and Food Security Intervention on HIV Vulnerability in Rural Malawi.

PubMed

Weinhardt, Lance S; Galvao, Loren W; Yan, Alice F; Stevens, Patricia; Mwenyekonde, Thokozani Ng'ombe; Ngui, Emmanuel; Emer, Lindsay; Grande, Katarina M; Mkandawire-Valhmu, Lucy; Watkins, Susan C

2017-03-01

The objective of the Savings, Agriculture, Governance, and Empowerment for Health (SAGE4Health) study was to evaluate the impact of a large-scale multi-level economic and food security intervention on health outcomes and HIV vulnerability in rural Malawi. The study employed a quasi-experimental non-equivalent control group design to compare intervention participants (n = 598) with people participating in unrelated programs in distinct but similar geographical areas (control, n = 301). We conducted participant interviews at baseline, 18-, and 36-months on HIV vulnerability and related health outcomes, food security, and economic vulnerability. Randomly selected households (n = 1002) were interviewed in the intervention and control areas at baseline and 36 months. Compared to the control group, the intervention led to increased HIV testing (OR 1.90; 95 % CI 1.29-2.78) and HIV case finding (OR = 2.13; 95 % CI 1.07-4.22); decreased food insecurity (OR = 0.74; 95 % CI 0.63-0.87), increased nutritional diversity, and improved economic resilience to shocks. Most effects were sustained over a 3-year period. Further, no significant differences in change were found over the 3-year study period on surveys of randomly selected households in the intervention and control areas. Although there were general trends toward improvement in the study area, only intervention participants' outcomes were significantly better. Results indicate the intervention can improve economic and food security and HIV vulnerability through increased testing and case finding. Leveraging the resources of economic development NGOs to deliver locally-developed programs with scientific funding to conduct controlled evaluations has the potential to accelerate the scientific evidence base for the effects of economic development programs on health.

Developing the security culture at the SEISMED Reference Centres.

PubMed

Fowler, J

1996-01-01

The paper gives a brief summary of the SEISMED project and the particular role played by the Reference Centres. Details are given of the hardware and application systems in use in the Royal Hospitals (NHS) Trust (RHT), one of the SEISMED Reference Centres. It proposes, without verification, a definition of a Security Culture based on three criteria. These are suggested to be the "Awareness" the "Acceptance" and the "Actions" of the management and staff to improve Information Systems Security throughout the RHT. The way that "Awareness" was increased is shown by the specific initiatives commenced as a result of a CRAMM Risk Analysis and the management and staff training programmes. The specific initiatives mentioned include, an Information Systems Security Policy, a contingency and disaster recovery plan, improvements in the physical protection of equipment and changes to the method of access control. The "Acceptance" by the staff of these measures is considered and the success or failure of "Developing A Security Culture" examined. The role of SEISMED in this process is assessed.

36 CFR 79.6 - Methods to secure curatorial services.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 36 Parks, Forests, and Public Property 1 2014-07-01 2014-07-01 false Methods to secure curatorial... INTERIOR CURATION OF FEDERALLY-OWNED AND ADMINISTERED ARCHAEOLOGICAL COLLECTIONS § 79.6 Methods to secure curatorial services. (a) Federal agencies may secure curatorial services using a variety of methods, subject...

36 CFR 79.6 - Methods to secure curatorial services.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 36 Parks, Forests, and Public Property 1 2010-07-01 2010-07-01 false Methods to secure curatorial... INTERIOR CURATION OF FEDERALLY-OWNED AND ADMINISTERED ARCHAEOLOGICAL COLLECTIONS § 79.6 Methods to secure curatorial services. (a) Federal agencies may secure curatorial services using a variety of methods, subject...

36 CFR 79.6 - Methods to secure curatorial services.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 36 Parks, Forests, and Public Property 1 2012-07-01 2012-07-01 false Methods to secure curatorial... INTERIOR CURATION OF FEDERALLY-OWNED AND ADMINISTERED ARCHAEOLOGICAL COLLECTIONS § 79.6 Methods to secure curatorial services. (a) Federal agencies may secure curatorial services using a variety of methods, subject...

76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-01

... Control Systems (Update to DO-230B): Agenda July 15, 2011 Welcome/Introductions/Administrative Remarks... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to...

Analysis and solutions of security issues in Ethernet PON

NASA Astrophysics Data System (ADS)

Meng, Yu; Jiang, Tao; Xiao, Dingzhong

2005-02-01

Ethernet Passive Optical Network (EPON), which combines the low cost Ethernet equipment and economic fiber infrastructure, is being considered as a promising solution for Fiber-To-The-Home (FTTH). However, since EPON is an optical shared medium network, some unique features make it more vulnerable to security attacks. In this paper, the key security threats of EPON are firstly analyzed. And then, considering some specific properties which might be utilized for security, such as the safety of transmissions in upstream direction, some novel methods are presented to solve security problems. Firstly, based on some modification about registration, the mechanism of access control is achieved. Secondly, we implement an AES-128 symmetrical encryption and decryption in the EPON system. The AES-128 algorithm can process data blocks of 128 bits, but the length of Ethernet frame is variable. How to deal with the last block, which is not up to 128 bits, is discussed in detail. Finally, key update is accomplished through a vendor specific OAM frame in order to enhance the level of security. The proposed mechanism will remain in conformance with P2MP specification defined by 802.3ah TF, and can supply a complete security solution for EPON.

Security analysis with improved design of post-confirmation mechanism for quantum sealed-bid auction with single photons

NASA Astrophysics Data System (ADS)

Zhang, Ke-Jia; Kwek, Leong-Chuan; Ma, Chun-Guang; Zhang, Long; Sun, Hong-Wei

2018-02-01

Quantum sealed-bid auction (QSA) has been widely studied in quantum cryptography. For a successful auction, post-confirmation is regarded as an important mechanism to make every bidder verify the identity of the winner after the auctioneer has announced the result. However, since the auctioneer may be dishonest and collude with malicious bidders in practice, some potential loopholes could exist. In this paper, we point out two types of collusion attacks for a particular post-confirmation technique with EPR pairs. And it is not difficult to see that there exists no unconditionally secure post-confirmation mechanism in the existing QSA model, if the dishonest participants have the ability to control multiparticle entanglement. In the view of this, we note that some secure implementation could exist if the participants are supposed to be semi-quantum, i.e., they can only control single photons. Finally, two potential methods to design post-confirmation mechanism are presented in this restricted scenario.

Information Security Risk Assessment in Hospitals

PubMed Central

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

Background: To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. Objective: The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. Method: This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). Results: The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). Conclusion: The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies. PMID:29204226

Optical benchmarking of security document readers for automated border control

NASA Astrophysics Data System (ADS)

Valentín, Kristián.; Wild, Peter; Å tolc, Svorad; Daubner, Franz; Clabian, Markus

2016-10-01

Authentication and optical verification of travel documents upon crossing borders is of utmost importance for national security. Understanding the workflow and different approaches to ICAO 9303 travel document scanning in passport readers, as well as highlighting normalization issues and designing new methods to achieve better harmonization across inspection devices are key steps for the development of more effective and efficient next- generation passport inspection. This paper presents a survey of state-of-the-art document inspection systems, showcasing results of a document reader challenge investigating 9 devices with regards to optical characteristics.

Voltage stability analysis in the new deregulated environment

NASA Astrophysics Data System (ADS)

Zhu, Tong

Nowadays, a significant portion of the power industry is under deregulation. Under this new circumstance, network security analysis is more critical and more difficult. One of the most important issues in network security analysis is voltage stability analysis. Due to the expected higher utilization of equipment induced by competition in a power market that covers bigger power systems, this issue is increasingly acute after deregulation. In this dissertation, some selected topics of voltage stability analysis are covered. In the first part, after a brief review of general concepts of continuation power flow (CPF), investigations on various matrix analysis techniques to improve the speed of CPF calculation for large systems are reported. Based on these improvements, a new CPF algorithm is proposed. This new method is then tested by an inter-area transaction in a large inter-connected power system. In the second part, the Arnoldi algorithm, the best method to find a few minimum singular values for a large sparse matrix, is introduced into the modal analysis for the first time. This new modal analysis is applied to the estimation of the point of voltage collapse and contingency evaluation in voltage security assessment. Simulations show that the new method is very efficient. In the third part, after transient voltage stability component models are investigated systematically, a novel system model for transient voltage stability analysis, which is a logical-algebraic-differential-difference equation (LADDE), is offered. As an example, TCSC (Thyristor controlled series capacitors) is addressed as a transient voltage stabilizing controller. After a TCSC transient voltage stability model is outlined, a new TCSC controller is proposed to enhance both fault related and load increasing related transient voltage stability. Its ability is proven by the simulation.

Apparatus, system and method for providing cryptographic key information with physically unclonable function circuitry

DOEpatents

Areno, Matthew

2015-12-08

Techniques and mechanisms for providing a value from physically unclonable function (PUF) circuitry for a cryptographic operation of a security module. In an embodiment, a cryptographic engine receives a value from PUF circuitry and based on the value, outputs a result of a cryptographic operation to a bus of the security module. The bus couples the cryptographic engine to control logic or interface logic of the security module. In another embodiment, the value is provided to the cryptographic engine from the PUF circuitry via a signal line which is distinct from the bus, where any exchange of the value by either of the cryptographic engine and the PUF circuitry is for communication of the first value independent of the bus.

Providing security for automated process control systems at hydropower engineering facilities

NASA Astrophysics Data System (ADS)

Vasiliev, Y. S.; Zegzhda, P. D.; Zegzhda, D. P.

2016-12-01

This article suggests the concept of a cyberphysical system to manage computer security of automated process control systems at hydropower engineering facilities. According to the authors, this system consists of a set of information processing tools and computer-controlled physical devices. Examples of cyber attacks on power engineering facilities are provided, and a strategy of improving cybersecurity of hydropower engineering systems is suggested. The architecture of the multilevel protection of the automated process control system (APCS) of power engineering facilities is given, including security systems, control systems, access control, encryption, secure virtual private network of subsystems for monitoring and analysis of security events. The distinctive aspect of the approach is consideration of interrelations and cyber threats, arising when SCADA is integrated with the unified enterprise information system.

77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-30

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the seventeenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-24

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty-second meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-04

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the nineteenth meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-17

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the eleventh meeting of RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-12

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twenty first meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

Federal Register 2010, 2011, 2012, 2013, 2014

2012-04-30

... Committee 224, Airport Security Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the thirteenth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

77 FR 15448 - Twelfth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-15

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S... Access Control Systems. SUMMARY: The FAA is issuing this notice to advise the public of the twelfth meeting of RTCA Special Committee 224, Airport Security Access Control Systems DATES: The meeting will be...

Corrective Control to Handle Forecast Uncertainty: A Chance Constrained Optimal Power Flow

DOE Office of Scientific and Technical Information (OSTI.GOV)

Roald, Line; Misra, Sidhant; Krause, Thilo

Higher shares of electricity generation from renewable energy sources and market liberalization is increasing uncertainty in power systems operation. At the same time, operation is becoming more flexible with improved control systems and new technology such as phase shifting transformers (PSTs) and high voltage direct current connections (HVDC). Previous studies have shown that the use of corrective control in response to outages contributes to a reduction in operating cost, while maintaining N-1 security. In this work, we propose a method to extend the use of corrective control of PSTs and HVDCs to react to uncertainty. We characterize the uncertainty asmore » continuous random variables, and define the corrective control actions through affine control policies. This allows us to efficiently model control reactions to a large number of uncertainty sources. The control policies are then included in a chance constrained optimal power flow formulation, which guarantees that the system constraints are enforced with a desired probability. Lastly, by applying an analytical reformulation of the chance constraints, we obtain a second-order cone problem for which we develop an efficient solution algorithm. In a case study for the IEEE 118 bus system, we show that corrective control for uncertainty leads to a decrease in operational cost, while maintaining system security. Further, we demonstrate the scalability of the method by solving the problem for the IEEE 300 bus and the Polish system test cases.« less

Corrective Control to Handle Forecast Uncertainty: A Chance Constrained Optimal Power Flow

DOE PAGES

Roald, Line; Misra, Sidhant; Krause, Thilo; ...

2016-08-25

Higher shares of electricity generation from renewable energy sources and market liberalization is increasing uncertainty in power systems operation. At the same time, operation is becoming more flexible with improved control systems and new technology such as phase shifting transformers (PSTs) and high voltage direct current connections (HVDC). Previous studies have shown that the use of corrective control in response to outages contributes to a reduction in operating cost, while maintaining N-1 security. In this work, we propose a method to extend the use of corrective control of PSTs and HVDCs to react to uncertainty. We characterize the uncertainty asmore » continuous random variables, and define the corrective control actions through affine control policies. This allows us to efficiently model control reactions to a large number of uncertainty sources. The control policies are then included in a chance constrained optimal power flow formulation, which guarantees that the system constraints are enforced with a desired probability. Lastly, by applying an analytical reformulation of the chance constraints, we obtain a second-order cone problem for which we develop an efficient solution algorithm. In a case study for the IEEE 118 bus system, we show that corrective control for uncertainty leads to a decrease in operational cost, while maintaining system security. Further, we demonstrate the scalability of the method by solving the problem for the IEEE 300 bus and the Polish system test cases.« less

Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities

PubMed Central

Yeo, Kiho; Lee, Keehyuck; Kim, Jong-Min; Kim, Tae-Hun; Choi, Yong-Hoon; Jeong, Woo-Jin; Hwang, Hee; Baek, Rong Min

2012-01-01

Objectives The goal of this paper is to examine the security measures that should be reviewed by medical facilities that are trying to implement mobile Electronic Medical Record (EMR) systems designed for hospitals. Methods The study of the security requirements for a mobile EMR system is divided into legal considerations and sectional security investigations. Legal considerations were examined with regard to remote medical services, patients' personal information and EMR, medical devices, the establishment of mobile systems, and mobile applications. For the 4 sectional security investigations, the mobile security level SL-3 from the Smartphone Security Standards of the National Intelligence Service (NIS) was used. Results From a compliance perspective, legal considerations for various laws and guidelines of mobile EMR were executed according to the model of the legal considerations. To correspond to the SL-3, separation of DMZ and wireless network is needed. Mobile access servers must be located in only the smartphone DMZ. Furthermore, security measures like 24-hour security control, WIPS, VPN, MDM, and ISMS for each section are needed to establish a secure mobile EMR system. Conclusions This paper suggested a direction for applying regulatory measures to strengthen the security of a mobile EMR system in accordance with the standard security requirements presented by the Smartphone Security Guideline of the NIS. A future study on the materialization of these suggestions after their application at actual medical facilities can be used as an illustrative case to determine the degree to which theory and reality correspond with one another. PMID:22844648

A Hybrid Location Method for Missile Security Team Positioning

DTIC Science & Technology

2007-01-01

Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. A Hybrid Location Method for Missile Security...Bell and Weir A Hybrid Location Method for Missile Security Team Positioning Chief Master Sergeant Michael C. Dawson Air Force Logistics Management...problem oj locating security teams over a geographic area to maintain security Jor US Air Force Intercontinental Ballistic Missile Systems. A

17 CFR 240.17Ad-13 - Annual study and evaluation of internal accounting control.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Annual study and evaluation of internal accounting control. 240.17Ad-13 Section 240.17Ad-13 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities...

17 CFR 240.17Ad-13 - Annual study and evaluation of internal accounting control.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Annual study and evaluation of internal accounting control. 240.17Ad-13 Section 240.17Ad-13 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities...

17 CFR 240.17Ad-13 - Annual study and evaluation of internal accounting control.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Annual study and evaluation of internal accounting control. 240.17Ad-13 Section 240.17Ad-13 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities...

17 CFR 240.17Ad-13 - Annual study and evaluation of internal accounting control.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Annual study and evaluation of internal accounting control. 240.17Ad-13 Section 240.17Ad-13 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the Securities...

Toward Synthesis, Analysis, and Certification of Security Protocols

NASA Technical Reports Server (NTRS)

Schumann, Johann

2004-01-01

Implemented security protocols are basically pieces of software which are used to (a) authenticate the other communication partners, (b) establish a secure communication channel between them (using insecure communication media), and (c) transfer data between the communication partners in such a way that these data only available to the desired receiver, but not to anyone else. Such an implementation usually consists of the following components: the protocol-engine, which controls in which sequence the messages of the protocol are sent over the network, and which controls the assembly/disassembly and processing (e.g., decryption) of the data. the cryptographic routines to actually encrypt or decrypt the data (using given keys), and t,he interface to the operating system and to the application. For a correct working of such a security protocol, all of these components must work flawlessly. Many formal-methods based techniques for the analysis of a security protocols have been developed. They range from using specific logics (e.g.: BAN-logic [4], or higher order logics [12] to model checking [2] approaches. In each approach, the analysis tries to prove that no (or at least not a modeled intruder) can get access to secret data. Otherwise, a scenario illustrating the &tack may be produced. Despite the seeming simplicity of security protocols ("only" a few messages are sent between the protocol partners in order to ensure a secure communication), many flaws have been detected. Unfortunately, even a perfect protocol engine does not guarantee flawless working of a security protocol, as incidents show. Many break-ins and security vulnerabilities are caused by exploiting errors in the implementation of the protocol engine or the underlying operating system. Attacks using buffer-overflows are a very common class of such attacks. Errors in the implementation of exception or error handling can open up additional vulnerabilities. For example, on a website with a log-in screen: multiple tries with invalid passwords caused the expected error message (too many retries). but let the user nevertheless pass. Finally, security can be compromised by silly implementation bugs or design decisions. In a commercial VPN software, all calls to the encryption routines were incidentally replaced by stubs, probably during factory testing. The product worked nicely. and the error (an open VPN) would have gone undetected, if a team member had not inspected the low-level traffic out of curiosity. Also, the use secret proprietary encryption routines can backfire, because such algorithms often exhibit weaknesses which can be exploited easily (see e.g., DVD encoding). Summarizing, there is large number of possibilities to make errors which can compromise the security of a protocol. In today s world with short time-to-market and the use of security protocols in open and hostile networks for safety-critical applications (e.g., power or air-traffic control), such slips could lead to catastrophic situations. Thus, formal methods and automatic reasoning techniques should not be used just for the formal proof of absence of an attack, but they ought to be used to provide an end-to-end tool-supported framework for security software. With such an approach all required artifacts (code, documentation, test cases) , formal analyses, and reliable certification will be generated automatically, given a single, high level specification. By a combination of program synthesis, formal protocol analysis, certification; and proof-carrying code, this goal is within practical reach, since all the important technologies for such an approach actually exist and only need to be assembled in the right way.

33 CFR 106.265 - Security measures for restricted areas.

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Telecommunications; (iii) Power distribution system; (iv) Access points for ventilation and air-conditioning systems... security areas within the OCS facility; (6) Protect security and surveillance equipment and systems; and (7... security and surveillance equipment and systems and their controls, and lighting system controls; and (3...

36 CFR 1256.70 - What controls access to national security-classified information?

Code of Federal Regulations, 2010 CFR

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

Keeping Campuses Safe.

ERIC Educational Resources Information Center

Kennedy, Mike

1999-01-01

Describes how colleges and universities are using technology, as well as traditional methods, to keep campuses safe and reduce crime. Topics include using free pizza in a successful contest to teach students about campus safety, installing security cameras, using access-control cards, providing adequate lighting, and creating a bicycle patrol…

Report: EPA’s Office of Environmental Information Should Improve Ariel Rios and Potomac Yard Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0879, September 26, 2012. The security posture and in-place environmental control review of the computer rooms in the Ariel Rios and Potomac Yard buildings revealed numerous security and environmental control deficiencies.

Dispatching power system for preventive and corrective voltage collapse problem in a deregulated power system

NASA Astrophysics Data System (ADS)

Alemadi, Nasser Ahmed

Deregulation has brought opportunities for increasing efficiency of production and delivery and reduced costs to customers. Deregulation has also bought great challenges to provide the reliability and security customers have come to expect and demand from the electrical delivery system. One of the challenges in the deregulated power system is voltage instability. Voltage instability has become the principal constraint on power system operation for many utilities. Voltage instability is a unique problem because it can produce an uncontrollable, cascading instability that results in blackout for a large region or an entire country. In this work we define a system of advanced analytical methods and tools for secure and efficient operation of the power system in the deregulated environment. The work consists of two modules; (a) contingency selection module and (b) a Security Constrained Optimization module. The contingency selection module to be used for voltage instability is the Voltage Stability Security Assessment and Diagnosis (VSSAD). VSSAD shows that each voltage control area and its reactive reserve basin describe a subsystem or agent that has a unique voltage instability problem. VSSAD identifies each such agent. VS SAD is to assess proximity to voltage instability for each agent and rank voltage instability agents for each contingency simulated. Contingency selection and ranking for each agent is also performed. Diagnosis of where, why, when, and what can be done to cure voltage instability for each equipment outage and transaction change combination that has no load flow solution is also performed. A security constrained optimization module developed solves a minimum control solvability problem. A minimum control solvability problem obtains the reactive reserves through action of voltage control devices that VSSAD determines are needed in each agent to obtain solution of the load flow. VSSAD makes a physically impossible recommendation of adding reactive generation capability to specific generators to allow a load flow solution to be obtained. The minimum control solvability problem can also obtain solution of the load flow without curtailing transactions that shed load and generation as recommended by VSSAD. A minimum control solvability problem will be implemented as a corrective control, that will achieve the above objectives by using minimum control changes. The control includes; (1) voltage setpoint on generator bus voltage terminals; (2) under load tap changer tap positions and switchable shunt capacitors; and (3) active generation at generator buses. The minimum control solvability problem uses the VSSAD recommendation to obtain the feasible stable starting point but completely eliminates the impossible or onerous recommendation made by VSSAD. This thesis reviews the capabilities of Voltage Stability Security Assessment and Diagnosis and how it can be used to implement a contingency selection module for the Open Access System Dispatch (OASYDIS). The OASYDIS will also use the corrective control computed by Security Constrained Dispatch. The corrective control would be computed off line and stored for each contingency that produces voltage instability. The control is triggered and implemented to correct the voltage instability in the agent experiencing voltage instability only after the equipment outage or operating changes predicted to produce voltage instability have occurred. The advantages and the requirements to implement the corrective control are also discussed.

Managing the Security of Nursing Data in the Electronic Health Record

PubMed Central

Samadbeik, Mahnaz; Gorzin, Zahra; Khoshkam, Masomeh; Roudbari, Masoud

2015-01-01

Background: The Electronic Health Record (EHR) is a patient care information resource for clinicians and nursing documentation is an essential part of comprehensive patient care. Ensuring privacy and the security of health information is a key component to building the trust required to realize the potential benefits of electronic health information exchange. This study was aimed to manage nursing data security in the EHR and also discover the viewpoints of hospital information system vendors (computer companies) and hospital information technology specialists about nursing data security. Methods: This research is a cross sectional analytic-descriptive study. The study populations were IT experts at the academic hospitals and computer companies of Tehran city in Iran. Data was collected by a self-developed questionnaire whose validity and reliability were confirmed using the experts’ opinions and Cronbach’s alpha coefficient respectively. Data was analyzed through Spss Version 18 and by descriptive and analytic statistics. Results: The findings of the study revealed that user name and password were the most important methods to authenticate the nurses, with mean percent of 95% and 80%, respectively, and also the most significant level of information security protection were assigned to administrative and logical controls. There was no significant difference between opinions of both groups studied about the levels of information security protection and security requirements (p>0.05). Moreover the access to servers by authorized people, periodic security update, and the application of authentication and authorization were defined as the most basic security requirements from the viewpoint of more than 88 percent of recently-mentioned participants. Conclusions: Computer companies as system designers and hospitals information technology specialists as systems users and stakeholders present many important views about security requirements for EHR systems and nursing electronic documentation systems. Prioritizing of these requirements helps policy makers to decide what to do when planning for EHR implementation. Therefore, to make appropriate security decisions and to achieve the expected level of protection of the electronic nursing information, it is suggested to consider the priorities of both groups of experts about security principles and also discuss the issues seem to be different between two groups of participants in the research. PMID:25870490

A Novel Reference Security Model with the Situation Based Access Policy for Accessing EPHR Data.

PubMed

Gope, Prosanta; Amin, Ruhul

2016-11-01

Electronic Patient Health Record (EPHR) systems may facilitate a patient not only to share his/her health records securely with healthcare professional but also to control his/her health privacy, in a convenient and easy way even in case of emergency. In order to fulfill these requirements, it is greatly desirable to have the access control mechanism which can efficiently handle every circumstance without negotiating security. However, the existing access control mechanisms used in healthcare to regulate and restrict the disclosure of patient data are often bypassed in case of emergencies. In this article, we propose a way to securely share EPHR data under any situation including break-the-glass (BtG) without compromising its security. In this regard, we design a reference security model, which consists of a multi-level data flow hierarchy, and an efficient access control framework based on the conventional Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) policies.

Cyber Vulnerabilities Within Critical Infrastructure: The Flaws of Industrial Control Systems in the Oil and Gas Industry

NASA Astrophysics Data System (ADS)

Alpi, Danielle Marie

The 16 sectors of critical infrastructure in the US are susceptible to cyber-attacks. Potential attacks come from internal and external threats. These attacks target the industrial control systems (ICS) of companies within critical infrastructure. Weakness in the energy sector's ICS, specifically the oil and gas industry, can result in economic and ecological disaster. The purpose of this study was to establish means for oil companies to identify and stop cyber-attacks specifically APT threats. This research reviewed current cyber vulnerabilities and ways in which a cyber-attack may be deterred. This research found that there are insecure devices within ICS that are not regularly updated. Therefore, security issues have amassed. Safety procedures and training thereof are often neglected. Jurisdiction is unclear in regard to critical infrastructure. The recommendations this research offers are further examination of information sharing methods, development of analytic platforms, and better methods for the implementation of defense-in-depth security measures.

Generalized variables for controlling Government Transfer Services with respect to performance measures

NASA Technical Reports Server (NTRS)

Johnson, F. D.

1981-01-01

The term Government Transfer Services is used in reference to any of the organized streams of public resources that flow into private economic activity. This includes such activities as offshore leasing, Social Security, and NASA technology transfer services. This paper describes a performance measure, empirical results, a theory, and a control model for such services. These are illustrated by a specific example (NASA). An agenda for developing this service control method is also presented.

The adoption of IT security standards in a healthcare environment.

PubMed

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Report: EPA’s Radiation and Indoor Environments National Laboratory Should Improve Its Computer Room Security Controls

EPA Pesticide Factsheets

Report #12-P-0847, September 21, 2012.Our review of the security posture and in-place environmental controls of EPA’s Radiation and Indoor Environments National Laboratory computer room disclosed an array of security and environmental control deficiencies.

Reasoning on Weighted Delegatable Authorizations

NASA Astrophysics Data System (ADS)

Ruan, Chun; Varadharajan, Vijay

This paper studies logic based methods for representing and evaluating complex access control policies needed by modern database applications. In our framework, authorization and delegation rules are specified in a Weighted Delegatable Authorization Program (WDAP) which is an extended logic program. We show how extended logic programs can be used to specify complex security policies which support weighted administrative privilege delegation, weighted positive and negative authorizations, and weighted authorization propagations. We also propose a conflict resolution method that enables flexible delegation control by considering priorities of authorization grantors and weights of authorizations. A number of rules are provided to achieve delegation depth control, conflict resolution, and authorization and delegation propagations.

Key issues and technical route of cyber physical distribution system

NASA Astrophysics Data System (ADS)

Zheng, P. X.; Chen, B.; Zheng, L. J.; Zhang, G. L.; Fan, Y. L.; Pei, T.

2017-01-01

Relying on the National High Technology Research and Development Program, this paper introduced the key issues in Cyber Physical Distribution System (CPDS), mainly includes: composite modelling method and interaction mechanism, system planning method, security defence technology, distributed control theory. Then on this basis, the corresponding technical route is proposed, and a more detailed research framework along with main schemes to be adopted is also presented.

Federating Cyber and Physical Models for Event-Driven Situational Awareness

DOE Office of Scientific and Technical Information (OSTI.GOV)

Stephan, Eric G.; Pawlowski, Ronald A.; Sridhar, Siddharth

The purpose of this paper is to describe a novel method to improve electric power system monitoring and control software application interoperability. This method employs the concept of federation, which is defined as the use of existing models that represent aspects of a system in specific domains (such as physical and cyber security domains) and building interface to link all of domain models.

Securing All intraVenous devices Effectively in hospitalised patients--the SAVE trial: study protocol for a multicentre randomised controlled trial.

PubMed

Rickard, Claire M; Marsh, Nicole; Webster, Joan; Playford, E Geoffrey; McGrail, Matthew R; Larsen, Emily; Keogh, Samantha; McMillan, David; Whitty, Jennifer A; Choudhury, Md Abu; Dunster, Kimble R; Reynolds, Heather; Marshall, Andrea; Crilly, Julia; Young, Jeanine; Thom, Ogilvie; Gowardman, John; Corley, Amanda; Fraser, John F

2015-09-23

Over 70% of all hospital admissions have a peripheral intravenous device (PIV) inserted; however, the failure rate of PIVs is unacceptably high, with up to 69% of these devices failing before treatment is complete. Failure can be due to dislodgement, phlebitis, occlusion/infiltration and/or infection. This results in interrupted medical therapy; painful phlebitis and reinsertions; increased hospital length of stay, morbidity and mortality from infections; and wasted medical/nursing time. Appropriate PIV dressing and securement may prevent many cases of PIV failure, but little comparative data exist regarding the efficacy of various PIV dressing and securement methods. This trial will investigate the clinical and cost-effectiveness of 4 methods of PIV dressing and securement in preventing PIV failure. A multicentre, parallel group, superiority randomised controlled trial with 4 arms, 3 experimental groups (tissue adhesive, bordered polyurethane dressing, sutureless securement device) and 1 control (standard polyurethane dressing) is planned. There will be a 3-year recruitment of 1708 adult patients, with allocation concealment until randomisation by a centralised web-based service. The primary outcome is PIV failure which includes any of: dislodgement, occlusion/infiltration, phlebitis and infection. Secondary outcomes include: types of PIV failure, PIV dwell time, costs, device colonisation, skin colonisation, patient and staff satisfaction. Relative incidence rates of device failure per 100 devices and per 1000 device days with 95% CIs will summarise the impact of each dressing, and test differences between groups. Kaplan-Meier survival curves (with log-rank Mantel-Cox test) will compare device failure over time. p Values of <0.05 will be considered significant. Secondary end points will be compared between groups using parametric or non-parametric techniques appropriate to level of measurement. Ethical approval has been received from Queensland Health (HREC/11/QRCH/152) and Griffith University (NRS/46/11/HREC). Results will be published according to the CONSORT statement and presented at relevant conferences. Australian New Zealand Clinical Trial Registry (ACTRN); 12611000769987. Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://group.bmj.com/group/rights-licensing/permissions.

Arms Control and National Security: An Introduction. Advance Edition.

ERIC Educational Resources Information Center

Arms Control Association, Washington, DC.

Suitable for use with high school students, this booklet on arms control and national security provides background information, describes basic concepts, reviews recent history, and offers suggestions for further reading. The first section, on American attitudes toward national security and arms control, defines five types of limits on weapons…

Security Controls Hurt Research, NAS Warns.

ERIC Educational Resources Information Center

Kolata, Gina

1982-01-01

A National Academy of Sciences (NAS) report found no evidence that leaks of technical information from universities or other research centers have damaged national security. However, in areas where control is warranted, decisions should be based on criteria. These criteria and issues related to security control and technological transfer are…

System and method for leveraging human physiological traits to control microprocessor frequency

DOEpatents

Shye, Alex; Pan, Yan; Scholbrock, Benjamin; Miller, J. Scott; Memik, Gokhan; Dinda, Peter A; Dick, Robert P

2014-03-25

A system and method for leveraging physiological traits to control microprocessor frequency are disclosed. In some embodiments, the system and method may optimize, for example, a particular processor-based architecture based on, for example, end user satisfaction. In some embodiments, the system and method may determine, for example, whether their users are satisfied to provide higher efficiency, improved reliability, reduced power consumption, increased security, and a better user experience. The system and method may use, for example, biometric input devices to provide information about a user's physiological traits to a computer system. Biometric input devices may include, for example, one or more of the following: an eye tracker, a galvanic skin response sensor, and/or a force sensor.

Access control based on attribute certificates for medical intranet applications.

PubMed

Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

2001-01-01

Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

33 CFR 104.265 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Requirements § 104.265 Security... security measures to: (1) Deter the unauthorized introduction of dangerous substances and devices...

An enhanced security solution for electronic medical records based on AES hybrid technique with SOAP/XML and SHA-1.

PubMed

Kiah, M L Mat; Nabi, Mohamed S; Zaidan, B B; Zaidan, A A

2013-10-01

This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.

Safe-haven locking device

DOEpatents

Williams, J.V.

1984-04-26

Disclosed is a locking device for eliminating external control of a secured space formed by fixed and movable barriers. The locking device uses externally and internally controlled locksets and a movable strike, operable from the secured side of the movable barrier, to selectively engage either lockset. A disengagement device, for preventing forces from being applied to the lock bolts is also disclosed. In this manner, a secured space can be controlled from the secured side as a safe-haven. 4 figures.

Graphs for information security control in software defined networks

NASA Astrophysics Data System (ADS)

Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

2017-07-01

Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network

PubMed Central

Rajagopalan, S. P.

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network. PMID:29040290

Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

PubMed

Alagarsamy, Sumithra; Rajagopalan, S P

2017-01-01

Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network.

Health Information Security: A Case Study of Three Selected Medical Centers in Iran

PubMed Central

Hajrahimi, Nafiseh; Dehaghani, Sayed Mehdi Hejazi; Sheikhtaheri, Abbas

2013-01-01

Health Information System (HIS) is considered a unique factor in improving the quality of health care activities and cost reduction, but today with the development of information technology and use of internet and computer networks, patients’ electronic records and health information systems have become a source for hackers. Methods This study aims at checking health information security of three selected medical centers in Iran using AHP fuzzy and TOPSIS compound model. To achieve that security measures were identified, based on the research literature and decision making matrix using experts’ points of view. Results and discussion Among the 27 indicators, seven indicators were selected as effective indicators and Fuzzy AHP technique was used to determine the importance of security indicators. Based on the comparisons made between the three selected medical centers to assess the security of health information, it is concluded that Chamran hospital has the most acceptable level of security and attention in three indicators of “verification and system design, user access management, access control system”, Al Zahra Hospital in two indicators of “access management and network access control” and Amin Hospital in “equipment safety and system design”. In terms of information security, Chamran Hospital ranked first, Al-Zahra Hospital ranked second and Al- Zahra hospital has the third place. PMID:23572861

33 CFR 105.255 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... and facilities; (4) Granting access to only those responding to the security incident or threat... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Security measures for access... SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES Facility Security Requirements § 105.255 Security...

A wireless electronic monitoring system for securing milk from farm to processor

NASA Astrophysics Data System (ADS)

Womble, Phillip; Hopper, Lindsay; Thompson, Chris; Alexander, Suraj M.; Crist, William; Payne, Fred; Stombaugh, Tim; Paschal, Jon; Moore, Ryan; Luck, Brian; Tabayehnejab, Nasrin

2008-04-01

The Department of Homeland Security and the Department of Health and Human Services have targeted bulk food contamination as a focus for attention. The contamination of bulk food poses a high consequence threat to our society. Milk transport falls into three of the 17 targeted NIPP (National Infrastructure Protection Plan) sectors including agriculture-food, public health, and commercial facilities. Minimal security safeguards have been developed for bulk milk transport. The current manual methods of securing milk are paper intensive and prone to errors. The bulk milk transportation sector requires a security enhancement that will both reduce recording errors and enable normal transport activities to occur while providing security against unauthorized access. Milk transportation companies currently use voluntary seal programs that utilize plastic, numbered seals on milk transport tank openings. Our group has developed a Milk Transport Security System which is an electromechanical access control and communication system that assures the secure transport of milk, milk samples, milk data, and security data between locations and specifically between dairy farms, transfer stations, receiving stations, and milk plants. It includes a security monitoring system installed on the milk transport tank, a hand held device, optional printers, data server, and security evaluation software. The system operates automatically and requires minimal or no attention by the bulk milk hauler/sampler. The system is compatible with existing milk transport infrastructure, and has the support of the milk producers, milk transportation companies, milk marketing agencies, and dairy processors. The security protocol developed is applicable for transport of other bulk foods both nationally and internationally. This system adds significantly to the national security infrastructure for bulk food transport. We are currently demonstrating the system in central Kentucky and will report on the results of the demonstration.

Food insecurity and diabetes self-management among food pantry clients.

PubMed

Ippolito, Matthew M; Lyles, Courtney R; Prendergast, Kimberly; Marshall, Michelle Berger; Waxman, Elaine; Seligman, Hilary Kessler

2017-01-01

To examine the association between level of food security and diabetes self-management among food pantry clients, which is largely not possible using clinic-based sampling methods. Cross-sectional descriptive study. Community-based food pantries in California, Ohio and Texas, USA, from March 2012 through March 2014. Convenience sample of adults with diabetes queuing at pantries (n 1237; 83 % response). Sampled adults were stratified as food secure, low food secure or very low food secure. We used point-of-care glycated Hb (HbA1c) testing to determine glycaemic control and captured diabetes self-management using validated survey items. The sample was 70 % female, 55 % Latino/Hispanic, 25 % white and 10 % black/African American, with a mean age of 56 years. Eighty-four per cent were food insecure, one-half of whom had very low food security. Mean HbA1c was 8·1 % and did not vary significantly by food security status. In adjusted models, very-low-food-secure participants, compared with both low-food-secure and food-secure participants, had poorer diabetes self-efficacy, greater diabetes distress, greater medication non-adherence, higher prevalence of severe hypoglycaemic episodes, higher prevalence of depressive symptoms, more medication affordability challenges, and more food and medicine or health supply trade-offs. Few studies of the health impact of food security have been able to examine very low food security. In a food pantry sample with high rates of food insecurity, we found that diabetes self-management becomes increasingly difficult as food security worsens. The efficacy of interventions to improve diabetes self-management may increase if food security is simultaneously addressed.

The development of control and monitoring system on marine current renewable energy Case study: strait of Toyapakeh - Nusa Penida, Bali

NASA Astrophysics Data System (ADS)

Arief, I. S.; Suherman, I. H.; Wardani, A. Y.; Baidowi, A.

2017-05-01

Control and monitoring system is a continuous process of securing the asset in the Marine Current Renewable Energy. A control and monitoring system is existed each critical components which is embedded in Failure Mode Effect Analysis (FMEA) method. As the result, the process in this paper developed through a matrix sensor. The matrix correlated to critical components and monitoring system which supported by sensors to conduct decision-making.

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 21 Food and Drugs 9 2012-04-01 2012-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 21 Food and Drugs 9 2010-04-01 2010-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

21 CFR 1301.72 - Physical security controls for non-practitioners; narcotic treatment programs and compounders for...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 21 Food and Drugs 9 2013-04-01 2013-04-01 false Physical security controls for non-practitioners... security controls for non-practitioners; narcotic treatment programs and compounders for narcotic treatment... shall have the following specifications or the equivalent: 30 man-minutes against surreptitious entry...

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

NASA Astrophysics Data System (ADS)

Green, Mary W.

1997-01-01

As problems of violence and crime become more prevalent in our schools, more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense US social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti- graffiti methods, and duress alarms can all be effective, given they are used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more tot he general 'order maintenance' of the facility than could be achieved by separate measures not integrated or related.

Examining Cybersecurity of Cyberphysical Systems for Critical Infrastructures Through Work Domain Analysis.

PubMed

Wang, Hao; Lau, Nathan; Gerdes, Ryan M

2018-04-01

The aim of this study was to apply work domain analysis for cybersecurity assessment and design of supervisory control and data acquisition (SCADA) systems. Adoption of information and communication technology in cyberphysical systems (CPSs) for critical infrastructures enables automated and distributed control but introduces cybersecurity risk. Many CPSs employ SCADA industrial control systems that have become the target of cyberattacks, which inflict physical damage without use of force. Given that absolute security is not feasible for complex systems, cyberintrusions that introduce unanticipated events will occur; a proper response will in turn require human adaptive ability. Therefore, analysis techniques that can support security assessment and human factors engineering are invaluable for defending CPSs. We conducted work domain analysis using the abstraction hierarchy (AH) to model a generic SCADA implementation to identify the functional structures and means-ends relations. We then adopted a case study approach examining the Stuxnet cyberattack by developing and integrating AHs for the uranium enrichment process, SCADA implementation, and malware to investigate the interactions between the three aspects of cybersecurity in CPSs. The AHs for modeling a generic SCADA implementation and studying the Stuxnet cyberattack are useful for mapping attack vectors, identifying deficiencies in security processes and features, and evaluating proposed security solutions with respect to system objectives. Work domain analysis is an effective analytical method for studying cybersecurity of CPSs for critical infrastructures in a psychologically relevant manner. Work domain analysis should be applied to assess cybersecurity risk and inform engineering and user interface design.

Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

DOT National Transportation Integrated Search

1998-05-01

Given the paramount importance of computer security of Air Traffic Control (ATC) systems, Congress asked the General Accounting Office to determine (1) whether the Fedcral Aviation Administration (FAA) is effectively managing physical security at ATC...

76 FR 8996 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-16

... Children Household-Based Demonstration on Food Insecurity. OMB Control Number: 0584-NEW. Summary of... demonstration projects to develop and test methods of providing access to food for low-income children in urban... used by FNS to determine if SEBT for children reduces the acute prevalence of very low food security...

20 CFR 640.3 - Interpretation of Federal law requirements.

Code of Federal Regulations, 2010 CFR

2010-04-01

... require that a State law include provision for such methods of administration as will reasonable insure... Security Act to require that, in the administration of a State law, there shall be substantial compliance... benefits. Factors reasonably beyond a State's control may cause its performance to drop below the level of...

33 CFR 104.405 - Format of the Vessel Security Plan (VSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...) Communications; (9) Security systems and equipment maintenance; (10) Security measures for access control... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Format of the Vessel Security... SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS Vessel Security Plan (VSP) § 104.405 Format of the...

Main control computer security model of closed network systems protection against cyber attacks

NASA Astrophysics Data System (ADS)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

PubMed Central

Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

2016-01-01

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network. PMID:27314351

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

PubMed

Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

2016-06-14

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

Evaluation of power system security and development of transmission pricing method

NASA Astrophysics Data System (ADS)

Kim, Hyungchul

The electric power utility industry is presently undergoing a change towards the deregulated environment. This has resulted in unbundling of generation, transmission and distribution services. The introduction of competition into unbundled electricity services may lead system operation closer to its security boundaries resulting in smaller operating safety margins. The competitive environment is expected to lead to lower price rates for customers and higher efficiency for power suppliers in the long run. Under this deregulated environment, security assessment and pricing of transmission services have become important issues in power systems. This dissertation provides new methods for power system security assessment and transmission pricing. In power system security assessment, the following issues are discussed (1) The description of probabilistic methods for power system security assessment; (2) The computation time of simulation methods; (3) on-line security assessment for operation. A probabilistic method using Monte-Carlo simulation is proposed for power system security assessment. This method takes into account dynamic and static effects corresponding to contingencies. Two different Kohonen networks, Self-Organizing Maps and Learning Vector Quantization, are employed to speed up the probabilistic method. The combination of Kohonen networks and Monte-Carlo simulation can reduce computation time in comparison with straight Monte-Carlo simulation. A technique for security assessment employing Bayes classifier is also proposed. This method can be useful for system operators to make security decisions during on-line power system operation. This dissertation also suggests an approach for allocating transmission transaction costs based on reliability benefits in transmission services. The proposed method shows the transmission transaction cost of reliability benefits when transmission line capacities are considered. The ratio between allocation by transmission line capacity-use and allocation by reliability benefits is computed using the probability of system failure.

Expert Computer Systems for Missile Maintenance.

DTIC Science & Technology

1983-08-09

ADDRESS(II different from Controlling Office) IS. SECURITY CLASS. (of thl report) Unclassified 1Sa. DECL ASSI FICATION/ DOWNGRADING - SCHEDULE I...circuit, and with the diagnostic methods used by the technicians responsible for maintain- ing it, we decided that we should visit Owego. On October 20...This trip was useful in several respects: 1. Insight was gained into the methods used by the technicians to diagnose a faulty circuit. 2. We learned what

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

Does interview mode matter for food security measurement? Telephone versus in-person interviews in the Current Population Survey Food Security Supplement.

PubMed

Nord, Mark; Hopwood, Heather

2007-12-01

To assess whether interview mode (telephone vs. in-person) affects the results of surveys that measure food security. Responses given by households interviewed by telephone and in-person in recent US Current Population Survey Food Security Supplements (CPS-FSS) were compared. Statistical methods based on the Rasch measurement model were used to assess whether response patterns differed between the two interview modes. Multivariate logistic regression analysis was then used to gauge the effect of interview mode on the measured household prevalence rates of food insecurity and very low food security while controlling for income, employment, household structure, and other household characteristics that affect food security. Response patterns to the indicators that comprise the food security scale did not differ substantially between interview modes. Prevalence rates of food insecurity and very low food security estimated from the two interview modes differed by only small proportions after accounting for differences in the socio-economic characteristics of households. Findings suggest that effects of interview mode on food security measurement in the CPS-FSS are small, or at most modest. Prevalence estimates may be biased upwards somewhat for households interviewed in-person compared with those interviewed by telephone. The extent to which these results can be generalised may depend, to some extent, on survey characteristics other than interview mode, such as surveyor name recognition and respondents' trust and confidence in the surveyor.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew A.

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew

2013-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

Policy-based secure communication with automatic key management for industrial control and automation systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chernoguzov, Alexander; Markham, Thomas R.; Haridas, Harshal S.

A method includes generating at least one access vector associated with a specified device in an industrial process control and automation system. The specified device has one of multiple device roles. The at least one access vector is generated based on one or more communication policies defining communications between one or more pairs of devices roles in the industrial process control and automation system, where each pair of device roles includes the device role of the specified device. The method also includes providing the at least one access vector to at least one of the specified device and one ormore » more other devices in the industrial process control and automation system in order to control communications to or from the specified device.« less

Dynamic Key Management Schemes for Secure Group Access Control Using Hierarchical Clustering in Mobile Ad Hoc Networks

NASA Astrophysics Data System (ADS)

Tsaur, Woei-Jiunn; Pai, Haw-Tyng

2008-11-01

The applications of group computing and communication motivate the requirement to provide group access control in mobile ad hoc networks (MANETs). The operation in MANETs' groups performs a decentralized manner and accommodated membership dynamically. Moreover, due to lack of centralized control, MANETs' groups are inherently insecure and vulnerable to attacks from both within and outside the groups. Such features make access control more challenging in MANETs. Recently, several researchers have proposed group access control mechanisms in MANETs based on a variety of threshold signatures. However, these mechanisms cannot actually satisfy MANETs' dynamic environments. This is because the threshold-based mechanisms cannot be achieved when the number of members is not up to the threshold value. Hence, by combining the efficient elliptic curve cryptosystem, self-certified public key cryptosystem and secure filter technique, we construct dynamic key management schemes based on hierarchical clustering for securing group access control in MANETs. Specifically, the proposed schemes can constantly accomplish secure group access control only by renewing the secure filters of few cluster heads, when a cluster head joins or leaves a cross-cluster. In such a new way, we can find that the proposed group access control scheme can be very effective for securing practical applications in MANETs.

[Security of the medicinal therapy: Cartography of risks a priori within service of orthopaedic surgery].

PubMed

Razurel, A; Bertrand, É; Deranlot, J; Benhamou, F; Tritz, T; Le Mercier, F; Hardy, P

2015-11-01

Security and quality of the Medicinal Therapy are one of the most important objectives of the April 6th, 2011 order. The objective is to realize this study of the risks incurred by patients related to management and security of medicinal therapy in order to establish a plan to reduce the risks of drug's dispensation. The method of the Preliminary Risk Analysis (PRA) has been implemented by a multidisciplinary group in a hospital service of orthopaedic surgery. The study focused on the dispensation phase of medicinal circuit. This analysis revealed 148 scenarii, 35 were criticality unacceptable. Fifty-four initial risk control actions were proposed and their stress levels to put them in place were evaluated. The main measures of risk management are: training, information, communication, computerization, automation, dual control, updating the documentation system, drug reconciliation and respect for Best Practices Hospitallers (BPH). Risk management requires a significant human and financial investment as well as, material resources and multidisciplinary expertise in order to offer the best solutions. Copyright © 2015 Académie Nationale de Pharmacie. Published by Elsevier Masson SAS. All rights reserved.

Security Concepts for Satellite Links

NASA Astrophysics Data System (ADS)

Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.

2008-08-01

The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).

Radioisotope identification method for poorly resolved gamma-ray spectrum of nuclear security concern

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ninh, Giang Nguyen; Phongphaeth, Pengvanich, E-mail: phongphaeth.p@chula.ac.th; Nares, Chankow

Gamma-ray signal can be used as a fingerprint for radioisotope identification. In the context of radioactive and nuclear materials security at the border control point, the detection task can present a significant challenge due to various constraints such as the limited measurement time, the shielding conditions, and the noise interference. This study proposes a novel method to identify the signal of one or several radioisotopes from a poorly resolved gamma-ray spectrum. In this method, the noise component in the raw spectrum is reduced by the wavelet decomposition approach, and the removal of the continuum background is performed using the baselinemore » determination algorithm. Finally, the identification of radioisotope is completed using the matrix linear regression method. The proposed method has been verified by experiments using the poorly resolved gamma-ray signals from various scenarios including single source, mixing of natural uranium with five of the most common industrial radioactive sources (57Co, 60Co, 133Ba, 137Cs, and 241Am). The preliminary results show that the proposed algorithm is comparable with the commercial method.« less

33 CFR 106.405 - Format and content of the Facility Security Plan (FSP).

Code of Federal Regulations, 2010 CFR

2010-07-01

...; (9) Security systems and equipment maintenance; (10) Security measures for access control; (11... Facility Security Plan (FSP). 106.405 Section 106.405 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES...

Secure public cloud platform for medical images sharing.

PubMed

Pan, Wei; Coatrieux, Gouenou; Bouslimi, Dalel; Prigent, Nicolas

2015-01-01

Cloud computing promises medical imaging services offering large storage and computing capabilities for limited costs. In this data outsourcing framework, one of the greatest issues to deal with is data security. To do so, we propose to secure a public cloud platform devoted to medical image sharing by defining and deploying a security policy so as to control various security mechanisms. This policy stands on a risk assessment we conducted so as to identify security objectives with a special interest for digital content protection. These objectives are addressed by means of different security mechanisms like access and usage control policy, partial-encryption and watermarking.

System and method for key generation in security tokens

DOE Office of Scientific and Technical Information (OSTI.GOV)

Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

A threat intelligence framework for access control security in the oil industry

NASA Astrophysics Data System (ADS)

Alaskandrani, Faisal T.

The research investigates the problem raised by the rapid development in the technology industry giving security concerns in facilities built by the energy industry containing diverse platforms. The difficulty of continuous updates to network security architecture and assessment gave rise to the need to use threat intelligence frameworks to better assess and address networks security issues. Focusing on access control security to the ICS and SCADA systems that is being utilized to carry out mission critical and life threatening operations. The research evaluates different threat intelligence frameworks that can be implemented in the industry seeking the most suitable and applicable one that address the issue and provide more security measures. The validity of the result is limited to the same environment that was researched as well as the technologies being utilized. The research concludes that it is possible to utilize a Threat Intelligence framework to prioritize security in Access Control Measures in the Oil Industry.

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

NASA Astrophysics Data System (ADS)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

Effortful control mediates relations between children's attachment security and their regard for rules of conduct

PubMed Central

Nordling, Jamie Koenig; Boldt, Lea J.; O'Bleness, Jessica; Kochanska, Grazyna

2015-01-01

Although attachment security has been associated with children's rule-compatible conduct, the mechanism through which attachment influences early regard for rules is not well established. We hypothesized that effortful control would mediate the link between security and indicators of children's emerging regard for rules (discomfort following rule violations, internalization of parents' and experimenter's rules, few externalizing behaviors). In a longitudinal study, the Attachment Q-Set was completed by parents, effortful control was observed, and Regard for Rules was observed and rated by parents. The proposed model fit the data well: Children's security to mothers predicted their effortful control, which in turn had a direct link to a greater Regard for Rules. Children's security with fathers did not predict effortful control. The mother-child relationship appears particularly important for positive developmental cascades of self-regulation and socialization. PMID:27158193

The schemes and methods for producing of the visual security features used in the color hologram stereography

NASA Astrophysics Data System (ADS)

Lushnikov, D. S.; Zherdev, A. Y.; Odinokov, S. B.; Markin, V. V.; Smirnov, A. V.

2017-05-01

Visual security elements used in color holographic stereograms - three-dimensional colored security holograms - and methods their production is describes in this article. These visual security elements include color micro text, color-hidden image, the horizontal and vertical flip - flop effects by change color and image. The article also presents variants of optical systems that allow record the visual security elements as part of the holographic stereograms. The methods for solving of the optical problems arising in the recording visual security elements are presented. Also noted perception features of visual security elements for verification of security holograms by using these elements. The work was partially funded under the Agreement with the RF Ministry of Education and Science № 14.577.21.0197, grant RFMEFI57715X0197.

Construction of monitoring model and algorithm design on passenger security during shipping based on improved Bayesian network.

PubMed

Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

2014-01-01

A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping.

Construction of Monitoring Model and Algorithm Design on Passenger Security during Shipping Based on Improved Bayesian Network

PubMed Central

Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

2014-01-01

A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping. PMID:25254227

Auditing Albaha University Network Security using in-house Developed Penetration Tool

NASA Astrophysics Data System (ADS)

Alzahrani, M. E.

2018-03-01

Network security becomes very important aspect in any enterprise/organization computer network. If important information of the organization can be accessed by anyone it may be used against the organization for further own interest. Thus, network security comes into it roles. One of important aspect of security management is security audit. Security performance of Albaha university network is relatively low (in term of the total controls outlined in the ISO 27002 security control framework). This paper proposes network security audit tool to address issues in Albaha University network. The proposed penetration tool uses Nessus and Metasploit tool to find out the vulnerability of a site. A regular self-audit using inhouse developed tool will increase the overall security and performance of Albaha university network. Important results of the penetration test are discussed.

Performance analysis of AES-Blowfish hybrid algorithm for security of patient medical record data

NASA Astrophysics Data System (ADS)

Mahmud H, Amir; Angga W, Bayu; Tommy; Marwan E, Andi; Siregar, Rosyidah

2018-04-01

A file security is one method to protect data confidentiality, integrity and information security. Cryptography is one of techniques used to secure and guarantee data confidentiality by doing conversion to the plaintext (original message) to cipher text (hidden message) with two important processes, they are encrypt and decrypt. Some researchers proposed a hybrid method to improve data security. In this research we proposed hybrid method of AES-blowfish (BF) to secure the patient’s medical report data into the form PDF file that sources from database. Generation method of private and public key uses two ways of approach, those are RSA method f RSA and ECC. We will analyze impact of these two ways of approach for hybrid method at AES-blowfish based on time and Throughput. Based on testing results, BF method is faster than AES and AES-BF hybrid, however AES-BF hybrid is better for throughput compared with AES and BF is higher.

[Development of sample pretreatment techniques-rapid detection coupling methods for food security analysis].

PubMed

Huang, Yichun; Ding, Weiwei; Zhang, Zhuomin; Li, Gongke

2013-07-01

This paper summarizes the recent developments of the rapid detection methods for food security, such as sensors, optical techniques, portable spectral analysis, enzyme-linked immunosorbent assay, portable gas chromatograph, etc. Additionally, the applications of these rapid detection methods coupled with sample pretreatment techniques in real food security analysis are reviewed. The coupling technique has the potential to provide references to establish the selective, precise and quantitative rapid detection methods in food security analysis.

Simple algorithm for improved security in the FDDI protocol

NASA Astrophysics Data System (ADS)

Lundy, G. M.; Jones, Benjamin

1993-02-01

We propose a modification to the Fiber Distributed Data Interface (FDDI) protocol based on a simple algorithm which will improve confidential communication capability. This proposed modification provides a simple and reliable system which exploits some of the inherent security properties in a fiber optic ring network. This method differs from conventional methods in that end to end encryption can be facilitated at the media access control sublayer of the data link layer in the OSI network model. Our method is based on a variation of the bit stream cipher method. The transmitting station takes the intended confidential message and uses a simple modulo two addition operation against an initialization vector. The encrypted message is virtually unbreakable without the initialization vector. None of the stations on the ring will have access to both the encrypted message and the initialization vector except the transmitting and receiving stations. The generation of the initialization vector is unique for each confidential transmission and thus provides a unique approach to the key distribution problem. The FDDI protocol is of particular interest to the military in terms of LAN/MAN implementations. Both the Army and the Navy are considering the standard as the basis for future network systems. A simple and reliable security mechanism with the potential to support realtime communications is a necessary consideration in the implementation of these systems. The proposed method offers several advantages over traditional methods in terms of speed, reliability, and standardization.

Formalization of the Access Control on ARM-Android Platform with the B Method

NASA Astrophysics Data System (ADS)

Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

2018-01-01

ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

NASA Astrophysics Data System (ADS)

Kwon, Cheolhyeon

Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the computational cost. The proposed algorithm is validated through a linearized longitudinal motion of a UAV example. Finally, we propose an attack attenuation strategy via the controller design for CPSs that are robust to various types of cyber attacks. While the previous studies have investigated a secure control by assuming a specific attack strategy, in this research we propose a hybrid robust control scheme that contains multiple sub-controllers, each matched to a specific type of cyber attacks. Then the system can be adapted to various cyber attacks (including those that are not assumed for sub-controller design) by switching its sub-controllers to achieve the best performance. Then, a method for designing a secure switching logic to counter all possible cyber attacks is proposed and it verifies mathematically the system's performance and stability as well. The performance of the proposed control scheme is demonstrated by an example with the hybrid H2 - H-infinity controller applied to a UAV example.

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2012 CFR

2012-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2014 CFR

2014-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2013 CFR

2013-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2011 CFR

2011-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

47 CFR 87.395 - Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA).

Code of Federal Regulations, 2010 CFR

2010-10-01

... and Air Navigation Aids (Short Title: SCATANA). 87.395 Section 87.395 Telecommunication FEDERAL... Communications § 87.395 Plan for the Security Control of Air Traffic and Air Navigation Aids (Short Title: SCATANA). (a) The Plan for the Security Control of Air Traffic and Air Navigation Aids (SCATANA) is...

A Hierarchical Security Architecture for Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Communication Security for Control Systems in Smart Grid

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

As an example of Control System, Supervisory Control and Data Acquisition systems can be relatively simple, such as one that monitors environmental conditions of a small office building, or incredibly complex, such as a system that monitors all the activity in a nuclear power plant or the activity of a municipal water system. SCADA systems are basically Process Control Systems, designed to automate systems such as traffic control, power grid management, waste processing etc. Connecting SCADA to the Internet can provide a lot of advantages in terms of control, data viewing and generation. SCADA infrastructures like electricity can also be a part of a Smart Grid. Connecting SCADA to a public network can bring a lot of security issues. To answer the security issues, a SCADA communication security solution is proposed.

A novel image encryption algorithm based on synchronized random bit generated in cascade-coupled chaotic semiconductor ring lasers

NASA Astrophysics Data System (ADS)

Li, Jiafu; Xiang, Shuiying; Wang, Haoning; Gong, Junkai; Wen, Aijun

2018-03-01

In this paper, a novel image encryption algorithm based on synchronization of physical random bit generated in a cascade-coupled semiconductor ring lasers (CCSRL) system is proposed, and the security analysis is performed. In both transmitter and receiver parts, the CCSRL system is a master-slave configuration consisting of a master semiconductor ring laser (M-SRL) with cross-feedback and a solitary SRL (S-SRL). The proposed image encryption algorithm includes image preprocessing based on conventional chaotic maps, pixel confusion based on control matrix extracted from physical random bit, and pixel diffusion based on random bit stream extracted from physical random bit. Firstly, the preprocessing method is used to eliminate the correlation between adjacent pixels. Secondly, physical random bit with verified randomness is generated based on chaos in the CCSRL system, and is used to simultaneously generate the control matrix and random bit stream. Finally, the control matrix and random bit stream are used for the encryption algorithm in order to change the position and the values of pixels, respectively. Simulation results and security analysis demonstrate that the proposed algorithm is effective and able to resist various typical attacks, and thus is an excellent candidate for secure image communication application.

17 CFR 240.15c3-4 - Internal risk management control systems for OTC derivatives dealers.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Internal risk management control systems for OTC derivatives dealers. 240.15c3-4 Section 240.15c3-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

Plug-and-play measurement-device-independent quantum key distribution

NASA Astrophysics Data System (ADS)

Choi, Yujun; Kwon, Osung; Woo, Minki; Oh, Kyunghwan; Han, Sang-Wook; Kim, Yong-Su; Moon, Sung

2016-03-01

Quantum key distribution (QKD) guarantees unconditional communication security based on the laws of quantum physics. However, practical QKD suffers from a number of quantum hackings due to the device imperfections. From the security standpoint, measurement-device-independent quantum key distribution (MDI-QKD) is in the limelight since it eliminates all the possible loopholes in detection. Due to active control units for mode matching between the photons from remote parties, however, the implementation of MDI-QKD is highly impractical. In this paper, we propose a method to resolve the mode matching problem while minimizing the use of active control units. By introducing the plug-and-play (P&P) concept into MDI-QKD, the indistinguishability in spectral and polarization modes between photons can naturally be guaranteed. We show the feasibility of P&P MDI-QKD with a proof-of-principle experiment.

A Pilot Randomized Controlled Trial of Novel Dressing and Securement Techniques in 101 Pediatric Patients.

PubMed

Kleidon, Tricia M; Ullman, Amanda J; Gibson, Victoria; Chaseling, Brett; Schoutrop, Jason; Mihala, Gabor; Rickard, Claire M

2017-11-01

To evaluate feasibility of an efficacy trial comparing peripherally inserted central catheter (PICC) dressing and securement techniques to prevent complications and failure. This pilot, 3-armed, randomized controlled trial was undertaken at Royal Children's Hospital and Lady Cilento Children's Hospital, Brisbane, Australia, between April 2014 and September 2015. Pediatric participants (N = 101; age range, 0-18 y) were assigned to standard care (bordered polyurethane [BPU] dressing, sutureless securement device), tissue adhesive (TA) (plus BPU dressing), or integrated securement dressings (ISDs). Average PICC dwell time was 8.1 days (range, 0.2-27.7 d). Primary outcome was trial feasibility including PICC failure. Secondary outcomes were PICC complications, dressing performance, and parent and staff satisfaction. Protocol feasibility was established. PICC failure was 6% (2/32) with standard care, 6% (2/31) with ISD, and 3% (1/32) with TA. PICC complications were 16% across all groups. TA provided immediate postoperative hemostasis, prolonging the first dressing change until 5.5 days compared with 3.5 days and 2.5 days with standard care and ISD respectively. Bleeding was the most common reason for first dressing change: standard care (n = 18; 75%), ISD (n = 11; 69%), TA (n = 4; 27%). Parental satisfaction (median 9.7/10; P = .006) and staff feedback (9.2/10; P = .002) were most positive for ISD. This research suggests safety and acceptability of different securement dressings compared with standard care; securement dressings may also reduce dressing changes after insertion. Further research is required to confirm clinically cost-effective methods to prevent PICC failure. Copyright © 2017 SIR. Published by Elsevier Inc. All rights reserved.

A game-theoretic method for cross-layer stochastic resilient control design in CPS

NASA Astrophysics Data System (ADS)

Shen, Jiajun; Feng, Dongqin

2018-03-01

In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

NASA Technical Reports Server (NTRS)

Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

2015-01-01

NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

Robust path planning for flexible needle insertion using Markov decision processes.

PubMed

Tan, Xiaoyu; Yu, Pengqian; Lim, Kah-Bin; Chui, Chee-Kong

2018-05-11

Flexible needle has the potential to accurately navigate to a treatment region in the least invasive manner. We propose a new planning method using Markov decision processes (MDPs) for flexible needle navigation that can perform robust path planning and steering under the circumstance of complex tissue-needle interactions. This method enhances the robustness of flexible needle steering from three different perspectives. First, the method considers the problem caused by soft tissue deformation. The method then resolves the common needle penetration failure caused by patterns of targets, while the last solution addresses the uncertainty issues in flexible needle motion due to complex and unpredictable tissue-needle interaction. Computer simulation and phantom experimental results show that the proposed method can perform robust planning and generate a secure control policy for flexible needle steering. Compared with a traditional method using MDPs, the proposed method achieves higher accuracy and probability of success in avoiding obstacles under complicated and uncertain tissue-needle interactions. Future work will involve experiment with biological tissue in vivo. The proposed robust path planning method can securely steer flexible needle within soft phantom tissues and achieve high adaptability in computer simulation.

SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly

NASA Astrophysics Data System (ADS)

Ricci, R.; Chollet, G.; Crispino, M. V.; Jassim, S.; Koreman, J.; Olivar-Dimas, M.; Garcia-Salicetti, S.; Soria-Rodriguez, P.

2006-05-01

This article presents an overview of the SecurePhone project, with an account of the first results obtained. SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned) documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited, with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy security chain model covering all aspects of system operation. The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing the way people interact and by improving trust and confidence in information technologies, often considered intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical access control, securised mobile communications).

77 FR 18283 - Self-Regulatory Organizations; The National Securities Clearing Corporation; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-27

.... NSCC believes it can offer a number of control improvements to the current manual, decentralized, and...: Electronic Comments Use the Commission's Internet comment form ( http://www.sec.gov/rules/sro.shtml ); or... one method. The Commission will post all comments on the Commission's Internet Web site ( http://www...

International Terrorism and Transnational Crime: Security Threats, U.S. Policy, and Considerations for Congress

DTIC Science & Technology

2010-03-18

Michael Jacobson and Matthew Levitt, “ Follow the Money ,” Los Angeles Times, December 23, 2008. . International Terrorism and Transnational Crime...221 See for example R. T. Naylor, “Wash-Out: A Critique of Follow - the - Money Methods in Crime Control Policy,” Crime, Law, and

36 CFR 1284.30 - Does NARA lend documents to other institutions for exhibit purposes?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 36 Parks, Forests, and Public Property 3 2011-07-01 2011-07-01 false Does NARA lend documents to other institutions for exhibit purposes? 1284.30 Section 1284.30 Parks, Forests, and Public Property... security, fire protection, environmental controls, packing and shipping, exhibit methods, and insurance...

49 CFR Appendix D to Part 172 - Rail Risk Analysis Factors

Code of Federal Regulations, 2012 CFR

2012-10-01

... nature of the rail system, each carrier must select and document the analysis method/model used and identify the routes to be analyzed. D. The safety and security risk analysis must consider current data and... curvature; 7. Presence or absence of signals and train control systems along the route (“dark” versus...

A review of underwater acoustic systems and methods for locating objects lost at sea

NASA Technical Reports Server (NTRS)

Lovelady, R. W.; Ferguson, R. L.

1983-01-01

Information related to the location of objects lost at sea is presented. Acoustic devices attached to an object prior to being transported is recommended as a homing beacon. Minimum requirements and some environmental constraints are defined. Methods and procedures for search and recovery are also discussed. Both an interim system and a more advanced system are outlined. Controlled acoustic emission to enhance security is the theme followed.

Anomaly-based intrusion detection for SCADA systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, D.; Usynin, A.; Hines, J. W.

2006-07-01

Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper willmore » briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)« less

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

Programmable Logic Controllers for Research on the Cyber Security of Industrial Power Plants

DTIC Science & Technology

2017-02-12

group . 15. SUBJECT TERMS Industrial control systems, cyber security 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF a. REPORT b. ABSTRACT c. THIS...currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (00-MM-YYYY) ,2. REPORT TYPE 3. DATES COVERED...From- To) 12/02/2017 Final 15 August 2015 - 12 February 2017 4. TITLE AND SUBTITLE Sa. CONTRACT NUMBER Programmable Logic Controllers for Research

Assessing Grant Allocation Methods for Federal Homeland Security Urban Area Assistance Funding

DTIC Science & Technology

2015-12-01

ALLOCATION METHODS FOR FEDERAL HOMELAND SECURITY URBAN AREA ASSISTANCE FUNDING by Craig Mohar December 2015 Thesis Co-Advisors: Kathleen...REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE ASSESSING GRANT ALLOCATION METHODS FOR FEDERAL HOMELAND SECURITY URBAN AREA...the Department of Homeland Security (DHS) is critical for building and sustaining preparedness in urban areas. According to the 9/11 Commission Report

Novel Control Scheme of Power Assisted Wheelchair for Preventing Overturn (Part I)-Adjustment of Assisted Torque and Performance Evaluation From Field Test-

NASA Astrophysics Data System (ADS)

Seki, Hirokazu; Hata, Naoki; Koyasu, Yuichi; Hori, Yoichi

Aged people and disabled people who have difficulty in walking are increasing. As one of mobility support, significance of power assisted wheelchair which assists driving force using electric motors and spreads their living areas has been enhanced. However, the increased driving force often causes a dangerous overturn of wheelchair. In this paper, control method to prevent power assisted wheelchair from overturning is proposed. It is found the front wheels rising is caused by magnitude and rapid increase of assisted torque. Therefore, feedforward control method to limit the assisted torque by tuning its magnitude or time constant is proposed. In order to emphasize safety and feeling of security, these methods make the front wheels no rise. The effectiveness of the proposed method is verified by the practical experiments and field test based performance evaluation using many trial subjects.

Cyber secure systems approach for NPP digital control systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCreary, T. J.; Hsu, A.

2006-07-01

Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant andmore » distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to disrupt network communications by entering the system from an attached utility network or utilizing a modem connected to a control system PC that is in turn connected to a publicly accessible phone; 2)Threat from a user connecting an unauthorized computer to the control network; 3)Threat from a security attack when an unauthorized user gains access to a PC connected to the plant network;. 4)Threat from internal disruption (by plant staff, whether, malicious or otherwise) by unauthorized usage of files or file handling media that opens the system to security threat (as typified in current situation in most control rooms). The plant I and C system cyber security design and the plant specific procedures should adequately demonstrate protection from the four pertinent classes of cyber security attacks. The combination of these features should demonstrate that the system is not vulnerable to any analyzed cyber security attacks either from internal sources or through network connections. The authors will provide configurations that will demonstrate the Cyber Security Zone. (authors)« less

US-CERT Control System Center Input/Output (I/O) Conceputal Design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2005-02-01

This document was prepared for the US-CERT Control Systems Center of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs the federal departments to identify and prioritize critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the NCSD to address the control system security component addressed in the National Strategy to Secure Cyberspace andmore » the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems; the I/O upgrade described in this document supports these goals. The vulnerability assessment Test Bed, located in the Information Operations Research Center (IORC) facility at Idaho National Laboratory (INL), consists of a cyber test facility integrated with multiple test beds that simulate the nation's critical infrastructure. The fundamental mission of the Test Bed is to provide industry owner/operators, system vendors, and multi-agency partners of the INL National Security Division a platform for vulnerability assessments of control systems. The Input/Output (I/O) upgrade to the Test Bed (see Work Package 3.1 of the FY-05 Annual Work Plan) will provide for the expansion of assessment capabilities within the IORC facility. It will also provide capabilities to connect test beds within the Test Range and other Laboratory resources. This will allow real time I/O data input and communication channels for full replications of control systems (Process Control Systems [PCS], Supervisory Control and Data Acquisition Systems [SCADA], and components). This will be accomplished through the design and implementation of a modular infrastructure of control system, communications, networking, computing and associated equipment, and measurement/control devices. The architecture upgrade will provide a flexible patching system providing a quick ''plug and play''configuration through various communication paths to gain access to live I/O running over specific protocols. This will allow for in-depth assessments of control systems in a true-to-life environment. The full I/O upgrade will be completed through a two-phased approach. Phase I, funded by DHS, expands the capabilities of the Test Bed by developing an operational control system in two functional areas, the Science & Technology Applications Research (STAR) Facility and the expansion of various portions of the Test Bed. Phase II (see Appendix A), funded by other programs, will complete the full I/O upgrade to the facility.« less

32 CFR 245.6 - Abbreviations and acronyms.

Code of Federal Regulations, 2010 CFR

2010-07-01

...—Domestic Event Network DHS—Department of Homeland Security DND—Department of National Defence (Canada) DoD...) MISCELLANEOUS PLAN FOR THE EMERGENCY SECURITY CONTROL OF AIR TRAFFIC (ESCAT) Explanation of Terms, Acronyms and... Order ESCAT—Emergency Security Control of Air Traffic FAA—Federal Aviation Administration IFR—Instrument...

Consumer Attitudes and Perceptions on mHealth Privacy and Security: Findings From a Mixed-Methods Study.

PubMed

Atienza, Audie A; Zarcadoolas, Christina; Vaughon, Wendy; Hughes, Penelope; Patel, Vaishali; Chou, Wen-Ying Sylvia; Pritts, Joy

2015-01-01

This study examined consumers' attitudes and perceptions regarding mobile health (mHealth) technology use in health care. Twenty-four focus groups with 256 participants were conducted in 5 geographically diverse locations. Participants were also diverse in age, education, race/ethnicity, gender, and rural versus urban settings. Several key themes emerged from the focus groups. Findings suggest that consumer attitudes regarding mHealth privacy/security are highly contextualized, with concerns depending on the type of information being communicated, where and when the information is being accessed, who is accessing or seeing the information, and for what reasons. Consumers frequently considered the tradeoffs between the privacy/security of using mHealth technologies and the potential benefits. Having control over mHealth privacy/security features and trust in providers were important issues for consumers. Overall, this study found significant diversity in attitudes regarding mHealth privacy/security both within and between traditional demographic groups. Thus, to address consumers' concerns regarding mHealth privacy and security, a one-size-fits-all approach may not be adequate. Health care providers and technology developers should consider tailoring mHealth technology according to how various types of information are communicated in the health care setting, as well as according to the comfort, skills, and concerns individuals may have with mHealth technology.

Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance

PubMed Central

Kramer, Daniel B.; Baker, Matthew; Ransford, Benjamin; Molina-Markham, Andres; Stewart, Quinn; Fu, Kevin; Reynolds, Matthew R.

2012-01-01

Background Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions Our review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware. PMID:22829874

Arms Control and Nonproliferation: A Catalog of Treaties and Agreements

DTIC Science & Technology

2007-08-09

security and control over nuclear weapons and fissile materials. These projects provided Russia with bullet-proof Kevlar blankets, secure canisters ...U.S. security concerns. The United States and Soviet Union began to sign agreements limiting their strategic offensive nuclear weapons in the early...U.S.-Russian relationship. At the same time, however, the two sides began to cooperate on securing and eliminating Soviet-era nuclear , chemical, and

Digitally Controlled ’Programmable’ Active Filters.

DTIC Science & Technology

1985-12-01

Advisor: Sherif Michael Approved for public release; distribution is unlimited. U - ~ .%~ ~ % %’.4 ~ -. 4-. " %’ -. .4. z. . 4, ,4°*-4° -o - ’ SECURITY ...CLASSIFICATION O THI PAGE ff ,’- -""" REPORT DOCUMENTATION PAGE Ia REPORT SECURITY CLASSIFICATION lb. RESTRICTIVE MARKINGS 2a SECURITY CLASSIFICATION...ELEMENT NO. NO NO. ACCESSION NO. S 11 TITLE (Include Security ClassWfication) , DIGITALLY CONTROLLED "PROGRAMMABLE" ACTIVE FILTERS 1 PERSONAL AUTHOR

Tobacco control advocacy in Australia: reflections on 30 years of progress.

PubMed

Chapman, S; Wakefield, M

2001-06-01

Australia has one of the world's most successful records on tobacco control. The role of public health advocacy in securing public and political support for tobacco control legislation and policy and program support is widely acknowledged and enshrined in World Health Organization policy documents yet is seldom the subject of analysis in the public health policy research literature. Australian public health advocates tend to not work in settings where evaluation and systematic planning are valued. However, their day-to-day strategies reveal considerable method and grounding in framing theory. The nature of media advocacy is explored, with differences between the conceptualization of routine "programmatic" public health interventions and the modus operandi of media advocacy highlighted. Two case studies on securing smoke-free indoor air and banning all tobacco advertising are used to illustrate advocacy strategies that have been used in Australia. Finally, the argument that advocacy should emanate from communities and be driven by them is considered.

PLASMA-field barrier sentry (PFBS)

NASA Astrophysics Data System (ADS)

Gonzaga, Ernesto A.; Cossette, Harold James

2013-06-01

This paper describes the concept and method in designing and developing a unique security system apparatus that will counter unauthorized personnel: to deny access to or occupy an area or facility, to control or direct crowd or large groups, and to incapacitate individuals or small groups until they can be secured by military or law enforcement personnel. The system exploits Tesla coil technology. Application of basic engineering circuit analysis and principle is demonstrated. Transformation from classical spark gap method to modern solid state design was presented. The analysis shows how the optimum design can be implemented to maximize performance of the apparatus. Discussion of the hazardous effects of electrical elements to human physiological conditions was covered. This serves to define guidelines in implementing safety limits and precautions on the performance of the system. The project is strictly adhering towards non-lethal technologies and systems.

Application of advanced data collection and quality assurance methods in open prospective study - a case study of PONS project.

PubMed

Wawrzyniak, Zbigniew M; Paczesny, Daniel; Mańczuk, Marta; Zatoński, Witold A

2011-01-01

Large-scale epidemiologic studies can assess health indicators differentiating social groups and important health outcomes of the incidence and mortality of cancer, cardiovascular disease, and others, to establish a solid knowledgebase for the prevention management of premature morbidity and mortality causes. This study presents new advanced methods of data collection and data management systems with current data quality control and security to ensure high quality data assessment of health indicators in the large epidemiologic PONS study (The Polish-Norwegian Study). The material for experiment is the data management design of the large-scale population study in Poland (PONS) and the managed processes are applied into establishing a high quality and solid knowledge. The functional requirements of the PONS study data collection, supported by the advanced IT web-based methods, resulted in medical data of a high quality, data security, with quality data assessment, control process and evolution monitoring are fulfilled and shared by the IT system. Data from disparate and deployed sources of information are integrated into databases via software interfaces, and archived by a multi task secure server. The practical and implemented solution of modern advanced database technologies and remote software/hardware structure successfully supports the research of the big PONS study project. Development and implementation of follow-up control of the consistency and quality of data analysis and the processes of the PONS sub-databases have excellent measurement properties of data consistency of more than 99%. The project itself, by tailored hardware/software application, shows the positive impact of Quality Assurance (QA) on the quality of outcomes analysis results, effective data management within a shorter time. This efficiency ensures the quality of the epidemiological data and indicators of health by the elimination of common errors of research questionnaires and medical measurements.

33 CFR 101.405 - Maritime Security (MARSEC) Directives.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.405 Maritime... necessary to respond to a threat assessment or to a specific threat against the maritime elements of the...

Cyber Security Testing and Training Programs for Industrial Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Daniel Noyes

2012-03-01

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall securitymore » posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.« less

Taking Steps to Protect Against the Insider Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pope, Noah Gale; Williams, Martha; Lewis, Joel

2015-10-16

Research reactors are required (in accordance with the Safeguards Agreement between the State and the IAEA) to maintain a system of nuclear material accounting and control for reporting quantities of nuclear material received, shipped, and held on inventory. Enhancements to the existing accounting and control system can be made at little additional cost to the facility, and these enhancements can make nuclear material accounting and control useful for nuclear security. In particular, nuclear material accounting and control measures can be useful in protecting against an insider who is intent on unauthorized removal or misuse of nuclear material or misuse ofmore » equipment. An enhanced nuclear material accounting and control system that responds to nuclear security is described in NSS-25G, Use of Nuclear Material Accounting and Control for Nuclear Security Purposes at Facilities, which is scheduled for distribution by the IAEA Department of Nuclear Security later this year. Accounting and control measures that respond to the insider threat are also described in NSS-33, Establishing a System for Control of Nuclear Material for Nuclear Security Purposes at a Facility During Storage, Use and Movement, and in NSS-41, Preventive and Protective Measures against Insider Threats (originally issued as NSS-08), which are available in draft form. This paper describes enhancements to existing material control and accounting systems that are specific to research reactors, and shows how they are important to nuclear security and protecting against an insider.« less

A Network Access Control Framework for 6LoWPAN Networks

PubMed Central

Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

2013-01-01

Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

32 CFR 2700.42 - Responsibility for safeguarding classified information.

Code of Federal Regulations, 2010 CFR

2010-07-01

... responsibility. (b) Security and Top Secret Control Officers. The Director, OMSN, and the Status Liaison Officer, Saipan, are assigned specific security responsibilities as Security Officer and Top Secret Control Officer. (c) Handling. All documents bearing the terms “Top Secret,” “Secret” and “Confidential” shall be...

10 CFR 76.111 - Physical security, material control and accounting, and protection of certain information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... significance (Category III), and for protection of Restricted Data, National Security Information, Safeguards... 10 Energy 2 2010-01-01 2010-01-01 false Physical security, material control and accounting, and protection of certain information. 76.111 Section 76.111 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2013 CFR

2013-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2012 CFR

2012-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2011 CFR

2011-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2014 CFR

2014-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

33 CFR 106.260 - Security measures for access control.

Code of Federal Regulations, 2010 CFR

2010-07-01

... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES Outer Continental... unattended spaces that adjoin areas to which OCS facility personnel and visitors have access; (9) Ensure OCS...

Information Security and Integrity Systems

NASA Technical Reports Server (NTRS)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Improvement of economic security management system of municipalities with account of transportation system development: methods of assessment

NASA Astrophysics Data System (ADS)

Khe Sun, Pak; Vorona-Slivinskaya, Lubov; Voskresenskay, Elena

2017-10-01

The article highlights the necessity of a complex approach to assess economic security of municipalities, which would consider municipal management specifics. The approach allows comparing the economic security level of municipalities, but it does not describe parameter differences between compared municipalities. Therefore, there is a second method suggested: parameter rank order method. Applying these methods allowed to figure out the leaders and outsiders of the economic security among municipalities and rank all economic security parameters according to the significance level. Complex assessment of the economic security of municipalities, based on the combination of the two approaches, allowed to assess the security level more accurate. In order to assure economic security and equalize its threshold values, one should pay special attention to transportation system development in municipalities. Strategic aims of projects in the area of transportation infrastructure development in municipalities include the following issues: contribution into creating and elaborating transportation logistics and manufacture transport complexes, development of transportation infrastructure with account of internal and external functions of the region, public transport development, improvement of transport security and reducing its negative influence on the environment.

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

Information-Flow-Based Access Control for Web Browsers

NASA Astrophysics Data System (ADS)

Yoshihama, Sachiko; Tateishi, Takaaki; Tabuchi, Naoshi; Matsumoto, Tsutomu

The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.

Situated Usability Testing for Security Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.

2011-03-02

While usability testing is well established, assessing the usability of security software, tools, or methods deserves more careful consideration. It has been argued that dealing with security has become too difficult for individuals or organizations to manage effectively or to use conveniently. As difficult as it is for system administrators and developers to deal with, security is even more challenging for casual users. Indeed, it is much too easy for casual/home users to configure the security of their systems in non-optimal ways that leave their systems inadvertently insecure. This is exacerbated by the fact that casual users are focused onmore » matters other than security, and likely would prefer not even to think about security. This brief report argues that when security and/or privacy are part of the equation, traditional methods for usability testing should be re-considered. The purpose of this brief report is to argue for and outline a method associated with a new approach to usability testing for examining usable security issues.« less

Systematic, appropriate, and cost-effective application of security technologies in U.S. public schools to reduce crime, violence, and drugs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Green, M.W.

As problems of violence and crime become more prevalent in our schools (or at least the perception of their prevalence), more and more school districts will elect to use security technologies to control these problems. While the desired change in student and community attitudes will require significant systemic change through intense U.S. social programs, security technologies can greatly augment school staff today by providing services similar to having extra adults present. Technologies such as cameras, sensors, drug detection, biometric and personnel identification, lighting, barriers, weapon and explosives detection, anti-graffiti methods, and duress alarms can all be effective, given they aremore » used in appropriate applications, with realistic expectations and an understanding of limitations. Similar to a high-risk government facility, schools must consider a systems (`big picture`) approach to security, which includes the use of personnel and procedures as well as security technologies, such that the synergy created by all these elements together contributes more to the general `order maintenance` of the facility than could be achieved by separate measures not integrated or related.« less

India’s Emerging Security Strategy, Missile Defense, and Arms Control

DTIC Science & Technology

2004-06-01

and contemplate a security strategy. Starting in July 1998, a series of negotiations between Foreign Minister Jaswant Singh and US envoy Strobe...arms control.46 The Singh -Talbott discussions eventually led to the reaffirmation of civilian command-and-control and a doctrine of “minimum...Council (NSC), including Prime Minister Vajpayee, Minister of Foreign Affairs Singh , and Minister of Defense Fernandes, and appointed a National Security

Controlled Secure Direct Communication with Seven-Qubit Entangled States

NASA Astrophysics Data System (ADS)

Wang, Shu-Kai; Zha, Xin-Wei; Wu, Hao

2018-01-01

In this paper, a new controlled secure direct communication protocol based on a maximally seven-qubit entangled state is proposed. the outcomes of measurement is performed by the sender and the controller, the receiver can obtain different secret messages in a deterministic way with unit successful probability.In this scheme,by using entanglement swapping, no qubits carrying secret messages are transmitted.Therefore, the protocol is completely secure.

Building a Secure Library System.

ERIC Educational Resources Information Center

Benson, Allen C.

1998-01-01

Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

Crosstalk: The Journal of Defense Software Engineering. Volume 22, Number 3

DTIC Science & Technology

2009-04-01

international standard for information security management systems like ISO /IEC 27001 :2005 [1] existed. Since that time, the organization has developed control...of ISO /IEC 27001 and the desire to make decisions based on business value and risk has prompted Ford’s IT Security and Controls organi- zation to begin...their conventional application security operation.u References 1. ISO /IEC 27001 :2005. “Information Technology – Security Techniques – Information

How to implement security controls for an information security program at CBRN facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.

This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in anmore » easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.« less

Efficacy and Safety of Tension-Free Vaginal Tape-Secur Mini-Sling Versus Standard Midurethral Slings for Female Stress Urinary Incontinence: A Systematic Review and Meta-Analysis

PubMed Central

Wang, Tao; Zhang, Yong

2015-01-01

Purpose: To assess the efficacy and safety of tension-free vaginal tape (TVT)-Secur for stress urinary incontinence (SUI). Methods: A literature review was performed to identify all published trials of TVT-Secur. The search included the following databases: MEDLINE, Embase, and the Cochrane Controlled Trial Register. Results: Seventeen publications involving a total of 1,879 patients were used to compare TVT-Secur with tension-free obturator tape (TVT-O) and TVT. We found that TVT-Secur had significant reductions in operative time, visual analog score for pain, and postoperative complications compared with TVT-O. Even though TVT-Secur had a significantly lower subjective cure rate (P<0.00001), lower objective cure rate (P<0.00001), and higher intraoperative complication rate, compared with TVT-O at 1 to 3 years, there was no significant difference between TVT-Secur and TVT-O in the subjective cure rate (odds ratio [OR], 0.49; 95% confidence interval [CI], 0.22–1.08; P=0.08), objective cure rate (OR, 0.49; 95% CI, 0.22–1.09; P=0.08), or complications at 3 to 5 years. Moreover, TVT-Secur had significantly lower subjective and objective cure rates compared with TVT. Conclusions: This meta-analysis indicates that TVT-Secur did not show an inferior efficacy and safety compared with TVT-O for SUI in 3 to 5 years, even though displaying a clear tread toward a lower efficacy in 1 to 3 years. Considering that the safety is similar, there are no advantages in using TVT-Secur. PMID:26739179

Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

NASA Astrophysics Data System (ADS)

Fathirad, Iraj; Devlin, John; Jiang, Frank

2012-09-01

The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

Secure satellite communication using multi-photon tolerant quantum communication protocol

NASA Astrophysics Data System (ADS)

Darunkar, Bhagyashri; Punekar, Nikhil; Verma, Pramode K.

2015-09-01

This paper proposes and analyzes the potential of a multi-photon tolerant quantum communication protocol to secure satellite communication. For securing satellite communication, quantum cryptography is the only known unconditionally secure method. A number of recent experiments have shown feasibility of satellite-aided global quantum key distribution (QKD) using different methods such as: Use of entangled photon pairs, decoy state methods, and entanglement swapping. The use of single photon in these methods restricts the distance and speed over which quantum cryptography can be applied. Contemporary quantum cryptography protocols like the BB84 and its variants suffer from the limitation of reaching the distances of only Low Earth Orbit (LEO) at the data rates of few kilobits per second. This makes it impossible to develop a general satellite-based secure global communication network using the existing protocols. The method proposed in this paper allows secure communication at the heights of the Medium Earth Orbit (MEO) and Geosynchronous Earth Orbit (GEO) satellites. The benefits of the proposed method are two-fold: First it enables the realization of a secure global communication network based on satellites and second it provides unconditional security for satellite networks at GEO heights. The multi-photon approach discussed in this paper ameliorates the distance and speed issues associated with quantum cryptography through the use of contemporary laser communication (lasercom) devices. This approach can be seen as a step ahead towards global quantum communication.

Organization of the secure distributed computing based on multi-agent system

NASA Astrophysics Data System (ADS)

Khovanskov, Sergey; Rumyantsev, Konstantin; Khovanskova, Vera

2018-04-01

Nowadays developing methods for distributed computing is received much attention. One of the methods of distributed computing is using of multi-agent systems. The organization of distributed computing based on the conventional network computers can experience security threats performed by computational processes. Authors have developed the unified agent algorithm of control system of computing network nodes operation. Network PCs is used as computing nodes. The proposed multi-agent control system for the implementation of distributed computing allows in a short time to organize using of the processing power of computers any existing network to solve large-task by creating a distributed computing. Agents based on a computer network can: configure a distributed computing system; to distribute the computational load among computers operated agents; perform optimization distributed computing system according to the computing power of computers on the network. The number of computers connected to the network can be increased by connecting computers to the new computer system, which leads to an increase in overall processing power. Adding multi-agent system in the central agent increases the security of distributed computing. This organization of the distributed computing system reduces the problem solving time and increase fault tolerance (vitality) of computing processes in a changing computing environment (dynamic change of the number of computers on the network). Developed a multi-agent system detects cases of falsification of the results of a distributed system, which may lead to wrong decisions. In addition, the system checks and corrects wrong results.

CAS. Controlled Access Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Martinez, B.; Pomeroy, G.

1989-12-01

The Security Alarm System is a data acquisition and control system which collects data from intrusion sensors and displays the information in a real-time environment for operators. The Access Control System monitors and controls the movement of personnel with the use of card readers and biometrics hand readers.

IT Security Support for Spaceport Command and Control System

NASA Technical Reports Server (NTRS)

McLain, Jeffrey

2013-01-01

During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

5 CFR 1312.31 - Security violations.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Security violations. 1312.31 Section 1312..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified Information § 1312.31 Security violations. (a) A security violation notice is issued by the United...

6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

6. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO WEST. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

7. LAUNCH CONTROL SUPPORT BUILDING. INTERIOR OF SECURITY OFFICE. VIEW TO NORTH. - Minuteman III ICBM Launch Control Facility November-1, 1.5 miles North of New Raymer & State Highway 14, New Raymer, Weld County, CO

78 FR 12108 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-21

... rule proposal methods. The FOCUS Report was designed to eliminate the overlapping regulatory reports..., Washington, DC 20549-0213. Extension: Rule 17a-5; SEC File No. 270-155, OMB Control No. 3235-0123. Notice is... information provided for in Rule 17a-5 (17 CFR 240.17a- 5), under the Securities Exchange Act of 1934 (15 U.S...

76 FR 59241 - Foreign Futures and Options Contracts on a Non-Narrow-Based Security Index; Commission...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-26

... controls on trading; information and data relating to the index, including the design, computation and... futures contract raises novel or complex issues that require additional time for review, or if the foreign... composition, computation, or method of selection of component entities of an index referenced and defined in...

75 FR 5101 - Agency Information Collection Activities: Form I-590, Extension of a Currently Approved...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-01

... Classification as Refugee; OMB Control No. 1615- 0068. The Department of Homeland Security, U.S. Citizenship and... information collection. (2) Title of the Form/Collection: Registration for Classification as Refugee. (3... Households. Form I- 590 provides a uniform method for applicants to apply for refugee status and contains the...

Methods for Restoring Shape and Structure of Compressed Dehydrated Animal and Combination Products

DTIC Science & Technology

1974-09-01

controls. Meatballs showed sl ight deteriorat ion whil e the other foods scored between the extremely affected products. SECURITY CI.ASSI F ICATION...Basic Formulation of Seasoning Mix . ... ..• .•. Diced Chicken Evaluati on .. . . . .......... . . .•. Meatball Formul ation... Meatball Evaluation •..... . ....... . .. . .. . . ... Chicken and Rice Evaluati on ..... .. . .... ..• .• Chicken and Rice

Retinal identification based on an Improved Circular Gabor Filter and Scale Invariant Feature Transform.

PubMed

Meng, Xianjing; Yin, Yilong; Yang, Gongping; Xi, Xiaoming

2013-07-18

Retinal identification based on retinal vasculatures in the retina provides the most secure and accurate means of authentication among biometrics and has primarily been used in combination with access control systems at high security facilities. Recently, there has been much interest in retina identification. As digital retina images always suffer from deformations, the Scale Invariant Feature Transform (SIFT), which is known for its distinctiveness and invariance for scale and rotation, has been introduced to retinal based identification. However, some shortcomings like the difficulty of feature extraction and mismatching exist in SIFT-based identification. To solve these problems, a novel preprocessing method based on the Improved Circular Gabor Transform (ICGF) is proposed. After further processing by the iterated spatial anisotropic smooth method, the number of uninformative SIFT keypoints is decreased dramatically. Tested on the VARIA and eight simulated retina databases combining rotation and scaling, the developed method presents promising results and shows robustness to rotations and scale changes.

Retinal Identification Based on an Improved Circular Gabor Filter and Scale Invariant Feature Transform

PubMed Central

Meng, Xianjing; Yin, Yilong; Yang, Gongping; Xi, Xiaoming

2013-01-01

Retinal identification based on retinal vasculatures in the retina provides the most secure and accurate means of authentication among biometrics and has primarily been used in combination with access control systems at high security facilities. Recently, there has been much interest in retina identification. As digital retina images always suffer from deformations, the Scale Invariant Feature Transform (SIFT), which is known for its distinctiveness and invariance for scale and rotation, has been introduced to retinal based identification. However, some shortcomings like the difficulty of feature extraction and mismatching exist in SIFT-based identification. To solve these problems, a novel preprocessing method based on the Improved Circular Gabor Transform (ICGF) is proposed. After further processing by the iterated spatial anisotropic smooth method, the number of uninformative SIFT keypoints is decreased dramatically. Tested on the VARIA and eight simulated retina databases combining rotation and scaling, the developed method presents promising results and shows robustness to rotations and scale changes. PMID:23873409

"Glitch Logic" and Applications to Computing and Information Security

NASA Technical Reports Server (NTRS)

Stoica, Adrian; Katkoori, Srinivas

2009-01-01

This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

75 FR 14179 - Agency Information Collection Activities: Form I-9 CNMI; Revision to an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services [OMB Control No. 1615... Employment Eligibility Verification; OMB Control No. 1615- 0112. The Department of Homeland Security, U.S..., should be directed to the Department of Homeland Security (DHS), and to the Office of Management and...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2014 CFR

2014-10-01

... 48 Federal Acquisition Regulations System 6 2014-10-01 2014-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2012 CFR

2012-10-01

... 48 Federal Acquisition Regulations System 6 2012-10-01 2012-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2011 CFR

2011-10-01

... 48 Federal Acquisition Regulations System 6 2011-10-01 2011-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

48 CFR 1552.235-78 - Data Security for Toxic Substances Control Act Confidential Business Information (DEC 1997).

Code of Federal Regulations, 2013 CFR

2013-10-01

... 48 Federal Acquisition Regulations System 6 2013-10-01 2013-10-01 false Data Security for Toxic... Acquisition Regulations System ENVIRONMENTAL PROTECTION AGENCY CLAUSES AND FORMS SOLICITATION PROVISIONS AND CONTRACT CLAUSES Texts of Provisions and Clauses 1552.235-78 Data Security for Toxic Substances Control Act...

Healthcare chains - enabling application and data privacy controls for healthcare information systems.

PubMed

Omran, Esraa; Grandison, Tyrone; Abu Almaati, Shereef

2010-01-01

Healthcare applications that have access control, disclosure management and or privacy enforcement requirements may implement the respective solutions to these issues at the application level or at the database level or in both. Unfortunately, there are technical and non-technical factors that influence what can be done. In this paper we present a flexible, simple and novel approach to seamlessly imbuing current healthcare applications and their supporting infrastructure with security and privacy functionality, while being cognizant of these factors. This approach is called the Chain method. This paper will highlight the smaller design footprint, the increased ease of implementation and use of the Chain method, while demonstrating that it is as powerful and effective as traditional methods.

Constructive and destructive marital conflict, emotional security and children's prosocial behavior

PubMed Central

McCoy, Kathleen; Cummings, E. Mark; Davies, Patrick T.

2010-01-01

Background This study addresses the gaps in understanding the relationship between constructive and destructive marital conflict and children's prosocial behavior from a process-oriented perspective. Method Data were drawn from a three-wave study of 235 families with children ages 5–7 at wave 1. Relations between constructive and destructive marital conflict, children's emotional security, warm parenting and children's prosocial behavior were examined through the use of structural equation modeling. Results Even after controlling for prior levels of children's prosocial behavior at wave 1, children's emotional security acted as an intervening variable between both constructive and destructive marital conflict and children's prosocial behavior over time. Conclusions These findings advance the relationship between marital conflict and children's adjustment by focusing on children's prosocial behavior and highlight the need to further investigate the impact of positive dimensions of marital conflict on dimensions of children's positive social functioning. PMID:18673403

Secure self-calibrating quantum random-bit generator

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fiorentino, M.; Santori, C.; Spillane, S. M.

2007-03-15

Random-bit generators (RBGs) are key components of a variety of information processing applications ranging from simulations to cryptography. In particular, cryptographic systems require 'strong' RBGs that produce high-entropy bit sequences, but traditional software pseudo-RBGs have very low entropy content and therefore are relatively weak for cryptography. Hardware RBGs yield entropy from chaotic or quantum physical systems and therefore are expected to exhibit high entropy, but in current implementations their exact entropy content is unknown. Here we report a quantum random-bit generator (QRBG) that harvests entropy by measuring single-photon and entangled two-photon polarization states. We introduce and implement a quantum tomographicmore » method to measure a lower bound on the 'min-entropy' of the system, and we employ this value to distill a truly random-bit sequence. This approach is secure: even if an attacker takes control of the source of optical states, a secure random sequence can be distilled.« less

A Method of Signal Scrambling to Secure Data Storage for Healthcare Applications.

PubMed

Bao, Shu-Di; Chen, Meng; Yang, Guang-Zhong

2017-11-01

A body sensor network that consists of wearable and/or implantable biosensors has been an important front-end for collecting personal health records. It is expected that the full integration of outside-hospital personal health information and hospital electronic health records will further promote preventative health services as well as global health. However, the integration and sharing of health information is bound to bring with it security and privacy issues. With extensive development of healthcare applications, security and privacy issues are becoming increasingly important. This paper addresses the potential security risks of healthcare data in Internet-based applications and proposes a method of signal scrambling as an add-on security mechanism in the application layer for a variety of healthcare information, where a piece of tiny data is used to scramble healthcare records. The former is kept locally and the latter, along with security protection, is sent for cloud storage. The tiny data can be derived from a random number generator or even a piece of healthcare data, which makes the method more flexible. The computational complexity and security performance in terms of theoretical and experimental analysis has been investigated to demonstrate the efficiency and effectiveness of the proposed method. The proposed method is applicable to all kinds of data that require extra security protection within complex networks.

From Fault-Diagnosis and Performance Recovery of a Controlled System to Chaotic Secure Communication

NASA Astrophysics Data System (ADS)

Hsu, Wen-Teng; Tsai, Jason Sheng-Hong; Guo, Fang-Cheng; Guo, Shu-Mei; Shieh, Leang-San

Chaotic systems are often applied to encryption on secure communication, but they may not provide high-degree security. In order to improve the security of communication, chaotic systems may need to add other secure signals, but this may cause the system to diverge. In this paper, we redesign a communication scheme that could create secure communication with additional secure signals, and the proposed scheme could keep system convergence. First, we introduce the universal state-space adaptive observer-based fault diagnosis/estimator and the high-performance tracker for the sampled-data linear time-varying system with unanticipated decay factors in actuators/system states. Besides, robustness, convergence in the mean, and tracking ability are given in this paper. A residual generation scheme and a mechanism for auto-tuning switched gain is also presented, so that the introduced methodology is applicable for the fault detection and diagnosis (FDD) for actuator and state faults to yield a high tracking performance recovery. The evolutionary programming-based adaptive observer is then applied to the problem of secure communication. Whenever the tracker induces a large control input which might not conform to the input constraint of some physical systems, the proposed modified linear quadratic optimal tracker (LQT) can effectively restrict the control input within the specified constraint interval, under the acceptable tracking performance. The effectiveness of the proposed design methodology is illustrated through tracking control simulation examples.

Security and SCADA protocols

DOE Office of Scientific and Technical Information (OSTI.GOV)

Igure, V. M.; Williams, R. D.

2006-07-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview ofmore » security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)« less

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

Development of quantitative security optimization approach for the picture archives and carrying system between a clinic and a rehabilitation center

NASA Astrophysics Data System (ADS)

Haneda, Kiyofumi; Kajima, Toshio; Koyama, Tadashi; Muranaka, Hiroyuki; Dojo, Hirofumi; Aratani, Yasuhiko

2002-05-01

The target of our study is to analyze the level of necessary security requirements, to search for suitable security measures and to optimize security distribution to every portion of the medical practice. Quantitative expression must be introduced to our study, if possible, to enable simplified follow-up security procedures and easy evaluation of security outcomes or results. Using fault tree analysis (FTA), system analysis showed that system elements subdivided into groups by details result in a much more accurate analysis. Such subdivided composition factors greatly depend on behavior of staff, interactive terminal devices, kinds of services provided, and network routes. Security measures were then implemented based on the analysis results. In conclusion, we identified the methods needed to determine the required level of security and proposed security measures for each medical information system, and the basic events and combinations of events that comprise the threat composition factors. Methods for identifying suitable security measures were found and implemented. Risk factors for each basic event, a number of elements for each composition factor, and potential security measures were found. Methods to optimize the security measures for each medical information system were proposed, developing the most efficient distribution of risk factors for basic events.

75 FR 73117 - New Agency Information Collection Activity Under OMB Review: Pipeline Corporate Security Review

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-29

... Collection Activity Under OMB Review: Pipeline Corporate Security Review AGENCY: Transportation Security.... Information Collection Requirement Title: Pipeline Corporate Security Review (PCSR). Type of Request: New collection. OMB Control Number: Not yet assigned. Form(s): Pipeline Corporate Security Review (PCSR) Protocol...

Regulation of Split Linear Systems Over Rings: Coefficient-Assignment and Observers,

DTIC Science & Technology

1980-02-22

we give for the first time , a method to obtain an observer for a finite -free strongly observable The K-linear map irQ is defined as system 5" ( F. G...NAME a ADORESS~if dif!ttrent from Controlling Office) IS1 SECURITY CLASS . (of this report) SIS.. DE CL ASSI ’I CATION/ODOWNGRADING SCHEDULE 16...Entered) IEEE rRANSACTIONS ON AUTOMATIC CONTROL . VOL. Ac-27 . No. 1. FEaRUAay 1982 Regutlation of Split Linear Systems Over Rings: Coefficient

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1984-01-01

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

When Too Much Is Not Enough: Obsessive-Compulsive Disorder as a Pathology of Stopping, Rather than Starting

PubMed Central

Hinds, Andrea L.; Woody, Erik Z.; Van Ameringen, Michael; Schmidt, Louis A.; Szechtman, Henry

2012-01-01

Background In obsessive-compulsive disorder (OCD), individuals feel compelled to repeatedly perform security-related behaviors, even though these behaviours seem excessive and unwarranted to them. The present research investigated two alternative ways of explaining such behavior: (1) a dysfunction of activation—a starting problem—in which the level of excitation in response to stimuli suggesting potential danger is abnormally strong; versus (2) a dysfunction of termination—a stopping problem—in which the satiety-like process for shutting down security-related thoughts and actions is abnormally weak. Method In two experiments, 70 patients with OCD (57 with washing compulsions, 13 with checking compulsions) and 72 controls were exposed to contamination cues—immersing a hand in wet diapers —and later allowed to wash their hands, first limited to 30 s and then for as long as desired. The intensity of activation of security motivation was measured objectively by change in respiratory sinus arrythmia. Subjective ratings (e.g., contamination) and behavioral measures (e.g., duration of hand washing) were also collected. Results Compared to controls, OCD patients with washing compulsions did not differ significantly in their levels of initial activation to the threat of contamination; however, they were significantly less able to reduce this activation by engaging in the corrective behavior of hand-washing. Further, the deactivating effect of hand-washing in OCD patients with checking compulsions was similar to that for controls, indicating that the dysfunction of termination in OCD is specific to the patient's symptom profile. Conclusions These results are the first to show that OCD is characterized by a reduced ability of security-related behavior to terminate motivation evoked by potential danger, rather than a heightened initial sensitivity to potential threat. They lend support to the security-motivation theory of OCD (Szechtman & Woody, 2004) and have important implications both for research into the biological mechanisms underlying OCD and for the development of new treatment approaches. PMID:22291994

Security of medical multimedia.

PubMed

Tzelepi, S; Pangalos, G; Nikolacopoulou, G

2002-09-01

The application of information technology to health care has generated growing concern about the privacy and security of medical information. Furthermore, data and communication security requirements in the field of multimedia are higher. In this paper we describe firstly the most important security requirements that must be fulfilled by multimedia medical data, and the security measures used to satisfy these requirements. These security measures are based mainly on modern cryptographic and watermarking mechanisms as well as on security infrastructures. The objective of our work is to complete this picture, exploiting the capabilities of multimedia medical data to define and implement an authorization model for regulating access to the data. In this paper we describe an extended role-based access control model by considering, within the specification of the role-permission relationship phase, the constraints that must be satisfied in order for the holders of the permission to use those permissions. The use of constraints allows role-based access control to be tailored to specifiy very fine-grained and flexible content-, context- and time-based access control policies. Other restrictions, such as role entry restriction also can be captured. Finally, the description of system architecture for a secure DBMS is presented.

A security vulnerabilities assessment tool for interim storage facilities of low-level radioactive wastes.

PubMed

Bible, J; Emery, R J; Williams, T; Wang, S

2006-11-01

Limited permanent low-level radioactive waste (LLRW) disposal capacity and correspondingly high disposal costs have resulted in the creation of numerous interim storage facilities for either decay-in-storage operations or longer term accumulation efforts. These facilities, which may be near the site of waste generation or in distal locations, often were not originally designed for the purpose of LLRW storage, particularly with regard to security. Facility security has become particularly important in light of the domestic terrorist acts of 2001, wherein LLRW, along with many other sources of radioactivity, became recognized commodities to those wishing to create disruption through the purposeful dissemination of radioactive materials. Since some LLRW materials may be in facilities that may exhibit varying degrees of security control sophistication, a security vulnerabilities assessment tool grounded in accepted criminal justice theory and security practice has been developed. The tool, which includes dedicated sections on general security, target hardening, criminalization benefits, and the presence of guardians, can be used by those not formally schooled in the security profession to assess the level of protection afforded to their respective facilities. The tool equips radiation safety practitioners with the ability to methodically and systematically assess the presence or relative status of various facility security aspects, many of which may not be considered by individuals from outside the security profession. For example, radiation safety professionals might not ordinarily consider facility lighting aspects, which is a staple for the security profession since it is widely known that crime disproportionately occurs more frequently at night or in poorly lit circumstances. Likewise, the means and associated time dimensions for detecting inventory discrepancies may not be commonly considered. The tool provides a simple means for radiation safety professionals to assess, and perhaps enhance in a reasonable fashion, the security of their interim storage operations. Aspects of the assessment tool can also be applied to other activities involving the protection of sources of radiation as well.

SNAP-Ed (Supplemental Nutrition Assistance Program-Education) Increases Long-Term Food Security among Indiana Households with Children in a Randomized Controlled Study.

PubMed

Rivera, Rebecca L; Maulding, Melissa K; Abbott, Angela R; Craig, Bruce A; Eicher-Miller, Heather A

2016-11-01

Food insecurity is negatively associated with US children's dietary intake and health. The Supplemental Nutrition Assistance Program-Education (SNAP-Ed) aims to alleviate food insecurity by offering nutrition, budgeting, and healthy lifestyle education to low-income individuals and families. The objective of this study was to evaluate the long-term impact of the Indiana SNAP-Ed on food security among households with children. A randomized, controlled, parallel study design with SNAP-Ed as an intervention was carried out during a 4- to 10-wk intervention period. Intervention group participants received the first 4 Indiana SNAP-Ed curriculum lessons. Study participants (n = 575) were adults aged ≥18 y from low-income Indiana households with ≥1 child living in the household. Both treatment groups completed an assessment before and after the intervention period and 1 y after recruitment. The 18-item US Household Food Security Survey Module was used to classify the primary outcomes of food security for the household and adults and children in the household. A linear mixed model was used to compare intervention with control group effects over time on food security. Mean ± SEM changes in household food security score and food security score among household adults from baseline to 1-y follow-up were 1.2 ± 0.4 and 0.9 ± 0.3 units lower, respectively, in the intervention group than in the control group (P < 0.01). The mean change in food security score from baseline to 1-y follow-up among household children was not significantly different in the intervention group compared with the control group. SNAP-Ed improved food security over a longitudinal time frame among low-income Indiana households with children in this study. SNAP-Ed may be a successful intervention to improve food security. © 2016 American Society for Nutrition.

Process Security in Chemical Engineering Education

ERIC Educational Resources Information Center

Piluso, Cristina; Uygun, Korkut; Huang, Yinlun; Lou, Helen H.

2005-01-01

The threats of terrorism have greatly alerted the chemical process industries to assure plant security at all levels: infrastructure-improvement-focused physical security, information-protection-focused cyber security, and design-and-operation-improvement-focused process security. While developing effective plant security methods and technologies…

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted Data...

10 CFR 95.49 - Security of automatic data processing (ADP) systems.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security of automatic data processing (ADP) systems. 95.49 Section 95.49 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.49 Security of...

7 CFR 274.11 - Issuance and inventory record retention, and forms security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... processed within the State agency. The State agency shall use numbers, batching, inventory control logs, or...) Secure storage; (iii) Access limited to authorized personnel; (iv) Bulk inventory control records; (v... validation of inventory controls and records by parties not otherwise involved in maintaining control records...

12 CFR 1204.8 - How are records secured?

Code of Federal Regulations, 2010 CFR

2010-01-01

... § 1204.8 How are records secured? (a) What controls must FHFA have in place? Each FHFA office must establish administrative and physical controls to prevent unauthorized access to its systems of records... stringency of these controls should correspond to the sensitivity of the records that the controls protect...

Digital watermarking for secure and adaptive teleconferencing

NASA Astrophysics Data System (ADS)

Vorbrueggen, Jan C.; Thorwirth, Niels

2002-04-01

The EC-sponsored project ANDROID aims to develop a management system for secure active networks. Active network means allowing the network's customers to execute code (Java-based so-called proxylets) on parts of the network infrastructure. Secure means that the network operator nonetheless retains full control over the network and its resources, and that proxylets use ANDROID-developed facilities to provide secure applications. Management is based on policies and allows autonomous, distributed decisions and actions to be taken. Proxylets interface with the system via policies; among actions they can take is controlling execution of other proxylets or redirection of network traffic. Secure teleconferencing is used as the application to demonstrate the approach's advantages. A way to control a teleconference's data streams is to use digital watermarking of the video, audio and/or shared-whiteboard streams, providing an imperceptible and inseparable side channel that delivers information from originating or intermediate stations to downstream stations. Depending on the information carried by the watermark, these stations can take many different actions. Examples are forwarding decisions based on security classifications (possibly time-varying) at security boundaries, set-up and tear-down of virtual private networks, intelligent and adaptive transcoding, recorder or playback control (e.g., speaking off the record), copyright protection, and sender authentication.

Fatigue Behavior of a Cross-Ply Metal Matrix Composite at Elevated Temperature Under Strain Controlled Mode.

DTIC Science & Technology

1994-12-01

1991. 114 22. Nimmer, R. P. et al. "Fiber Array Geometry Effects Upon Composite Transverse Tensile Behavior," Titanium Aluminide Composites. February... Titanium , Silicon Carbide, Strain Control Mode 17. SECURITY CLASSIFICATION I18. SECURITY CLASSIFICATION 19. SECURITY CLASSIFIKATION 20. LIMITATION OF...ends. Boyum was the first to examine fully reversed (R=-l) fatigue of a titanium composite under the load control mode, at both room and elevated

Evaluation of Secure Computation in a Distributed Healthcare Setting.

PubMed

Kimura, Eizen; Hamada, Koki; Kikuchi, Ryo; Chida, Koji; Okamoto, Kazuya; Manabe, Shirou; Kuroda, Tomohiko; Matsumura, Yasushi; Takeda, Toshihiro; Mihara, Naoki

2016-01-01

Issues related to ensuring patient privacy and data ownership in clinical repositories prevent the growth of translational research. Previous studies have used an aggregator agent to obscure clinical repositories from the data user, and to ensure the privacy of output using statistical disclosure control. However, there remain several issues that must be considered. One such issue is that a data breach may occur when multiple nodes conspire. Another is that the agent may eavesdrop on or leak a user's queries and their results. We have implemented a secure computing method so that the data used by each party can be kept confidential even if all of the other parties conspire to crack the data. We deployed our implementation at three geographically distributed nodes connected to a high-speed layer two network. The performance of our method, with respect to processing times, suggests suitability for practical use.

17 CFR 240.17Ad-13 - Annual study and evaluation of internal accounting control.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Annual study and evaluation of internal accounting control. 240.17Ad-13 Section 240.17Ad-13 Commodity and Securities Exchanges SECURITIES... System, the Office of the Comptroller of the Currency or the Federal Deposit Insurance Corporation...

A decision tree-based on-line preventive control strategy for power system transient instability prevention

NASA Astrophysics Data System (ADS)

Xu, Yan; Dong, Zhao Yang; Zhang, Rui; Wong, Kit Po

2014-02-01

Maintaining transient stability is a basic requirement for secure power system operations. Preventive control deals with modifying the system operating point to withstand probable contingencies. In this article, a decision tree (DT)-based on-line preventive control strategy is proposed for transient instability prevention of power systems. Given a stability database, a distance-based feature estimation algorithm is first applied to identify the critical generators, which are then used as features to develop a DT. By interpreting the splitting rules of DT, preventive control is realised by formulating the rules in a standard optimal power flow model and solving it. The proposed method is transparent in control mechanism, on-line computation compatible and convenient to deal with multi-contingency. The effectiveness and efficiency of the method has been verified on New England 10-machine 39-bus test system.

H∞ robust fault-tolerant controller design for an autonomous underwater vehicle's navigation control system

NASA Astrophysics Data System (ADS)

Cheng, Xiang-Qin; Qu, Jing-Yuan; Yan, Zhe-Ping; Bian, Xin-Qian

2010-03-01

In order to improve the security and reliability for autonomous underwater vehicle (AUV) navigation, an H∞ robust fault-tolerant controller was designed after analyzing variations in state-feedback gain. Operating conditions and the design method were then analyzed so that the control problem could be expressed as a mathematical optimization problem. This permitted the use of linear matrix inequalities (LMI) to solve for the H∞ controller for the system. When considering different actuator failures, these conditions were then also mathematically expressed, allowing the H∞ robust controller to solve for these events and thus be fault-tolerant. Finally, simulation results showed that the H∞ robust fault-tolerant controller could provide precise AUV navigation control with strong robustness.

Information Security Risk Assessment in Hospitals.

PubMed

Ayatollahi, Haleh; Shagerdi, Ghazal

2017-01-01

To date, many efforts have been made to classify information security threats, especially in the healthcare area. However, there are still many unknown risks which may threat the security of health information and their resources especially in the hospitals. The aim of this study was to assess the risks threatening information security in the hospitals located in one of the northwest cities of Iran. This study was completed in 2014. The participants were information technology managers who worked in the hospitals (n=27). The research instrument was a questionnaire composed of a number of open and closed questions. The content validity of the questionnaire was confirmed, and the reliability of the closed questions was measured by using the test-retest method (r =0.78). The results showed that among the information security risks, fire found to be a high probability/high impact risk factor. Human and physical/environmental threats were among the low probability risk factors. Regarding the information security safeguards used in the hospitals, the results showed that the use of the technical safeguards was the most frequent one (n =22, 91.7%) compared to the administrative (n =21, 87.5%) and the physical safeguards (n =16, 66.7%). The high probability risk factors require quick corrective actions to be taken. Therefore, the underlying causes of such threats should be identified and controlled before experiencing adverse effects. It is also important to note that information security in health care systems needs to be considered at a macro level with respect to the national interests and policies.

FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption

PubMed Central

2015-01-01

Background The increasing availability of genome data motivates massive research studies in personalized treatment and precision medicine. Public cloud services provide a flexible way to mitigate the storage and computation burden in conducting genome-wide association studies (GWAS). However, data privacy has been widely concerned when sharing the sensitive information in a cloud environment. Methods We presented a novel framework (FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption) to fully outsource GWAS (i.e., chi-square statistic computation) using homomorphic encryption. The proposed framework enables secure divisions over encrypted data. We introduced two division protocols (i.e., secure errorless division and secure approximation division) with a trade-off between complexity and accuracy in computing chi-square statistics. Results The proposed framework was evaluated for the task of chi-square statistic computation with two case-control datasets from the 2015 iDASH genome privacy protection challenge. Experimental results show that the performance of FORESEE can be significantly improved through algorithmic optimization and parallel computation. Remarkably, the secure approximation division provides significant performance gain, but without missing any significance SNPs in the chi-square association test using the aforementioned datasets. Conclusions Unlike many existing HME based studies, in which final results need to be computed by the data owner due to the lack of the secure division operation, the proposed FORESEE framework support complete outsourcing to the cloud and output the final encrypted chi-square statistics. PMID:26733391

DOE Office of Scientific and Technical Information (OSTI.GOV)

Witzke, Edward L.

In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process,more » this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.« less

Dual-Level Security based Cyclic18 Steganographic Method and its Application for Secure Transmission of Keyframes during Wireless Capsule Endoscopy.

PubMed

Muhammad, Khan; Sajjad, Muhammad; Baik, Sung Wook

2016-05-01

In this paper, the problem of secure transmission of sensitive contents over the public network Internet is addressed by proposing a novel data hiding method in encrypted images with dual-level security. The secret information is divided into three blocks using a specific pattern, followed by an encryption mechanism based on the three-level encryption algorithm (TLEA). The input image is scrambled using a secret key, and the encrypted sub-message blocks are then embedded in the scrambled image by cyclic18 least significant bit (LSB) substitution method, utilizing LSBs and intermediate LSB planes. Furthermore, the cover image and its planes are rotated at different angles using a secret key prior to embedding, deceiving the attacker during data extraction. The usage of message blocks division, TLEA, image scrambling, and the cyclic18 LSB method results in an advanced security system, maintaining the visual transparency of resultant images and increasing the security of embedded data. In addition, employing various secret keys for image scrambling, data encryption, and data hiding using the cyclic18 LSB method makes the data recovery comparatively more challenging for attackers. Experimental results not only validate the effectiveness of the proposed framework in terms of visual quality and security compared to other state-of-the-art methods, but also suggest its feasibility for secure transmission of diagnostically important keyframes to healthcare centers and gastroenterologists during wireless capsule endoscopy.

IT Security Support for the Spaceport Command Control System Development

NASA Technical Reports Server (NTRS)

Varise, Brian

2014-01-01

My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

An E-Hospital Security Architecture

NASA Astrophysics Data System (ADS)

Tian, Fang; Adams, Carlisle

In this paper, we introduce how to use cryptography in network security and access control of an e-hospital. We first define the security goal of the e-hospital system, and then we analyze the current application system. Our idea is proposed on the system analysis and the related regulations of patients' privacy protection. The security of the whole application system is strengthened through layered security protection. Three security domains in the e-hospital system are defined according to their sensitivity level, and for each domain, we propose different security protections. We use identity based cryptography to establish secure communication channel in the backbone network and policy based cryptography to establish secure communication channel between end users and the backbone network. We also use policy based cryptography in the access control of the application system. We use a symmetric key cryptography to protect the real data in the database. The identity based and policy based cryptography are all based on elliptic curve cryptography—a public key cryptography.

Delivery Path Length and Holding Tree Minimization Method of Securities Delivery among the Registration Agencies Connected as Non-Tree

NASA Astrophysics Data System (ADS)

Shimamura, Atsushi; Moritsu, Toshiyuki; Someya, Harushi

To dematerialize the securities such as stocks or cooporate bonds, the securities were registered to account in the registration agencies which were connected as tree. This tree structure had the advantage in the management of the securities those were issued large amount and number of brands of securities were limited. But when the securities such as account receivables or advance notes are dematerialized, number of brands of the securities increases extremely. In this case, the management of securities with tree structure becomes very difficult because of the concentration of information to root of the tree. To resolve this problem, using the graph structure is assumed instead of the tree structure. When the securities are kept with tree structure, the delivery path of securities is unique, but when securities are kept with graph structure, path of delivery is not unique. In this report, we describe the requirement of the delivery path of securities, and we describe selecting method of the path.

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2012 CFR

2012-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2013 CFR

2013-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2011 CFR

2011-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

5 CFR 1312.22 - Responsibilities.

Code of Federal Regulations, 2014 CFR

2014-01-01

... computer systems meeting the appropriate security criteria. (a) EOP Security Officer. In cooperation with..., DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of Classified... duty by employees will do much to ensure the adequate security of classified information in the...

A Model Based Security Testing Method for Protocol Implementation

PubMed Central

Fu, Yu Long; Xin, Xiao Long

2014-01-01

The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation. PMID:25105163

A model based security testing method for protocol implementation.

PubMed

Fu, Yu Long; Xin, Xiao Long

2014-01-01

The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation.

Credit BG. Northeast and northwest facades of Building 4496 (Security ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

Credit BG. Northeast and northwest facades of Building 4496 (Security Facility) as seen when looking south (178°) from entrance to secured area. The Control Tower (Building 4500) appears in background. The Security Facility is part of the secured Building 4505 complex - Edwards Air Force Base, North Base, Security Facility, Northeast of A Street, Boron, Kern County, CA

Increasing security in inter-chip communication

DOE Office of Scientific and Technical Information (OSTI.GOV)

Edwards, Nathan J.; Hamlet, Jason; Bauer, Todd

An apparatus for increasing security in inter-chip communication includes a sending control module, a communication bus, and a receiving control module. The communication bus is coupled between the sending control module and the receiving control module. The sending control module operates to send data on the communication bus, disable the communication bus when threats are detected, or both.

Increasing security in inter-chip communication

DOEpatents

Edwards, Nathan J; Hamlet, Jason; Bauer, Todd; Helinski, Ryan

2014-10-28

An apparatus for increasing security in inter-chip communication includes a sending control module, a communication bus, and a receiving control module. The communication bus is coupled between the sending control module and the receiving control module. The sending control module operates to send data on the communication bus, disable the communication bus when threats are detected, or both.

Security-Enhanced Push Button Configuration for Home Smart Control.

PubMed

Han, Junghee; Park, Taejoon

2017-06-08

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment.

Security-Enhanced Push Button Configuration for Home Smart Control †

PubMed Central

Han, Junghee; Park, Taejoon

2017-01-01

With the emergence of smart and converged home services, the need for the secure and easy interplay of various devices has been increased. Push Button Configuration (PBC) is one of the technologies proposed for easy set-up of a secure session between IT and consumer devices. Although the Wi-Fi Direct specification explicitly states that all devices must support the PBC method, its applicability is very limited. This is because the security vulnerability of PBC can be maliciously exploited so that attackers can make illegitimate sessions with consumer devices. To address this problem, this paper proposes a novel Security-enhanced PBC (SePBC) scheme with which we can uncover suspicious or malicious devices. The proposed mechanism has several unique features. First, we develop a secure handshake distance measurement protocol by preventing an adversary sitting outside the region from maliciously manipulating its distance to be fake. Second, it is compatible with the original Wi-Fi PBC without introducing a brand-new methodology. Finally, SePBC uses lightweight operations without CPU-intensive cryptography computation and employs inexpensive H/W. Moreover, it needs to incur little overhead when there is no attack. This paper also designs and implements the proposed SePBC in the real world. Our experimental results and analysis show that the proposed SePBC scheme effectively defeats attacks on PBC while minimizing the modification of the original PBC equipment. PMID:28594370

A systematic review of studies of web portals for patients with diabetes mellitus.

PubMed

Coughlin, Steven S; Williams, Lovoria B; Hatzigeorgiou, Christos

2017-01-01

Patient web portals are password-protected online websites that offer patients 24-hour access to personal health information from anywhere with an Internet connection. Due to advances in health information technologies, there has been increasing interest among providers and researchers in patient web portals for use by patients with diabetes and other chronic conditions. This article, which is based upon bibliographic searches in PubMed, reviews web portals for patients with diabetes mellitus including patient web portals tethered to electronic medical records and web portals developed specifically for patients with diabetes. Twelve studies of the impact of patient web portals on the management of diabetes patients were identified. Three had a cross-sectional design, 1 employed mixed-methods, one had a matched-control design, 3 had a retrospective cohort design, and 5 were randomized controlled trials. Six (50%) of the studies examined web portals tethered to electronic medical records and the remainder were web portals developed specifically for diabetes patients. The results of this review suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control. However, results from observational studies indicate that many diabetic patients do not take advantage of web portal features such as secure messaging, perhaps because of a lack of internet access or lack of experience in navigating web portal resources. Although results from randomized controlled trials provide stronger evidence of the efficacy of web portal use in improving glycemic control among diabetic patients, the number of trials is small and results from the trials have been mixed. Studies suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control, but negative findings have also been reported. The number of randomized controlled trials that have examined the efficacy of web portal use in improving glycemic control among diabetic patients is still small. Additional research is needed to identify specific portal features that may impact quality of care or improve glycemic control.

A systematic review of studies of web portals for patients with diabetes mellitus

PubMed Central

Williams, Lovoria B.; Hatzigeorgiou, Christos

2017-01-01

Patient web portals are password-protected online websites that offer patients 24-hour access to personal health information from anywhere with an Internet connection. Due to advances in health information technologies, there has been increasing interest among providers and researchers in patient web portals for use by patients with diabetes and other chronic conditions. This article, which is based upon bibliographic searches in PubMed, reviews web portals for patients with diabetes mellitus including patient web portals tethered to electronic medical records and web portals developed specifically for patients with diabetes. Twelve studies of the impact of patient web portals on the management of diabetes patients were identified. Three had a cross-sectional design, 1 employed mixed-methods, one had a matched-control design, 3 had a retrospective cohort design, and 5 were randomized controlled trials. Six (50%) of the studies examined web portals tethered to electronic medical records and the remainder were web portals developed specifically for diabetes patients. The results of this review suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control. However, results from observational studies indicate that many diabetic patients do not take advantage of web portal features such as secure messaging, perhaps because of a lack of internet access or lack of experience in navigating web portal resources. Although results from randomized controlled trials provide stronger evidence of the efficacy of web portal use in improving glycemic control among diabetic patients, the number of trials is small and results from the trials have been mixed. Studies suggest that secure messaging between adult diabetic patients and their clinician is associated with improved glycemic control, but negative findings have also been reported. The number of randomized controlled trials that have examined the efficacy of web portal use in improving glycemic control among diabetic patients is still small. Additional research is needed to identify specific portal features that may impact quality of care or improve glycemic control. PMID:28736732

INcreasing Security and Protection through Infrastructure REsilience: The INSPIRE Project

NASA Astrophysics Data System (ADS)

D'Antonio, Salvatore; Romano, Luigi; Khelil, Abdelmajid; Suri, Neeraj

The INSPIRE project aims at enhancing the European potential in the field of security by ensuring the protection of critical information infrastructures through (a) the identification of their vulnerabilities and (b) the development of innovative techniques for securing networked process control systems. To increase the resilience of such systems INSPIRE will develop traffic engineering algorithms, diagnostic processes and self-reconfigurable architectures along with recovery techniques. Hence, the core idea of the INSPIRE project is to protect critical information infrastructures by appropriately configuring, managing, and securing the communication network which interconnects the distributed control systems. A working prototype will be implemented as a final demonstrator of selected scenarios. Controls/Communication Experts will support project partners in the validation and demonstration activities. INSPIRE will also contribute to standardization process in order to foster multi-operator interoperability and coordinated strategies for securing lifeline systems.

Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments.

PubMed

Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

2016-12-01

The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments.

Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments

PubMed Central

Lee, Jaeseung; Sung, Yunsick; Park, Jong Hyuk

2016-01-01

The Internet of Things (IoT) is the intelligent technologies and services that mutually communicate information between humans and devices or between Internet-based devices. In IoT environments, various device information is collected from the user for intelligent technologies and services that control the devices. Recently, wireless sensor networks based on IoT environments are being used in sectors as diverse as medicine, the military, and commerce. Specifically, sensor techniques that collect relevant area data via mini-sensors after distributing smart dust in inaccessible areas like forests or military zones have been embraced as the future of information technology. IoT environments that utilize smart dust are composed of the sensor nodes that detect data using wireless sensors and transmit the detected data to middle nodes. Currently, since the sensors used in these environments are composed of mini-hardware, they have limited memory, processing power, and energy, and a variety of research that aims to make the best use of these limited resources is progressing. This paper proposes a method to utilize these resources while considering energy efficiency, and suggests lightweight mutual verification and key exchange methods based on a hash function that has no restrictions on operation quantity, velocity, and storage space. This study verifies the security and energy efficiency of this method through security analysis and function evaluation, comparing with existing approaches. The proposed method has great value in its applicability as a lightweight security technology for IoT environments. PMID:27916962

5 CFR 1312.31 - Security violations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... States Secret Service when an office/division fails to properly secure classified information. Upon... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Security violations. 1312.31 Section 1312..., DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Control and Accountability of...

49 CFR 1580.107 - Chain of custody and control requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... businesses, housing, schools, and hospitals. (4) Any information regarding threats to the facility. (5) Other...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY MARITIME AND LAND TRANSPORTATION SECURITY RAIL TRANSPORTATION SECURITY Freight Rail Including Freight Railroad Carriers, Rail Hazardous Materials...

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2007-01-01

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

Fast Video Encryption Using the H.264 Error Propagation Property for Smart Mobile Devices

PubMed Central

Chung, Yongwha; Lee, Sungju; Jeon, Taewoong; Park, Daihee

2015-01-01

In transmitting video data securely over Video Sensor Networks (VSNs), since mobile handheld devices have limited resources in terms of processor clock speed and battery size, it is necessary to develop an efficient method to encrypt video data to meet the increasing demand for secure connections. Selective encryption methods can reduce the amount of computation needed while satisfying high-level security requirements. This is achieved by selecting an important part of the video data and encrypting it. In this paper, to ensure format compliance and security, we propose a special encryption method for H.264, which encrypts only the DC/ACs of I-macroblocks and the motion vectors of P-macroblocks. In particular, the proposed new selective encryption method exploits the error propagation property in an H.264 decoder and improves the collective performance by analyzing the tradeoff between the visual security level and the processing speed compared to typical selective encryption methods (i.e., I-frame, P-frame encryption, and combined I-/P-frame encryption). Experimental results show that the proposed method can significantly reduce the encryption workload without any significant degradation of visual security. PMID:25850068

76 FR 35275 - Export Control Reform Initiative: Strategic Trade Authorization License Exception

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-16

.... The Export Control Reform Initiative is designed to enhance U.S. national security and strengthen the... Security 15 CFR Parts 732, 738, 740, et al. Export Control Reform Initiative: Strategic Trade Authorization... Parts 732, 738, 740, 743, and 774 [Docket No. 100923470-1230-03] RIN 0694-AF03 Export Control Reform...

27 CFR 73.12 - What security controls must I use for identification codes and passwords?

Code of Federal Regulations, 2010 CFR

2010-04-01

... 27 Alcohol, Tobacco Products and Firearms 2 2010-04-01 2010-04-01 false What security controls... controls must I use for identification codes and passwords? If you use electronic signatures based upon use of identification codes in combination with passwords, you must employ controls to ensure their...

International Terrorism and Transnational Crime: Security Threats, U.S. Policy, and Considerations for Congress

DTIC Science & Technology

2010-01-05

Research, 2009. 219 See for example Michael Jacobson and Matthew Levitt, “ Follow the Money ,” Los Angeles Times, December 23, 2008. 220 See for example...R. T. Naylor, “Wash-Out: A Critique of Follow - the - Money Methods in Crime Control Policy,” Crime, Law, and Social Change, Vol. 32, 1999, pp. 1-57

Aquatic Plant Control Research Program. Moneoecious hydrilla in the Potomac River.

DTIC Science & Technology

1985-08-01

0 19 14 3 I K N Mode of Action: 1 . Inhibits carotenoid synthesis (McCowen et al. 1979). 2. Promotes chlorophyll degradation due to carotenoid loss...Unclassified SECURITY CLASSIFICATION OF THIS PAGE (henm Date Entered) r. 1 4...biological, mechanical/physical, and chemical (Table 1 ). These methods were reviewed with consideration for their specific applicability, including

Mechanical code comparator

DOEpatents

Peter, Frank J.; Dalton, Larry J.; Plummer, David W.

2002-01-01

A new class of mechanical code comparators is described which have broad potential for application in safety, surety, and security applications. These devices can be implemented as micro-scale electromechanical systems that isolate a secure or otherwise controlled device until an access code is entered. This access code is converted into a series of mechanical inputs to the mechanical code comparator, which compares the access code to a pre-input combination, entered previously into the mechanical code comparator by an operator at the system security control point. These devices provide extremely high levels of robust security. Being totally mechanical in operation, an access control system properly based on such devices cannot be circumvented by software attack alone.

76 FR 68242 - Self-Regulatory Organizations; Chicago Mercantile Exchange, Inc.; Order Approving Proposed Rule...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-03

... securities and funds which are in the custody or control of such clearing agency or for which it is... assure the safeguarding of securities and funds which are in its custody or control or for which it is... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-65655; File No. SR-CME-2011-07] Self-Regulatory...

Information Assurance and Cyber Defence (Assurance de l’information et cyberdefense)

DTIC Science & Technology

2010-11-01

project is that knowledge exchange in a timely fashion is highly significant. Authentication and Authorisation of Users and Services in Federated...Detection, Protection and Countermeasures; • Security Models and Architectures; • Security Policies, Evaluation, Authorisation and Access Control; and...Evaluation, Authorisation and Access Control • Network and Information Security Awareness The topics for the symposium had been established

Toward Privacy-preserving Content Access Control for Information Centric Networking

DTIC Science & Technology

2014-03-01

REPORT Toward Privacy-preserving Content Access Control for Information Centric Networking 14. ABSTRACT 16. SECURITY CLASSIFICATION OF: Information...regardless the security mechanisms provided by different content hosting servers. However, using ABE has a drawback that the enforced content access...Encryption (ABE) is a flexible approach to enforce the content access policies regardless the security mechanisms provided by different content hosting

DOE`s nation-wide system for access control can solve problems for the federal government

DOE Office of Scientific and Technical Information (OSTI.GOV)

Callahan, S.; Tomes, D.; Davis, G.

1996-07-01

The U.S. Department of Energy`s (DOE`s) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by manymore » different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location`s level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals.« less

Lemnos interoperable security project.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Halbgewachs, Ronald D.

2010-03-01

With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance inmore » a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.« less

The Shaping of Managers' Security Objectives through Information Security Awareness Training

ERIC Educational Resources Information Center

Harris, Mark A.

2010-01-01

Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

Hilar control during laparoscopic donor nephrectomy: Practice patterns in Canada.

PubMed

Mcgregor, Thomas B; Patel, Premal; Chan, Gabriel; Sener, Alp

2017-10-01

In recent years, the method of vascular control during laparoscopic donor nephrectomy (LDN) has come under scrutiny due to catastrophic consequences of a device failure. This study sought to examine the surgical preferences of Canadian donor surgeons with regards to vascular control and their perception on the safety of these modalities. We also surveyed the experience with device malfunction and their subsequent management during LDN. An online survey was sent out to donor surgeons registered with the Canadian Society of Transplantation. Surveys were anonymous and voluntary. Descriptive statistics were used to analyze the collected responses. Recollection of the sequelae and outcomes from device malfunction were also queried. Twenty-eight of 37 surgeons (76% response rate) responded to the survey. At least one surgeon from every institution in Canada performing LDN responded to the survey. Laparoscopic stapler is the most commonly used device for securing the renal artery (61%) and renal vein (67%). Overall, surgeons felt the stapler was the safest method of securing the renal artery. Stapler misfire and clip slippage were reported by eight (28.5%) and 12 (43%) surgeons, respectively. Most cases were salvageable: laparoscopically (30%), open conversion (30%), and by hand port (5%). Slippage of a plastic locking clip resulted in one emergent laparotomy on POD#1 and one stapler misfire was converted to open resulting in donor death. Although rare, hemorrhagic complications can occur from device malfunction resulting in poor outcomes for healthy volunteers undergoing LDN. Surgeons need to remain vigilant when selecting the appropriate modality for vascular control.

Impacts of Vehicle (In)Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chugg, J.; Rohde, K.

Nuclear and radioactive material is routinely transported worldwide every day. Since 2010, the complexity of the transport vehicle to support such activities has grown exponentially. Many core functions of a vehicle are now handled by small embedded computer modules with more being added each year to enhance the owner’s experience and convenience. With a system as complex as today’s automobile, the potential for cyber security issues is certain. Hackers have begun exploring this new domain with public information increasingly disseminated. Because vehicles are allowed into and around secure nuclear facilities, the potential for using a vehicle as a new cybermore » entry point or vector into the facility is now plausible and must be mitigated. In addition, compromising such a vehicle could aide in illicit removal of nuclear material, putting sensitive cargo at risk. Because cyber attacks can now be introduced using vehicles, cyber security, needs to be integrated into an organization’s design basis threat document. Essentially, a vehicle now extends the perimeter for which security professionals are responsible.Electronic Control Units (ECU) responsible for handling all core and ancillary vehicle functions are interconnected using the controller area network (CAN) bus. A typical CAN network in a modern automobile contains 50 or more ECUs. The CAN protocol now supports a wide variety of areas, including automotive, road transportation, rail transportation, industrial automation, power generation, maritime, military vehicles, aviation, and medical devices. In many ways, the nuclear industry is employing the CAN bus protocol or other similar broadcast serial networks. This paper will provide an overview of the current state of automobile and CAN Bus security, as well as an overview of what has been publicly disclosed by many research organizations. It will then present several hypotheses of how vehicle security issues may impact nuclear activities. An initial discussion of how a vehicle can be used as a new threat vector to penetrate secure facilities will be presented. This includes how a modern automobile can be used as the exploitation mechanism for nearby devices such as laptops, cell phones, and wireless access points. Additional discussion will highlight how vehicle security might impact transportation of nuclear material through remote exploitation of a moving vehicle. The final discussion will include what possible implications might be relative to the physical protection systems at nuclear facilities. The audience will also be given details regarding the complexity of attack, thus implying the likelihood of successful exploitation, and information on how such attacks may be mitigated. Emerging security products for automobiles will be discussed and other mitigation methods will be detailed (e.g. disabling vehicle cellular modems). As a result, the audience will have a greater understanding of how to add vehicle security as a part of a comprehensive nuclear security policy.Finally, this paper will highlight the similarities between CAN Bus and other broadcast serial bus networks such as Profibus or DeviceNet, helping educate the reader on how susceptible this type of networking is to nefarious attacks and how it might affect components connected to many different nuclear systems, including control systems, safety systems, emergency systems, and support systems.« less

Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality.

PubMed

Herd, Toria; Li, Mengjiao; Maciejewski, Dominique; Lee, Jacob; Deater-Deckard, Kirby; King-Casas, Brooks; Kim-Spoon, Jungmeen

2018-01-01

Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males) who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents' inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent's secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers.

Inhibitory Control Mediates the Association between Perceived Stress and Secure Relationship Quality

PubMed Central

Herd, Toria; Li, Mengjiao; Maciejewski, Dominique; Lee, Jacob; Deater-Deckard, Kirby; King-Casas, Brooks; Kim-Spoon, Jungmeen

2018-01-01

Past research has demonstrated negative associations between exposure to stressors and quality of interpersonal relationships among children and adolescents. Nevertheless, underlying mechanisms of this association remain unclear. Chronic stress has been shown to disrupt prefrontal functioning in the brain, including inhibitory control abilities, and evidence is accumulating that inhibitory control may play an important role in secure interpersonal relationship quality, including peer problems and social competence. In this prospective longitudinal study, we examine whether changes in inhibitory control, measured at both behavioral and neural levels, mediate the association between stress and changes in secure relationship quality with parents and peers. The sample included 167 adolescents (53% males) who were first recruited at age 13 or 14 years and assessed annually three times. Adolescents’ inhibitory control was measured by their behavioral performance and brain activities, and adolescents self-reported perceived stress levels and relationship quality with mothers, fathers, and peers. Results suggest that behavioral inhibitory control mediates the association between perceived stress and adolescent’s secure relationship quality with their mothers and fathers, but not their peers. In contrast, given that stress was not significantly correlated with neural inhibitory control, we did not further test the mediation path. Our results highlight the role of inhibitory control as a process through which stressful life experiences are related to impaired secure relationship quality between adolescents and their mothers and fathers. PMID:29535664

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2013 CFR

2013-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2012 CFR

2012-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

15 CFR 750.3 - Review of license applications by BIS and other government agencies and departments.

Code of Federal Regulations, 2014 CFR

2014-01-01

... items controlled for national security, missile technology, nuclear nonproliferation, and chemical and... primarily with items controlled for national security, nuclear nonproliferation, missile technology...

33 CFR 101.400 - Enforcement.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 33 Navigation and Navigable Waters 1 2011-07-01 2011-07-01 false Enforcement. 101.400 Section 101.400 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.400 Enforcement. (a) The rules and...

78 FR 51266 - International Security Advisory Board (ISAB) Meeting Notice

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-20

... DEPARTMENT OF STATE [Public Notice 8419] International Security Advisory Board (ISAB) Meeting.... App Sec. 10(a)(2), the Department of State announces a meeting of the International Security Advisory... all aspects of arms control, disarmament, political-military affairs, international security and...

Using Secure Web Services to Visualize Poison Center Data for Nationwide Biosurveillance: A Case Study

PubMed Central

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M. Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Objectives Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. Methods As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Results Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. Discussion This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Conclusion Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance. PMID:23569581

5. SOUTH ELEVATION OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

5. SOUTH ELEVATION OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

6. SOUTHWEST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

6. SOUTHWEST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

7. SOUTHEAST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL ...

Library of Congress Historic Buildings Survey, Historic Engineering Record, Historic Landscapes Survey

7. SOUTHEAST CORNER OF BUILDING 8965 (SECURITY POLICE ENTRY CONTROL BUILDING). - Loring Air Force Base, Alert Area, Southeastern portion of base, east of southern end of runway, Limestone, Aroostook County, ME

Evaluation on Electronic Securities Settlements Systems by AHP Methods

NASA Astrophysics Data System (ADS)

Fukaya, Kiyoyuki; Komoda, Norihisa

Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

Food security is related to adult type 2 diabetes control over time in a United States safety net primary care clinic population.

PubMed

Shalowitz, M U; Eng, J S; McKinney, C O; Krohn, J; Lapin, B; Wang, C-H; Nodine, E

2017-05-15

Successful Type 2 diabetes management requires adopting a high nutrient-density diet made up of food items that both meet dietary needs and preferences and can be feasibly obtained on a regular basis. However, access to affordable, nutrient-dense foods often is lacking in poorer neighbourhoods. Therefore, low food security should directly impair glucose control, even when patients have full access to and utilize comprehensive medical management. The present study sought to determine whether food security is related longitudinally to glucose control, over-and-above ongoing medication management, among Type 2 diabetes patients receiving comprehensive care at a Midwestern multi-site federally qualified health centre (FQHC). In this longitudinal observational study, we completed a baseline assessment of patients' food security (using the US Household Food Security Module), demographics (via Census items), and diabetes history/management (using a structured clinical encounter form) when patients began receiving diabetes care at the health centre. We then recorded those patients' A1C levels several times during a 24-month follow-up period. Three hundred and ninety-nine patients (56% with low food security) had a baseline A1c measurement; a subsample of 336 (median age=52 years; 56% female; 60% Hispanic, 27% African American, and 9% White) also had at least one follow-up A1c measurement. Patients with lower (vs higher) food security were more likely to be on insulin and have higher A1c levels at baseline. Moreover, the disparity in glucose control by food security status persisted throughout the next 2 years. Although results were based on one multi-site FQHC, potentially limiting their generalizability, they seem to suggest that among Type 2 diabetes patients, low food security directly impairs glucose control-even when patients receive full access to comprehensive medical management-thereby increasing their long-term risks of high morbidity, early mortality, and high health-care utilization and cost.

Model-Driven Configuration of SELinux Policies

NASA Astrophysics Data System (ADS)

Agreiter, Berthold; Breu, Ruth

The need for access control in computer systems is inherent. However, the complexity to configure such systems is constantly increasing which affects the overall security of a system negatively. We think that it is important to define security requirements on a non-technical level while taking the application domain into respect in order to have a clear and separated view on security configuration (i.e. unblurred by technical details). On the other hand, security functionality has to be tightly integrated with the system and its development process in order to provide comprehensive means of enforcement. In this paper, we propose a systematic approach based on model-driven security configuration to leverage existing operating system security mechanisms (SELinux) for realising access control. We use UML models and develop a UML profile to satisfy these needs. Our goal is to exploit a comprehensive protection mechanism while rendering its security policy manageable by a domain specialist.

33 CFR 104.215 - Vessel Security Officer (VSO).

Code of Federal Regulations, 2011 CFR

2011-07-01

... procedures, including scenario-based response training; (4) Crowd management and control techniques; (5) Operations of security equipment and systems; and (6) Testing and calibration of security equipment and...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2010 CFR

2010-04-01

... over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND... § 229.308 (Item 308) Internal control over financial reporting. (a) Management's annual report on internal control over financial reporting. Provide a report of management on the registrant's internal...

17 CFR 38.255 - Risk controls for trading.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Risk controls for trading. 38.255 Section 38.255 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Prevention of Market Disruption § 38.255 Risk controls for trading. The designated...

17 CFR 38.255 - Risk controls for trading.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Risk controls for trading. 38.255 Section 38.255 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION DESIGNATED CONTRACT MARKETS Prevention of Market Disruption § 38.255 Risk controls for trading. The designated...

Biosecurity measures in 48 isolation facilities managing highly infectious diseases.

PubMed

Puro, Vincenzo; Fusco, Francesco M; Schilling, Stefan; Thomson, Gail; De Iaco, Giuseppina; Brouqui, Philippe; Maltezou, Helena C; Bannister, Barbara; Gottschalk, René; Brodt, Hans-Rheinhard; Ippolito, Giuseppe

2012-06-01

Biosecurity measures are traditionally applied to laboratories, but they may also be usefully applied in highly specialized clinical settings, such as the isolation facilities for the management of patients with highly infectious diseases (eg, viral hemorrhagic fevers, SARS, smallpox, potentially severe pandemic flu, and MDR- and XDR-tuberculosis). In 2009 the European Network for Highly Infectious Diseases conducted a survey in 48 isolation facilities in 16 European countries to determine biosecurity measures for access control to the facility. Security personnel are present in 39 facilities (81%). In 35 facilities (73%), entrance to the isolation area is restricted; control methods include electronic keys, a PIN system, closed-circuit TV, and guards at the doors. In 25 facilities (52%), identification and registration of all staff entering and exiting the isolation area are required. Access control is used in most surveyed centers, but specific lacks exist in some facilities. Further data are needed to assess other biosecurity aspects, such as the security measures during the transportation of potentially contaminated materials and measures to address the risk of an "insider attack."

Biosecurity Measures in 48 Isolation Facilities Managing Highly Infectious Diseases

PubMed Central

Puro, Vincenzo; Schilling, Stefan; Thomson, Gail; De Iaco, Giuseppina; Brouqui, Philippe; Maltezou, Helena C.; Bannister, Barbara; Gottschalk, René; Brodt, Hans-Rheinhard; Ippolito, Giuseppe

2012-01-01

Biosecurity measures are traditionally applied to laboratories, but they may also be usefully applied in highly specialized clinical settings, such as the isolation facilities for the management of patients with highly infectious diseases (eg, viral hemorrhagic fevers, SARS, smallpox, potentially severe pandemic flu, and MDR- and XDR-tuberculosis). In 2009 the European Network for Highly Infectious Diseases conducted a survey in 48 isolation facilities in 16 European countries to determine biosecurity measures for access control to the facility. Security personnel are present in 39 facilities (81%). In 35 facilities (73%), entrance to the isolation area is restricted; control methods include electronic keys, a PIN system, closed-circuit TV, and guards at the doors. In 25 facilities (52%), identification and registration of all staff entering and exiting the isolation area are required. Access control is used in most surveyed centers, but specific lacks exist in some facilities. Further data are needed to assess other biosecurity aspects, such as the security measures during the transportation of potentially contaminated materials and measures to address the risk of an “insider attack.” PMID:22571373

Methodology development for quantitative optimization of security enhancement in medical information systems -Case study in a PACS and a multi-institutional radiotherapy database-.

PubMed

Haneda, Kiyofumi; Umeda, Tokuo; Koyama, Tadashi; Harauchi, Hajime; Inamura, Kiyonari

2002-01-01

The target of our study is to establish the methodology for analyzing level of security requirements, for searching suitable security measures and for optimizing security distribution to every portion of medical practice. Quantitative expression must be introduced to our study as possible for the purpose of easy follow up of security procedures and easy evaluation of security outcomes or results. Results of system analysis by fault tree analysis (FTA) clarified that subdivided system elements in detail contribute to much more accurate analysis. Such subdivided composition factors very much depended on behavior of staff, interactive terminal devices, kinds of service, and routes of network. As conclusion, we found the methods to analyze levels of security requirements for each medical information systems employing FTA, basic events for each composition factor and combination of basic events. Methods for searching suitable security measures were found. Namely risk factors for each basic event, number of elements for each composition factor and candidates of security measure elements were found. Method to optimize the security measures for each medical information system was proposed. Namely optimum distribution of risk factors in terms of basic events were figured out, and comparison of them between each medical information systems became possible.

Wireless local area network in a prehospital environment.

PubMed

Chen, Dongquan; Soong, Seng-jaw; Grimes, Gary J; Orthner, Helmuth F

2004-08-31

Wireless local area networks (WLANs) are considered the next generation of clinical data network. They open the possibility for capturing clinical data in a prehospital setting (e.g., a patient's home) using various devices, such as personal digital assistants, laptops, digital electrocardiogram (EKG) machines, and even cellular phones, and transmitting the captured data to a physician or hospital. The transmission rate is crucial to the applicability of the technology in the prehospital setting. We created two separate WLANs to simulate a virtual local are network environment such as in a patient's home or an emergency room (ER). The effects of different methods of data transmission, number of clients, and roaming among different access points on the file transfer rate were determined. The present results suggest that it is feasible to transfer small files such as patient demographics and EKG data from the patient's home to the ER at a reasonable speed. Encryption, user control, and access control were implemented and results discussed. Implementing a WLAN in a centrally managed and multiple-layer-controlled access control server is the key to ensuring its security and accessibility. Future studies should focus on product capacity, speed, compatibility, interoperability, and security management.

Structuring Homeland Security

DTIC Science & Technology

2002-04-09

20 AIRPORT SECURITY .............................................................................................. 20...using an existing command and control structure. Since September 11, 2001 airport security has been of heightened importance to the American public...In order to use Reserves to provide airport security the airports themselves should be made federal property. This would allow greater flexibility for

75 FR 29567 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Customer...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... Information Collection Activity Under OMB Review: Aviation Security Customer Satisfaction Performance... surveying travelers to measure customer satisfaction of aviation security in an effort to more efficiently.... Information Collection Requirement OMB Control Number 1652-0013; Aviation Security Customer Satisfaction...

A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms

NASA Astrophysics Data System (ADS)

Hassan, Ahmed A.; Bahgat, Waleed M.

2010-01-01

Security policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.

Threats to security and ischaemic heart disease deaths: the case of homicides in Mexico.

PubMed

Lee, Eileen H; Bruckner, Tim A

2017-02-01

Ischaemic heart disease (IHD) ranks as the leading cause of death worldwide. Whereas much attention focuses on behavioural and lifestyle factors, less research examines the role of acute, ambient stressors. An unprecedented rise in homicides in Mexico over the past decade and the attendant media coverage and publicity have raised international concern regarding its potential health sequelae. We hypothesize that the rise in homicides in Mexico acts as an ecological threat to security and elevates the risk of both transient ischaemic events and myocardial infarctions, thereby increasing IHD deaths. We applied time-series methods to monthly counts of IHD deaths and homicides in Mexico for 156 months spanning January 2000 to December 2012. Methods controlled for strong temporal patterns in IHD deaths, the unemployment rate and changes in the population size at risk. After controlling for trend and seasonality in IHD deaths, a 1-unit increase in the logged count of homicides coincides with a 7% increase in the odds of IHD death in that same month (95% confidence interval: 0.04 - 0.10). Inference remains robust to additional sensitivity checks, including a state-level fixed effects analysis. Our findings indicate that the elevated level of homicides in Mexico serves as a population-level stressor that acutely increases the risk of IHD death. This research adds to the growing literature documenting the role of ambient threats, or perceived threats, to security on cardiovascular health. © The Author 2016; all rights reserved. Published by Oxford University Press on behalf of the International Epidemiological Association

High Throughput Determination of VX in Drinking Water by ...

EPA Pesticide Factsheets

Methods Report This document provides the standard operating procedure for determination of the chemical warfare agent VX (O-Ethyl S-2-Diisopropylamino-Ethyl Methylphosphonothioate) in drinking water by isotope dilution liquid chromatography tandem mass spectrometer (LC/MS/MS). This method was adapted from one that was initially developed by the Centers for Disease Control and Prevention, in the National Center for Environmental Health for the determination and quantitation of VX in aqueous matrices. This method is designed to support site-specific cleanup goals of environmental remediation activities following a homeland security incident involving this analyte.

Security of information in IT systems

NASA Astrophysics Data System (ADS)

Kaliczynska, Malgorzata

2005-02-01

The aim of the paper is to increase human awareness of the dangers connected with social engineering methods of obtaining information. The article demonstrates psychological and sociological methods of influencing people used in the attacks on IT systems. Little known techniques are presented about one of the greater threats that is electromagnetic emission or corona effect. Moreover, the work shows methods of protecting against this type of dangers. Also, in the paper one can find information on devices made according to the TEMPEST technology. The article not only discusses the methods of gathering information, but also instructs how to protect against its out-of-control loss.

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE PAGES

Williams, Adam D.

2015-11-17

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Beyond a series of security nets: Applying STAMP & STPA to port security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Williams, Adam D.

Port security is an increasing concern considering the significant role of ports in global commerce and today’s increasingly complex threat environment. Current approaches to port security mirror traditional models of accident causality -- ‘a series of security nets’ based on component reliability and probabilistic assumptions. Traditional port security frameworks result in isolated and inconsistent improvement strategies. Recent work in engineered safety combines the ideas of hierarchy, emergence, control and communication into a new paradigm for understanding port security as an emergent complex system property. The ‘System-Theoretic Accident Model and Process (STAMP)’ is a new model of causality based on systemsmore » and control theory. The associated analysis process -- System Theoretic Process Analysis (STPA) -- identifies specific technical or procedural security requirements designed to work in coordination with (and be traceable to) overall port objectives. This process yields port security design specifications that can mitigate (if not eliminate) port security vulnerabilities related to an emphasis on component reliability, lack of coordination between port security stakeholders or economic pressures endemic in the maritime industry. As a result, this article aims to demonstrate how STAMP’s broader view of causality and complexity can better address the dynamic and interactive behaviors of social, organizational and technical components of port security.« less

Cox report and the US-China arms control technical exchange program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Di Capua, M S

The ACE program furthered the national security interests of the US by promoting technical approaches to the implementation and verification of arms control treaties that the international community embraces. The Cox Committee report suggests that uncontrolled interactions were taking place between US and Chinese nuclear weapons scientists in the course of the ACE program. On the contrary, elaborate controls were in place at the very beginning and remained in place to control the interactions and protect US national security information. The ACE program payoff to national security was just beginning and its suspension, resulting from the Cox reports allegations, ismore » a setback to US-China progress on arms control.« less

Method for transferring data from an unsecured computer to a secured computer

DOEpatents

Nilsen, Curt A.

1997-01-01

A method is described for transferring data from an unsecured computer to a secured computer. The method includes transmitting the data and then receiving the data. Next, the data is retransmitted and rereceived. Then, it is determined if errors were introduced when the data was transmitted by the unsecured computer or received by the secured computer. Similarly, it is determined if errors were introduced when the data was retransmitted by the unsecured computer or rereceived by the secured computer. A warning signal is emitted from a warning device coupled to the secured computer if (i) an error was introduced when the data was transmitted or received, and (ii) an error was introduced when the data was retransmitted or rereceived.

Methods of Organizational Information Security

NASA Astrophysics Data System (ADS)

Martins, José; Dos Santos, Henrique

The principle objective of this article is to present a literature review for the methods used in the security of information at the level of organizations. Some of the principle problems are identified and a first group of relevant dimensions is presented for an efficient management of information security. The study is based on the literature review made, using some of the more relevant certified articles of this theme, in international reports and in the principle norms of management of information security. From the readings that were done, we identified some of the methods oriented for risk management, norms of certification and good practice of security of information. Some of the norms are oriented for the certification of the product or system and others oriented to the processes of the business. There are also studies with the proposal of Frameworks that suggest the integration of different approaches with the foundation of norms focused on technologies, in processes and taking into consideration the organizational and human environment of the organizations. In our perspective, the biggest contribute to the security of information is the development of a method of security of information for an organization in a conflicting environment. This should make available the security of information, against the possible dimensions of attack that the threats could exploit, through the vulnerability of the organizational actives. This method should support the new concepts of "Network centric warfare", "Information superiority" and "Information warfare" especially developed in this last decade, where information is seen simultaneously as a weapon and as a target.

21 CFR 1301.73 - Physical security controls for non-practitioners; compounders for narcotic treatment programs...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 21 Food and Drugs 9 2011-04-01 2011-04-01 false Physical security controls for non-practitioners... and Drugs DRUG ENFORCEMENT ADMINISTRATION, DEPARTMENT OF JUSTICE REGISTRATION OF MANUFACTURERS... such as walls or partitions, by traffic control lines or restricted space designation. The employee...

17 CFR 37.405 - Risk controls for trading.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Risk controls for trading. 37.405 Section 37.405 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SWAP EXECUTION FACILITIES Monitoring of Trading and Trade Processing § 37.405 Risk controls for trading. The swap...

Computer loss experience and predictions

NASA Astrophysics Data System (ADS)

Parker, Donn B.

1996-03-01

The types of losses organizations must anticipate have become more difficult to predict because of the eclectic nature of computers and the data communications and the decrease in news media reporting of computer-related losses as they become commonplace. Total business crime is conjectured to be decreasing in frequency and increasing in loss per case as a result of increasing computer use. Computer crimes are probably increasing, however, as their share of the decreasing business crime rate grows. Ultimately all business crime will involve computers in some way, and we could see a decline of both together. The important information security measures in high-loss business crime generally concern controls over authorized people engaged in unauthorized activities. Such controls include authentication of users, analysis of detailed audit records, unannounced audits, segregation of development and production systems and duties, shielding the viewing of screens, and security awareness and motivation controls in high-value transaction areas. Computer crimes that involve highly publicized intriguing computer misuse methods, such as privacy violations, radio frequency emanations eavesdropping, and computer viruses, have been reported in waves that periodically have saturated the news media during the past 20 years. We must be able to anticipate such highly publicized crimes and reduce the impact and embarrassment they cause. On the basis of our most recent experience, I propose nine new types of computer crime to be aware of: computer larceny (theft and burglary of small computers), automated hacking (use of computer programs to intrude), electronic data interchange fraud (business transaction fraud), Trojan bomb extortion and sabotage (code security inserted into others' systems that can be triggered to cause damage), LANarchy (unknown equipment in use), desktop forgery (computerized forgery and counterfeiting of documents), information anarchy (indiscriminate use of crypto without control), Internet abuse (antisocial use of data communications), and international industrial espionage (governments stealing business secrets). A wide variety of safeguards are necessary to deal with these new crimes. The most powerful controls include (1) carefully controlled use of cryptography and digital signatures with good key management and overriding business and government decryption capability and (2) use of tokens such as smart cards to increase the strength of secret passwords for authentication of computer users. Jewelry-type security for small computers--including registration of serial numbers and security inventorying of equipment, software, and connectivity--will be necessary. Other safeguards include automatic monitoring of computer use and detection of unusual activities, segmentation and filtering of networks, special paper and ink for documents, and reduction of paper documents. Finally, international cooperation of governments to create trusted environments for business is essential.

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

Cheating in OSCEs: The Impact of Simulated Security Breaches on OSCE Performance.

PubMed

Gotzmann, Andrea; De Champlain, André; Homayra, Fahmida; Fotheringham, Alexa; de Vries, Ingrid; Forgie, Melissa; Pugh, Debra

2017-01-01

Construct: Valid score interpretation is important for constructs in performance assessments such as objective structured clinical examinations (OSCEs). An OSCE is a type of performance assessment in which a series of standardized patients interact with the student or candidate who is scored by either the standardized patient or a physician examiner. In high-stakes examinations, test security is an important issue. Students accessing unauthorized test materials can create an unfair advantage and lead to examination scores that do not reflect students' true ability level. The purpose of this study was to assess the impact of various simulated security breaches on OSCE scores. Seventy-six 3rd-year medical students participated in an 8-station OSCE and were randomized to either a control group or to 1 of 2 experimental conditions simulating test security breaches: station topic (i.e., providing a list of station topics prior to the examination) or egregious security breach (i.e., providing detailed content information prior to the examination). Overall total scores were compared for the 3 groups using both a one-way between-subjects analysis of variance and a repeated measure analysis of variance to compare the checklist, rating scales, and oral question subscores across the three conditions. Overall total scores were highest for the egregious security breach condition (81.8%), followed by the station topic condition (73.6%), and they were lowest for the control group (67.4%). This trend was also found with checklist subscores only (79.1%, 64.9%, and 60.3%, respectively for the security breach, station topic, and control conditions). Rating scale subscores were higher for both the station topic and egregious security breach conditions compared to the control group (82.6%, 83.1%, and 77.6%, respectively). Oral question subscores were significantly higher for the egregious security breach condition (88.8%) followed by the station topic condition (64.3%), and they were the lowest for the control group (48.6%). This simulation of different OSCE security breaches demonstrated that student performance is greatly advantaged by having prior access to test materials. This has important implications for medical educators as they develop policies and procedures regarding the safeguarding and reuse of test content.

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

DOEpatents

Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

2015-07-28

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

ICS security in maritime transportation : a white paper examining the security and resiliency of critical transportation infrastructure

DOT National Transportation Integrated Search

2013-07-29

The John A. Volpe National Transportation Systems Center was asked by the Office of Security of the Maritime Administration to examine the issue of industrial control systems (ICS) security in the Maritime Transportation System (MTS), and to develop ...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 19 Customs Duties 1 2014-04-01 2014-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 19 Customs Duties 1 2012-04-01 2012-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 19 Customs Duties 1 2010-04-01 2010-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 19 Customs Duties 1 2013-04-01 2013-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

19 CFR 19.47 - Security.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 19 Customs Duties 1 2011-04-01 2011-04-01 false Security. 19.47 Section 19.47 Customs Duties U.S. CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY; DEPARTMENT OF THE TREASURY CUSTOMS WAREHOUSES, CONTAINER STATIONS AND CONTROL OF MERCHANDISE THEREIN Container Stations § 19.47 Security. The...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 1 2012-01-01 2012-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

GEMSS: privacy and security for a medical Grid.

PubMed

Middleton, S E; Herveg, J A M; Crazzolara, F; Marvin, D; Poullet, Y

2005-01-01

The GEMSS project is developing a secure Grid infrastructure through which six medical simulations services can be invoked. We examine the legal and security framework within which GEMSS operates. We provide a legal qualification to the operations performed upon patient data, in view of EU directive 95/46, when using medical applications on the GEMSS Grid. We identify appropriate measures to ensure security and describe the legal rationale behind our choice of security technology. Our legal analysis demonstrates there must be an identified controller (typically a hospital) of patient data. The controller must then choose a processor (in this context a Grid service provider) that provides sufficient guarantees with respect to the security of their technical and organizational data processing procedures. These guarantees must ensure a level of security appropriate to the risks, with due regard to the state of the art and the cost of their implementation. Our security solutions are based on a public key infrastructure (PKI), transport level security and end-to-end security mechanisms in line with the web service (WS Security, WS Trust and SecureConversation) security specifications. The GEMSS infrastructure ensures a degree of protection of patient data that is appropriate for the health care sector, and is in line with the European directives. We hope that GEMSS will become synonymous with high security data processing, providing a framework by which GEMSS service providers can provide the security guarantees required by hospitals with regard to the processing of patient data.

Characterization of Departures from Regulatory Requirements Identified During Inspections Conducted by the US Federal Select Agent Program, 2014-15.

PubMed

Bjork, Adam; Sosin, Daniel M

We studied departures from regulatory requirements identified on US Federal Select Agent Program (FSAP) inspections to increase transparency regarding biosafety and security risk at FSAP-regulated entities and identify areas for programmatic improvement. Regulatory departures from inspections led by Centers for Disease Control and Prevention inspectors during 2014-15 were grouped into "biosafety," "security," and "other" observation categories and assigned a risk level and score reflecting perceived severity. The resulting 2,267 biosafety (n = 1,153) and security (n = 1,114) observations from 296 inspections were analyzed by frequency and risk across entity and inspection characteristics. The greatest proportion of biosafety observations involved equipment and facilities (28%), and the greatest proportion of security observations involved access restrictions (33%). The greatest proportion of higher-risk observations for biosafety were containment issues and for security were inventory discrepancies. Commercial entities had the highest median cumulative risk score per inspection (17), followed by private (13), academic (10), federal government (10), and nonfederal government (8). Maximum containment (BSL-4) inspections had higher median biosafety risk per inspection (13) than other inspections (5) and lower security risk (0 vs 4). Unannounced inspections had proportionally more upper risk level observations than announced (biosafety, 21% vs 12%; security, 18% vs 7%). Possessors of select agents had higher median biosafety risk per inspection (6) than nonpossessors (4) and more upper risk level security observations (10% vs 0%). Programmatic changes to balance resources according to entity risk may strengthen FSAP oversight. Varying inspection methods by select agent possession and entity type, and conducting more unannounced inspections, may be beneficial.

Secure Control Systems for the Energy Sector

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Rhett; Campbell, Jack; Hadley, Mark

2012-03-31

Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use thismore » technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.« less

Usable SPACE: Security, Privacy, and Context for the Mobile User

NASA Astrophysics Data System (ADS)

Jutla, Dawn

Users breach the security of data within many financial applications daily as human and/or business expediency to access and use information wins over corporate security policy guidelines. Recognizing that changing user context often requires different security mechanisms, we discuss end-to-end solutions combining several security and context mechanisms for relevant security control and information presentation in various mobile user situations. We illustrate key concepts using Dimitri Kanevskys (IBM Research) early 2000s patented inventions for voice security and classification.

Food and water security issues in Russia I: food security in the general population of the Russian Arctic, Siberia and the Far East, 2000–2011

PubMed Central

Dudarev, Alexey A.; Alloyarov, Pavel R.; Chupakhin, Valery S.; Dushkina, Eugenia V.; Sladkova, Yuliya N.; Dorofeyev, Vitaliy M.; Kolesnikova, Tatijana A.; Fridman, Kirill B.; Nilsson, Lena Maria; Evengård, Birgitta

2013-01-01

Background Problems related to food security in Russian Arctic (dietary imbalance, predominance of carbohydrates, shortage of milk products, vegetables and fruits, deficit of vitamins and microelements, chemical, infectious and parasitic food contamination) have been defined in the literature. But no standard protocol of food security assessment has been used in the majority of studies. Objectives Our aim was to obtain food security indicators, identified within an Arctic collaboration, for selected regions of the Russian Arctic, Siberia and the Far East, and to compare food safety in these territories. Study design and methods In 18 regions of the Russian Arctic, Siberia and the Far East, the following indicators of food security were analyzed: food costs, food consumption, and chemical and biological food contamination for the period 2000–2011. Results Food costs in the regions are high, comprising 23–43% of household income. Only 4 out of 10 food groups (fish products, cereals, sugar, plant oil) are consumed in sufficient amounts. The consumption of milk products, eggs, vegetables, potatoes, fruits (and berries) is severely low in a majority of the selected regions. There are high levels of biological contamination of food in many regions. The biological and chemical contamination situation is alarming, especially in Chukotka. Only 7 food pollutants are under regular control; among pesticides, only DDT. Evenki AO and Magadan Oblast have reached peak values in food contaminants compared with other regions. Mercury in local fish has not been analyzed in the majority of the regions. In 3 regions, no monitoring of DDT occurs. Aflatoxins have not been analyzed in 5 regions. Nitrates had the highest percentage in excess of the hygienic threshold in all regions. Excesses of other pollutants in different regions were episodic and as a rule not high. Conclusion Improvement of the food supply and food accessibility in the regions of the Russian Arctic, Siberia and the Far East is of utmost importance. Both quantitative and qualitative control of chemical and biological contaminants in food is insufficient and demands radical enhancement aimed at improving food security. PMID:24471055

Arms control is everyone`s business: The United States and the United Nations at the mid-point of the 1990`s

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lehman, R.F. II

1993-03-01

This presentation encourages current efforts in arms control, non- proliferation, and peacekeeping. Verification is heralded as a confidence building method to bring about more openness in international relations. It is purported that openness has already enhanced democratic forces around the world. The insistence on strict compliance with the decisions of the United Nations Security Council is a show of support for international law. It is recommended that international norms on human rights, non-proliferation, and non-aggression be strengthened.

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor development kid and Embedded Linux operation system.

A Cyber Security Self-Assessment Method for Nuclear Power Plants

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

2004-11-01

A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is amore » digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.« less

78 FR 24442 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-25

... industry through advisory committees and through the normal rule proposal methods. The FOCUS Report was..., Washington, DC 20549-0213. Extension: Rule 17a-5, SEC File No. 270-155, OMB Control No. 3235-0123. Notice is... provided for in Rule 17a- 5 (17 CFR 240.17a-5), under the Securities Exchange Act of 1934 (15 U.S.C. 78a et...

Rapid Equipping Force (REF) Analytical Support

DTIC Science & Technology

2007-06-01

document contains color images. 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU 18. NUMBER OF PAGES 44...interface and performs actions via Excel formulae, ActiveX controls, and VBA code. – Plan to provide both simple and complex weighting and scoring methods...Requirements Quad Chart. –Solution Set Information Worksheet: A spreadsheet containing detailed information concerning every potential solution considered

Balancing Scientific Publication and National Security Concerns: Issues for Congress

DTIC Science & Technology

2003-01-10

because of its potential relevance to biological weapons of mass destruction. Whether the current method of only using classification to limit the...terrorist groups in developing weapons of mass destruction. In 2000, researchers at the Co-operative Research Centre for the Biological Control of Pest...development of chemical, biological , or nuclear weapons is not made accessible to terrorists or countries of proliferation concern. The resolution

Evaluating Equating Results in the Non-Equivalent Groups with Anchor Test Design Using Equipercentile and Equity Criteria

ERIC Educational Resources Information Center

Duong, Minh Quang

2011-01-01

Testing programs often use multiple test forms of the same test to control item exposure and to ensure test security. Although test forms are constructed to be as similar as possible, they often differ. Test equating techniques are those statistical methods used to adjust scores obtained on different test forms of the same test so that they are…

Risk assessment for sustainable food security in China according to integrated food security--taking Dongting Lake area for example.

PubMed

Qi, Xiaoxing; Liu, Liming; Liu, Yabin; Yao, Lan

2013-06-01

Integrated food security covers three aspects: food quantity security, food quality security, and sustainable food security. Because sustainable food security requires that food security must be compatible with sustainable development, the risk assessment of sustainable food security is becoming one of the most important issues. This paper mainly focuses on the characteristics of sustainable food security problems in the major grain-producing areas in China. We establish an index system based on land resources and eco-environmental conditions and apply a dynamic assessment method based on status assessments and trend analysis models to overcome the shortcomings of the static evaluation method. Using fuzzy mathematics, the risks are categorized into four grades: negligible risk, low risk, medium risk, and high risk. A case study was conducted in one of China's major grain-producing areas: Dongting Lake area. The results predict that the status of the sustainable food security in the Dongting Lake area is unsatisfactory for the foreseeable future. The number of districts at the medium-risk range will increase from six to ten by 2015 due to increasing population pressure, a decrease in the cultivated area, and a decrease in the effective irrigation area. Therefore, appropriate policies and measures should be put forward to improve it. The results could also provide direct support for an early warning system-which could be used to monitor food security trends or nutritional status so to inform policy makers of impending food shortages-to prevent sustainable food security risk based on some classical systematic methods. This is the first research of sustainable food security in terms of risk assessment, from the perspective of resources and the environment, at the regional scale.

DICOM image secure communications with Internet protocols IPv6 and IPv4.

PubMed

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

[Assessment and early warning of land ecological security in rapidly urbanizing coastal area: A case study of Caofeidian new district, Hebei, China].

PubMed

Zhang, Li; Chen, Ying; Wang, Shu-tao; Men, Ming-xin; Xu, Hao

2015-08-01

Assessment and early warning of land ecological security (LES) in rapidly urbanizing coastal area is an important issue to ensure sustainable land use and effective maintenance of land ecological security. In this study, an index system for the land ecological security of Caofeidian new district was established based on the Pressure-State-Response (P-S-R) model. Initial assessment units of 1 km x 1 km created with the remote sensing data and GIS methods were spatially interpolated to a fine pixel size of 30 m x 30 m, which were combined with the early warning method (using classification tree method) to evaluate the land ecological security of Caofeidian in 2005 and 2013. The early warning level was classed into four categories: security with degradation potential, sub-security with slow degradation, sub-security with rapid degradation, and insecurity. Result indicated that, from 2005 to 2013, the average LES of Caofeidian dropped from 0.55 to 0.52, indicating a degradation of land ecological security from medium security level to medium-low security level. The areas at the levels of insecurity with rapid degradation were mainly located in the rapid urbanization areas, illustrating that rapid expansion of urban construction land was the key factor to the deterioration of the regional land ecological security. Industrial District, Shilihai town and Nanpu saltern, in which the lands at the levels of insecurity and sub-security with rapid degradation or slow degradation accounted for 58.3%, 98.9% and 81.2% of their respective districts, were at the stage of high early warning. Thus, land ecological security regulation for these districts should be strengthened in near future. The study could provide a reference for land use planning and ecological protection of Caofeidian new district.

77 FR 64150 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-18

...) requires an annual study and evaluation of internal accounting controls under the Securities Exchange Act... an annual report on the adequacy of their internal accounting controls from an independent accountant... service only their own companies' securities. [[Page 64151

32 CFR 2800.6 - Delegation of classification and declassification authority.

Code of Federal Regulations, 2010 CFR

2010-07-01

.... 12065: (i) Staff Security Officer/Top Secret Control Officer. (ii) Assistant Staff Security Officer/Assistant Top Secret Control Officer. ... to originally classify and declassify information as “SECRET” and/or “CONFIDENTIAL”: (a) Chief of...

Security for safety critical space borne systems

NASA Technical Reports Server (NTRS)

Legrand, Sue

1987-01-01

The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

Fingerprinting Reverse Proxies Using Timing Analysis of TCP Flows

DTIC Science & Technology

2013-09-01

bayes classifier,” in Cloud Computing Security , ser. CCSW ’09. New York City, NY: ACM, 2009, pp. 31–42. [30] J. Zhang, R. Perdisci, W. Lee, U. Sarfraz...FSM Finite State Machine HTML Hypertext Markup Language HTTP Hypertext Transfer Protocol HTTPS Hypertext Transfer Protocol Secure ICMP Internet Control...This hidden traffic concept supports network access control, security protection through obfuscation, and performance boosts at the Internet facing

49 CFR 1544.221 - Carriage of prisoners under the control of armed law enforcement officers.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Transportation (Continued) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT OPERATOR SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Operations § 1544.221 Carriage... custody of an armed law enforcement officer aboard an aircraft for which screening is required unless, in...

12 CFR 701.20 - Suretyship and guaranty.

Code of Federal Regulations, 2010 CFR

2010-01-01

... which the federal credit union has perfected its security interest (for example, if the collateral is a printed security, the federal credit union must have obtained physical control of the security, and, if... security interest); and (2) That has a market value, at the close of each business day, equal to 100...

33 CFR 101.420 - Right to appeal.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Right to appeal. 101.420 Section 101.420 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: GENERAL Control Measures for Security § 101.420 Right to appeal. (a) Any person directly...

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Information and Restricted Data. 95.35 Section 95.35 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) FACILITY SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2010 CFR

2010-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2014 CFR

2014-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2012 CFR

2012-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2013 CFR

2013-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2011 CFR

2011-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

48 CFR 1852.204-76 - Security requirements for unclassified information technolocgy resources.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Officer for approval by the Network Security Configuration Control Board (NSCCB); (ii) Comply with the... 48 Federal Acquisition Regulations System 6 2010-10-01 2010-10-01 true Security requirements for... CONTRACT CLAUSES Texts of Provisions and Clauses 1852.204-76 Security requirements for unclassified...

An Encryption Scheme for Communication Internet SCADA Components

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network. SCADA is considered a critical infrastructure, and connecting to the internet is putting the society on jeopardy, some operators hold back on connecting it to the internet. But since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Supervisory Control and Data Acquisition Systems (SCADA) through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

78 FR 37371 - Wassenaar Arrangement 2012 Plenary Agreements Implementation: Commerce Control List, Definitions...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-06-20

...The Bureau of Industry and Security (BIS) maintains, as part of its Export Administration Regulations (EAR), the Commerce Control List (CCL), which identifies certain of the items subject to Department of Commerce jurisdiction. This final rule revises the CCL to implement changes made to the Wassenaar Arrangement's List of Dual-Use Goods and Technologies (Wassenaar List) maintained and agreed to by governments participating in the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (Wassenaar Arrangement, or WA) at the December 2012 WA Plenary Meeting (the Plenary). The Wassenaar Arrangement advocates implementation of effective export controls on strategic items with the objective of improving regional and international security and stability. This rule harmonizes the CCL with the changes made to the WA List at the Plenary by revising ECCNs controlled for national security reasons in each category of the CCL, except category 8, as well as amending the General Software Note, WA reporting requirements, and definitions section in the EAR. BIS is adding unilateral controls to the CCL for specific software and technology for aviation control systems, which the WA agreements removed from the WA List, i.e., EAR national security controls.

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills,more » and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between those threats and the defensive capabilities of control systems can be analyzed. The results of the gap analysis drive changes in the cyber security of critical infrastructure networks to close the gap between current exploits and existing defenses. The analysis also provides defenders with an idea of how threat technology is evolving and how defenses will need to be modified to address these emerging trends.« less

An improved task-role-based access control model for G-CSCW applications

NASA Astrophysics Data System (ADS)

He, Chaoying; Chen, Jun; Jiang, Jie; Han, Gang

2005-10-01

Access control is an important and popular security mechanism for multi-user applications. GIS-based Computer Supported Cooperative Work (G-CSCW) application is one of such applications. This paper presents an improved Task-Role-Based Access Control (X-TRBAC) model for G-CSCW applications. The new model inherits the basic concepts of the old ones, such as role and task. Moreover, it has introduced two concepts, i.e. object hierarchy and operation hierarchy, and the corresponding rules to improve the efficiency of permission definition in access control models. The experiments show that the method can simplify the definition of permissions, and it is more applicable for G-CSCW applications.

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

NASA Technical Reports Server (NTRS)

Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

[Image-guided radiotherapy and partial delegation to radiotherapy technicians: Clermont-Ferrand experience].

PubMed

Loos, G; Moreau, J; Miroir, J; Benhaïm, C; Biau, J; Caillé, C; Bellière, A; Lapeyre, M

2013-10-01

The various image-guided radiotherapy techniques raise the question of how to achieve the control of patient positioning before irradiation session and sharing of tasks between radiation oncologists and radiotherapy technicians. We have put in place procedures and operating methods to make a partial delegation of tasks to radiotherapy technicians and secure the process in three situations: control by orthogonal kV imaging (kV-kV) of bony landmarks, control by kV-kV imaging of intraprostatic fiducial goldmarkers and control by cone beam CT (CBCT) imaging for prostate cancer. Significant medical overtime is required to control these three IGRT techniques. Because of their competence in imaging, these daily controls can be delegated to radiotherapy technicians. However, to secure the process, initial training and regular evaluation are essential. The analysis of the comparison of the use of kV/kV on bone structures allowed us to achieve a partial delegation of control to radiotherapy technicians. Controlling the positioning of the prostate through the use and automatic registration of fiducial goldmarkers allows better tracking of the prostate and can be easily delegated to radiotherapy technicians. The analysis of the use of daily cone beam CT for patients treated with intensity modulated irradiation is underway, and a comparison of practices between radiotherapy technicians and radiation oncologists is ongoing to know if a partial delegation of this control is possible. Copyright © 2013. Published by Elsevier SAS.

Maternal Resolution of Grief After Preterm Birth: Implications for Infant Attachment Security

PubMed Central

Clements, Melissa; Poehlmann, Julie

2011-01-01

OBJECTIVE: This study explored the association between mothers' unresolved grief regarding their infant's preterm birth and infant-mother attachment security. We hypothesized that mothers with unresolved grief would be more likely to have insecurely attached infants at 16 months and that this association would be partially mediated by maternal interaction quality. METHODS: This longitudinal study focused on 74 preterm infants (age of <36 weeks) and their mothers who were part of a larger study of high-risk infants. The present analysis included assessment of neonatal and socioeconomic risks at NICU discharge; maternal depression, Reaction to Preterm Birth Interview findings, and quality of parenting at a postterm age of 9 months; and infant-mother attachment at postterm age of 16 months. Associations among findings of grief resolution with the Reaction to Preterm Birth Interview, quality of parenting interactions, and attachment security were explored by using relative risk ratios and logistic and multivariate regression models. RESULTS: The relative risk of developing insecure attachment when mothers had unresolved grief was 1.59 (95% confidence interval: 1.03–2.44). Controlling for covariates (adjusted odds ratio: 2.94), maternal feelings of resolved grief regarding the preterm birth experience were associated with secure infant-mother attachment at 16 months. Maternal grief resolution and interaction quality were independent predictors of attachment security. CONCLUSION: Maternal grief resolution regarding the experience of preterm birth and the quality of maternal interactions have important implications for emerging attachment security for infants born prematurely. PMID:21242223

75 FR 1455 - Custody of Funds or Securities of Clients by Investment Advisers

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-11

... the internal controls relating to the custody of those assets from an independent public accountant... must obtain or receive an internal control report within six months of the effective date. Section III... securities (SIFMA(AMG) Letter), requiring an internal control report only instead of both the report and a...