17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

17 CFR 240.14a-16 - Internet availability of proxy materials.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Internet availability of proxy... Under the Securities Exchange Act of 1934 Regulation 14a: Solicitation of Proxies § 240.14a-16 Internet... the security holder a Notice of Internet Availability of Proxy Materials, as described in this section...

An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing.

PubMed

Kumar, Vinod; Jangirala, Srinivas; Ahmad, Musheer

2018-06-28

The increasing role of Telecare Medicine Information Systems (TMIS) makes its accessibility for patients to explore medical treatment, accumulate and approach medical data through internet connectivity. Security and privacy preservation is necessary for medical data of the patient in TMIS because of the very perceptive purpose. Recently, Mohit et al.'s proposed a mutual authentication protocol for TMIS in the cloud computing environment. In this work, we reviewed their protocol and found that it is not secure against stolen verifier attack, many logged in patient attack, patient anonymity, impersonation attack, and fails to protect session key. For enhancement of security level, we proposed a new mutual authentication protocol for the similar environment. The presented framework is also more capable in terms of computation cost. In addition, the security evaluation of the protocol protects resilience of all possible security attributes, and we also explored formal security evaluation based on random oracle model. The performance of the proposed protocol is much better in comparison to the existing protocol.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism.

PubMed

Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

2015-01-01

With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism

PubMed Central

Han, Dongmei; Han, Tianlin; Dai, Xingyun

2015-01-01

With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment. PMID:26587017

Physician office readiness for managing Internet security threats.

PubMed

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks.Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done.

Physician Office Readiness for Managing Internet Security Threats

PubMed Central

Keshavjee, K; Pairaudeau, N; Bhanji, A

2006-01-01

Internet security threats are evolving toward more targeted and focused attacks. Increasingly, organized crime is involved and they are interested in identity theft. Physicians who use Internet in their practice are at risk for being invaded. We studied 16 physician practices in Southern Ontario for their readiness to manage internet security threats. Overall, physicians have an over-inflated sense of preparedness. Security practices such as maintaining a firewall and conducting regular virus checks were not consistently done. PMID:17238600

The Feasibility of Wearables in an Enterprise Environment and Their Impact on IT Security

NASA Technical Reports Server (NTRS)

Scotti, Vincent, Jr.

2015-01-01

This paper is intended to explore the usability and feasibility of wearables in an enterprise environment and their impact on IT Security. In this day and age, with the advent of the Internet of Things, we must explore all the new technology emerging from the minds of the new inventors. This means exploring the use of wearables in regards to their benefits, limitations, and the new challenges they pose to securing computer networks in the Federal environment. We will explore the design of the wearables, the interfaces needed to connect them, and what it will take to connect personal devices in the Federal enterprise network environment. We will provide an overview of the wearable design, concerns of ensuring the confidentiality, integrity, and availability of information and the challenges faced by those doing so. We will also review the implications and limitations of the policies governing wearable technology and the physical efforts to enforce them.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

Survey of methods for secure connection to the internet

NASA Astrophysics Data System (ADS)

Matsui, Shouichi

1994-04-01

This paper describes a study of a security method of protecting inside network computers against outside miscreants and unwelcome visitors and a control method when these computers are connected with the Internet. In the present Internet, a method to encipher all data cannot be used, so that it is necessary to utilize PEM (Privacy Enhanced Mail) capable of the encipherment and conversion of secret information. For preventing miscreant access by eavesdropping password, one-time password is effective. The most cost-effective method is a firewall system. This system lies between the outside and inside network. By limiting computers that directly communicate with the Internet, control is centralized and inside network security is protected. If the security of firewall systems is strictly controlled under correct setting, security within the network can be secured even in open networks such as the Internet.

The Digital Divide and Patient Portals: Internet Access Explained Differences in Patient Portal Use for Secure Messaging by Age, Race, and Income.

PubMed

Graetz, Ilana; Gordon, Nancy; Fung, Vick; Hamity, Courtnee; Reed, Mary E

2016-08-01

Online access to health records and the ability to exchange secure messages with physicians can improve patient engagement and outcomes; however, the digital divide could limit access to web-based portals among disadvantaged groups. To understand whether sociodemographic differences in patient portal use for secure messaging can be explained by differences in internet access and care preferences. Cross-sectional survey to examine the association between patient sociodemographic characteristics and internet access and care preferences; then, the association between sociodemographic characteristics and secure message use with and without adjusting for internet access and care preference. One thousand forty-one patients with chronic conditions in a large integrated health care delivery system (76% response rate). Internet access, portal use for secure messaging, preference for in-person or online care, and sociodemographic and health characteristics. Internet access and preference mediated some of the differences in secure message use by age, race, and income. For example, using own computer to access the internet explained 52% of the association between race and secure message use and 60% of the association between income and use (Sobel-Goodman mediation test, P<0.001 for both). Education and sex-related differences in portal use remained statistically significant when controlling for internet access and preference. As the availability and use of patient portals increase, it is important to understand which patients have limited access and the barriers they may face. Improving internet access and making portals available across multiple platforms, including mobile, may reduce some disparities in secure message use.

Inventing an Energy Internet: Concepts, Architectures and Protocols for Smart Energy Utilization

DOE Office of Scientific and Technical Information (OSTI.GOV)

Tsoukalas, Lefteri

2009-04-29

In recent years, the Internet is revolutionizing information availability much like the Power Grid revolutionized energy availability a century earlier. We will explore the differences and similarities of these two critical infrastructures and identify ways for convergence which may lead to an energy internet. Pricing signals, nodal forecasting, and short-term elasticities are key concepts in smart energy flows respecting the delicate equilibrium involved in generation-demand and aiming at higher efficiencies. We will discuss how intelligent forecasting approaches operating at multiple levels (including device or nodal levels) can ameliorate the challenges of power storage. In addition to higher efficiencies, an energymore » internet may achieve significant reliability and security improvements and offer greater flexibility and transparency in the overall energy-environmental relation.« less

Strengthening DoD Cyber Security with the Vulnerability Market

DTIC Science & Technology

2014-01-01

50,000 – $100,000 Windows $60,000 – $120,000 Firefox or Safari $60,000 – $150,000 Chrome or Internet Explorer $80,000 – $200,000 iOS $100,000...the CTB metric for the Google Chrome OS at $110,000. Accordingly, this metric could be used by Google to compare its security to other operating...Mozilla Foundation. (n.d.). Mozilla. Retrieved from https://www.mozilla. org/en-US/foundation/ Thomson, I. (2013, March 8). Pwn2Own: IE10, Firefox

Anticipatory ethics for a future Internet: analyzing values during the design of an Internet infrastructure.

PubMed

Shilton, Katie

2015-02-01

The technical details of Internet architecture affect social debates about privacy and autonomy, intellectual property, cybersecurity, and the basic performance and reliability of Internet services. This paper explores one method for practicing anticipatory ethics in order to understand how a new infrastructure for the Internet might impact these social debates. This paper systematically examines values expressed by an Internet architecture engineering team-the Named Data Networking project-based on data gathered from publications and internal documents. Networking engineers making technical choices also weigh non-technical values when working on Internet infrastructure. Analysis of the team's documents reveals both values invoked in response to technical constraints and possibilities, such as efficiency and dynamism, as well as values, including privacy, security and anonymity, which stem from a concern for personal liberties. More peripheral communitarian values espoused by the engineers include democratization and trust. The paper considers the contextual and social origins of these values, and then uses them as a method of practicing anticipatory ethics: considering the impact such priorities may have on a future Internet.

A Pilot Study Using an Online, Experimental, Two-Asset Market.

ERIC Educational Resources Information Center

Lypny, Gregory

2003-01-01

Describes an online, securities market, research tool, called Borsa, to engage students in the exploration of asset pricing in microeconomics courses. Defines Borsa as related database files served on the Internet using a dedicated IP address. Discusses practical considerations in running the market. Offers questions that arise from using the…

Senior Year Inviting More Math Choices

ERIC Educational Resources Information Center

Cavanagh, Sean

2008-01-01

When students at Prescott High School sign up to take math as seniors, not all of them will be wading into precalculus or calculus, with in-depth explorations of derivatives and trigonometric functions. Some will instead end up using mathematics to study the Electoral College, or the security of Internet passwords, or how delivery companies ship…

Vulnerability Discovery: Bridging the Gap Between Analysis and Engineering

DTIC Science & Technology

2006-01-01

work in selected technologies © 2006 Carnegie Mellon University 16 An Easy Target: ActiveX 1995 – OLE 2  COM  ActiveX 2000 – CERT/CC... ActiveX Security Workshop 2005 – VU#680526  New vector for exploiting COM vulnerabilities via Internet Explorer discovered 2006 – Dranzer, the COM Object

Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

PubMed Central

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete—the traditional approach for calculating reliability—is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods. PMID:25405226

Security threat assessment of an Internet security system using attack tree and vague sets.

PubMed

Chang, Kuei-Hu

2014-01-01

Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

PCASSO: a design for secure communication of personal health information via the internet.

PubMed

Baker, D B; Masys, D R

1999-05-01

The Internet holds both promise and peril for the communications of person-identifiable health information. Because of technical features designed to promote accessibility and interoperability rather than security, Internet addressing conventions and transport protocols are vulnerable to compromise by malicious persons and programs. In addition, most commonly used personal computer (PC) operating systems currently lack the hardware-based system software protection and process isolation that are essential for ensuring the integrity of trusted applications. Security approaches designed for electronic commerce, that trade known security weaknesses for limited financial liability, are not sufficient for personal health data, where the personal damage caused by unintentional disclosure may be far more serious. To overcome these obstacles, we are developing and evaluating an Internet-based communications system called PCASSO (Patient-centered access to secure systems online) that applies state of the art security to health information. PCASSO includes role-based access control, multi-level security, strong device and user authentication, session-specific encryption and audit trails. Unlike Internet-based electronic commerce 'solutions,' PCASSO secures data end-to-end: in the server; in the data repository; across the network; and on the client. PCASSO is designed to give patients as well as providers access to personal health records via the Internet.

Development of an Internet Security Policy for health care establishments.

PubMed

Ilioudis, C; Pangalos, G

2000-01-01

The Internet provides unprecedented opportunities for interaction and data sharing among health care providers, patients and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. This paper defines the basic security requirements that must be addressed in order to use the Internet to safely transmit patient and/or other sensitive Health Care information. It describes a suitable Internet Security Policy for Health Care Establishments and provides the set of technical measures that are needed for its implementation. The proposed security policy and technical approaches have been based on an extensive study of the related recommendations from the security and standard groups both in EU amid USA and our related work and experience. The results have been utilized in the framework of the Intranet Health Clinic project, where the use of the Internet for the transmission of sensitive Health Care information is of vital importance.

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Municipal securities...

17 CFR 240.15c2-12 - Municipal securities disclosure.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Internet Web site or filed with the Commission. (4) The term issuer of municipal securities means the... the public on the Municipal Securities Rulemaking Board's Internet Web site or filed with the... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Municipal securities...

An Encryption Scheme for Communication Internet SCADA Components

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network. SCADA is considered a critical infrastructure, and connecting to the internet is putting the society on jeopardy, some operators hold back on connecting it to the internet. But since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Supervisory Control and Data Acquisition Systems (SCADA) through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Online Safety: Fraud, Security, Phishing, Vishing

MedlinePlus

... Theft Online Safety Privacy Report Scams and Frauds Online Safety Be aware of these scams when you' ... Security and Safety Internet Fraud Phishing and Vishing Online Security and Safety The internet makes many everyday ...

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

[Security aspects on the Internet].

PubMed

Seibel, R M; Kocher, K; Landsberg, P

2000-04-01

Is it possible to use the Internet as a secure media for transport of telemedicine? Which risks exist for routine use? In this article state of the art methods of security were analysed. Telemedicine in the Internet has severe risks, because patient data and hospital data of a secure Intranet can be manipulated by connecting it to the Web. Establishing of a firewall and the introduction of HPC (Health Professional Card) are minimizing the risk of un-authorized access to the hospital server. HPC allows good safety with digital signature and authentication of host and client of medical data. For secure e-mail PGP (Pretty Good Privacy) is easy to use as a standard protocol. Planning all activities exactly as well as following legal regulations are important requisites for reduction of safety risks in Internet.

Securing the Internet frontier.

PubMed

Morrissey, J

1996-10-21

Just as in the Wild West, security strategies are being mobilized for the untamed Internet frontier. Technology developed by settlers from the banking and merchandising industries is being retooled for healthcare, where security-conscious industries see a big market opportunity.

Coverage of the Test of Memory Malingering, Victoria Symptom Validity Test, and Word Memory Test on the Internet: is test security threatened?

PubMed

Bauer, Lyndsey; McCaffrey, Robert J

2006-01-01

In forensic neuropsychological settings, maintaining test security has become critically important, especially in regard to symptom validity tests (SVTs). Coaching, which can entail providing patients or litigants with information about the cognitive sequelae of head injury, or teaching them test-taking strategies to avoid detection of symptom dissimulation has been examined experimentally in many research studies. Emerging evidence supports that coaching strategies affect psychological and neuropsychological test performance to differing degrees depending on the coaching paradigm and the tests administered. The present study sought to examine Internet coverage of SVTs because it is potentially another source of coaching, or information that is readily available. Google searches were performed on the Test of Memory Malingering, the Victoria Symptom Validity Test, and the Word Memory Test. Results indicated that there is a variable amount of information available about each test that could threaten test security and validity should inappropriately interested parties find it. Steps that could be taken to improve this situation and limitations to this exploration are discussed.

Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

NASA Technical Reports Server (NTRS)

Ivancic, William D.

2009-01-01

A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

Advancing the science of forensic data management

NASA Astrophysics Data System (ADS)

Naughton, Timothy S.

2002-07-01

Many individual elements comprise a typical forensics process. Collecting evidence, analyzing it, and using results to draw conclusions are all mutually distinct endeavors. Different physical locations and personnel are involved, juxtaposed against an acute need for security and data integrity. Using digital technologies and the Internet's ubiquity, these diverse elements can be conjoined using digital data as the common element. This result is a new data management process that can be applied to serve all elements of the community. The first step is recognition of a forensics lifecycle. Evidence gathering, analysis, storage, and use in legal proceedings are actually just distinct parts of a single end-to-end process, and thus, it is hypothesized that a single data system that can also accommodate each constituent phase using common network and security protocols. This paper introduces the idea of web-based Central Data Repository. Its cornerstone is anywhere, anytime Internet upload, viewing, and report distribution. Archives exist indefinitely after being created, and high-strength security and encryption protect data and ensure subsequent case file additions do not violate chain-of-custody or other handling provisions. Several legal precedents have been established for using digital information in courts of law, and in fact, effective prosecution of cyber crimes absolutely relies on its use. An example is a US Department of Agriculture division's use of digital images to back up its inspection process, with pictures and information retained on secure servers to enforce the Perishable Agricultural Commodities Act. Forensics is a cumulative process. Secure, web-based data management solutions, such as the Central Data Repository postulated here, can support each process step. Logically marrying digital technologies with Internet accessibility should help nurture a thought process to explore alternatives that make forensics data accessible to authorized individuals, whenever and wherever they need it.

Innovation in the North: are health service providers ready for the uptake of an internet-based chronic disease management platform?

PubMed

Tillotson, Sherri; Lear, Scott; Araki, Yuriko; Horvat, Dan; Prkachin, Ken; Bates, Joanna; Balka, Ellen

2009-01-01

Remote and rural regions in Canada are faced with unique challenges in the delivery of primary health services. The purpose of this study was to understand how patients and healthcare professionals in northern British Columbia might make use of the Internet to manage cardiovascular diseases. The study used a qualitative methodology. Eighteen health professionals and 6 patients were recruited for a semi-structured interview that explored their experience in managing patients with cardiovascular disease and their opinions and preferences about the use of the Internet in chronic disease management. Key findings from the data suggest that a) use of the Internet helps to maintain continuity of care while a patient moves through various stages of care, b) the Internet may possibly be used as an educational tool in chronic disease self-management, c) there is a need for policy development to support Internet-based consultation processes, and d) while health providers endorse the notion of electronic advancement in their practice, the need for secure and stable electronic systems is essential.

Sustains--direct access for the patient to the medical record over the Internet.

PubMed

Eklund, Benny; Joustra-Enquist, Ingrid

2004-01-01

The basic idea of Sustains III is to emulate the Internet banking for Health Care. Instead of an "Internet Bank Account" the user has a "Health Care Account". The user logs in using a One Time Password which is sent to the user's mobile phone as an SMS, three seconds after the PIN code is entered. Thus personal information can be transferred both ways in a secure way, with acceptable privacy. The user can then explore the medical record in detail. Also get full and complete list of prescriptions, lab-result etc. It's also an easy way of exchange written information between the doctor and the patient. So far Sustains has showed that patients are very satisfied and is also beneficial for the physicians.

Security Techniques for Sensor Systems and the Internet of Things

ERIC Educational Resources Information Center

Midi, Daniele

2016-01-01

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

Security in the Cache and Forward Architecture for the Next Generation Internet

NASA Astrophysics Data System (ADS)

Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

Crisis-management and the Security in the Internet

NASA Astrophysics Data System (ADS)

Harada, Izumi

This paper discusses about the crisis-management and the security in the Internet. The crime that not is so far occurs during widespread to the society of the Internet, and a big social trouble. Moreover, the problem of a new security such as a cyber war and cyber terrorism appeared, too. It is necessary to recognize such a situation, and to do both correspondences corresponding to the environmental transformation by government and the people.

Security for Multimedia Space Data Distribution over the Internet

NASA Technical Reports Server (NTRS)

Stone, Thom; Picinich, Lou; Givens, John J. (Technical Monitor)

1995-01-01

Distribution of interactive multimedia to remote investigators will be required for high quality science on the International Space Station (ISS). The Internet with the World Wide Web (WWW) and the JAVA environment are a good match for distribution of data, video and voice to remote science centers. Utilizing the "open" Internet in a secure manner is the major hurdle in making use of this cost effective, off-the-shelf, universal resource. This paper examines the major security threats to an Internet distribution system for payload data and the mitigation of these threats. A proposed security environment for the Space Station Biological Research Facility (SSBRP) is presented with a short description of the tools that have been implemented or planned. Formulating and implementing a security policy, firewalls, host hardware and software security are also discussed in this paper. Security is a vast topic and this paper can only give an overview of important issues. This paper postulates that a structured approach is required and stresses that security must be built into a network from the start. Ignoring security issues or putting them off until late in the development cycle can be disastrous.

Security Issues on the Internet.

ERIC Educational Resources Information Center

Bar-Ilan, Judit

1996-01-01

Discusses some basic notions of modern cryptography: public key systems and digital signatures. Describes how theoretical modern cryptography can help solve security problems on the Internet. (Author/JKP)

GINSU: Guaranteed Internet Stack Utilization

DTIC Science & Technology

2005-11-01

Computer Architecture Data Links, Internet , Protocol Stacks 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT UNCLASSIFIED 18. SECURITY...AFRL-IF-RS-TR-2005-383 Final Technical Report November 2005 GINSU: GUARANTEED INTERNET STACK UTILIZATION Trusted... Information Systems, Inc. Sponsored by Defense Advanced Research Projects Agency DARPA Order No. ARPS APPROVED FOR PUBLIC

The Impact of Information Richness on Information Security Awareness Training Effectiveness

ERIC Educational Resources Information Center

Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

2009-01-01

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

PubMed

Harrop, Wayne; Matteson, Ashley

This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

Information Security and the Internet.

ERIC Educational Resources Information Center

Doddrell, Gregory R.

1996-01-01

As business relies less on "fortress" style central computers and more on distributed systems, the risk of disruption increases because of inadequate physical security, support services, and site monitoring. This article discusses information security and why protection is required on the Internet, presents a best practice firewall, and…

Security of Mobile Agents on the Internet.

ERIC Educational Resources Information Center

Corradi, Antonio; Montanari, Rebecca; Stefanelli, Cesare

2001-01-01

Discussion of the Internet focuses on new programming paradigms based on mobile agents. Considers the security issues associated with mobile agents and proposes a security architecture composed of a wide set of services and components capable of adapting to a variety of applications, particularly electronic commerce. (Author/LRW)

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2011 CFR

2011-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2013 CFR

2013-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2010 CFR

2010-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2012 CFR

2012-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

17 CFR 240.14b-1 - Obligation of registered brokers and dealers in connection with the prompt forwarding of certain...

Code of Federal Regulations, 2014 CFR

2014-04-01

... security holders, proxy statement, information statement, or Notice of Internet Availability of Proxy...(e)(1) (with respect to annual reports to security holders, proxy statements, and Notices of Internet..., information statements, and Notices of Internet Availability of Proxy Materials) applicable to registrants...

Teaching Internet Security, Safety in Our Classrooms

ERIC Educational Resources Information Center

DeFranco, Joanna F.

2011-01-01

Internet security is an important topic for educators due to curriculums now incorporating tools such as the Internet, Google docs, e-portfolios, and course management systems. Those tools require students to spend more time online, where they are susceptible to manipulation or intimidation if they do not stay on task. Kids of all ages lack…

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2012 CFR

2012-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2014 CFR

2014-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE U.S. TREASURY SECURITIES...

31 CFR 344.3 - What provisions apply to the SLGSafe Service?

Code of Federal Regulations, 2013 CFR

2013-07-01

... to the SLGSafe Service? (a) What is the SLGSafe Service? SLGSafe is a secure Internet site on the World Wide Web through which subscribers submit SLGS securities transactions. SLGSafe Internet... (Continued) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT U.S. TREASURY SECURITIES...

Evaluating Common Privacy Vulnerabilities in Internet Service Providers

NASA Astrophysics Data System (ADS)

Kotzanikolaou, Panayiotis; Maniatis, Sotirios; Nikolouzou, Eugenia; Stathopoulos, Vassilios

Privacy in electronic communications receives increased attention in both research and industry forums, stemming from both the users' needs and from legal and regulatory requirements in national or international context. Privacy in internet-based communications heavily relies on the level of security of the Internet Service Providers (ISPs), as well as on the security awareness of the end users. This paper discusses the role of the ISP in the privacy of the communications. Based on real security audits performed in national-wide ISPs, we illustrate privacy-specific threats and vulnerabilities that many providers fail to address when implementing their security policies. We subsequently provide and discuss specific security measures that the ISPs can implement, in order to fine-tune their security policies in the context of privacy protection.

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Obligations of registrants to...

17 CFR 240.14a-7 - Obligations of registrants to provide a list of, or mail soliciting material to, security holders.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Internet Availability of Proxy Materials (as described in § 240.14a-16), furnished by the security holder... security holder shall be sent to that address, provided that if multiple copies of the Notice of Internet... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Obligations of registrants to...

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2014 CFR

2014-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Schedule 14C. Information...

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2013 CFR

2013-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Schedule 14C. Information...

17 CFR 240.14c-101 - Schedule 14C. Information required in information statement.

Code of Federal Regulations, 2012 CFR

2012-04-01

... separate copy of the annual report to security holders, information statement, or Notice of Internet... annual reports to security holders, information statements, or Notices of Internet Availability of Proxy... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Schedule 14C. Information...

Federated Security: The Shibboleth Approach

ERIC Educational Resources Information Center

Morgan, R. L.; Cantor, Scott; Carmody, Steven; Hoehn, Walter; Klingenstein, Ken

2004-01-01

The Fifth Annual Educause Current Issues Survey ranked "security and identity management" near the top of the list of critical IT challenges on campus today. Recognition of the crucial importance of securing networked resources led Internet2 to establish its Middleware Initiative (I2MI) in 1999. While Internet2 was founded to develop and deploy…

Security, privacy, and confidentiality issues on the Internet

PubMed Central

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to `sign' a message whereby the private key of an individual can be used to `hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a `digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers. PMID:12554559

Security, privacy, and confidentiality issues on the Internet.

PubMed

Kelly, Grant; McKenzie, Bruce

2002-01-01

We introduce the issues around protecting information about patients and related data sent via the Internet. We begin by reviewing three concepts necessary to any discussion about data security in a healthcare environment: privacy, confidentiality, and consent. We are giving some advice on how to protect local data. Authentication and privacy of e-mail via encryption is offered by Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME). The de facto Internet standard for encrypting Web-based information interchanges is Secure Sockets Layer (SSL), more recently known as Transport Layer Security or TLS. There is a public key infrastructure process to 'sign' a message whereby the private key of an individual can be used to 'hash' the message. This can then be verified against the sender's public key. This ensures the data's authenticity and origin without conferring privacy, and is called a 'digital signature'. The best protection against viruses is not opening e-mails from unknown sources or those containing unusual message headers.

Internet firewalls: questions and answers

NASA Astrophysics Data System (ADS)

Ker, Keith

1996-03-01

As organizations consider connecting to the Internet, the issue of internetwork security becomes more important. There are many tools and components that can be used to secure a network, one of which is a firewall. Modern firewalls offer highly flexible private network security by controlling and monitoring all communications passing into or out of the private network. Specifically designed for security, firewalls become the private network's single point of attack from Internet intruders. Application gateways (or proxies) that have been written to be secure against even the most persistent attacks ensure that only authorized users and services access the private network. One-time passwords prevent intruders from `sniffing' and replaying the usernames and passwords of authorized users to gain access to the private network. Comprehensive logging permits constant and uniform system monitoring. `Address spoofing' attacks are prevented. The private network may use registered or unregistered IP addresses behind the firewall. Firewall-to-firewall encryption establishes a `virtual private network' across the Internet, preventing intruders from eavesdropping on private communications, eliminating the need for costly dedicated lines.

Countering Insider Threats - Handling Insider Threats Using Dynamic, Run-Time Forensics

DTIC Science & Technology

2007-10-01

able to handle the security policy requirements of a large organization containing many decentralized and diverse users, while being easily managed... contained in the TIF folder. Searching for any text string and sorting is supported also. The cache index file of Internet Explorer is not changed... containing thousands of malware software signatures. Separate datasets can be created for various classifications of malware such as encryption software

Homeland Security, A Primary Army Function

DTIC Science & Technology

2002-01-01

www.efilmqroup.com/nowhere.html>; Internet; accessed 27 January 2002 . ൕ Ibid., 1-4. 14 Gannon , John C., "The US Intelligence Community and Biological...Release. Distribution is Unlimited. USAWC CLASS OF 2002 U.S. ARMY WAR COLLEGE, CARLISLE BARRACKS, PA 17013-5050 20020502 072 USAWC STRATEGY RESEARCH PROJECT...Project DATE: 09 April 2002 PAGES:43 CLASSIFICATION: Unclassified This paper will explore new Army requirements based on the September 2001 Quadrennial

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2010 CFR

2010-04-01

...) A registrant will be considered to have delivered a Notice of Internet Availability of Proxy... Notice of Internet Availability of Proxy Materials, annual report to security holders or information...

Supporting Research and Development of Security Technologies through Network and Security Data Collection

DTIC Science & Technology

Research and development targeted at identifying and mitigating Internet security threats require current network data. To fulfill this need... researchers working for the Center for Applied Internet Data Analysis (CAIDA), a program at the San Diego Supercomputer Center (SDSC) which is based at the...vetted network and security researchers using the PREDICT/IMPACT portal and legal framework. We have also contributed to community building efforts that

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

PubMed

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-12-30

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

PubMed Central

Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

2016-01-01

Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Kumar, Neeraj

2015-11-01

In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

76 FR 45898 - Self-Regulatory Organizations; EDGA Exchange, Inc.; Notice of Filing and Immediate Effectiveness...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-01

... over the Internet); Securities Exchange Act Release No. 63197 (October 27, 2010), 75 FR 67791 (November... $200 to $600 per Internet port that is used to deliver market data); Securities Exchange Act Release No... SECURITIES AND EXCHANGE COMMISSION [Release No. 34-64964; File No. SR-EDGA-2011-22] Self...

The Evolution of the Internet Community and the"Yet-to-Evolve" Smart Grid Community: Parallels and Lessons-to-be-Learned

DOE Office of Scientific and Technical Information (OSTI.GOV)

McParland, Charles

The Smart Grid envisions a transformed US power distribution grid that enables communicating devices, under human supervision, to moderate loads and increase overall system stability and security. This vision explicitly promotes increased participation from a community that, in the past, has had little involvement in power grid operations -the consumer. The potential size of this new community and its member's extensive experience with the public Internet prompts an analysis of the evolution and current state of the Internet as a predictor for best practices in the architectural design of certain portions of the Smart Grid network. Although still evolving, themore » vision of the Smart Grid is that of a community of communicating and cooperating energy related devices that can be directed to route power and modulate loads in pursuit of an integrated, efficient and secure electrical power grid. The remaking of the present power grid into the Smart Grid is considered as fundamentally transformative as previous developments such as modern computing technology and high bandwidth data communications. However, unlike these earlier developments, which relied on the discovery of critical new technologies (e.g. the transistor or optical fiber transmission lines), the technologies required for the Smart Grid currently exist and, in many cases, are already widely deployed. In contrast to other examples of technical transformations, the path (and success) of the Smart Grid will be determined not by its technology, but by its system architecture. Fortunately, we have a recent example of a transformative force of similar scope that shares a fundamental dependence on our existing communications infrastructure - namely, the Internet. We will explore several ways in which the scale of the Internet and expectations of its users have shaped the present Internet environment. As the presence of consumers within the Smart Grid increases, some experiences from the early growth of the Internet are expected to be informative and pertinent.« less

Security issues of Internet-based biometric authentication systems: risks of Man-in-the-Middle and BioPhishing on the example of BioWebAuth

NASA Astrophysics Data System (ADS)

Zeitz, Christian; Scheidat, Tobias; Dittmann, Jana; Vielhauer, Claus; González Agulla, Elisardo; Otero Muras, Enrique; García Mateo, Carmen; Alba Castro, José L.

2008-02-01

Beside the optimization of biometric error rates the overall security system performance in respect to intentional security attacks plays an important role for biometric enabled authentication schemes. As traditionally most user authentication schemes are knowledge and/or possession based, firstly in this paper we present a methodology for a security analysis of Internet-based biometric authentication systems by enhancing known methodologies such as the CERT attack-taxonomy with a more detailed view on the OSI-Model. Secondly as proof of concept, the guidelines extracted from this methodology are strictly applied to an open source Internet-based biometric authentication system (BioWebAuth). As case studies, two exemplary attacks, based on the found security leaks, are investigated and the attack performance is presented to show that during the biometric authentication schemes beside biometric error performance tuning also security issues need to be addressed. Finally, some design recommendations are given in order to ensure a minimum security level.

Security Analysis and Improvements of Authentication and Access Control in the Internet of Things

PubMed Central

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-01-01

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

Security analysis and improvements of authentication and access control in the Internet of Things.

PubMed

Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

2014-08-13

Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Physical-layer encryption on the public internet: A stochastic approach to the Kish-Sethuraman cipher

NASA Astrophysics Data System (ADS)

Gunn, Lachlan J.; Chappell, James M.; Allison, Andrew; Abbott, Derek

2014-09-01

While information-theoretic security is often associated with the one-time pad and quantum key distribution, noisy transport media leave room for classical techniques and even covert operation. Transit times across the public internet exhibit a degree of randomness, and cannot be determined noiselessly by an eavesdropper. We demonstrate the use of these measurements for information-theoretically secure communication over the public internet.

Internet Governance and National Security

DTIC Science & Technology

2012-01-01

the conflict created by headline- grabbing exploits of ad hoc hacker networks or nation-state-inspired cor­ porate espionage.5 Malicious actors add...governance of critical Internet re­ sources and their impact on US national security are often overlooked. Foreign efforts to alter the technical...crime, espio­ nage, and other forms of cyber conflict rather than on the issues related to governance of critical Internet resources, development of

Insecurity on the Net.

ERIC Educational Resources Information Center

Brandt, D. Scott

1998-01-01

Examines Internet security risks and how users can protect themselves. Discusses inadvertent bugs in software; programming problems with Common Gateway Interface (CGI); viruses; tracking of Web users; and preventing access to selected Web pages and filtering software. A glossary of Internet security-related terms is included. (AEF)

Security

ERIC Educational Resources Information Center

Technology & Learning, 2008

2008-01-01

Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

Cryptography and the Internet: lessons and challenges

DOE Office of Scientific and Technical Information (OSTI.GOV)

McCurley, K.S.

1996-12-31

The popularization of the Internet has brought fundamental changes to the world, because it allows a universal method of communication between computers. This carries enormous benefits with it, but also raises many security considerations. Cryptography is a fundamental technology used to provide security of computer networks, and there is currently a widespread engineering effort to incorporate cryptography into various aspects of the Internet. The system-level engineering required to provide security services for the Internet carries some important lessons for researchers whose study is focused on narrowly defined problems. It also offers challenges to the cryptographic research community by raising newmore » questions not adequately addressed by the existing body of knowledge. This paper attempts to summarize some of these lessons and challenges for the cryptographic research community.« less

Trust Management and Accountability for Internet Security

ERIC Educational Resources Information Center

Liu, Wayne W.

2011-01-01

Adversarial yet interacting interdependent relationships in information sharing and service provisioning have been a pressing issue of the Internet. Such relationships exist among autonomous software agents, in networking system peers, as well as between "service users and providers." Traditional "ad hoc" security approaches effective in…

Functional Internet Literacy: Required Cognitive Skills with Implications for Instruction

ERIC Educational Resources Information Center

Johnson, Genevieve Marie

2007-01-01

Patterns of typical Internet use provide the basis for defining "functional Internet literacy." Internet use commonly includes communication, information, recreation, and commercial activities. Technical competence with connectivity, security, and downloads is a prerequisite for using the Internet for such activities. Bloom's taxonomy of cognitive…

Secure Web-based Ground System User Interfaces over the Open Internet

NASA Technical Reports Server (NTRS)

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

An Energy Efficient Protocol For The Internet Of Things

NASA Astrophysics Data System (ADS)

Venčkauskas, Algimantas; Jusas, Nerijus; Kazanavičius, Egidijus; Štuikys, Vytautas

2015-01-01

The Internet of Things (IoT) is a technological revolution that represents the future of computing and communications. One of the most important challenges of IoT is security: protection of data and privacy. The SSL protocol is the de-facto standard for secure Internet communications. The extra energy cost of encrypting and authenticating of the application data with SSL is around 15%. For IoT devices, where energy resources are limited, the increase in the cost of energy is a very significant factor. In this paper we present the energy efficient SSL protocol which ensures the maximum bandwidth and the required level of security with minimum energy consumption. The proper selection of the security level and CPU multiplier, can save up to 85% of the energy required for data encryption.

Analytical Characterization of Internet Security Attacks

ERIC Educational Resources Information Center

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Do You Lock Your Network Doors? Some Network Management Precautions.

ERIC Educational Resources Information Center

Neray, Phil

1997-01-01

Discusses security problems and solutions for networked organizations with Internet connections. Topics include access to private networks from electronic mail information; computer viruses; computer software; corporate espionage; firewalls, that is computers that stand between a local network and the Internet; passwords; and physical security.…

2008 Homeland Security Symposium and Exposition

DTIC Science & Technology

2008-09-10

Untitled Document 2008 Homeland Security Symposium and Exposition.html[5/19/2016 8:49:43 AM] 2008 Homeland Security Symposium and Exposition "New...national defenSe magazine Advertise in National Defense and increase your company exposure at this symposium! National Defense will be distributed to all...use the Internet Cafe to check their e-mail and search the Internet. Brand your name with maximum exposure at this high traffic area. Benefits

Fingerprinting Reverse Proxies Using Timing Analysis of TCP Flows

DTIC Science & Technology

2013-09-01

bayes classifier,” in Cloud Computing Security , ser. CCSW ’09. New York City, NY: ACM, 2009, pp. 31–42. [30] J. Zhang, R. Perdisci, W. Lee, U. Sarfraz...FSM Finite State Machine HTML Hypertext Markup Language HTTP Hypertext Transfer Protocol HTTPS Hypertext Transfer Protocol Secure ICMP Internet Control...This hidden traffic concept supports network access control, security protection through obfuscation, and performance boosts at the Internet facing

Healthcare teams over the Internet: towards a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2002-01-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modem healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has therefore become a major concern for healthcare applications over the Internet. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security policy is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Research on key technologies of data processing in internet of things

NASA Astrophysics Data System (ADS)

Zhu, Yangqing; Liang, Peiying

2017-08-01

The data of Internet of things (IOT) has the characteristics of polymorphism, heterogeneous, large amount and processing real-time. The traditional structured and static batch processing method has not met the requirements of data processing of IOT. This paper studied a middleware that can integrate heterogeneous data of IOT, and integrated different data formats into a unified format. Designed a data processing model of IOT based on the Storm flow calculation architecture, integrated the existing Internet security technology to build the Internet security system of IOT data processing, which provided reference for the efficient transmission and processing of IOT data.

Glucoweb: a case study of secure, remote biomonitoring and communication.

PubMed

Nigrin, D J; Kohane, I S

2000-01-01

As the Internet begins to play a greater role in many healthcare processes, it is inevitable that remote monitoring of patients' physiological parameters over the Internet will become increasingly commonplace. Internet-based communication between patients and their healthcare providers has already become prevalent, and has gained significant attention in terms of confidentiality issues. However, transmission of data directly from patients' physiological biomonitoring devices over the Web has garnered significantly less focus, especially in the area of authentication and security. In this paper, we describe a prototype system called Glucoweb, which allows patients with diabetes mellitus to transmit their self-monitored blood glucose data directly from their personal glucometer device to their diabetes care provider over the Internet. No customized software is necessary on the patient's computer, only a Web browser and active Internet connection. We use this example to highlight key authentication and security measures that should be considered for devices that transmit healthcare data to remote locations.

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2014 CFR

2014-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2010 CFR

2010-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2012 CFR

2012-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

20 CFR 404.630 - Use of date of written statement as filing date.

Code of Federal Regulations, 2013 CFR

2013-04-01

... contacts us through the Internet by completing and transmitting the Personal Identification Information data on the Internet Social Security Benefit Application to us, we will use the date of the... date. 404.630 Section 404.630 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL OLD-AGE...

77 FR 1971 - Supplemental Security Income and Homeless Individuals

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

... these individuals (nearly 80 percent) spent time only in an emergency shelter.\\2\\ \\1\\ United States...-- Internet, fax, or mail. Do not submit the same comments multiple times or by more than one method... visit our Internet site, Social Security Online, at http://www.socialsecurity.gov . SUPPLEMENTARY...

Endpoint Security Using Biometric Authentication for Secure Remote Mission Operations

NASA Technical Reports Server (NTRS)

Donohue, John T.; Critchfield, Anna R.

2000-01-01

We propose a flexible security authentication solution for the spacecraft end-user, which will allow the user to interact over Internet with the spacecraft, its instruments, or with the ground segment from anywhere, anytime based on the user's pre-defined set of privileges. This package includes biometrics authentication products, such as face, voice or fingerprint recognition, authentication services and procedures, such as: user registration and verification over the Internet and user database maintenance, with a configurable schema of spacecraft users' privileges. This fast and reliable user authentication mechanism will become an integral part of end-to-end ground-to-space secure Internet communications and migration from current practice to the future. All modules and services of the proposed package are commercially available and built to the NIST BioAPI standard, which facilitates "pluggability" and interoperability.

E-Commerce and Security Governance in Developing Countries

NASA Astrophysics Data System (ADS)

Sanayei, Ali.; Rajabion, Lila

Security is very often mentioned as one of the preconditions for the faster growth of e-commerce. Without a secure and reliable internet, customer will continue to be reluctant to provide confidential information online, such as credit card number. Moreover, organizations of all types and sizes around the world rely heavily on technologies of electronic commerce (e-commerce) for conducting their day-to-day business transaction. Providing organizations with a secure e-commerce environment is a major issue and challenging one especially in Middle Eastern countries. Without secure e-commerce, it is almost impossible to take advantage of the opportunities offered by e-commerce technologies. E-commerce can create opportunities for small entrepreneurs in Middle Eastern countries. This requires removing infrastructure blockages in telecommunications and logistics alongside the governance of e-commerce with policies on consumer protection, security of transactions, privacy of records and intellectual property. In this paper, we will explore the legal implications of e-commerce security governance by establishing who is responsible for ensuring compliance with this discipline, demonstrating the value to be derived from information security governance, the methodology of applying information security governance, and liability for non-compliance with this discipline. Our main focus will be on analyzing the importance and implication of e-commerce security governance in developing countries.

Influence of parental attitudes towards Internet use on the employment of online safety measures at home.

PubMed

Floros, Georgios; Siomos, Konstantinos; Dafouli, Evaggelia; Fisoun, Virginia; Geroukalis, Dimitrios

2012-01-01

In this paper we present the results of a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet safety-related practices and attitudes towards the Internet. Total sample was 2017 students and 1214 parent responders. Research material included extended demographics and an Internet security questionnaire, the Internet Attitudes Scale (IAS) for parents and the Adolescent Computer Addiction Test (ACAT) for children and both parents. Both parents thus provided their views on their children's computer use and an estimate for their degree of computer addiction which was tested against their child's self-report. Results indicated that fathers and mothers who had negative views of the Internet, tended to encourage less their children to engage in online activities and worried more for the possibility that their child is addicted to computer use; their worries weren't correlated with their children's results. Parental views on the Internet had no effect on the level of security precautions they employed at home. Those parents who reported a low level of security knowledge and were unsure as to what their children were doing online, tended to consider their children more likely to be addicted to computer use; those views were confirmed by their children' self-reported results.

Implementation of the Internet of Things on Public Security

NASA Astrophysics Data System (ADS)

Lu, Kesheng; Li, Xichun

The development of the Internet of Things will occur within a new ecosystem that will be driven by a number of key players. The public security as one of the key players is going to make real-time communications will be possible not only by humans but also by things at anytime and from anywhere. This research will present the advent of the Internet of Things to create a plethora of innovative applications and services, which will enhance quality of life and reduce inequalities.

Building an authorization model for external means of protection of APCS based on the Internet of things

NASA Astrophysics Data System (ADS)

Zaharov, A. A.; Nissenbaum, O. V.; Ponomaryov, K. Y.; Nesgovorov, E. S.

2018-01-01

In this paper we study application of Internet of Thing concept and devices to secure automated process control systems. We review different approaches in IoT (Internet of Things) architecture and design and propose them for several applications in security of automated process control systems. We consider an Attribute-based encryption in context of access control mechanism implementation and promote a secret key distribution scheme between attribute authorities and end devices.

Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview

NASA Astrophysics Data System (ADS)

Zhang, Junqing; Duong, Trung; Woods, Roger; Marshall, Alan

2017-08-01

The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered.

A Framework for an Institutional High Level Security Policy for the Processing of Medical Data and their Transmission through the Internet

PubMed Central

Pangalos, George

2001-01-01

Background The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. Objective To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. Methods We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. Results We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. Conclusions The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented. PMID:11720956

A framework for an institutional high level security policy for the processing of medical data and their transmission through the Internet.

PubMed

Ilioudis, C; Pangalos, G

2001-01-01

The Internet provides many advantages when used for interaction and data sharing among health care providers, patients, and researchers. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality, integrity, and availability of information. It is therefore essential that Health Care Establishments processing and exchanging medical data use an appropriate security policy. To develop a High Level Security Policy for the processing of medical data and their transmission through the Internet, which is a set of high-level statements intended to guide Health Care Establishment personnel who process and manage sensitive health care information. We developed the policy based on a detailed study of the existing framework in the EU countries, USA, and Canada, and on consultations with users in the context of the Intranet Health Clinic project. More specifically, this paper has taken into account the major directives, technical reports, law, and recommendations that are related to the protection of individuals with regard to the processing of personal data, and the protection of privacy and medical data on the Internet. We present a High Level Security Policy for Health Care Establishments, which includes a set of 7 principles and 45 guidelines detailed in this paper. The proposed principles and guidelines have been made as generic and open to specific implementations as possible, to provide for maximum flexibility and adaptability to local environments. The High Level Security Policy establishes the basic security requirements that must be addressed to use the Internet to safely transmit patient and other sensitive health care information. The High Level Security Policy is primarily intended for large Health Care Establishments in Europe, USA, and Canada. It is clear however that the general framework presented here can only serve as reference material for developing an appropriate High Level Security Policy in a specific implementation environment. When implemented in specific environments, these principles and guidelines must also be complemented by measures, which are more specific. Even when a High Level Security Policy already exists in an institution, it is advisable that the management of the Health Care Establishment periodically revisits it to see whether it should be modified or augmented.

Internet Roadside Cafe #6. [Videotape.

ERIC Educational Resources Information Center

American Library Association Video/Library Video Network, Towson, MD.

This 30-minute videotape takes an in-depth look at World Wide Web business transactions, potential risks, client privacy and security issues by asking businesses and consumers how they do business on the Internet. Also featured in the program is advice about choosing a secure password, the use of credit cards for Web purchasing and a review of…

Building a Successful Security Infrastructure: What You Want vs. What You Need vs. What You Can Afford

NASA Technical Reports Server (NTRS)

Crabb, Michele D.; Woodrow, Thomas S. (Technical Monitor)

1995-01-01

With the fast growing popularity of the Internet, many organizations are racing to get onto the on-ramp to the Information Superhighway. However, with frequent headlines such as 'Hackers' break in at General Electric raises questions about the Net's Security', 'Internet Security Imperiled - Hackers steal data that could threaten computers world-wide' and 'Stanford Computer system infiltrated; Security fears grow', organizations find themselves rethinking their approach to the on-ramp. Is the Internet safe? What do I need to do to protect my organization? Will hackers try to break into my systems? These are questions many organizations are asking themselves today. In order to safely travel along the Information Superhighway, organizations need a strong security framework. Developing such a framework for a computer site, whether it be just a few dozen hosts or several thousand hosts is not an easy task. The security infrastructure for a site is often developed piece-by-piece in response to security incidents which have affected that site over time. Or worse yet, no coordinated effort has been dedicated toward security. The end result is that many sites are still poorly prepared to handle the security dangers of the Internet. This paper presents guidelines for building a successful security infrastructure. The problem is addressed in a cookbook style method. First is a discussion on how to identify your assets and evaluate the threats to those assets; next are suggestions and tips for identifying the weak areas in your security armor. Armed with this information we can begin to think about what you really need for your site and what you can afford. In this stage of the process we examine the different categories of security tools and products that are available and then present some tips for deciding what is best for your site.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

PubMed

Ghanti, Shaila; Naik, G M

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

PubMed Central

Ghanti, Shaila

2016-01-01

Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

Security and privacy issues with health care information technology.

PubMed

Meingast, Marci; Roosta, Tanya; Sastry, Shankar

2006-01-01

The face of health care is changing as new technologies are being incorporated into the existing infrastructure. Electronic patient records and sensor networks for in-home patient monitoring are at the current forefront of new technologies. Paper-based patient records are being put in electronic format enabling patients to access their records via the Internet. Remote patient monitoring is becoming more feasible as specialized sensors can be placed inside homes. The combination of these technologies will improve the quality of health care by making it more personalized and reducing costs and medical errors. While there are benefits to technologies, associated privacy and security issues need to be analyzed to make these systems socially acceptable. In this paper we explore the privacy and security implications of these next-generation health care technologies. We describe existing methods for handling issues as well as discussing which issues need further consideration.

75 FR 9073 - Amendments to Rules Requiring Internet Availability of Proxy Materials

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-26

... Internet Availability of Proxy Materials; Final Rule #0;#0;Federal Register / Vol. 75 , No. 38 / Friday... to Rules Requiring Internet Availability of Proxy Materials AGENCY: Securities and Exchange... Notice of Internet Availability of Proxy Materials that is sent to shareholders and to permit issuers and...

78 FR 57371 - Agency Information Collection Activities; Comment Request; Student Aid Internet Gateway (SAIG...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-18

...; Comment Request; Student Aid Internet Gateway (SAIG) Enrollment Document AGENCY: Federal Student Aid (FSA... Internet Gateway (SAIG) Enrollment Document. OMB Control Number: 1845-0002. Type of Review: A revision of... Internet Gateway (SAIG) allows eligible entities to securely exchange Title IV, Higher Education Act (HEA...

Use of a secure Internet Web site for collaborative medical research.

PubMed

Marshall, W W; Haley, R W

2000-10-11

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors. JAMA. 2000;284:1843-1849.

Privacy-enhanced electronic mail

NASA Astrophysics Data System (ADS)

Bishop, Matt

1990-06-01

The security of electronic mail sent through the Internet may be described in exactly three words: there is none. The Privacy and Security Research Group has recommended implementing mechanisms designed to provide security enhancements. The first set of mechanisms provides a protocol to provide privacy, integrity, and authentication for electronic mail; the second provides a certificate-based key management infrastructure to support key distribution throughout the internet, to support the first set of mechanisms. These mechanisms are described, as well as the reasons behind their selection and how these mechanisms can be used to provide some measure of security in the exchange of electronic mail.

Home security system using internet of things

NASA Astrophysics Data System (ADS)

Anitha, A.

2017-11-01

IoT refers to the infrastructure of connected physical devices which is growing at a rapid rate as huge number of devices and objects are getting associated to the Internet. Home security is a very useful application of IoT and we are using it to create an inexpensive security system for homes as well as industrial use. The system will inform the owner about any unauthorized entry or whenever the door is opened by sending a notification to the user. After the user gets the notification, he can take the necessary actions. The security system will use a microcontroller known as Arduino Uno to interface between the components, a magnetic Reed sensor to monitor the status, a buzzer for sounding the alarm, and a WiFi module, ESP8266 to connect and communicate using the Internet. The main advantages of such a system includes the ease of setting up, lower costs and low maintenance.

Enhanced Security for Online Exams Using Group Cryptography

ERIC Educational Resources Information Center

Jung, I. Y.; Yeom, H. Y.

2009-01-01

While development of the Internet has contributed to the spread of online education, online exams have not been widely adopted. An online exam is defined here as one that takes place over the insecure Internet, and where no proctor is in the same location as the examinees. This paper proposes an enhanced secure online exam management environment…

Cybersecurity and Optimization in Smart “Autonomous” Buildings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mylrea, Michael E.; Gourisetti, Sri Nikhil Gup

Significant resources have been invested in making buildings “smart” by digitizing, networking and automating key systems and operations. Smart autonomous buildings create new energy efficiency, economic and environmental opportunities. But as buildings become increasingly networked to the Internet, they can also become more vulnerable to various cyber threats. Automated and Internet-connected buildings systems, equipment, controls, and sensors can significantly increase cyber and physical vulnerabilities that threaten the confidentiality, integrity, and availability of critical systems in organizations. Securing smart autonomous buildings presents a national security and economic challenge to the nation. Ignoring this challenge threatens business continuity and the availability ofmore » critical infrastructures that are enabled by smart buildings. In this chapter, the authors address challenges and explore new opportunities in securing smart buildings that are enhanced by machine learning, cognitive sensing, artificial intelligence (AI) and smart-energy technologies. The chapter begins by identifying cyber-threats and challenges to smart autonomous buildings. Then it provides recommendations on how AI enabled solutions can help smart buildings and facilities better protect, detect and respond to cyber-physical threats and vulnerabilities. Next, the chapter will provide case studies that examine how combining AI with innovative smart-energy technologies can increase both cybersecurity and energy efficiency savings in buildings. The chapter will conclude by proposing recommendations for future cybersecurity and energy optimization research for examining AI enabled smart-energy technology.« less

[A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

PubMed

Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

2004-04-01

We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

Retailing and Shopping on the Internet.

ERIC Educational Resources Information Center

Rowley, Jennifer

1996-01-01

Internet advertising and commercial activity are increasing. This article examines challenges facing the retail industry on the Internet: location; comparison shopping; security, especially financial transactions; customer base and profile; nature of the shopping experience; and legal and marketplace controls. (PEN)

Older Adults' Knowledge of Internet Hazards

ERIC Educational Resources Information Center

Grimes, Galen A.; Hough, Michelle G.; Mazur, Elizabeth; Signorella, Margaret L.

2010-01-01

Older adults are less likely to be using computers and less knowledgeable about Internet security than are younger users. The two groups do not differ on trust of Internet information. The younger group shows no age or gender differences. Within the older group, computer users are more trusting of Internet information, and along with those with…

Evolution of Internet addiction in Greek adolescent students over a two-year period: the impact of parental bonding.

PubMed

Siomos, Konstantinos; Floros, Georgios; Fisoun, Virginia; Evaggelia, Dafouli; Farkonas, Nikiforos; Sergentani, Elena; Lamprou, Maria; Geroukalis, Dimitrios

2012-04-01

We present results from a cross-sectional study of the entire adolescent student population aged 12-18 of the island of Kos and their parents, on Internet abuse, parental bonding and parental online security practices. We also compared the level of over involvement with personal computers of the adolescents to the respective estimates of their parents. Our results indicate that Internet addiction is increased in this population where no preventive attempts were made to combat the phenomenon from the initial survey, 2 years ago. This increase is parallel to an increase in Internet availability. The best predictor variables for Internet and computer addiction were parental bonding variables and not parental security practices. Parents tend to underestimate the level of computer involvement when compared to their own children estimates. Parental safety measures on Internet browsing have only a small preventive role and cannot protect adolescents from Internet addiction. The three online activities most associated with Internet addiction were watching online pornography, online gambling and online gaming. © Springer-Verlag 2012

A Survey on Cyber Security awareness among college students in Tamil Nadu

NASA Astrophysics Data System (ADS)

Senthilkumar, K.; Easwaramoorthy, Sathishkumar

2017-11-01

The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

Exploring key factors in online shopping with a hybrid model.

PubMed

Chen, Hsiao-Ming; Wu, Chia-Huei; Tsai, Sang-Bing; Yu, Jian; Wang, Jiangtao; Zheng, Yuxiang

2016-01-01

Nowadays, the web increasingly influences retail sales. An in-depth analysis of consumer decision-making in the context of e-business has become an important issue for internet vendors. However, factors affecting e-business are complicated and intertwined. To stimulate online sales, understanding key influential factors and causal relationships among the factors is important. To gain more insights into this issue, this paper introduces a hybrid method, which combines the Decision Making Trial and Evaluation Laboratory (DEMATEL) with the analytic network process, called DANP method, to find out the driving factors that influence the online business mostly. By DEMATEL approach the causal graph showed that "online service" dimension has the highest degree of direct impact on other dimensions; thus, the internet vendor is suggested to made strong efforts on service quality throughout the online shopping process. In addition, the study adopted DANP to measure the importance of key factors, among which "transaction security" proves to be the most important criterion. Hence, transaction security should be treated with top priority to boost the online businesses. From our study with DANP approach, the comprehensive information can be visually detected so that the decision makers can spotlight on the root causes to develop effectual actions.

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

49 CFR 1503.3 - Reports by the public of security problems, deficiencies, and vulnerabilities.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 1503.3 Reports; 601 South 12th Street; Arlington, VA 20598-6002; (2) Internet at http://www.tsa.gov/contact, selecting “Security Issues”; or (3) Telephone (toll-free) at 1-866-289-9673. (b) Reports submitted by mail will receive a receipt through the mail, reports submitted by the Internet will receive an...

Online Privacy, Security and Ethical Dilemma: A Recent Study.

ERIC Educational Resources Information Center

Karmakar, Nitya L.

The Internet remains as a wonder for the 21st century and its growth is phenomenon. According to a recent survey, the online population is now about 500 million globally and if this trend continues, it should reach 700 million by the end of 2002. This exponential growth of the Internet has given rise to several security, privacy and ethical…

Unofficial Technology Marvel of the Millennium.

ERIC Educational Resources Information Center

Ricart, Glenn

2000-01-01

Discusses the impact of the Internet, particularly on higher education. Highlights include a history of the development of the Internet; a leadership plan for higher education; authentication of personal identity; security; information quality; the concept of Internet time; and future possibilities. (LRW)

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

17 CFR 232.314 - Accommodation for certain securitizers of asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Securities Rulemaking Board's Internet Web site. [76 FR 4511, Jan. 26, 2011] XBRL-Related Documents ... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Accommodation for certain securitizers of asset-backed securities. 232.314 Section 232.314 Commodity and Securities Exchanges SECURITIES...

Adolescent online gambling: the impact of parental practices and correlates with online activities.

PubMed

Floros, Georgios D; Siomos, Konstantinos; Fisoun, Virginia; Geroukalis, Dimitrios

2013-03-01

We present results from a cross-sectional study of the entire adolescent student population aged 12-19 of the island of Kos and their parents, on the relationship between their Internet gambling and respective parental practices, including aspects of psychological bonding and online security measures. The sample consisted of 2,017 students (51.8% boys, 48.2% girls). Our results indicate that gender, parenting practices as perceived by the adolescents and distinct patterns of adolescent Internet activities are among the best predictor variables for Internet gambling. Security practices exercised by the parents failed to make an impact on the extent of Internet gambling, demonstrating the need for specific measures to tackle this phenomenon since the provision of simple education on the dangers of the Internet is not sufficient to this regard.

How to Establish Security Awareness in Schools

NASA Astrophysics Data System (ADS)

Beyer, Anja; Westendorf, Christiane

The internet is a fast changing medium and comprises several websites fraught with risk. In this context especially young age groups are endangered. They have less experience using the media and little knowledge on existing internet risks. There are a number of initiatives, which are engaged in the topic of internet safety. They provide information about measures on how to prevent and to deal with internet risks. However it is not certain if these initiatives do reach their target group (children and adolescents). In this regard schools bear a special relevance, since they have the knowledge about didactic methods and the chance to address measures directly to children and adolescents. The authors of this paper provide an overview of current security education in German schools, problems and open questions. Finally the authors make recommendations on how to establish internet safety in schools.

Uncovering patterns of technology use in consumer health informatics

PubMed Central

Hung, Man; Conrad, Jillian; Hon, Shirley D.; Cheng, Christine; Franklin, Jeremy D.; Tang, Philip

2014-01-01

Internet usage and accessibility has grown at a staggering rate, influencing technology use for healthcare purposes. The amount of health information technology (Health IT) available through the Internet is immeasurable and growing daily. Health IT is now seen as a fundamental aspect of patient care as it stimulates patient engagement and encourages personal health management. It is increasingly important to understand consumer health IT patterns including who is using specific technologies, how technologies are accessed, factors associated with use, and perceived benefits. To fully uncover consumer patterns it is imperative to recognize common barriers and which groups they disproportionately affect. Finally, exploring future demand and predictions will expose significant opportunities for health IT. The most frequently used health information technologies by consumers are gathering information online, mobile health (mHealth) technologies, and personal health records (PHRs). Gathering health information online is the favored pathway for healthcare consumers as it is used by more consumers and more frequently than any other technology. In regard to mHealth technologies, minority Americans, compared with White Americans utilize social media, mobile Internet, and mobile applications more frequently. Consumers believe PHRs are the most beneficial health IT. PHR usage is increasing rapidly due to PHR integration with provider health systems and health insurance plans. Key issues that have to be explicitly addressed in health IT are privacy and security concerns, health literacy, unawareness, and usability. Privacy and security concerns are rated the number one reason for the slow rate of health IT adoption. PMID:24904713

Data mining technique for a secure electronic payment transaction using MJk-RSA in mobile computing

NASA Astrophysics Data System (ADS)

G. V., Ramesh Babu; Narayana, G.; Sulaiman, A.; Padmavathamma, M.

2012-04-01

Due to the evolution of the Electronic Learning (E-Learning), one can easily get desired information on computer or mobile system connected through Internet. Currently E-Learning materials are easily accessible on the desktop computer system, but in future, most of the information shall also be available on small digital devices like Mobile, PDA, etc. Most of the E-Learning materials are paid and customer has to pay entire amount through credit/debit card system. Therefore, it is very important to study about the security of the credit/debit card numbers. The present paper is an attempt in this direction and a security technique is presented to secure the credit/debit card numbers supplied over the Internet to access the E-Learning materials or any kind of purchase through Internet. A well known method i.e. Data Cube Technique is used to design the security model of the credit/debit card system. The major objective of this paper is to design a practical electronic payment protocol which is the safest and most secured mode of transaction. This technique may reduce fake transactions which are above 20% at the global level.

Mechanical Verification of Cryptographic Protocols

NASA Astrophysics Data System (ADS)

Cheng, Xiaochun; Ma, Xiaoqi; Huang, Scott C.-H.; Cheng, Maggie

Information security is playing an increasingly important role in modern society, driven especially by the uptake of the Internet for information transfer. Large amount of information is transmitted everyday through the Internet, which is often the target of malicious attacks. In certain areas, this issue is vital. For example, military departments of governments often transmit a great amount of top-secret data, which, if divulged, could become a huge threat to the public and to national security. Even in our daily life, it is also necessary to protect information. Consider e-commerce systems as an example. No one is willing to purchase anything over the Internet before being assured that all their personal and financial information will always be kept secure and will never be leaked to any unauthorised person or organisation.

77 FR 67724 - Rescission of Social Security Acquiescence Ruling 05-1(9)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-13

...-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0058] Rescission of Social Security Acquiescence Ruling 05-1(9) AGENCY: Social Security Administration. [[Page 67725

78 FR 15797 - Service Delivery Plan

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-12

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0048] Service Delivery Plan AGENCY: Social... information, such as Social Security numbers or medical information. 1. Internet: We strongly recommend that... Regulations and Reports Clearance, Social Security Administration, 107 Altmeyer Building, 6401 Security...

DICOM image secure communications with Internet protocols IPv6 and IPv4.

PubMed

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

The impact of internet-connected control systems on the oil and gas industry

NASA Astrophysics Data System (ADS)

Martel, Ruth T.

In industry and infrastructure today, communication is a way of life. In the oil and gas industry, the use of devices that communicate with the network at large is both commonplace and expected. Unfortunately, security on these devices is not always best. Many industrial control devices originate from legacy devices not originally configured with security in mind. All infrastructure and industry today has seen an increase in attacks on their networks and in some cases, a very dramatic increase, which should be a cause for alarm and action. The purpose of this research was to highlight the threat that Internet-connected devices present to an organization's network in the oil and gas industry and ultimately, to the business and possibly even human life. Although there are several previous studies that highlight the problem of these Internet-connected devices, there remains evidence that security response has not been adequate. The analysis conducted on only one easily discovered device serves as an example of the ongoing issue of the security mindset in the oil and gas industry. The ability to connect to a network through an Internet-connected device gives a hacker an anonymous backdoor to do great damage in that network. The hope is that the approach to security in infrastructure and especially the oil and gas industry, changes before a major catastrophe occurs involving human life.

An Analysis of Fraud on the Internet.

ERIC Educational Resources Information Center

Baker, C. Richard

1999-01-01

Examines the issue of fraud on the Internet and discusses three areas with significant potential for misleading and fraudulent practices: securities sales and trading; electronic commerce, including privacy and information protection; and the rapid growth of Internet companies, including advertising issues. (Author/LRW)

Help

Science.gov Websites

DUF6 Management and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home  . Looking for other resources? Try the Internet Resources page Search through relevant online newspapers News | FAQs | Internet Resources | Glossary Help | Mailing Services | Contact Us | About Us | Security

Saving the internet.

PubMed

Zittrain, Jonathan

2007-06-01

The Internet goose has laid countless golden eggs, along with a growing number of rotten ones. But it's the rotten ones that now tempt commercial, governmental, and consumer interests to threaten the Internet's uniquely creative power. The expediently selected, almost accidentally generative properties of the Internet - its technical openness, ease of access and mastery, and adaptability - have combined, especially when coupled with those of the PC, to produce an unsurpassed environment for innovative experiment. Those same properties, however, also make the Internet hospitable to various forms of wickedness: hacking, porn, spam, fraud, theft, predation, and attacks on the network itself. As these undesirable phenomena proliferate, business, government, and many users find common cause for locking down Internet and PC architecture in the interests of security and order. PC and Internet security vulnerabilities are a legitimate menace. However, the most likely reactions - if they are not forestalled - will be at least as unfortunate as the security problems themselves. Consider the growing profusion of "tethered appliances" - devices whose functions cannot readily be altered by their owners (think TiVo). Such appliances take Internet innovations and wrap them up in a neat, easy-to-use package, which is good - but only if the Internet and PC can remain sufficiently in the center of the digital ecosystem to produce the next round of innovations and to generate competition. People buy these devices for their convenience or functionality and may appreciate the fact that they are safer to use (they limit the damage users can do through ignorance or carelessness). But the risk is that users, by migrating to such appliances, will unwittingly trade away the future benefits of generativity - a loss that will go unappreciated even as innovation tapers off.

The Regulatory Framework for Privacy and Security

NASA Astrophysics Data System (ADS)

Hiller, Janine S.

The internet enables the easy collection of massive amounts of personally identifiable information. Unregulated data collection causes distrust and conflicts with widely accepted principles of privacy. The regulatory framework in the United States for ensuring privacy and security in the online environment consists of federal, state, and self-regulatory elements. New laws have been passed to address technological and internet practices that conflict with privacy protecting policies. The United States and the European Union approaches to privacy differ significantly, and the global internet environment will likely cause regulators to face the challenge of balancing privacy interests with data collection for many years to come.

Lessons Learned from the Afghan Mission Network: Developing a Coalition Contingency Network

DTIC Science & Technology

2014-01-01

SIPRNet Secret Internet Protocol Router Network SOP Standard Operating Procedure SVTC Secure Video Teleconference (or –Conferencing) TTP Tactics...Voice over internet protocol (VOIP) telephone connectivity • Email • Web browsing • Secure video teleconferencing (SVTC...10, 2012. As of January 15, 2013: http://www.guardian.co.uk/world/2012/oct/10/us-troops-jordan-syria-crisis Baldor, Lolita C., and Pauline Jelinek

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

17 CFR 240.14c-3 - Annual report to be furnished security holders.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Notice of Internet Availability of Proxy Materials, annual report to security holders or information... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Annual report to be furnished security holders. 240.14c-3 Section 240.14c-3 Commodity and Securities Exchanges SECURITIES AND EXCHANGE...

Get Linked or Get Lost: Marketing Strategy for the Internet.

ERIC Educational Resources Information Center

Aldridge, Alicia; Forcht, Karen; Pierson, Joan

1997-01-01

To cultivate an online market share, companies must design marketing strategies specifically for the Internet. This article examines the nature of business on the Internet, highlighting demographics, user control, accessibility, communication, authenticity, competition, and security and proposes a marketing strategy, including targeting and…

[The Internet and its security].

PubMed

Masić, Izet; Ahmetović, Ademir; Jakupović, Safet; Masić, Zlatan; Zunić, Lejla

2002-01-01

Internet, is the greatest world net by by means of which nowadays the planet communicates, rapidly goes forward. The last years of the university in USA the commonly develop the more progressive concept of the net (Internet 2), thanks to the constant growing technologies, with the goal to answer the needs of the scientific and the educational institutions, but also the commercial institutions and the organizations. Almost the there is no more significant institution in the world which has not developed their web pages and data bases with the most actual contents available to the wider circle of the users. In this paper we have given the section of the most actual web pages. However, Internet is not immune to those users who are not benevolent and who have developed the different tools in the goal of the destroying or unabling of the normal use of all the Internet conveniences. The authors is considering the protection problem and the data security which get distributed by Internet.

A Security Checklist for ERP Implementations

ERIC Educational Resources Information Center

Hughes, Joy R.; Beer, Robert

2007-01-01

The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

Digital optical processing of optical communications: towards an Optical Turing Machine

NASA Astrophysics Data System (ADS)

Touch, Joe; Cao, Yinwen; Ziyadi, Morteza; Almaiman, Ahmed; Mohajerin-Ariaei, Amirhossein; Willner, Alan E.

2017-01-01

Optical computing is needed to support Tb/s in-network processing in a way that unifies communication and computation using a single data representation that supports in-transit network packet processing, security, and big data filtering. Support for optical computation of this sort requires leveraging the native properties of optical wave mixing to enable computation and switching for programmability. As a consequence, data must be encoded digitally as phase (M-PSK), semantics-preserving regeneration is the key to high-order computation, and data processing at Tb/s rates requires mixing. Experiments have demonstrated viable approaches to phase squeezing and power restoration. This work led our team to develop the first serial, optical Internet hop-count decrement, and to design and simulate optical circuits for calculating the Internet checksum and multiplexing Internet packets. The current exploration focuses on limited-lookback computational models to reduce the need for permanent storage and hybrid nanophotonic circuits that combine phase-aligned comb sources, non-linear mixing, and switching on the same substrate to avoid the macroscopic effects that hamper benchtop prototypes.

Countering Internet Extremism

DTIC Science & Technology

2009-01-01

early stages of the conflict, and secure an information warfare victory. Extremists’ use of the Internet has developed rapidly since the Chechen...activities Countering Internet Extremism By Mr. Timothy L. Thomas Editorial Abstract: The author examines the modern informational environment, and...spite of all of these resources—plus all of the money the west has thrown into information (read Internet ) security—an individual known as Irhabi

An Internet-Based Accounting Information Systems Project

ERIC Educational Resources Information Center

Miller, Louise

2012-01-01

This paper describes a student project assignment used in an accounting information systems course. We are now truly immersed in the internet age, and while many required accounting information systems courses and textbooks introduce database design, accounting software development, cloud computing, and internet security, projects involving the…

Privacy and security of patient data in the pathology laboratory.

PubMed

Cucoranu, Ioan C; Parwani, Anil V; West, Andrew J; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B; Balis, Ulysses J; Tuthill, Mark J; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States.

Assurance: the power behind PCASSO security.

PubMed Central

Baker, D. B.; Masys, D. R.; Jones, R. L.; Barnhart, R. M.

1999-01-01

The need for security protection in Internet-based healthcare applications is generally acknowledged. Most healthcare applications that use the Internet have at least implemented some kind of encryption. Most applications also enforce user authentication and access control policies, and many audit user actions. However, most fall short on providing strong assurances that the security mechanisms are behaving as expected and that they cannot be subverted. While no system can claim to be totally "bulletproof," PCASSO provides assurance of correct operation through formal, disciplined design and development methodologies, as well as through functional and penetration testing. Through its security mechanisms, backed by strong system assurances, PCASSO is demonstrating "safe" use of public data networks for health care. PMID:10566443

Finding Effective Responses Against Cyber Attacks for Divided Nations

DTIC Science & Technology

2015-12-01

Coordination Center LTE Long Term Evolution MAC Media Access Control MCRC Master Control and Reporting Center MEI Ministry of Electronics...satellites that aid Internet connections. Individual users can access the Internet via not only a wired connection up to 1 Gbps, but also by 4G LTE ...operate air-gapped intranets with security measures such as cryptographic modules that correspond to security levels. The MND does maintain the public

From Fob to Noc: A Pathway to a Cyber Career for Combat Veterans

DTIC Science & Technology

2014-06-01

Assurance Certifications GS general schedule HSAC Homeland Security Advisory Council IDS intrusion detection system IP internet protocol IPS...NIPRNET non-secure internet protocol router network NIST National Institute for Standards and Technology NOC network operations center NSA National...twice a day on an irregular schedule or during contact with the enemy to keep any observing enemy wary of the force protection 13 condition at any

Design for Security Workshop

DTIC Science & Technology

2014-09-30

fingerprint sensor etc.  Secure application execution  Trust established outwards  With normal world apps  With internet/cloud apps...Xilinx Zynq Security Components and Capabilities © Copyright 2014 Xilinx . Security Features Inherited from FPGAs Zynq Secure Boot TrustZone...2014 Xilinx . Security Features Inherited from FPGAs Zynq Secure Boot TrustZone Integration 4 Agenda © Copyright 2014 Xilinx . Device DNA and User

Exploring Parents' and Children's Awareness on Internet Threats in Relation to Internet Safety

ERIC Educational Resources Information Center

Ktoridou, Despo; Eteokleous, Nikleia; Zahariadou, Anastasia

2012-01-01

Purpose: The purpose of the study is to explore parents' level of awareness in relation to the threats that children are exposed to when using the internet. Additionally, it explores the parental interest to raise their awareness on internet use and threats, as well as investigating their interest in establishing household environment safety…

Patient-Centered Access to Secure Systems Online (PCASSO): a secure approach to clinical data access via the World Wide Web.

PubMed Central

Masys, D. R.; Baker, D. B.

1997-01-01

The Internet's World-Wide Web (WWW) provides an appealing medium for the communication of health related information due to its ease of use and growing popularity. But current technologies for communicating data between WWW clients and servers are systematically vulnerable to certain types of security threats. Prominent among these threats are "Trojan horse" programs running on client workstations, which perform some useful and known function for a user, while breaching security via background functions that are not apparent to the user. The Patient-Centered Access to Secure Systems Online (PCASSO) project of SAIC and UCSD is a research, development and evaluation project to exploit state-of-the-art security and WWW technology for health care. PCASSO is designed to provide secure access to clinical data for healthcare providers and their patients using the Internet. PCASSO will be evaluated for both safety and effectiveness, and may provide a model for secure communications via public data networks. PMID:9357644

Current experiences with internet telepathology and possible evolution in the next generation of Internet services.

PubMed

Della Mea, V; Beltrami, C A

2000-01-01

The last five years experience has definitely demonstrated the possible applications of the Internet for telepathology. They may be listed as follows: (a) teleconsultation via multimedia e-mail; (b) teleconsultation via web-based tools; (c) distant education by means of World Wide Web; (d) virtual microscope management through Web and Java interfaces; (e) real-time consultations through Internet-based videoconferencing. Such applications have led to the recognition of some important limits of the Internet, when dealing with telemedicine: (i) no guarantees on the quality of service (QoS); (ii) inadequate security and privacy; (iii) for some countries, low bandwidth and thus low responsiveness for real-time applications. Currently, there are several innovations in the world of the Internet. Different initiatives have been aimed at an amelioration of the Internet protocols, in order to have quality of service, multimedia support, security and other advanced services, together with greater bandwidth. The forthcoming Internet improvements, although induced by electronic commerce, video on demand, and other commercial needs, are of real interest also for telemedicine, because they solve the limits currently slowing down the use of Internet. When such new services will be available, telepathology applications may switch from research to daily practice in a fast way.

Healthcare teams over the Internet: programming a certificate-based approach.

PubMed

Georgiadis, Christos K; Mavridis, Ioannis K; Pangalos, George I

2003-07-01

Healthcare environments are a representative case of collaborative environments since individuals (e.g. doctors) in many cases collaborate in order to provide care to patients in a more proficient way. At the same time modern healthcare institutions are increasingly interested in sharing access of their information resources in the networked environment. Healthcare applications over the Internet offer an attractive communication infrastructure at worldwide level but with a noticeably great factor of risk. Security has, therefore, become a major concern. However, although an adequate level of security can be relied upon digital certificates, if an appropriate security model is used, additional security considerations are needed in order to deal efficiently with the above team-work concerns. The already known Hybrid Access Control (HAC) security model supports and handles efficiently healthcare teams with active security capabilities and is capable to exploit the benefits of certificate technology. In this paper we present the way for encoding the appropriate authoritative information in various types of certificates, as well as the overall operational architecture of the implemented access control system for healthcare collaborative environments over the Internet. A pilot implementation of the proposed methodology in a major Greek hospital has shown the applicability of the proposals and the flexibility of the access control provided.

Hybrid epidemics--a case study on computer worm conficker.

PubMed

Zhang, Changwang; Zhou, Shi; Chain, Benjamin M

2015-01-01

Conficker is a computer worm that erupted on the Internet in 2008. It is unique in combining three different spreading strategies: local probing, neighbourhood probing, and global probing. We propose a mathematical model that combines three modes of spreading: local, neighbourhood, and global, to capture the worm's spreading behaviour. The parameters of the model are inferred directly from network data obtained during the first day of the Conficker epidemic. The model is then used to explore the tradeoff between spreading modes in determining the worm's effectiveness. Our results show that the Conficker epidemic is an example of a critically hybrid epidemic, in which the different modes of spreading in isolation do not lead to successful epidemics. Such hybrid spreading strategies may be used beneficially to provide the most effective strategies for promulgating information across a large population. When used maliciously, however, they can present a dangerous challenge to current internet security protocols.

Hybrid Epidemics—A Case Study on Computer Worm Conficker

PubMed Central

Zhang, Changwang; Zhou, Shi; Chain, Benjamin M.

2015-01-01

Conficker is a computer worm that erupted on the Internet in 2008. It is unique in combining three different spreading strategies: local probing, neighbourhood probing, and global probing. We propose a mathematical model that combines three modes of spreading: local, neighbourhood, and global, to capture the worm’s spreading behaviour. The parameters of the model are inferred directly from network data obtained during the first day of the Conficker epidemic. The model is then used to explore the tradeoff between spreading modes in determining the worm’s effectiveness. Our results show that the Conficker epidemic is an example of a critically hybrid epidemic, in which the different modes of spreading in isolation do not lead to successful epidemics. Such hybrid spreading strategies may be used beneficially to provide the most effective strategies for promulgating information across a large population. When used maliciously, however, they can present a dangerous challenge to current internet security protocols. PMID:25978309

Pre-Employment Testing on the Internet: Put Candidates a Click Away and Hire at Modem Speed.

ERIC Educational Resources Information Center

Mooney, John

2002-01-01

The experience of a county government illustrates factors to consider in implementing online employment testing for job candidates: (1) selection of the appropriate Internet-based test; (2) passwords, timing, security, and technical difficulties; and (3) provisions for applicants who lack Internet access. (SK)

Banking on the Internet.

ERIC Educational Resources Information Center

Internet Research, 1996

1996-01-01

Electronic ground was broken in 1995 with the development of the completely Internet-based bank Security First Network Bank. This article discusses the need for developing online services, outlines the reasons for the formation of an Internet-based bank and argues that to remain competitive financial services providers must provide easier customer…

Designing for the Elderly User: Internet Safety Training

ERIC Educational Resources Information Center

Appelt, Lianne C.

2016-01-01

The following qualitative study examines the usability of a custom-designed Internet safety tutorial, targeted at elderly individuals who use the Internet regularly, for effectively conveying critical information regarding online fraud, scams, and other cyber security. The elderly population is especially at risk when it comes to fraudulent…

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2013 CFR

2013-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

17 CFR 230.239 - Exemption for offers and sales of certain security-based swaps.

Code of Federal Regulations, 2014 CFR

2014-04-01

... specified Internet address or includes in its agreement covering the security-based swap that the eligible... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Exemption for offers and sales of certain security-based swaps. 230.239 Section 230.239 Commodity and Securities Exchanges...

Command and Control of Space Assets Through Internet-Based Technologies Demonstrated

NASA Technical Reports Server (NTRS)

Foltz, David A.

2002-01-01

The NASA Glenn Research Center successfully demonstrated a transmission-control-protocol/ Internet-protocol- (TCP/IP) based approach to the command and control of onorbit assets over a secure network. This is a significant accomplishment because future NASA missions will benefit by using Internet-standards-based protocols. Benefits of this Internet-based space command and control system architecture include reduced mission costs and increased mission efficiency. The demonstration proved that this communications architecture is viable for future NASA missions. This demonstration was a significant feat involving multiple NASA organizations and industry. Phillip Paulsen, from Glenn's Project Development and Integration Office, served as the overall project lead, and David Foltz, from Glenn's Satellite Networks and Architectures Branch, provided the hybrid networking support for the required Internet connections. The goal was to build a network that would emulate a connection between a space experiment on the International Space Station and a researcher accessing the experiment from anywhere on the Internet, as shown. The experiment was interfaced to a wireless 802.11 network inside the demonstration area. The wireless link provided connectivity to the Tracking and Data Relay Satellite System (TDRSS) Internet Link Terminal (TILT) satellite uplink terminal located 300 ft away in a parking lot on top of a panel van. TILT provided a crucial link in this demonstration. Leslie Ambrose, NASA Goddard Space Flight Center, provided the TILT/TDRSS support. The TILT unit transmitted the signal to TDRS 6 and was received at the White Sands Second TDRSS Ground Station. This station provided the gateway to the Internet. Coordination also took place at the White Sands station to install a Veridian Firewall and automated security incident measurement (ASIM) system to the Second TDRSS Ground Station Internet gateway. The firewall provides a trusted network for the simulated space experiment. A second Internet connection at the demonstration area was implemented to provide Internet connectivity to a group of workstations to serve as platforms for controlling the simulated space experiment. Installation of this Internet connection was coordinated with an Internet service provider (ISP) and local NASA Johnson Space Center personnel. Not only did this TCP/IP-based architecture prove that a principal investigator on the Internet can securely command and control on-orbit assets, it also demonstrated that valuable virtual testing of planned on-orbit activities can be conducted over the Internet prior to actual deployment in space.

Internet and Democracy: Is the Internet an Important Predictor for Physical Education Teacher Candidates' Attitudes towards Democracy?

ERIC Educational Resources Information Center

Ünlü, Hüseyin

2017-01-01

Today, in the digital age, the Internet usage is common among university students. The Internet is also an important platform for actively participating in democracy. This study explores physical education (PE) candidate teachers' attitudes toward the Internet and democracy. It also explores whether the Internet is an important predictor for…

NSI security task: Overview

NASA Technical Reports Server (NTRS)

Tencati, Ron

1991-01-01

An overview is presented of the NASA Science Internet (NSI) security task. The task includes the following: policies and security documentation; risk analysis and management; computer emergency response team; incident handling; toolkit development; user consulting; and working groups, conferences, and committees.

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes

PubMed Central

2018-01-01

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or “things” to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes. PMID:29518023

Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes.

PubMed

Ali, Bako; Awad, Ali Ismail

2018-03-08

The Internet of Things (IoT) is an emerging paradigm focusing on the connection of devices, objects, or "things" to each other, to the Internet, and to users. IoT technology is anticipated to become an essential requirement in the development of smart homes, as it offers convenience and efficiency to home residents so that they can achieve better quality of life. Application of the IoT model to smart homes, by connecting objects to the Internet, poses new security and privacy challenges in terms of the confidentiality, authenticity, and integrity of the data sensed, collected, and exchanged by the IoT objects. These challenges make smart homes extremely vulnerable to different types of security attacks, resulting in IoT-based smart homes being insecure. Therefore, it is necessary to identify the possible security risks to develop a complete picture of the security status of smart homes. This article applies the operationally critical threat, asset, and vulnerability evaluation (OCTAVE) methodology, known as OCTAVE Allegro, to assess the security risks of smart homes. The OCTAVE Allegro method focuses on information assets and considers different information containers such as databases, physical papers, and humans. The key goals of this study are to highlight the various security vulnerabilities of IoT-based smart homes, to present the risks on home inhabitants, and to propose approaches to mitigating the identified risks. The research findings can be used as a foundation for improving the security requirements of IoT-based smart homes.

Science and Technology Resources on the Internet: Computer Security.

ERIC Educational Resources Information Center

Kinkus, Jane F.

2002-01-01

Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

32 CFR 156.5 - National security positions.

Code of Federal Regulations, 2014 CFR

2014-07-01

... of Existing Personnel Security Clearances” dated December 12, 2005 (Copies available on the Internet... 32 National Defense 1 2014-07-01 2014-07-01 false National security positions. 156.5 Section 156.5 National Defense Department of Defense OFFICE OF THE SECRETARY OF DEFENSE SECURITY DEPARTMENT OF DEFENSE...

Space Internet-Embedded Web Technologies Demonstration

NASA Technical Reports Server (NTRS)

Foltz, David A.

2001-01-01

The NASA Glenn Research Center recently demonstrated the ability to securely command and control space-based assets by using the Internet and standard Internet Protocols (IP). This is a significant accomplishment because future NASA missions will benefit by using Internet standards-based protocols. The benefits include reduced mission costs and increased mission efficiency. The Internet-Based Space Command and Control System Architecture demonstrated at the NASA Inspection 2000 event proved that this communications architecture is viable for future NASA missions.

Secure Recognition of Voice-Less Commands Using Videos

NASA Astrophysics Data System (ADS)

Yau, Wai Chee; Kumar, Dinesh Kant; Weghorn, Hans

Interest in voice recognition technologies for internet applications is growing due to the flexibility of speech-based communication. The major drawback with the use of sound for internet access with computers is that the commands will be audible to other people in the vicinity. This paper examines a secure and voice-less method for recognition of speech-based commands using video without evaluating sound signals. The proposed approach represents mouth movements in the video data using 2D spatio-temporal templates (STT). Zernike moments (ZM) are computed from STT and fed into support vector machines (SVM) to be classified into one of the utterances. The experimental results demonstrate that the proposed technique produces a high accuracy of 98% in a phoneme classification task. The proposed technique is demonstrated to be invariant to global variations of illumination level. Such a system is useful for securely interpreting user commands for internet applications on mobile devices.

DUF6 Conversion Facility EIS Schedule

Science.gov Websites

and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home » Conversion News | FAQs | Internet Resources | Glossary Help | Mailing Services | Contact Us | About Us | Security

Privacy, security and access with sensitive health information.

PubMed

Croll, Peter

2010-01-01

This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices.

PubMed

Marin, Leandro; Pawlowski, Marcin Piotr; Jara, Antonio

2015-08-28

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol.

Big Data, Big Solutions

DOE Office of Scientific and Technical Information (OSTI.GOV)

Pike, Bill

Data—lots of data—generated in seconds and piling up on the internet, streaming and stored in countless databases. Big data is important for commerce, society and our nation’s security. Yet the volume, velocity, variety and veracity of data is simply too great for any single analyst to make sense of alone. It requires advanced, data-intensive computing. Simply put, data-intensive computing is the use of sophisticated computers to sort through mounds of information and present analysts with solutions in the form of graphics, scenarios, formulas, new hypotheses and more. This scientific capability is foundational to PNNL’s energy, environment and security missions. Seniormore » Scientist and Division Director Bill Pike and his team are developing analytic tools that are used to solve important national challenges, including cyber systems defense, power grid control systems, intelligence analysis, climate change and scientific exploration.« less

Three Essays on Information Security Policies

ERIC Educational Resources Information Center

Yang, Yubao

2011-01-01

Information security breaches pose a significant and increasing threat to national security and economic well-being. In the Symantec Internet Security Threat Report (2003), companies surveyed experienced an average of about 30 attacks per week. Anecdotal evidence suggests that losses from cyber-attacks can run into millions of dollars. The CSI-FBI…

Security: Progress and Challenges

ERIC Educational Resources Information Center

Luker, Mark A.

2004-01-01

The Homepage column in the March/April 2003 issue of "EDUCAUSE Review" explained the national implication of security vulnerabilities in higher education and the role of the EDUCAUSE/Internet2 Computer and Network Security Task Force in representing the higher education sector in the development of the National Strategy to Secure Cyberspace. Among…

Security of medical data transfer and storage in Internet. Cryptography, antiviral security and electronic signature problems, which must be solved in nearest future in practical context.

PubMed

Kasztelowicz, Piotr; Czubenko, Marek; Zieba, Iwona

2003-01-01

The informatical revolution in computer age, which gives significant benefit in transfer of medical information requests to pay still more attention for aspect of network security. All known advantages of network technologies--first of all simplicity of copying, multiplication and sending information to many individuals can be also dangerous, if illegal, not permitted persons get access to medical data bases. Internet is assumed to be as especially "anarchic" medium, therefore in order to use it in professional work any security principles should be bewared. In our presentation we will try to find the optimal security solution in organisational and technological aspects for any medical network. In our opinion the harmonious co-operation between users, medical authorities and network administrators is core of the success.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks.

PubMed

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-06-08

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas's currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs.

An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

PubMed Central

Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

2016-01-01

WSNs (Wireless sensor networks) are nowadays viewed as a vital portion of the IoTs (Internet of Things). Security is a significant issue in WSNs, especially in resource-constrained environments. AKA (Authentication and key agreement) enhances the security of WSNs against adversaries attempting to get sensitive sensor data. Various AKA schemes have been developed for verifying the legitimate users of a WSN. Firstly, we scrutinize Amin-Biswas’s currently scheme and demonstrate the major security loopholes in their works. Next, we propose a lightweight AKA scheme, using symmetric key cryptography based on smart card, which is resilient against all well known security attacks. Furthermore, we prove the scheme accomplishes mutual handshake and session key agreement property securely between the participates involved under BAN (Burrows, Abadi and Needham) logic. Moreover, formal security analysis and simulations are also conducted using AVISPA(Automated Validation of Internet Security Protocols and Applications) to show that our scheme is secure against active and passive attacks. Additionally, performance analysis shows that our proposed scheme is secure and efficient to apply for resource-constrained WSNs. PMID:27338382

Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

PubMed

Caruso, Ronald D

2003-01-01

Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2010 CFR

2010-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2012 CFR

2012-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2013 CFR

2013-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2011 CFR

2011-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

17 CFR 240.14b-2 - Obligation of banks, associations and other entities that exercise fiduciary powers in connection...

Code of Federal Regulations, 2014 CFR

2014-04-01

... statement, information statement, or Notice of Internet Availability of Proxy Materials to more than one... annual reports to security holders, proxy statements, and Notices of Internet Availability of Proxy..., and Notices of Internet Availability of Proxy Materials) applicable to registrants, with the exception...

78 FR 54707 - Self-Regulatory Organizations; The Options Clearing Corporation; Notice of Filing of Proposed...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-05

... Statement Adopted Under Rule 205 Entitled ``Back-up Communication Channel to Internet Access'' August 29... ``Back-up Communication Channel to Internet Access'' requiring clearing members that use the Internet as their primary means to access OCC's information and data systems to maintain a secure back-up means of...

Privacy/Security Policy

Science.gov Websites

automatically is: The Internet Protocol (IP) address of the domain from which you access the Internet (i.e DUF6 Management and Uses DUF6 Conversion EIS Documents News FAQs Internet Resources Glossary Home  , to access, obtain, alter, damage, or destroy information, or otherwise to interfere with the system

77 FR 75683 - Self-Regulatory Organizations; New York Stock Exchange LLC; Notice of Filing and Immediate...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-21

... things, the telephone services provided by third-party carriers to the Exchange were still not fully... intermittent phone and internet service. Specifically, the wired telephone lines and internet connections for... and Internet issues. \\6\\ See Securities Exchange Act Release No. 68161 (Nov. 5, 2012), 77 FR 67704...

78 FR 5848 - Self-Regulatory Organizations; NYSE MKT LLC; Notice of Filing and Immediate Effectiveness of...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-28

.... Among other things, the telephone services provided by third-party carriers to the Exchange were still... Internet service. Specifically, the wired telephone lines and Internet connections for Floor brokers... aspects of Rules 36.20 and 36.21 because of ongoing telephone and Internet issues. \\5\\ See Securities...

20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Federal Register, and are available on-line at the Social Security Administration's Internet site, http... 20 Employees' Benefits 2 2011-04-01 2011-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its...

20 CFR 423.1 - Suits against the Social Security Administration and its employees in their official capacities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Federal Register, and are available on-line at the Social Security Administration's Internet site, http... 20 Employees' Benefits 2 2013-04-01 2013-04-01 false Suits against the Social Security... SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.1 Suits against the Social Security Administration and its...

A malicious pattern detection engine for embedded security systems in the Internet of Things.

PubMed

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-12-16

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns.

The Impact of the Internet of Things (IoT) on the IT Security Infrastructure of Traditional Colleges and Universities in the State of Utah

ERIC Educational Resources Information Center

Campbell, Wendy

2017-01-01

The speed and availability of Internet-capable devices, such as computers, smartphones, gaming consoles, TVs, and tablets have made it possible for our society to be connected, and stay connected to the Internet 24 hours a day. The Internet of Things (IoT) describes a new environment where common objects are uniquely identifiable and accessible…

K-12 access to internet: Securing the legal framework

NASA Astrophysics Data System (ADS)

Blauassociate, Andrew

1993-09-01

While many people in government, education, and industry have lauded the potential educational value of Internet access for students in grades K-12, there is as yet no legal or regulatory framework within which this new medium is being offered to students. The Communications Policy Forum, a nonpartisan project of the Electronic Frontier Foundation, recently convened a roundtable to discuss some of the legal issues that arise when K-12 schools provide Internet access to their students. Approximately 15 people, representing carriers who provide connections to the Internet, schools or school systems who are connected to the Internet, and legal experts with expertise in this and related areas, met to discuss questions of legal liability as this new medium enters an educational setting for minors. The following attempts to capture the major issues, suggestions, and directions for further collaborative efforts raised during the course of that discussion. In brief, the group identified statutory language aimed at other types of electronic communication that may offer some guidance; was briefed on a host of state laws that could be used to prosecute providers of certain materials found on the Internet; and concluded that there is no case law that clearly applies to this setting. The discussion revealed an interest in anticipating issues and developing responses before problems arose, and the need for shared approaches to allow carriers to move forward in serving and expanding this field. Members of the group offered to pursue these issues jointly and agreed upon a handful of concrete steps for further exploration and discussion.

Current Experiences with Internet Telepathology and Possible Evolution in the Next Generation of Internet Services

PubMed Central

Della Mea, V.; Beltrami, C. A.

2000-01-01

The last five years experience has definitely demonstrated the possible applications of the Internet for telepathology. They may be listed as follows: (a) teleconsultation via multimedia e‐mail; (b) teleconsultation via web‐based tools; (c) distant education by means of World Wide Web; (d) virtual microscope management through Web and Java interfaces; (e) real‐time consultations through Internet‐based videoconferencing. Such applications have led to the recognition of some important limits of the Internet, when dealing with telemedicine: (i) no guarantees on the quality of service (QoS); (ii) inadequate security and privacy; (iii) for some countries, low bandwidth and thus low responsiveness for real‐time applications. Currently, there are several innovations in the world of the Internet. Different initiatives have been aimed at an amelioration of the Internet protocols, in order to have quality of service, multimedia support, security and other advanced services, together with greater bandwidth. The forthcoming Internet improvements, although induced by electronic commerce, video on demand, and other commercial needs, are of real interest also for telemedicine, because they solve the limits currently slowing down the use of Internet. When such new services will be available, telepathology applications may switch from research to daily practice in a fast way. PMID:11339559

Privacy and security of patient data in the pathology laboratory

PubMed Central

Cucoranu, Ioan C.; Parwani, Anil V.; West, Andrew J.; Romero-Lauro, Gonzalo; Nauman, Kevin; Carter, Alexis B.; Balis, Ulysses J.; Tuthill, Mark J.; Pantanowitz, Liron

2013-01-01

Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data. With increasing connectivity of information systems, laboratory work-stations, and instruments themselves to the Internet, the demand to continuously protect and secure laboratory information can become a daunting task. This review addresses informatics security issues in the pathology laboratory related to passwords, biometric devices, data encryption, internet security, virtual private networks, firewalls, anti-viral software, and emergency security situations, as well as the potential impact that newer technologies such as mobile devices have on the privacy and security of electronic protected health information (ePHI). In the United States, the Health Insurance Portability and Accountability Act (HIPAA) govern the privacy and protection of medical information and health records. The HIPAA security standards final rule mandate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of ePHI. Importantly, security failures often lead to privacy breaches, invoking the HIPAA privacy rule as well. Therefore, this review also highlights key aspects of HIPAA and its impact on the pathology laboratory in the United States. PMID:23599904

Secure HL7 transactions using Internet mail (Internet draft).

PubMed

Schadow, Gunther; Tucker, Mark; Rishel, Wes

2002-01-01

The document describes the applicability of the Internet standardisation efforts on secure electronic data interchange (EDI) transactions for Health Level-7 (HL7), an EDI standard for Healthcare used world-wide. The document heavily relies on the work in progress by the IETF EDIINT working group. It is in most parts a restatement of the EDIINTs requirements document and application statement 1 (AS#1) tailored to the needs of the HL7 audience. The authors tried to make the document as self consistent as possible. The goal is to give to the reader who is not a security or Internet standards expert enough foundational and detail information to enable him to build communication software that complies to the Internet standards. Even though the authors rely on and promote the respective Internet standards and drafts, they did not withstand from commenting on and criticising the work where they see upcoming problems in use with HL7 or other EDI protocols that have not been in the initial focus of the EDIINT working group. The authors make suggestions to add parameters to the specification of the MIME type for EDI messages in RFC 1767 in order to enhance functionality. The authors give use cases for a larger subset of disposition types and modifiers of message disposition notifications. One key issue where the document goes beyond the current EDIINT drafts is the concept of non-repudiation of commitment to an EDI transaction. Secure EDI transactions should be regarded as "distributed contracts," i.e. not only the sending and receiving of single messages should be non-refutable but also the connection between messages interchanges. In anticipation of this requirement HL7 usually requires a response message to be sent to acknowledge every transaction. The authors therefore have the requirement to securely couple an EDI response message to its request message. Given the current shape of RFC 1767 this is generally possible only if a response message is coupled with an MDN receipt and the combination of both signed by the responder. The document describes a protocol to bundle MDN and response that uses the MIME multi-part/related content type in RFC 2112.

Study on Information Security and e-Trust in Spanish households

NASA Astrophysics Data System (ADS)

Aguado, José

The study on Information Security and e-Trust in Spanish households has been conducted by INTECO (The National Institute of Communication Technologies) through the Information Security Observatory. It is a study on the incidence and trust of users in the Internet by means of measuring the frequency of the episodes of individual risk in a wide sample of users that are monitored online on a monthly basis, combining quantitative data of incidences (monthly scans of home computers) and qualitative perception data (quarterly surveys). The study is supplied with data from more than 3,000 households with Internet connection, spread across the whole country.

31 CFR 132.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2011 CFR

2011-07-01

... UNLAWFUL INTERNET GAMBLING § 132.1 Authority, purpose, collection of information, and incorporation by... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

Network-based reading system for lung cancer screening CT

NASA Astrophysics Data System (ADS)

Fujino, Yuichi; Fujimura, Kaori; Nomura, Shin-ichiro; Kawashima, Harumi; Tsuchikawa, Megumu; Matsumoto, Toru; Nagao, Kei-ichi; Uruma, Takahiro; Yamamoto, Shinji; Takizawa, Hotaka; Kuroda, Chikazumi; Nakayama, Tomio

2006-03-01

This research aims to support chest computed tomography (CT) medical checkups to decrease the death rate by lung cancer. We have developed a remote cooperative reading system for lung cancer screening over the Internet, a secure transmission function, and a cooperative reading environment. It is called the Network-based Reading System. A telemedicine system involves many issues, such as network costs and data security if we use it over the Internet, which is an open network. In Japan, broadband access is widespread and its cost is the lowest in the world. We developed our system considering human machine interface and security. It consists of data entry terminals, a database server, a computer aided diagnosis (CAD) system, and some reading terminals. It uses a secure Digital Imaging and Communication in Medicine (DICOM) encrypting method and Public Key Infrastructure (PKI) based secure DICOM image data distribution. We carried out an experimental trial over the Japan Gigabit Network (JGN), which is the testbed for the Japanese next-generation network, and conducted verification experiments of secure screening image distribution, some kinds of data addition, and remote cooperative reading. We found that network bandwidth of about 1.5 Mbps enabled distribution of screening images and cooperative reading and that the encryption and image distribution methods we proposed were applicable to the encryption and distribution of general DICOM images via the Internet.

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2013 CFR

2013-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

46 CFR 295.23 - Reporting requirements.

Code of Federal Regulations, 2012 CFR

2012-10-01

... OPERATORS MARITIME SECURITY PROGRAM (MSP) Maritime Security Program Operating Agreements § 295.23 Reporting... (such as facsimile and Internet) for transmission of required information to MARAD, if practicable.]: (a...

Secure or Insure: An Economic Analysis of Security Interdependencies and Investment Types

ERIC Educational Resources Information Center

Grossklags, Jens

2009-01-01

Computer users express a strong desire to prevent attacks, and to reduce the losses from computer and information security breaches. However, despite the widespread availability of various technologies, actual investments in security remain highly variable across the Internet population. As a result, attacks such as distributed denial-of-service…

77 FR 5734 - New Medical Criteria for Evaluating Language and Speech Disorders

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-06

... Medical Criteria for Evaluating Language and Speech Disorders AGENCY: Social Security Administration... Security numbers or medical information. 1. Internet: We strongly recommend that you submit your comments... INFORMATION CONTACT: Cheryl A. Williams, Office of Medical Listings Improvement, Social Security...

ihear[R] Internet Therapy Program: A Program by St. Joseph Institute for the Deaf

ERIC Educational Resources Information Center

Broekelmann, Cheryl

2012-01-01

The ihear[R] Internet Therapy Program (ihear) provides effective, individualized, and interactive therapy that is tailored to each child's specific needs through a secure, high-quality Internet connection. The program brings listening and spoken language services directly to schools and families. The foundation for ihear is based on the St. Joseph…

76 FR 26331 - Dijji Corp., Hydro Environmental Resources, Inc. (n/k/a EXIM Internet Group, Inc.), Hydrogen...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-06

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Dijji Corp., Hydro Environmental Resources, Inc. (n/k/a EXIM Internet Group, Inc.), Hydrogen Power, Inc., and InsynQ, Inc.; Order of Suspension of... Environmental Resources, Inc. (n/k/a EXIM Internet Group, Inc.) because it has not filed any periodic reports...

Practical Computer Security through Cryptography

NASA Technical Reports Server (NTRS)

McNab, David; Twetev, David (Technical Monitor)

1998-01-01

The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices

PubMed Central

Marin, Leandro; Piotr Pawlowski, Marcin; Jara, Antonio

2015-01-01

The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148- and MSP430-based IoT devices and used them to created novel key negotiation protocol. PMID:26343677

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

12 CFR 233.1 - Authority, purpose, collection of information, and incorporation by reference.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (CONTINUED) BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM PROHIBITION ON FUNDING OF UNLAWFUL INTERNET... Unlawful Internet Gambling Enforcement Act of 2006 (Act) (enacted as Title VIII of the Security and...

Electronic Commerce--Would, Could and Should You Use Current Internet Payment Mechanisms?

ERIC Educational Resources Information Center

Buck, S. Peter

1996-01-01

Discussion of use of the Internet for online payments focuses on payment mechanisms for conducting transactions. Highlights include commercial requirements; security requirements; various proposed and currently used mechanisms; and future possibilities. (LRW)

In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security

NASA Astrophysics Data System (ADS)

Danidou, Yianna; Schafer, Burkhard

This paper analyses potential legal responses and consequences to the anticipated roll out of Trusted Computing (TC). It is argued that TC constitutes such a dramatic shift in power away from users to the software providers, that it is necessary for the legal system to respond. A possible response is to mirror the shift in power by a shift in legal responsibility, creating new legal liabilities and duties for software companies as the new guardians of internet security.

Performance evaluation of secured DICOM image communication with next generation internet protocol IPv6

NASA Astrophysics Data System (ADS)

Yu, Fenghai; Zhang, Jianguo; Chen, Xiaomeng; Huang, H. K.

2005-04-01

Next Generation Internet (NGI) technology with new communication protocol IPv6 emerges as a potential solution for low-cost and high-speed networks for image data transmission. IPv6 is designed to solve many of the problems of the current version of IP (known as IPv4) with regard to address depletion, security, autoconfiguration, extensibility, and more. We choose CTN (Central Test Node) DICOM software developed by The Mallinckrodt Institute of Radiology to implement IPv6/IPv4 enabled DICOM communication software on different operating systems (Windows/Linux), and used this DICOM software to evaluate the performance of the IPv6/IPv4 enabled DICOM image communication with different security setting and environments. We compared the security communications of IPsec with SSL/TLS on different TCP/IP protocols (IPv6/IPv4), and find that there are some trade-offs to choose security solution between IPsec and SSL/TLS in the security implementation of IPv6/IPv4 communication networks.

On the security of consumer wearable devices in the Internet of Things.

PubMed

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

On the security of consumer wearable devices in the Internet of Things

PubMed Central

Tahir, Hasan; Tahir, Ruhma; McDonald-Maier, Klaus

2018-01-01

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands. PMID:29668756

The Scale for the Self-Efficacy and Perceptions in the Safe Use of the Internet for Teachers: The Validity and Reliability Studies

ERIC Educational Resources Information Center

Cavus, Nadire; Ercag, Erinc

2016-01-01

There has been an increase in the vulnerability in Internet security, and the unconscious usage of the Internet is a very important issue throughout the world as it is in Cyprus today. The best way to solve such an issue would be to make people aware of this situation. Based on this idea, teachers should firstly be trained to use the Internet in a…

Internet research in an international context.

PubMed

Baernholdt, Marianne; Clarke, Sean P

2006-02-01

Computers and the Internet provide researchers with new options in surveying. When using electronic surveys, several practical and methodological issues need to be considered such as whether the majority of the surveyed population has Internet access and whether an e-mail or a Web-based survey is most appropriate. Other important considerations relate to Internet security issues and, in international research, the possibility of language barriers. Despite these challenges, electronic surveys offer a promising alternative to conventional mail surveys.

Harmonizing the Interests of Free Speech, Obscenity, and Child Pornography in Cyberspace: The New Roles of Parents, Technology, and Legislation for Internet Safety

PubMed Central

Olagunju, Amos O.

2009-01-01

Inadvertent access to website addresses and spam e-mails continue to make pornography rampant on the Internet in schools, homes, and libraries. Collectively, parents, teachers, and members of the community must become more aware of the risks and consequences of open access to the Internet, and the distinction between censorship and Internet access filtering. Parental involvement is crucial for raising children with healthy Internet habits to access social and educational materials. Although generations have coped with different times and trials, technology is ushering in new trials. Parents and communities cannot ignore the present and future technology ingrained into the lives of children. This paper contends that parents armed with legislation and technological security devices for access to the Internet ought to strengthen the character of online Internet safety. The discussion is focused on the roles that parents, communities, technology, and laws should play in order to protect children from obscene and pornographic threats from cyberspace. It is argued that the roles of education and technology should outweigh the legislative interventions of governments. A critique of significant litigations and laws on obscenity and pornography is presented. The paper offers a variety of security tools and techniques for protecting children from Internet access to obscene and pornographic materials. The impacts of pornographic materials on the welfare of children, adolescents, women, and families are discussed. PMID:19936562

Harmonizing the interests of free speech, obscenity, and child pornography in cyberspace: the new roles of parents, technology, and legislation for internet safety.

PubMed

Olagunju, Amos O

2009-11-18

Inadvertent access to website addresses and spam e-mails continue to make pornography rampant on the Internet in schools, homes, and libraries. Collectively, parents, teachers, and members of the community must become more aware of the risks and consequences of open access to the Internet, and the distinction between censorship and Internet access filtering. Parental involvement is crucial for raising children with healthy Internet habits to access social and educational materials. Although generations have coped with different times and trials, technology is ushering in new trials. Parents and communities cannot ignore the present and future technology ingrained into the lives of children. This paper contends that parents armed with legislation and technological security devices for access to the Internet ought to strengthen the character of online Internet safety. The discussion is focused on the roles that parents, communities, technology, and laws should play in order to protect children from obscene and pornographic threats from cyberspace. It is argued that the roles of education and technology should outweigh the legislative interventions of governments. A critique of significant litigations and laws on obscenity and pornography is presented. The paper offers a variety of security tools and techniques for protecting children from Internet access to obscene and pornographic materials. The impacts of pornographic materials on the welfare of children, adolescents, women, and families are discussed.

Data Mashups: Linking Human Health and Wellbeing with Weather, Climate and the Environment

NASA Astrophysics Data System (ADS)

Fleming, L. E.; Sarran, C.; Golding, B.; Haines, A.; Kessel, A.; Djennad, M.; Hajat, S.; Nichols, G.; Gordon Brown, H.; Depledge, M.

2016-12-01

A large part of the global disease burden can be linked to environmental factors, underpinned by unhealthy behaviours. Research into these linkages suffers from lack of common tools and databases for investigations across many different scientific disciplines to explore these complex associations. The MEDMI (Medical and Environmental Data-a Mash-up Infrastructure) Partnership brings together leading organisations and researchers in climate, weather, environment, and human health. We have created a proof-of-concept central data and analysis system with the UK Met Office and Public Health England data as the internet-based MEDMI Platform (www.data-mashup.org.uk) to serve as a common resource for researchers to link and analyse complex meteorological, environmental and epidemiological data in the UK. The Platform is hosted on its own dedicated server, with secure internet and in-person access with appropriate safeguards for ethical, copyright, security, preservation, and data sharing issues. Via the Platform, there is a demonstration Browser Application with access to user-selected subsets of the data for: a) analyses using time series (e.g. mortality/environmental variables), and b) data visualizations (e.g. infectious diseases/environmental variables). One demonstration project is linking climate change, harmful algal blooms and oceanographic modelling building on the hydrodynamic-biogeochemical coupled models; in situ and satellite observations as well as UK HAB data and hospital episode statistics data are being used for model verification and future forecasting. The MEDMI Project provides a demonstration of the potential, barriers and challenges, of these "data mashups" of environment and health data. Although there remain many challenges to creating and sustaining such a shared resource, these activities and resources are essential to truly explore the complex interactions between climate and other environmental change and health at the local and global scale.

Security on the Internet: is your system vulnerable?

PubMed

Neray, P

1997-07-01

Internet technology does not discriminate. Whether or not your system is an intentional target really doesn't matter; you have a duty to ensure its safekeeping. Ten simple steps are given to protect your system from viruses, hackers, etc.

76 FR 46350 - Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973; Public Forums on...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-02

... communications. In addition, we will record and stream each public forum live on the Internet. Accordingly, each... the recording will be streamed live on the internet during the event and available thereafter for...-772-1213 or TTY 1-800-325- 0778, or visit our Internet site, Social Security Online at http://www...

Privacy & Security Notice | Argonne National Laboratory

Science.gov Websites

server logs: The Internet Protocol (IP) address of the domain from which you access the Internet (i.e service to authorized users, to access, obtain, alter, damage, or destroy information, or otherwise to . 123.456.789.012) whether yours individually or provided as a proxy by your Internet Service Provider (ISP), The

Essential, Desirable or Optional? Making Distance E-Learning Courses Available to Those without Internet Access

ERIC Educational Resources Information Center

Hancock, Val

2010-01-01

The Open University, an open distance learning institution, is increasingly using a Virtual Learning Environment (VLE) that requires internet access. This paper investigates how the move to a VLE has affected one group of students who do not have internet access--offender learners studying in prison. Members of the armed forces and secure hospital…

The Internet: friend or foe when providing patient education?

PubMed

Anderson, Amy Shelton; Klemm, Paula

2008-02-01

The Internet has changed how patients with cancer learn about and cope with their disease. Newly diagnosed patients with cancer often have complex educational and informational needs related to diagnosis and treatment. Nurses frequently encounter time and work-related constraints that can interfere with the provision of patient education. They are challenged to educate patients in an environment of rapidly expanding and innovative computer technology. Barriers that hinder nurses in integrating educational Internet resources into patient care include lack of training, time constraints, and inadequate administrative support. Advantages of Internet use for patient education and support include wide-ranging and current information, a variety of teaching formats, patient empowerment, new communication options, and support 24 hours a day, seven days a week. Pitfalls associated with Internet use for patients with cancer include inaccurate information, lack of access, poor quality of online resources, and security and privacy issues. Nurses routinely use computer technology in the workplace and follow rigorous security and privacy standards to protect patient information. Those skills can provide the foundation for the use of online sources for patient teaching. Nurses play an important role in helping patients evaluate the veracity of online information and introducing them to reliable Internet resources.

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2010 CFR

2010-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2014 CFR

2014-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2012 CFR

2012-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

Implementation of the Web-based laboratory

NASA Astrophysics Data System (ADS)

Ying, Liu; Li, Xunbo

2005-12-01

With the rapid developments of Internet technologies, remote access and control via Internet is becoming a reality. A realization of the web-based laboratory (the W-LAB) was presented. The main target of the W-LAB was to allow users to easily access and conduct experiments via the Internet. While realizing the remote communication, a system, which adopted the double client-server architecture, was introduced. It ensures the system better security and higher functionality. The experimental environment implemented in the W-Lab was integrated by both virtual lab and remote lab. The embedded technology in the W-LAB system as an economical and efficient way to build the distributed infrastructural network was introduced. Furthermore, by introducing the user authentication mechanism in the system, it effectively secures the remote communication.

RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code

NASA Astrophysics Data System (ADS)

Gonggrijp, Rop; Hengeveld, Willem-Jan; Hotting, Eelco; Schmidt, Sebastian; Weidemann, Frederik

The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which - among other things - appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down-to-earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.

Adoption of information technology by resident physicians.

PubMed

Parekh, Selene G; Nazarian, David G; Lim, Charles K

2004-04-01

The Internet represents a technological revolution that is transforming our society. In the healthcare industry, physicians have been typified as slow adopters of information technology. However, young physicians, having been raised in a computer-prevalent society, may be more likely to embrace technology. We attempt to characterize the use and acceptance of the Internet and information technology among resident physicians in a large academic medical center and to assess concerns regarding privacy, security, and credibility of information on the Internet. A 41-question survey was distributed to 150 pediatric, medical, and surgical residents at an urban, academic medical center. One hundred thirty-five residents completed the survey (response rate of 90%). Responses were evaluated and statistical analysis was done. The majority of resident physicians in our survey have adopted the tools of information technology. Ninety-eight percent used the Internet and 96% use e-mail. Two-thirds of the respondents used the Internet for healthcare-related purposes and a similar percentage thought that the Internet has affected their practice of medicine positively. The majority of residents thought that Internet healthcare services such as electronic medical records, peer-support websites, and remote patient monitoring would be beneficial for the healthcare industry. However, they are concerned about the credibility, privacy, and security of health and medical information online. The majority of resident physicians in our institution use Internet and information technology in their practice of medicine. Most think that the Internet will continue to have a beneficial role in the healthcare industry.

A Malicious Pattern Detection Engine for Embedded Security Systems in the Internet of Things

PubMed Central

Oh, Doohwan; Kim, Deokho; Ro, Won Woo

2014-01-01

With the emergence of the Internet of Things (IoT), a large number of physical objects in daily life have been aggressively connected to the Internet. As the number of objects connected to networks increases, the security systems face a critical challenge due to the global connectivity and accessibility of the IoT. However, it is difficult to adapt traditional security systems to the objects in the IoT, because of their limited computing power and memory size. In light of this, we present a lightweight security system that uses a novel malicious pattern-matching engine. We limit the memory usage of the proposed system in order to make it work on resource-constrained devices. To mitigate performance degradation due to limitations of computation power and memory, we propose two novel techniques, auxiliary shifting and early decision. Through both techniques, we can efficiently reduce the number of matching operations on resource-constrained systems. Experiments and performance analyses show that our proposed system achieves a maximum speedup of 2.14 with an IoT object and provides scalable performance for a large number of patterns. PMID:25521382

The enhancement of security in healthcare information systems.

PubMed

Liu, Chia-Hui; Chung, Yu-Fang; Chen, Tzer-Shyong; Wang, Sheng-De

2012-06-01

With the progress and the development of information technology, the internal data in medical organizations have become computerized and are further established the medical information system. Moreover, the use of the Internet enhances the information communication as well as affects the development of the medical information system that a lot of medical information is transmitted with the Internet. Since there is a network within another network, when all networks are connected together, they will form the "Internet". For this reason, the Internet is considered as a high-risk and public environment which is easily destroyed and invaded so that a relevant protection is acquired. Besides, the data in the medical network system are confidential that it is necessary to protect the personal privacy, such as electronic patient records, medical confidential information, and authorization-controlled data in the hospital. As a consequence, a medical network system is considered as a network requiring high security that excellent protections and managerial strategies are inevitable to prevent illegal events and external attacks from happening. This study proposes secure medical managerial strategies being applied to the network environment of the medical organization information system so as to avoid the external or internal information security events, allow the medical system to work smoothly and safely that not only benefits the patients, but also allows the doctors to use it more conveniently, and further promote the overall medical quality. The objectives could be achieved by preventing from illegal invasion or medical information being stolen, protecting the completeness and security of medical information, avoiding the managerial mistakes of the internal information system in medical organizations, and providing the highly-reliable medical information system.

The Exploration of Elementary School Teachers' Internet Self-Efficacy and Information Commitments: A Study in Taiwan

ERIC Educational Resources Information Center

Wu, Ying-Tien; Wang, Li-Jen

2015-01-01

This study aimed to explore teachers' Internet self-efficacy and information commitments. More importantly, this study also attempted to identify possible factors that affect the teachers' Internet self-efficacy. The participants were 301 elementary school teachers. In this study, the Internet Self-efficacy Survey (ISS) and the Information…

In Internet-Based Visualization System Study about Breakthrough Applet Security Restrictions

NASA Astrophysics Data System (ADS)

Chen, Jie; Huang, Yan

In the process of realization Internet-based visualization system of the protein molecules, system needs to allow users to use the system to observe the molecular structure of the local computer, that is, customers can generate the three-dimensional graphics from PDB file on the client computer. This requires Applet access to local file, related to the Applet security restrictions question. In this paper include two realization methods: 1.Use such as signature tools, key management tools and Policy Editor tools provided by the JDK to digital signature and authentication for Java Applet, breakthrough certain security restrictions in the browser. 2. Through the use of Servlet agent implement indirect access data methods, breakthrough the traditional Java Virtual Machine sandbox model restriction of Applet ability. The two ways can break through the Applet's security restrictions, but each has its own strengths.

Including Internet insurance as part of a hospital computer network security plan.

PubMed

Riccardi, Ken

2002-01-01

Cyber attacks on a hospital's computer network is a new crime to be reckoned with. Should your hospital consider internet insurance? The author explains this new phenomenon and presents a risk assessment for determining network vulnerabilities.

75 FR 68395 - Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-05

...-800-325- 0778, or visit our Internet site, Social Security Online, at http://www.socialsecurity.gov... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2010-0069] Agency Self-Evaluation Under Section 504 of the Rehabilitation Act of 1973 AGENCY: Social Security Administration. ACTION: Notice and request...

77 FR 35464 - Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-13

...-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0029] Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability Redesign Features AGENCY: Social Security...

78 FR 45010 - Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-25

...-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2013-0030] Modifications to the Disability Determination Procedures; Extension of Testing of Some Disability Redesign Features AGENCY: Social Security...

76 FR 16531 - Technical Correction for Neurological Listing Cross-Reference

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-24

... 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www.socialsecurity.gov... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 404 [Docket No. SSA-2011-0019] RIN 0960-AH33 Technical Correction for Neurological Listing Cross-Reference AGENCY: Social Security Administration. ACTION: Final...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 232.12 - Business hours of the Commission.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Business hours of the Commission. 232.12 Section 232.12 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... documents may be submitted by direct transmission, via dial-up modem or Internet, to the Commission each day...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 232.12 - Business hours of the Commission.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Business hours of the Commission. 232.12 Section 232.12 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... documents may be submitted by direct transmission, via dial-up modem or Internet, to the Commission each day...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

17 CFR 248.126 - Delivery of opt out notices.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Delivery of opt out notices. 248.126 Section 248.126 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer obtained a product or service electronically and requires the...

17 CFR 248.124 - Reasonable opportunity to opt out.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Reasonable opportunity to opt out. 248.124 Section 248.124 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Internet Web site at which the consumer has obtained a product or service. The consumer acknowledges...

Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

ERIC Educational Resources Information Center

Waguespack, Leslie J.

2014-01-01

With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

DTIC Science & Technology

2010-09-01

secure ad-hoc networks of mobile sensors deployed in a hostile environment . These sensors are normally small 86 and resource...Communications Magazine, 51, 2008. 45. Kumar, S.A. “Classification and Review of Security Schemes in Mobile Comput- ing”. Wireless Sensor Network , 2010... Networks ”. Wireless /Mobile Network Security , 2008. 85. Xiao, Y. “Accountability for Wireless LANs, Ad Hoc Networks , and Wireless

A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

NASA Astrophysics Data System (ADS)

Saito, Takamichi

Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

Secure Data Aggregation Protocol for M2M Communications

DTIC Science & Technology

2015-03-24

networking and collaboration among various devices has experienced tremendous growth. To adapt to the trend, the concept of Internet of Things ( IoT ... IoTs ): Models, Algorithms, and Implementations, accepted Title: “Privacy-Preserving Time-Series Data Aggregation for Internet of Things ” Date...public release; distribution is unlimited. (5) Privacy-Preserving Time-Series Data Aggregation for Internet of Things Abstract In recent years, the

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

PubMed

Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

2016-10-01

Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security verification of our scheme using the widely accepted AVISPA tool. High security and extra functionality features allow our proposed scheme to be applicable for telecare medicine information systems which is used for e-health care medical applications. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

The Internet: Past, Present, and Future.

ERIC Educational Resources Information Center

Galbreath, Jeremy, Ed.

1997-01-01

Examines the "reality behind the hype" surrounding the Internet. Discusses its early development; growth and present state; and key applications, including e-mail, voice/video telephony, integrated messaging, electronic commerce, the World Wide Web, and Web commerce, Intranet, Extranet; education and training; security; ownership; and…

Vinton Cerf: Poet-Philosopher of the Net.

ERIC Educational Resources Information Center

Educom Review, 1996

1996-01-01

Presents the first part of an interview with Vinton Cerf, senior vice president of data architecture for MCI Engineering, on the growth and future of the Internet. Topics include: pornography; commercialization; security; government role; content found on the Internet; and convergence of technologies. (DGM)

Strategies for Teaching Internet Ethics.

ERIC Educational Resources Information Center

Rader, Martha H.

2002-01-01

Ten strategies for teaching Internet ethics are as follows: establish acceptable use policy; communicate ethical codes; model behaviors and values; encourage discussion of ethical issues; reinforce ethical conduct; monitor student behavior; secure systems and software; discourage surfing without supervision; monitor e-mail and websites; and…

The Internet and medicine: past, present, and future.

PubMed

Doyle, D J; Ruskin, K J; Engel, T P

1996-01-01

The enormous growth of the Internet and the World Wide Web has made these two technologies an important potential adjunct to cost-effective health care research and delivery. This article surveys some recent developments in telecommunications, networking and artificial intelligence that are likely to have a significant impact on improving the efficiency and quality of future health care. Issues discussed include: clinical record keeping on the Internet, Internet-assisted medical diagnosis, privacy and security matters, financial transactions, digital money, bandwidth concerns, multimedia (music, audio and video) information delivery via the Internet, intellectual property, and the concept of Information Philanthropy.

The Internet and medicine: past, present, and future.

PubMed Central

Doyle, D. J.; Ruskin, K. J.; Engel, T. P.

1996-01-01

The enormous growth of the Internet and the World Wide Web has made these two technologies an important potential adjunct to cost-effective health care research and delivery. This article surveys some recent developments in telecommunications, networking and artificial intelligence that are likely to have a significant impact on improving the efficiency and quality of future health care. Issues discussed include: clinical record keeping on the Internet, Internet-assisted medical diagnosis, privacy and security matters, financial transactions, digital money, bandwidth concerns, multimedia (music, audio and video) information delivery via the Internet, intellectual property, and the concept of Information Philanthropy. PMID:9381738

Big data: survey, technologies, opportunities, and challenges.

PubMed

Khan, Nawsher; Yaqoob, Ibrar; Hashem, Ibrahim Abaker Targio; Inayat, Zakira; Ali, Waleed Kamaleldin Mahmoud; Alam, Muhammad; Shiraz, Muhammad; Gani, Abdullah

2014-01-01

Big Data has gained much attention from the academia and the IT industry. In the digital and computing world, information is generated and collected at a rate that rapidly exceeds the boundary range. Currently, over 2 billion people worldwide are connected to the Internet, and over 5 billion individuals own mobile phones. By 2020, 50 billion devices are expected to be connected to the Internet. At this point, predicted data production will be 44 times greater than that in 2009. As information is transferred and shared at light speed on optic fiber and wireless networks, the volume of data and the speed of market growth increase. However, the fast growth rate of such large data generates numerous challenges, such as the rapid growth of data, transfer speed, diverse data, and security. Nonetheless, Big Data is still in its infancy stage, and the domain has not been reviewed in general. Hence, this study comprehensively surveys and classifies the various attributes of Big Data, including its nature, definitions, rapid growth rate, volume, management, analysis, and security. This study also proposes a data life cycle that uses the technologies and terminologies of Big Data. Future research directions in this field are determined based on opportunities and several open issues in Big Data domination. These research directions facilitate the exploration of the domain and the development of optimal techniques to address Big Data.

Big Data: Survey, Technologies, Opportunities, and Challenges

PubMed Central

Khan, Nawsher; Yaqoob, Ibrar; Hashem, Ibrahim Abaker Targio; Inayat, Zakira; Mahmoud Ali, Waleed Kamaleldin; Alam, Muhammad; Shiraz, Muhammad; Gani, Abdullah

2014-01-01

Big Data has gained much attention from the academia and the IT industry. In the digital and computing world, information is generated and collected at a rate that rapidly exceeds the boundary range. Currently, over 2 billion people worldwide are connected to the Internet, and over 5 billion individuals own mobile phones. By 2020, 50 billion devices are expected to be connected to the Internet. At this point, predicted data production will be 44 times greater than that in 2009. As information is transferred and shared at light speed on optic fiber and wireless networks, the volume of data and the speed of market growth increase. However, the fast growth rate of such large data generates numerous challenges, such as the rapid growth of data, transfer speed, diverse data, and security. Nonetheless, Big Data is still in its infancy stage, and the domain has not been reviewed in general. Hence, this study comprehensively surveys and classifies the various attributes of Big Data, including its nature, definitions, rapid growth rate, volume, management, analysis, and security. This study also proposes a data life cycle that uses the technologies and terminologies of Big Data. Future research directions in this field are determined based on opportunities and several open issues in Big Data domination. These research directions facilitate the exploration of the domain and the development of optimal techniques to address Big Data. PMID:25136682

Internet: An Overview of Key Technology Policy Issues Affecting Its Use and Growth

DTIC Science & Technology

2004-12-29

Alliance OSS Open Source Software SSA Social Security Administration SSN Social Security Number TLD Top Level Domain UCE Unsolicited Commercial E-mail... Alliance General Types of Internet Services B2B Business-to-Business B2G Business-to-Government G2B Government-to-Business G2C Government-to-Citizen G2G...response. Such software is called “adware.” Software CRS-7 programs that include spyware can be sold or provided for free, on a disk (or other media ) or

Problem Internet Overuse Behaviors in College Students: Readiness-to-Change and Receptivity to Treatment.

PubMed

O'Brien, Jennifer E; Li, Wen; Snyder, Susan M; Howard, Matthew O

2016-01-01

This mixed methods study explores college students' readiness-to-change and receptivity to treatment for problem Internet overuse behaviors. Focus groups were conducted with 27 college students who self-identified as Internet over-users, and had experienced biopsychosocial problems related to Internet overuse. Participants completed standardized questionnaires assessing their Internet use and sociodemographic forms. Focus groups explored readiness to change problem Internet overuse behaviors and receptivity to treatment. Similar to college students with other addictive behaviors, students with problem Internet overuse fall along a continuum vis-à-vis readiness-to-change their behaviors. Over half of the participants were receptive to treatment for their problem Internet overuse behaviors.

Security and Privacy Grand Challenges for the Internet of Things

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Zarzhitsky, Dimitri V.; Carroll, Thomas E.

Abstract— The growth of the Internet of Things (IoT) is driven by market pressures, and while security is being considered, the relationship between the unintended consequences of billions of such devices connecting to the Internet cannot be described with existing mathematical methods. The possibilities for illicit surveillance through lifestyle analysis, unauthorized access to information, and new attack vectors will continue to increase by 2020, when up-to 50 billion devices may be connected. This paper discusses various kinds of vulnerabilities that can be expected to arise, and presents a research agenda for mitigating the worst of the impacts. We hope tomore » draw research attention to the potential dangers of IoT so that many of these problems can be avoided.« less

Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chevassut, Olivier; Milner, Joseph; Pointcheval, David

2008-04-21

The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on anmore » analysis of relevant patents in the area.« less

Department of Defense High Performance Computing Modernization Program. 2008 Annual Report

DTIC Science & Technology

2009-04-01

place to another on the network. Without it, a computer could only talk to itself - no email, no web browsing, and no iTunes . Most of the Internet...Your SecurID Card ), Ken Renard Secure Wireless, Rob Scott and Stephen Bowman Securing Today’s Networks, Rich Whittney, Juniper Networks, Federal

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2013 CFR

2013-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2014 CFR

2014-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2012 CFR

2012-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

31 CFR 363.5 - How do I contact Fiscal Service?

Code of Federal Regulations, 2014 CFR

2014-07-01

...) FISCAL SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE REGULATIONS GOVERNING SECURITIES...” feature within TreasuryDirect ® to communicate information to us over a secure Internet connection. (b... otherwise. We are not responsible for the security of e-mail messages you may send to us, or replies we may...

20 CFR 703.202 - Identification of significant gaps in State guaranty fund coverage for LHWCA obligations.

Code of Federal Regulations, 2011 CFR

2011-04-01

... STATUTES INSURANCE REGULATIONS Insurance Carrier Security Deposit Requirements § 703.202 Identification of... carrier's required security deposit, the Office will consider the extent to which a State guaranty fund... fully and immediately secure LHWCA obligations and will post its findings on the Internet at http://www...

75 FR 67363 - Notice of Public Information Collection(s) Being Reviewed by the Federal Communications...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-02

... proceeding were required to file system security statements under the Commission's rules. (Security systems..., including broadband Internet access and interconnected VoIP providers, must file updates to their systems... Commission's rules, the information in the CALEA security system filings and petitions will not be made...

Security Considerations of Doing Business via the Internet: Cautions To Be Considered.

ERIC Educational Resources Information Center

Aldridge, Alicia; White, Michele; Forcht, Karen

1997-01-01

Lack of security is perceived as a major roadblock to doing business online. This article examines system, user, and commercial transaction privacy on the World Wide Web and discusses methods of protection: operating systems security, file and data protection, user education, access restrictions, data authentication, perimeter and transaction…

Information Security in the 1990s: Keeping the Locks on.

ERIC Educational Resources Information Center

Kovac, Ron J.

1999-01-01

As the Internet proliferates, it drastically increases an institution's level of data insecurity. Hacker attacks can result in denial of service, data corruption or erasure, and passive theft (via spoofing, splicing, or session stealing). To ensure data security, a firewall (screening software program) and a security policy should be implemented.…

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks

PubMed Central

Castillo, Encarnación; López-Ramos, Juan A.; Morales, Diego P.

2018-01-01

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature. PMID:29337921

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks.

PubMed

Parrilla, Luis; Castillo, Encarnación; López-Ramos, Juan A; Álvarez-Bermejo, José A; García, Antonio; Morales, Diego P

2018-01-16

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature.

Security Frameworks for Machine-to-Machine Devices and Networks

NASA Astrophysics Data System (ADS)

Demblewski, Michael

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the "functions and capabilities" of M2M devices and improves the systems development life cycle for the overall IoT ecosystem.

Mathematics of Information Processing and the Internet

ERIC Educational Resources Information Center

Hart, Eric W.

2010-01-01

The mathematics of information processing and the Internet can be organized around four fundamental themes: (1) access (finding information easily); (2) security (keeping information confidential); (3) accuracy (ensuring accurate information); and (4) efficiency (data compression). In this article, the author discusses each theme with reference to…

Bundle Security Protocol for ION

NASA Technical Reports Server (NTRS)

Burleigh, Scott C.; Birrane, Edward J.; Krupiarz, Christopher

2011-01-01

This software implements bundle authentication, conforming to the Delay-Tolerant Networking (DTN) Internet Draft on Bundle Security Protocol (BSP), for the Interplanetary Overlay Network (ION) implementation of DTN. This is the only implementation of BSP that is integrated with ION.

A modular approach to disease registry design: successful adoption of an internet-based rare disease registry.

PubMed

Bellgard, Matthew I; Macgregor, Andrew; Janon, Fred; Harvey, Adam; O'Leary, Peter; Hunter, Adam; Dawkins, Hugh

2012-10-01

There is a need to develop Internet-based rare disease registries to support health care stakeholders to deliver improved quality patient outcomes. Such systems should be architected to enable multiple-level access by a range of user groups within a region or across regional/country borders in a secure and private way. However, this functionality is currently not available in many existing systems. A new approach to the design of an Internet-based architecture for disease registries has been developed for patients with clinical and genetic data in geographical disparate locations. The system addresses issues of multiple-level access by key stakeholders, security and privacy. The system has been successfully adopted for specific rare diseases in Australia and is open source. The results of this work demonstrate that it is feasible to design an open source Internet-based disease registry system in a scalable and customizable fashion and designed to facilitate interoperability with other systems. © 2012 Wiley Periodicals, Inc.

Information Systems at Enterprise. Design of Secure Network of Enterprise

NASA Astrophysics Data System (ADS)

Saigushev, N. Y.; Mikhailova, U. V.; Vedeneeva, O. A.; Tsaran, A. A.

2018-05-01

No enterprise and company can do without designing its own corporate network in today's information society. It accelerates and facilitates the work of employees at any level, but contains a big threat to confidential information of the company. In addition to the data theft attackers, there are plenty of information threats posed by modern malware effects. In this regard, the computational security of corporate networks is an important component of modern information technologies of computer security for any enterprise. This article says about the design of the protected corporate network of the enterprise that provides the computers on the network access to the Internet, as well interoperability with the branch. The access speed to the Internet at a high level is provided through the use of high-speed access channels and load balancing between devices. The security of the designed network is performed through the use of VLAN technology as well as access lists and AAA server.

Prototype of smart office system using based security system

NASA Astrophysics Data System (ADS)

Prasetyo, T. F.; Zaliluddin, D.; Iqbal, M.

2018-05-01

Creating a new technology in the modern era gives a positive impact on business and industry. Internet of Things (IoT) as a new communication technology is very useful in realizing smart systems such as: smart home, smart office, smart parking and smart city. This study presents a prototype of the smart office system which was designed as a security system based on IoT. Smart office system development method used waterfall model. IoT-based smart office system used platform (project builder) cayenne so that. The data can be accessed and controlled through internet network from long distance. Smart office system used arduino mega 2560 microcontroller as a controller component. In this study, Smart office system is able to detect threats of dangerous objects made from metals, earthquakes, fires, intruders or theft and perform security monitoring outside the building by using raspberry pi cameras on autonomous robots in real time to the security guard.

An Exploration of Middle and High School Students' Perceptions of Deviant Behavior when Using Computers and the Internet

ERIC Educational Resources Information Center

Daniel, Annie J.

2005-01-01

If the current trend continues, the use of computer technologies and the Internet will increase for teaching and education. It is urgent that researchers study computer and Internet deviance. The purpose of this study was to explore middle and high school students' perceptions of deviant behavior when using computers and the Internet. The target…

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

DTIC Science & Technology

2010-07-01

Cloud computing , an emerging form of computing in which users have access to scalable, on-demand capabilities that are provided through Internet... cloud computing , (2) the information security implications of using cloud computing services in the Federal Government, and (3) federal guidance and...efforts to address information security when using cloud computing . The complete report is titled Information Security: Federal Guidance Needed to

Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

DOE Office of Scientific and Technical Information (OSTI.GOV)

Orvis, W J; Krystosek, P; Smith, J

2002-11-27

With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does notmore » consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these items do not take a lot of work, but require an awareness of the risks involved in not doing them or doing them incorrectly. The security of home networks and communications with company networks can be significantly improved by adding an appropriate software or hardware firewall to the home network and using a protected protocol such as Secure Sockets Layer (SSL), a Virtual Private Network (VPN), or Secure Shell (SSH) for connecting to the company network.« less

Identifying Effectiveness Criteria for Internet Payment Systems.

ERIC Educational Resources Information Center

Shon, Tae-Hwan; Swatman, Paula M. C.

1998-01-01

Examines Internet payment systems (IPS): third-party, card, secure Web server, electronic token, financial electronic data interchange (EDI), and micropayment based. Reports the results of a Delphi survey of experts identifying and classifying IPS effectiveness criteria and classifying types of IPS providers. Includes the survey invitation letter…

76 FR 34658 - The Internet Assigned Numbers Authority (IANA) Functions

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-14

... raised concerns that short-term contracts create instability in the IANA functions process and would... political sustainability of an Internet that supports the free flow of information, goods, and services... account security and stability issues. Commenters were divided on whether the IANA functions should be...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2014 CFR

2014-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... inquiry about your subsidy eligibility is made, or the date we receive a partially completed Internet...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2013 CFR

2013-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... inquiry about your subsidy eligibility is made, or the date we receive a partially completed Internet...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2012 CFR

2012-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... inquiry about your subsidy eligibility is made, or the date we receive a partially completed Internet...

Proceedings of the Second Annual NASA Science Internet User Working Group Conference

NASA Technical Reports Server (NTRS)

Jackson, Lenore A. (Editor); Gary, J. Patrick (Editor)

1991-01-01

Copies of the agenda, list of attendees, meeting summaries, and all presentations and exhibit material are contained. Included are plenary sessions, exhibits of advanced networking applications, and user subgroup meetings on NASA Science Internet policy, networking, security, and user services and applications topics.

Developing Multimedia Courseware for the Internet's Java versus Shockwave.

ERIC Educational Resources Information Center

Majchrzak, Tina L.

1996-01-01

Describes and compares two methods for developing multimedia courseware for use on the Internet: an authoring tool called Shockwave, and an object-oriented language called Java. Topics include vector graphics, browsers, interaction with network protocols, data security, multithreading, and computer languages versus development environments. (LRW)

LIS–lnterlink—connecting laboratory information systems to remote primary health–care centres via the Internet

PubMed Central

Clark, Barry; Wachowiak, Bartosz; Crawford, Ewan W.; Jakubowski, Zenon; Kabata, Janusz

1998-01-01

A pilot study was performed to evaluate the feasibility of using the Internet to securely deliver patient laboratory results, and the system has subsequently gone into routine use in Poland. The system went from design to pilot and then to live implementation within a four-month period, resulting in the LIS-Interlink software product. Test results are retrieved at regular intervals from the BioLinkTM LIS (Laboratory Information System), encrypted and transferred to a secure area on the Web server. The primary health-care centres dial into the Internet using a local-cell service provided by Polish Telecom (TP), obtain a TCP/IP address using the TP DHCP server, and perform HTTP ‘get’ and ‘post’ operations to obtain the files by secure handshaking. The data are then automatically inserted into a local SQL database (with optional printing of incoming reports)for cumulative reporting and searching functions. The local database is fully multi-user and can be accessed from different clinics within the centres by a variety of networking protocols. PMID:18924820

Design and Analysis of Optimization Algorithms to Minimize Cryptographic Processing in BGP Security Protocols.

PubMed

Sriram, Vinay K; Montgomery, Doug

2017-07-01

The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers. This study proposes and evaluates the performance and efficiency of various optimization algorithms for validation of digitally signed BGP updates. In particular, this investigation focuses on the BGPSEC (BGP with SECurity extensions) protocol, currently under consideration for standardization in the Internet Engineering Task Force. We analyze three basic BGPSEC update processing algorithms: Unoptimized, Cache Common Segments (CCS) optimization, and Best Path Only (BPO) optimization. We further propose and study cache management schemes to be used in conjunction with the CCS and BPO algorithms. The performance metrics used in the analyses are: (1) routing table convergence time after BGPSEC peering reset or router reboot events and (2) peak-second signature verification workload. Both analytical modeling and detailed trace-driven simulation were performed. Results show that the BPO algorithm is 330% to 628% faster than the unoptimized algorithm for routing table convergence in a typical Internet core-facing provider edge router.

State of the Art of Network Security Perspectives in Cloud Computing

NASA Astrophysics Data System (ADS)

Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

LIS-lnterlink-connecting laboratory information systems to remote primary health-care centres via the Internet.

PubMed

Clark, B; Wachowiak, B; Crawford, E W; Jakubowski, Z; Kabata, J

1998-01-01

A pilot study was performed to evaluate the feasibility of using the Internet to securely deliver patient laboratory results, and the system has subsequently gone into routine use in Poland. The system went from design to pilot and then to live implementation within a four-month period, resulting in the LIS-Interlink software product. Test results are retrieved at regular intervals from the BioLink(TM) LIS (Laboratory Information System), encrypted and transferred to a secure area on the Web server. The primary health-care centres dial into the Internet using a local-cell service provided by Polish Telecom (TP), obtain a TCP/IP address using the TP DHCP server, and perform HTTP 'get' and 'post' operations to obtain the files by secure handshaking. The data are then automatically inserted into a local SQL database (with optional printing of incoming reports)for cumulative reporting and searching functions. The local database is fully multi-user and can be accessed from different clinics within the centres by a variety of networking protocols.

Dig That Site: Exploring Archaeology, History, and Civilization on the Internet.

ERIC Educational Resources Information Center

Garfield, Gary M.; McDonough, Suzanne

This book combines the excitement of the Internet with conventional learning resources to explore early civilizations and cultures. This approach encourages independent student research, problem solving, and decision making while bringing together the fascination of archaeology with the Internet and hands-on learning activities. Students learn the…

IPv6 and IPsec Tests of a Space-Based Asset, the Cisco Router in Low Earth Orbit (CLEO)

NASA Technical Reports Server (NTRS)

Ivancic, William; Stewart, David; Wood, Lloyd; Jackson, Chris; Northam, James; Wilhelm, James

2008-01-01

This report documents the design of network infrastructure to support testing and demonstrating network-centric operations and command and control of space-based assets, using IPv6 and IPsec. These tests were performed using the Cisco router in Low Earth Orbit (CLEO), an experimental payload onboard the United Kingdom--Disaster Monitoring Constellation (UK-DMC) satellite built and operated by Surrey Satellite Technology Ltd (SSTL). On Thursday, 29 March 2007, NASA Glenn Research Center, Cisco Systems and SSTL performed the first configuration and demonstration of IPsec and IPv6 onboard a satellite in low Earth orbit. IPv6 is the next generation of the Internet Protocol (IP), designed to improve on the popular IPv4 that built the Internet, while IPsec is the protocol used to secure communication across IP networks. This demonstration was made possible in part by NASA s Earth Science Technology Office (ESTO) and shows that new commercial technologies such as mobile networking, IPv6 and IPsec can be used for commercial, military and government space applications. This has direct application to NASA s Vision for Space Exploration. The success of CLEO has paved the way for new spacebased Internet technologies, such as the planned Internet Routing In Space (IRIS) payload at geostationary orbit, which will be a U.S. Department of Defense Joint Capability Technology Demonstration. This is a sanitized report for public distribution. All real addressing has been changed to psueco addressing.

Approaches for scalable modeling and emulation of cyber systems : LDRD final report.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.

2009-09-01

The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminarymore » theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.« less

78 FR 66638 - Extension of the Expiration Date for State Disability Examiner Authority To Make Fully Favorable...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-06

...-800-772-1213 or TTY 1-800-325-0778, or visit our Internet site, Social Security Online, at http://www... SOCIAL SECURITY ADMINISTRATION 20 CFR Parts 404 and 416 [Docket No. SSA-2013-0023] RIN 0960-AH59... Disability Determinations and Compassionate Allowances AGENCY: Social Security Administration. ACTION: Final...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2012 CFR

2012-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2013 CFR

2013-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

31 CFR 363.5 - How do I contact Public Debt?

Code of Federal Regulations, 2011 CFR

2011-07-01

... SERVICE, DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN... TreasuryDirect ® to communicate information to us over a secure Internet connection. (b) Emails may be sent... responsible for the security of e-mail messages you may send to us, or replies we may send to you. (c) Letters...

Secure authentication protocol for Internet applications over CATV network

NASA Astrophysics Data System (ADS)

Chin, Le-Pond

1998-02-01

An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System.

PubMed

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-12-15

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients' personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack.

Three if by Internet: Exploring the Utility of a Hacker Militia

DTIC Science & Technology

2017-03-01

INTERNET: EXPLORING THE UTILITY OF A HACKER MILITIA by Matthew S. O’Loughlin March 2017 Thesis Advisor: Leo Blanken Co-Advisor: Zachary...COVERED Master’s thesis 4. TITLE AND SUBTITLE THREE IF BY INTERNET: EXPLORING THE UTILITY OF A HACKER MILITIA 5. FUNDING NUMBERS 6. AUTHOR(S...technologies to combat them asymmetrically in the digital environment may provide the foundation for forging a new kind of strategy based on

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2010 CFR

2010-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... subsidy application from our Internet Web site where the requirements set forth in § 418.3230 are met. ...

20 CFR 418.3220 - When is your application considered filed?

Code of Federal Regulations, 2011 CFR

2011-04-01

...? 418.3220 Section 418.3220 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE SUBSIDIES... the day it is submitted electronically through our Internet Web site. If a State Medicaid agency... subsidy application from our Internet Web site where the requirements set forth in § 418.3230 are met. ...

Securing the Internet Control Plane

ERIC Educational Resources Information Center

Benton, Kevin

2017-01-01

The Internet carries traffic between billions of devices every day and modern societies depend on the resiliency of the routing technology behind it to work around the frequent link outages caused by natural disasters, equipment failures, destruction of cables, and even wars. However, the routing technology behind all of this, the Border Gateway…

Online Ethics: What's a Teacher to Do?

ERIC Educational Resources Information Center

Carpenter, Cal

1996-01-01

Considers ethics issues involved with using online resources like the Internet in elementary and secondary education and suggests that educators initiate and model a standardized role of ethical behavior for Internet users. Topics include hackers; privacy, piracy, and security; screening electronic sites; ethics education; and an ethics model.…

32 CFR 22.315 - Merit-based, competitive procedures.

Code of Federal Regulations, 2014 CFR

2014-07-01

... This OMB policy directive is available at the Internet site http://www.whitehouse.gov/omb/grants/grants... accordance with that OMB policy directive, DoD Components also must post on the Internet any notice under... Component issues a specific notice with limited distribution (e.g., for national security considerations...

32 CFR 22.315 - Merit-based, competitive procedures.

Code of Federal Regulations, 2012 CFR

2012-07-01

... This OMB policy directive is available at the Internet site http://www.whitehouse.gov/omb/grants/grants... accordance with that OMB policy directive, DoD Components also must post on the Internet any notice under... Component issues a specific notice with limited distribution (e.g., for national security considerations...

32 CFR 22.315 - Merit-based, competitive procedures.

Code of Federal Regulations, 2013 CFR

2013-07-01

... This OMB policy directive is available at the Internet site http://www.whitehouse.gov/omb/grants/grants... accordance with that OMB policy directive, DoD Components also must post on the Internet any notice under... Component issues a specific notice with limited distribution (e.g., for national security considerations...

Remote Patron Validation: Posting a Proxy Server at the Digital Doorway.

ERIC Educational Resources Information Center

Webster, Peter

2002-01-01

Discussion of remote access to library services focuses on proxy servers as a method for remote access, based on experiences at Saint Mary's University (Halifax). Topics include Internet protocol user validation; browser-directed proxies; server software proxies; vendor alternatives for validating remote users; and Internet security issues. (LRW)

The University of Minnesota's Internet Gopher System: A Tool for Accessing Network-Based Electronic Information.

ERIC Educational Resources Information Center

Wiggins, Rich

1993-01-01

Describes the Gopher system developed at the University of Minnesota for accessing information on the Internet. Highlights include the need for navigation tools; Gopher clients; FTP (File Transfer Protocol); campuswide information systems; navigational enhancements; privacy and security issues; electronic publishing; multimedia; and future…

Exploring the Impact of Internet Addiction on Academic Achievement

ERIC Educational Resources Information Center

Iyitoglu, Orhan; Çeliköz, Nadir

2017-01-01

This study provides an account of the phenomenon of internet addiction from the perspective of academic achievement. In other words, this study aimed to explore the relation between academic performance of Turkish high school students in such different subject as Maths, English, History, GPA and their use of internet. Different school subjects…

An Analysis of Attitudes toward Computer Networks and Internet Addiction.

ERIC Educational Resources Information Center

Tsai, Chin-Chung; Lin, Sunny S. J.

The purpose of this study was to explore the interplay between young people's attitudes toward computer networks and Internet addiction. After analyzing questionnaire responses of an initial sample of 615 Taiwanese high school students, 78 subjects, viewed as possible Internet addicts, were selected for further explorations. It was found that…

Measuring and analyzing the causes of problematic Internet use.

PubMed

Chiang, I-Ping; Su, Yung-Hsiang

2012-11-01

Since Internet surfing became a daily activity, people have changed their behavior. This research analyzes the causes of problematic Internet use through an online survey, where 1,094 samples were collected. Based on the results of structural equation modeling analysis, the following conclusions are reached: First, novelty, security, and efficiency increase users' online trust. Second, information and efficiency enhance users' sharing and anonymity online. Third, greater trust in Internet environments leads to an increase in a user's cognitive bias toward online behavioral responsibility and Internet addiction. Fourth, a user's attitude toward online sharing further increases the cognitive bias toward online copyright. Fifth, a user's attitude toward anonymity increases cognitive bias toward online copyright, online behavioral responsibility, and deepens Internet addiction.

Research on information security in big data era

NASA Astrophysics Data System (ADS)

Zhou, Linqi; Gu, Weihong; Huang, Cheng; Huang, Aijun; Bai, Yongbin

2018-05-01

Big data is becoming another hotspot in the field of information technology after the cloud computing and the Internet of Things. However, the existing information security methods can no longer meet the information security requirements in the era of big data. This paper analyzes the challenges and a cause of data security brought by big data, discusses the development trend of network attacks under the background of big data, and puts forward my own opinions on the development of security defense in technology, strategy and product.

The exploration of the exhibition informatization

NASA Astrophysics Data System (ADS)

Zhang, Jiankang

2017-06-01

The construction and management of exhibition informatization is the main task and choke point during the process of Chinese exhibition industry’s transformation and promotion. There are three key points expected to realize a breakthrough during the construction of Chinese exhibition informatization, and the three aspects respectively are adopting service outsourcing to construct and maintain the database, adopting advanced chest card technology to collect various kinds of information, developing statistics analysis to maintain good cutomer relations. The success of Chinese exhibition informatization mainly calls for mature suppliers who can provide construction and maintenance of database, the proven technology, a sense of data security, advanced chest card technology, the ability of data mining and analysis and the ability to improve the exhibition service basing on the commercial information got from the data analysis. Several data security measures are expected to apply during the process of system developing, including the measures of the terminal data security, the internet data security, the media data security, the storage data security and the application data security. The informatization of this process is based on the chest card designing. At present, there are several types of chest card technology: bar code chest card; two-dimension code card; magnetic stripe chest card; smart-chip chest card. The information got from the exhibition data will help the organizers to make relevant service strategies, quantify the accumulated indexes of the customers, and improve the level of the customer’s satisfaction and loyalty, what’s more, the information can also provide more additional services like the commercial trips, VIP ceremonial reception.

The Internet's Multiple Roles in Facilitating the Sexual Orientation Identity Development of Gay and Bisexual Male Adolescents.

PubMed

Harper, Gary W; Serrano, Pedro A; Bruce, Douglas; Bauermeister, Jose A

2016-09-01

One emerging avenue for the exploration of adolescents' sexual orientation identity development is the Internet, since it allows for varying degrees of anonymity and exploration. The purpose of this phenomenological study was to examine the role of the Internet in facilitating the sexual orientation identity development process of gay and bisexual male adolescents. Qualitative interviews were conducted with an ethnically diverse sample of 63 gay/bisexual male adolescents (ages 15-23). Participants reported using a range of Internet applications as they explored and came to accept their sexual orientation identity, with the intended purpose and degree of anonymity desired determining which applications were used. Youth reported that the Internet provided a range of functions with regard to the exploration and acceptance of their sexual orientation identity, including (1) increasing self-awareness of sexual orientation identity, (2) learning about gay/bisexual community life, (3) communicating with other gay/bisexual people, (4) meeting other gay/bisexual people, (5) finding comfort and acceptance with sexual orientation, and (6) facilitating the coming out process. Future research and practice may explore the Internet as a platform for promoting the healthy development of gay and bisexual male adolescents by providing a developmentally and culturally appropriate venue for the exploration and subsequent commitment to an integrated sexual orientation identity. © The Author(s) 2015.

An Introduction to the Internet. Consumer Guide, Number 14.

ERIC Educational Resources Information Center

Anderson, Judith

This newsletter presents an introduction to the Internet. A definition of the Internet and its three principle uses--electronic mail, USENET newsgroups, and information files--are provided. A discussion on how to explore the Internet includes equipment needs, university Internet accounts, commercial vendors, navigating the Internet through the…

Participant experiences of an internet-based intervention and randomised control trial: interview study

PubMed Central

2013-01-01

Background There are an increasing number of interventions being delivered online, and an expanding body of research to assess the effectiveness of such interventions. Yet, little is known about the motivations for participating in online research. Furthermore, internet interventions and online research studies are characterised by poor adherence and high attrition rates. This study aimed to explore participant motivations for taking part in an online trial of an internet intervention and the reasons for continuing. Methods Semi-structured telephone interviews were conducted with twenty members of the intervention arm of an internet-based randomised control trial evaluating an online cognitive behavioural tool to improve mental wellbeing. The qualitative interviews were analysed using the Framework Approach to identify themes and subthemes, through familiarization with the data, identifying a thematic framework, charting, indexing, mapping and interpreting the data. Results A number of key themes emerged. Trusted brands were key to participants feeling secure in engaging with the trial due to the association with institutions such as the UK National Health Service and the lead University conducting the research. Participants had a number of motivations for signing up with the study; altruism, low mood and as a replacement for a physical health professional. Participants felt the need for the language used in the intervention to be tailored to them as individuals. The majority of those interviewed also described multiple benefits from the intervention, which could have been a reason for them to persist. Conclusion The nascent field of research on internet delivered healthcare needs to take account of participant views, as have been identified in this trial and future studies would benefit from applying its findings. PMID:24165325

46 CFR 232.2 - General instructions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Administration (such as reports filed with the Securities and Exchange Commission, public service commissions or... electronic options (such as facsimile and Internet), if practicable, any question involving the... and Rate Approvals, for the Maritime Security Program, or Director, Office of Ship Financing, for the...

75 FR 5865 - Proposed Collection; Comment Request for Publication 1075

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-04

... Publication 1075, Tax Information Security Guidelines for Federal, State, and Local Agencies. [[Page 5866... internet at [email protected] . SUPPLEMENTARY INFORMATION: Title: Tax Information Security Guidelines... on proposed and/or continuing information collections, as required by the Paperwork Reduction Act of...

Designing Secure Library Networks.

ERIC Educational Resources Information Center

Breeding, Michael

1997-01-01

Focuses on designing a library network to maximize security. Discusses UNIX and file servers; connectivity to campus, corporate networks and the Internet; separation of staff from public servers; controlling traffic; the threat of network sniffers; hubs that eliminate eavesdropping; dividing the network into subnets; Switched Ethernet;…

Privacy vs usability: a qualitative exploration of patients' experiences with secure Internet communication with their general practitioner.

PubMed

Tjora, Aksel; Tran, Trung; Faxvaag, Arild

2005-05-31

Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces.

Privacy vs Usability: A Qualitative Exploration of Patients' Experiences With Secure Internet Communication With Their General Practitioner

PubMed Central

Tran, Trung; Faxvaag, Arild

2005-01-01

Background Direct electronic communication between patients and physicians has the potential to empower patients and improve health care services. Communication by regular email is, however, considered a security threat in many countries and is not recommended. Systems which offer secure communication have now emerged. Unlike regular email, secure systems require that users authenticate themselves. However, the authentication steps per se may become barriers that reduce use. Objectives The objective was to study the experiences of patients who were using a secure electronic communication system. The focus of the study was the users' privacy versus the usability of the system. Methods Qualitative interviews were conducted with 15 patients who used a secure communication system (MedAxess) to exchange personal health information with their primary care physician. Results Six main themes were identified from the interviews: (1) supporting simple questions, (2) security issues, (3) aspects of written communication, (4) trust in the physician, (5) simplicity of MedAxess, and (6) trouble using the system. By using the system, about half of the patients (8/15) experienced easier access to their physician, with whom they tended to solve minor health problems and elaborate on more complex illness experiences. Two thirds of the respondents (10/15) found that their physician quickly responded to their MedAxess requests. As a result of the security barriers, the users felt that the system was secure. However, due to the same barriers, the patients considered the log-in procedure cumbersome, which had considerable negative impact on the actual use of the system. Conclusions Despite a perceived need for secure electronic patient-physician communication systems, security barriers may diminish their overall usefulness. A dual approach is necessary to improve this situation: patients need to be better informed about security issues, and, at the same time, their experiences of using secure systems must be studied and used to improve user interfaces. PMID:15998606

CrossTalk: The Journal of Defense Software Engineering. Volume 18, Number 6

DTIC Science & Technology

2005-06-01

Bollinger The MITRE Corporation1 Progress brings new dangers: Powerful home computers, inexpensive high-speed Internet access, telecommuting , and software...been using for years. Sure enough, GIANT was able to finish removing the hard - core spyware. At some point, my Internet security package had been... The sad truth is that if you do nothing more than attach a Windows PC to the Internet over a high- speed line, it will be subjected to the first

The Rise of Netpolitik: How the Internet Is Changing International Politics and Diplomacy. A Report of the Annual Aspen Institute Roundtable on Information Technology (11th, Aspen, Colorado, August 1-4, 2002).

ERIC Educational Resources Information Center

Bollier, David

This document is an interpretive synthesis of the discussion at a conference sponsored by the Aspen Institute that sought to develop new ways to understand how the Internet is changing the powers of the nation-state, the conduct of international relations, and the definitions of nation security. This report examines how the Internet and other…

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

NASA Astrophysics Data System (ADS)

Sklavos, N.; Selimis, G.; Koufopavlou, O.

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

Automatic Response to Intrusion

DTIC Science & Technology

2002-10-01

Computing Corporation Sidewinder Firewall [18] SRI EMERALD Basic Security Module (BSM) and EMERALD File Transfer Protocol (FTP) Monitors...the same event TCP Wrappers [24] Internet Security Systems RealSecure [31] SRI EMERALD IDIP monitor NAI Labs Generic Software Wrappers Prototype...included EMERALD , NetRadar, NAI Labs UNIX wrappers, ARGuE, MPOG, NetRadar, CyberCop Server, Gauntlet, RealSecure, and the Cyber Command System

A security analysis of version 2 of the Network Time Protocol (NTP): A report to the privacy and security research group

NASA Technical Reports Server (NTRS)

Bishop, Matt

1991-01-01

The Network Time Protocol is being used throughout the Internet to provide an accurate time service. The security requirements are examined of such a service, version 2 of the NTP protocol is analyzed to determine how well it meets these requirements, and improvements are suggested where appropriate.

A Multifactor Secure Authentication System for Wireless Payment

NASA Astrophysics Data System (ADS)

Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

77 FR 18283 - Self-Regulatory Organizations; The National Securities Clearing Corporation; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-27

.... NSCC believes it can offer a number of control improvements to the current manual, decentralized, and...: Electronic Comments Use the Commission's Internet comment form ( http://www.sec.gov/rules/sro.shtml ); or... one method. The Commission will post all comments on the Commission's Internet Web site ( http://www...

Corps Operations

DTIC Science & Technology

2010-11-26

accomplishes these actions by developing, recommending, and briefing the scheme of fires, including both lethal fires and nonlethal actions (electronic...Install and operate the corps information technology help desk. Provide voice, video teleconference, e-mail—Non-Secure Internet Protocol Router...Network (NIPRNET), SECRET Internet Protocol Router Network (SIPRNET), and other communication networks—assistance, and other help desk functions

20 CFR 418.3230 - When will we use your subsidy inquiry as your filing date?

Code of Federal Regulations, 2012 CFR

2012-04-01

... filing date? 418.3230 Section 418.3230 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE... oral or written inquiry about the subsidy, or partially complete an Internet subsidy application on our Web site, we will use the date of the inquiry or the date the partial Internet application was started...

47 CFR 12.3 - 911 and E911 analyses and reports.

Code of Federal Regulations, 2013 CFR

2013-10-01

... wireless 911 rules set forth in § 20.18 of this chapter; and interconnected Voice over Internet Protocol... Public Safety and Homeland Security Bureau (PSHSB) has the delegated authority to implement and activate... generation Internet Protocol-based E911 platform. (b) These reports are due 120 days from the date that the...

20 CFR 418.3230 - When will we use your subsidy inquiry as your filing date?

Code of Federal Regulations, 2014 CFR

2014-04-01

... filing date? 418.3230 Section 418.3230 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE... oral or written inquiry about the subsidy, or partially complete an Internet subsidy application on our Web site, we will use the date of the inquiry or the date the partial Internet application was started...

20 CFR 418.3230 - When will we use your subsidy inquiry as your filing date?

Code of Federal Regulations, 2013 CFR

2013-04-01

... filing date? 418.3230 Section 418.3230 Employees' Benefits SOCIAL SECURITY ADMINISTRATION MEDICARE... oral or written inquiry about the subsidy, or partially complete an Internet subsidy application on our Web site, we will use the date of the inquiry or the date the partial Internet application was started...

76 FR 38448 - In the Matter of International Poultry Co., Inc. (n/k/a Carley Enterprises, Inc.), International...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-30

... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] In the Matter of International Poultry Co., Inc. (n/k/a Carley Enterprises, Inc.), International Thoroughbred Breeders, Inc., Internet Marketing... Internet Marketing, Inc. because it has not filed any periodic reports since the period ended December 31...

Prediction of Problematic Internet Use by Attachment in University Students

ERIC Educational Resources Information Center

Kozan, Hatice Irem Ozteke; Kesici, Sahin; Buyukbayraktar, Cagla Girgin; Yalcin, S. Barbaros

2017-01-01

Aim of this research is to examine the predictive power of attachment style on problematic internet use among university students. Participants of study consist of 481 university students (230 girls). Results indicate that there is a negative correlation between secure attachment style and social benefit/social comfort and there is a positive…

Tao of Gateway: Providing Internet Access to Licensed Databases.

ERIC Educational Resources Information Center

McClellan, Gregory A.; Garrison, William V.

1997-01-01

Illustrates an approach for providing networked access to licensed databases over the Internet by positioning the library between patron and vendor. Describes how the gateway systems and database connection servers work and discusses how treatment of security has evolved with the introduction of the World Wide Web. Outlines plans to reimplement…

Playing Digital Security: Youth Voices on Their Digital Rights

ERIC Educational Resources Information Center

Costa, Conceição; Sousa, Carla; Rogado, José; Henriques, Sara

2017-01-01

The United Nations (UN) Convention (1989) on the Rights of the Child changed the way children are viewed and treated worldwide. The Convention has been affecting governments, civil society and the private sector. ICT driven companies on the internet should not be an exception. According to Livingstone, Carr and Byrne (2015), Internet governance…

The OAuth 2.0 Web Authorization Protocol for the Internet Addiction Bioinformatics (IABio) Database.

PubMed

Choi, Jeongseok; Kim, Jaekwon; Lee, Dong Kyun; Jang, Kwang Soo; Kim, Dai-Jin; Choi, In Young

2016-03-01

Internet addiction (IA) has become a widespread and problematic phenomenon as smart devices pervade society. Moreover, internet gaming disorder leads to increases in social expenditures for both individuals and nations alike. Although the prevention and treatment of IA are getting more important, the diagnosis of IA remains problematic. Understanding the neurobiological mechanism of behavioral addictions is essential for the development of specific and effective treatments. Although there are many databases related to other addictions, a database for IA has not been developed yet. In addition, bioinformatics databases, especially genetic databases, require a high level of security and should be designed based on medical information standards. In this respect, our study proposes the OAuth standard protocol for database access authorization. The proposed IA Bioinformatics (IABio) database system is based on internet user authentication, which is a guideline for medical information standards, and uses OAuth 2.0 for access control technology. This study designed and developed the system requirements and configuration. The OAuth 2.0 protocol is expected to establish the security of personal medical information and be applied to genomic research on IA.

Development of a telediagnosis endoscopy system over secure internet.

PubMed

Ohashi, K; Sakamoto, N; Watanabe, M; Mizushima, H; Tanaka, H

2008-01-01

We developed a new telediagnosis system to securely transmit high-quality endoscopic moving images over the Internet in real time. This system would enable collaboration between physicians seeking advice from endoscopists separated by long distances, to facilitate diagnosis. We adapted a new type of digital video streaming system (DVTS) to our teleendoscopic diagnosis system. To investigate its feasibility, we conducted a two-step experiment. A basic experiment was first conducted to transmit endoscopic video images between hospitals using a plain DVTS. After investigating the practical usability, we incorporated a secure and reliable communication function into the system, by equipping DVTS with "TCP2", a new security technology that establishes secure communication in the transport layer. The second experiment involved international transmission of teleendoscopic image between Hawaii and Japan using the improved system. In both the experiments, no serious transmission delay was observed to disturb physicians' communications and, after subjective evaluation by endoscopists, the diagnostic qualities of the images were found to be adequate. Moreover, the second experiment showed that "TCP2-equipped DVTS" successfully executed high-quality secure image transmission over a long distance network. We conclude that DVTS technology would be promising for teleendoscopic diagnosis. It was also shown that a high quality, secure teleendoscopic diagnosis system can be developed by equipping DVTS with TCP2.

[Security specifications for electronic medical records on the Internet].

PubMed

Mocanu, Mihai; Mocanu, Carmen

2007-01-01

The extension for the Web applications of the Electronic Medical Record seems both interesting and promising. Correlated with the expansion of Internet in our country, it allows the interconnection of physicians of different specialties and their collaboration for better treatment of patients. In this respect, the ophthalmologic medical applications consider the increased possibilities for monitoring chronic ocular diseases and for the identification of some elements for early diagnosis and risk factors supervision. We emphasize in this survey some possible solutions to the problems of interconnecting medical information systems to the Internet: the achievement of interoperability within medical organizations through the use of open standards, the automated input and processing for ocular imaging, the use of data reduction techniques in order to increase the speed of image retrieval in large databases, and, last but not least, the resolution of security and confidentiality problems in medical databases.

Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things

PubMed Central

Hernández-Ramos, José L.; Bernabe, Jorge Bernal; Moreno, M. Victoria; Skarmeta, Antonio F.

2015-01-01

As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things. PMID:26140349

Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

PubMed

Hernández-Ramos, José L; Bernabe, Jorge Bernal; Moreno, M Victoria; Skarmeta, Antonio F

2015-07-01

As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

77 FR 56625 - Privacy Act of 1974; Systems of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... Internet at http://www.regulations.gov as they are received without change, including any personal.... George G. Meade, MD 20755-6000. Decentralized segments: Defense Intelligence Agency (DIA) Headquarters... decentralized system locations, write to the National Security Agency/Central Security Service, Freedom of...

77 FR 70176 - Previous Participation Certification

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-23

... percent automated and digital submission of all data and certifications is available via HUD's secure... information is designed to be 100 percent automated and digital submission of all data and certifications is available via HUD's secure Internet systems. However HUD will provide for both electronic and paper...

9 CFR 121.15 - Training.

Code of Federal Regulations, 2012 CFR

2012-01-01

... must provide information and training on biosafety and security to each individual with access approval... or entity must provide information and training on biosafety and security to each individual not... Internet at http://www.aphis.usda.gov/programs/ag_selectagent/index.html. (b) Refresher training must be...

Application Security Automation

ERIC Educational Resources Information Center

Malaika, Majid A.

2011-01-01

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Use of IPsec by Manned Space Missions

NASA Technical Reports Server (NTRS)

Pajevski, Michael J.

2009-01-01

NASA's Constellation Program is developing its next generation manned space systems for missions to the International Space Station (ISS) and the Moon. The Program is embarking on a path towards standards based Internet Protocol (IP) networking for space systems communication. The IP based communications will be paired with industry standard security mechanisms such as Internet Protocol Security (IPsec) to ensure the integrity of information exchanges and prevent unauthorized release of sensitive information in-transit. IPsec has been tested in simulations on the ground and on at least one Earth orbiting satellite, but the technology is still unproven in manned space mission situations and significant obstacles remain.

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

NASA Technical Reports Server (NTRS)

Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

Survey of cyber security issues in smart grids

NASA Astrophysics Data System (ADS)

Chen, Thomas M.

2010-04-01

The future smart grid will enable cost savings and lower energy use by means of smart appliances and smart meters which support dynamic load management and real-time monitoring of energy use and distribution. The introduction of two-way communications and control into power grid introduces security and privacy concerns. This talk will survey the security and privacy issues in smart grids using the NIST reference model, and relate these issues to cyber security in the Internet.

Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System

PubMed Central

Deng, Yong-Yuan; Chen, Chin-Ling; Tsaur, Woei-Jiunn; Tang, Yung-Wen; Chen, Jung-Hsuan

2017-01-01

As sensor networks and cloud computation technologies have rapidly developed over recent years, many services and applications integrating these technologies into daily life have come together as an Internet of Things (IoT). At the same time, aging populations have increased the need for expanded and more efficient elderly care services. Fortunately, elderly people can now wear sensing devices which relay data to a personal wireless device, forming a body area network (BAN). These personal wireless devices collect and integrate patients’ personal physiological data, and then transmit the data to the backend of the network for related diagnostics. However, a great deal of the information transmitted by such systems is sensitive data, and must therefore be subject to stringent security protocols. Protecting this data from unauthorized access is thus an important issue in IoT-related research. In regard to a cloud healthcare environment, scholars have proposed a secure mechanism to protect sensitive patient information. Their schemes provide a general architecture; however, these previous schemes still have some vulnerability, and thus cannot guarantee complete security. This paper proposes a secure and lightweight body-sensor network based on the Internet of Things for cloud healthcare environments, in order to address the vulnerabilities discovered in previous schemes. The proposed authentication mechanism is applied to a medical reader to provide a more comprehensive architecture while also providing mutual authentication, and guaranteeing data integrity, user untraceability, and forward and backward secrecy, in addition to being resistant to replay attack. PMID:29244776

An Impact Assessment Model for Distributed Adaptive Security Situation Assessment

DTIC Science & Technology

2005-01-01

the cargo manifest can be either a 56K modem-based TCP/IP connection (the oval labeled internet) or a 40K wireless modem connection ( cell phone ) that...via a UDP connection on the 40K wireless modem ( cell phone ). For each resource, either alternative may be used to achieve the same goal, but some...Manifests Comm-in Comp- power Comm- out JTF Internet (TCP-IP) Cell phone (TCP-IP) Internet (UDP) Cell phone (UDP) Manual Computer 4

Student Internet Speech: Where Does the Schoolyard End in the Cyberworld?

ERIC Educational Resources Information Center

Denny, Thomas D.

2013-01-01

This study examines student internet speech that originates off-campus but results in discipline from school. The history of the issue of student speech is explored to set the foundation for the current issue. In the absence of a Supreme Court ruling on student off-campus internet speech, cases reaching the Federal level are explored in search of…

Secure Display of Space-Exploration Images

NASA Technical Reports Server (NTRS)

Cheng, Cecilia; Thornhill, Gillian; McAuley, Michael

2006-01-01

Java EDR Display Interface (JEDI) is software for either local display or secure Internet distribution, to authorized clients, of image data acquired from cameras aboard spacecraft engaged in exploration of remote planets. ( EDR signifies experimental data record, which, in effect, signifies image data.) Processed at NASA s Multimission Image Processing Laboratory (MIPL), the data can be from either near-realtime processing streams or stored files. JEDI uses the Java Advanced Imaging application program interface, plus input/output packages that are parts of the Video Image Communication and Retrieval software of the MIPL, to display images. JEDI can be run as either a standalone application program or within a Web browser as a servlet with an applet front end. In either operating mode, JEDI communicates using the HTTP(s) protocol(s). In the Web-browser case, the user must provide a password to gain access. For each user and/or image data type, there is a configuration file, called a "personality file," containing parameters that control the layout of the displays and the information to be included in them. Once JEDI has accepted the user s password, it processes the requested EDR (provided that user is authorized to receive the specific EDR) to create a display according to the user s personality file.

CrossTalk. The Journal of Defense Software Engineering. Volume 25, Number 6

DTIC Science & Technology

2012-12-01

Cyber Security Threat Definition Communicable Noncommunicable Based on Risky Behavior Coordinated Trojan horse programs Threats hidden in a...for Cyber Security Threats Cyber Security Threat Communicable Noncommunicable Risky Behaviors Coordinated Type of Intervention (at the System...types of data are breached. Further, educational materials on risky behaviors (e.g., for home Internet users) as well as recommended guide- lines for

Scalable Trust of Next-Generation Management (STRONGMAN)

DTIC Science & Technology

2004-10-01

remote logins might be policy controlled to allow only strongly encrypted IPSec tunnels to log in remotely, to access selected files, etc. The...and Angelos D. Keromytis. Drop-in Security for Distributed and Portable Computing Elements. Emerald Journal of Internet Research. Electronic...Security and Privacy, pp. 17-31, May 1999. [2] S. M. Bellovin. Distributed Firewalls. ; login : magazine, special issue on security, November 1999. [3] M

Defense Message System Way Ahead: Conclusions and Recommendations from the Industry Advisory Panel

DTIC Science & Technology

2000-03-01

access terminals • Increasing requirement for authentication and data security for conducting business • Mergers and acquisitions in Internet space...market, used to carry PKI certificates for all types of security services including access control, confidentiality, integrity, and non-repudiation...Wireless access widespread § Unified messaging pervasive § Security /privacy dependent on service provider Long-term § Highly reliable systems

Awaiting Cyber 9/11

DTIC Science & Technology

2013-01-01

tremendously dangerous and sophisticated virus that successfully attacked a SCADA system is now available for free on the Internet, where one can find...security for the public and private sectors. To develop this capability, the Nation needs to undergo a paradigm shift on how it views the cyber... for communications and trade were extraordinarily important for the security and prosperity of Britain. Today, the security and prosperity of the

Health care data security: one size does not fit all.

PubMed

Krohn, R

2001-11-01

In the wake of the Internet, E-commerce, and particularly the Health Insurance Portability and Accountability Act, data security has risen to the top of health care information technology priorities. What is the correct mix of data security tools, policies, and technologies for the doctor, the hospital, the insurer, the vendor, and everyone else who does business in the health care industry?

Considering IIOT and security for the DoD

NASA Astrophysics Data System (ADS)

Klawon, Kevin; Gold, Josh; Bachman, Kristen; Landoll, Darren

2016-05-01

The Internet of Things (IoT) has come of age and domestic and industrial devices are all "smart". But how can they be universally classified and queried? How do we know that the underlying architecture is secure enough to deploy on a defense network? By leverage existing platforms designed for interoperability, extensibility, and security that can manage data across multiple domains and runs on any platform.

Information Assurance Study

DTIC Science & Technology

1998-01-01

usually written up by Logistics or Maintenance (4790 is the Maintenance “ Bible ”). If need be, and if resources are available, one could collect all...Public domain) SATAN (System Administration Tool for Analyzing Networks) (Public Domain) STAT ( Security Test and Analysis Tool) (Harris Corporation...Service-Filtering Tools 1. TCP/IP wrapper program • Tools to Scan Hosts for Known Vulnerabilities 1. ISS (Internet Security Scanner) 2. SATAN (Security

77 FR 1915 - Proposed Information Collection; Comment Request; Licensing Responsibilities and Enforcement

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-12

... Commerce, Room 6616, 14th and Constitution Avenue NW., Washington, DC 20230 (or via the Internet at JJessup... DEPARTMENT OF COMMERCE Bureau of Industry and Security Proposed Information Collection; Comment Request; Licensing Responsibilities and Enforcement AGENCY: Bureau of Industry and Security, Commerce...

Surfing to Cross-Cultural Awareness: Using Internet-Mediated Projects To Explore Cultural Stereotypes.

ERIC Educational Resources Information Center

Abrams, Zsuzsanna I.

2002-01-01

Explores Internet-based culture portfolios that bring insider's views of other cultures into the second language classroom. Learners enrolled in third-semester German conducted semester-long culture projects in which they explored stereotypical views of the cultures of Austria, Germany, and Switzerland. (Author/VWL)

Internet Banking Adoption: Case of Lithuania and Latvia

ERIC Educational Resources Information Center

Gaile-Sarkane, Elina; Jureviciene, Diva; Skvarciany, Viktorija; Iljins, Juris

2017-01-01

The banking sector has developed and extended usage of different services at a distance using the internet in the last decade. Internet-based banking services dominate over other historically provided alternatives. This paper explores the adoption of internet banking in Lithuania and Latvia. Internet banking success model was developed based on…

IoT security with one-time pad secure algorithm based on the double memory technique

NASA Astrophysics Data System (ADS)

Wiśniewski, Remigiusz; Grobelny, Michał; Grobelna, Iwona; Bazydło, Grzegorz

2017-11-01

Secure encryption of data in Internet of Things is especially important as many information is exchanged every day and the number of attack vectors on IoT elements still increases. In the paper a novel symmetric encryption method is proposed. The idea bases on the one-time pad technique. The proposed solution applies double memory concept to secure transmitted data. The presented algorithm is considered as a part of communication protocol and it has been initially validated against known security issues.

Internet for law enforcement: a modern phenomena and a phenomenal tool

NASA Astrophysics Data System (ADS)

Wilsker, Ira

1997-02-01

There is an existing, low cost, and widely used framework in place for both the public distribution of law enforcement information, and the secure and restricted distribution of sensitive data. That is, of course, the Internet. Already, hundreds of law enforcement agencies around the world, at all levels, are utilizing this most cost effective medium for a variety of tasks. In the public mode, now with 21 - 35 million individuals in the U.S. having access, agencies typically make available contact information, Community Oriented Policing (COPS), employment, crime prevention, DARE, police explorer, and other helpful information. Most often this information is available via WWW page, or a local BBS. Other public access is available to thousands of specialized sites, such as forensics, training, narcotics, firearms, terrorism and hate crimes, K9, police supply, traffic related, crime prevention, most wanted, missing persons, etc. Public newsgroups provide a forum for local, national, and international law enforcement issues. In the private mode, there is a wide variety of restricted mail lists providing for the exchange of information on narrowly defined topics including forensics, firearms, COPS, officer survival, and other related areas. Traditional EMail provides another cost effective method for the exchange of information, either to a specific point, or broadcast to an explicit wide audience. As a secure method of quickly exchanging information in a most cost effective way, encrypted data, typically text, files, or images, can be instantly transmitted between individuals or agencies. Commonly available encryption technology (the most commonly used is PGP, a public key encryption utility), is freely or inexpensively available. An additional Internet benefit available to the law enforcement community, is the availability of software. Currently available is a variety of accident investigation, crime scene, dispatch, maintenance, evidence tracking, and other useful software. This software can typically be downloaded and updated for free, or for a nominal cost. It is imperative that more agencies make use of this valuable resource; while hundreds are, thousands are not.

Exploring the Online Reading Comprehension Strategies Used by Sixth-Grade Skilled Readers to Search for and Locate Information on the Internet

ERIC Educational Resources Information Center

Coiro, Julie; Dobler, Elizabeth

2007-01-01

The purpose of this qualitative study was to explore the nature of reading comprehension processes while reading on the Internet. Eleven sixth-grade students with the highest combination of standardized reading scores, reading report card grades, and Internet reading experiences were selected from a population of 150 sixth graders in three…

78 FR 63159 - Amendment to Certification of Nebraska's Central Filing System

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-23

... system for Nebraska to permit the conversion of all debtor social security and taxpayer identification... automatically convert social security numbers and taxpayer identification numbers into ten number unique... certified central filing systems is available through the Internet on the GIPSA Web site ( http://www.gipsa...

Securing TCP/IP and Dial-up Access to Administrative Data.

ERIC Educational Resources Information Center

Conrad, L. Dean

1992-01-01

This article describes Arizona State University's solution to security risk inherent in general access systems such as TCP/IP (Transmission Control Protocol/INTERNET Protocol). Advantages and disadvantages of various options are compared, and the process of selecting a log-on authentication approach involving generation of a different password at…

The Defense Message System and the U.S. Coast Guard

DTIC Science & Technology

1992-06-01

these mail services, the Internet also provides a File Transfer Protocol (FTP) and remote login between host computers (TELNET) capabilities. 17 [Ref...the Joint Maritime Intelligence Element (JMIE), Zincdust, and Emerald . [Ref. 27] 4. Secure Data Network The Coast Guard’s Secure Data Network (SDN

78 FR 56266 - Consent Based Social Security Number Verification (CBSV) Service

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-12

... developed CBSV as a user- friendly, internet-based application with safeguards that protect the public's information. In addition to the benefit of providing high volume, centralized SSN verification services to users in a secure manner, CBSV provides us with cost and workload management benefits. New Information...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2014 CFR

2014-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2010 CFR

2010-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 1 2014-04-01 2014-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2012 CFR

2012-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2013 CFR

2013-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2013 CFR

2013-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2011 CFR

2011-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2013 CFR

2013-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2012 CFR

2012-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2012 CFR

2012-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

17 CFR 15.02 - Reporting forms.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Reporting forms. 15.02 Section 15.02 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION REPORTS-GENERAL... Commission or via the Internet (http://www.cftc.gov). Forms to be used for the filing of reports follow, and...

15 CFR 711.6 - Where to obtain forms.

Code of Federal Regulations, 2011 CFR

2011-01-01

... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE CHEMICAL WEAPONS CONVENTION REGULATIONS GENERAL... and Security, U.S. Department of Commerce, Room 4515, 14th Street and Pennsylvania Avenue, NW... Internet at www.cwc.gov. (b) If the amount of information you are required to submit is greater than the...

15 CFR 782.5 - Where to obtain APR report forms.

Code of Federal Regulations, 2014 CFR

2014-01-01

... (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL REGULATIONS GENERAL... forms required by the APR may be downloaded from the Internet at http://www.ap.gov. You also may obtain these forms by contacting: Treaty Compliance Division, Bureau of Industry and Security, U.S. Department...

20 CFR 402.130 - How to request a record.

Code of Federal Regulations, 2014 CFR

2014-04-01

....130 Employees' Benefits SOCIAL SECURITY ADMINISTRATION AVAILABILITY OF INFORMATION AND RECORDS TO THE... telephone, fax, Internet, and e-mail. Any request should reasonably describe the record you want. If you... submit your request as a “Freedom of Information Request.” The staff at any Social Security office can...

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

Mobile Virtual Private Networking

NASA Astrophysics Data System (ADS)

Pulkkis, Göran; Grahn, Kaj; Mårtens, Mathias; Mattsson, Jonny

Mobile Virtual Private Networking (VPN) solutions based on the Internet Security Protocol (IPSec), Transport Layer Security/Secure Socket Layer (SSL/TLS), Secure Shell (SSH), 3G/GPRS cellular networks, Mobile IP, and the presently experimental Host Identity Protocol (HIP) are described, compared and evaluated. Mobile VPN solutions based on HIP are recommended for future networking because of superior processing efficiency and network capacity demand features. Mobile VPN implementation issues associated with the IP protocol versions IPv4 and IPv6 are also evaluated. Mobile VPN implementation experiences are presented and discussed.

Influence of Security Mechanisms on the Quality of Service of VoIP

NASA Astrophysics Data System (ADS)

Backs, Peter; Pohlmann, Norbert

While Voice over IP (VoIP) is advancing rapidly in the telecommunications market, the interest to protect the data transmitted by this new service is also rising. However, in contrast to other internet services such as email or HTTP, VoIP is real-time media, and therefore must meet a special requirement referred to as Quality-of-Service to provide a comfortable flow of speech. Speech quality is worsened when transmitted over the network due to delays in transmission or loss of packets. Often, voice quality is at a level that even prevents comprehensive dialog. Therefore, an administrator who is to setup a VoIP infrastructure might consider avoiding additional decreases in voice quality resulting from security mechanisms, and might leave internet telephony unprotected as a result. The inspiration for this paper is to illustrate that security mechanisms have negligible impact on speech quality and should in fact be encouraged.

Threats and risks to information security: a practical analysis of free access wireless networks

NASA Astrophysics Data System (ADS)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

Problematic Internet Use among Turkish University Students: A Multidimensional Investigation Based on Demographics and Internet Activities

ERIC Educational Resources Information Center

Tekinarslan, Erkan; Gurer, Melih Derya

2011-01-01

This study investigated the Turkish undergraduate university students' problematic Internet use (PIU) levels on different dimensions based on demographics (e.g., gender, Internet use by time of day), and Internet activities (e.g., chat, entertainment, social networking, information searching, etc.). Moreover, the study explored some predictors of…

Internet Research, Theory, and Practice: Perspectives from Ireland

ERIC Educational Resources Information Center

Fowley, Cathy, Ed.; English, Claire, Ed.; Thouësny, Sylvie, Ed.

2013-01-01

From 2000 to 2012 the number of Internet users rose from less than 0.4 billion to 2.4 billion. Scholarly, evidence-based Internet research is of critical importance. The field of Internet research explores the Internet as a social, political and educational phenomenon, providing theoretical and practical contributions to understanding, and…

Exploring depression, self-esteem and verbal fluency with different degrees of internet addiction among Chinese college students.

PubMed

Nie, Jia; Zhang, Wei; Liu, Ying

2017-01-01

The aims of this study were to explore depression, self-esteem and verbal fluency functions among normal internet users, mild internet addictions and severe internet addictions. The survey sample consisted of 316 college students, and their internet addiction symptoms, depression and self-esteem symptoms were assessed using the Revised Chen Internet Addiction Scale (CIAS-R), Zung Self-Rating Depression Scale (ZSDS), Rosenberg Self-Esteem Scale (RSES), respectively. From this sample, 16 students with non-addictions, 19 students with mild internet addiction (sub-MIA) and 15 students with severe internet addiction (sub-SIA) were recruited and subjected to the classical verbal fluency tests, including the semantic and phonemic fluency task. The results indicated that severe internet addiction in the survey sample showed the highest tendency towards depressive symptoms and lowest self-esteem scores, and sub-SIA showed poor performance on the semantic fluency task. In conclusion, severe internet addiction was significantly associated with depression, low self-esteem and semantic verbal fluency problems. Copyright © 2017 Elsevier Inc. All rights reserved.

Secure quantum key distribution

NASA Astrophysics Data System (ADS)

Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

2014-08-01

Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2012 CFR

2012-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

17 CFR 240.6a-4 - Notice of registration under Section 6(g) of the Act, amendment to such notice, and supplemental...

Code of Federal Regulations, 2011 CFR

2011-04-01

... this section is available continuously on an Internet web site controlled by a Security Futures Product... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Notice of registration under... registered under Section 6(g) of the Act. 240.6a-4 Section 240.6a-4 Commodity and Securities Exchanges...

Change Detection Algorithms for Information Assurance of Computer Networks

DTIC Science & Technology

2002-01-01

original document contains color images. 14. ABSTRACT see report 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT 18...number of computer attacks increases steadily per year. At the time of this writing the Internet Security Systems’ baseline assessment is that a new...across a network by exploiting security flaws in widely-used services offered by vulnerable computers. In order to locate the vulnerable computers, the

Session Initiation Protocol Network Encryption Device Plain Text Domain Discovery Service

DTIC Science & Technology

2007-12-07

MONITOR’S REPORT NUMBER(S) 12. DISTRIBUTION / AVAILABILITY STATEMENT 13. SUPPLEMENTARY NOTES 14. ABSTRACT 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: a...such as the TACLANE, have developed unique discovery methods to establish Plain Text Domain (PTD) Security Associations (SA). All of these techniques...can include network and host Internet Protocol (IP) addresses, Information System Security Office (ISSO) point of contact information and PTD status

Safe at Any Speed: Securing Your Wi-Fi Network Is Easier and More Important than You Might Think

ERIC Educational Resources Information Center

Branzburg, Jeffrey

2007-01-01

In this article, the author relates how he discovered that not all Wi-Fi networks are secure. As such, he developed several strategies on how he can be secured whenever he connects to the Internet through a Wi-Fi connection. He discusses how one can change passwords, explains the process of encryption, and provides suggestions on other security…

Impact of primary healthcare providers' initial role security and therapeutic commitment on implementing brief interventions in managing risky alcohol consumption: a cluster randomised factorial trial.

PubMed

Keurhorst, M; Anderson, P; Heinen, M; Bendtsen, Preben; Baena, Begoña; Brzózka, Krzysztof; Colom, Joan; Deluca, Paolo; Drummond, Colin; Kaner, Eileen; Kłoda, Karolina; Mierzecki, Artur; Newbury-Birch, Dorothy; Okulicz-Kozaryn, Katarzyna; Palacio-Vieira, Jorge; Parkinson, Kathryn; Reynolds, Jillian; Ronda, Gaby; Segura, Lidia; Słodownik, Luiza; Spak, Fredrik; van Steenkiste, Ben; Wallace, Paul; Wolstenholme, Amy; Wojnar, Marcin; Gual, Antoni; Laurant, M; Wensing, M

2016-07-16

Brief interventions in primary healthcare are cost-effective in reducing drinking problems but poorly implemented in routine practice. Although evidence about implementing brief interventions is growing, knowledge is limited with regard to impact of initial role security and therapeutic commitment on brief intervention implementation. In a cluster randomised factorial trial, 120 primary healthcare units (PHCUs) were randomised to eight groups: care as usual, training and support, financial reimbursement, and the opportunity to refer patients to an internet-based brief intervention (e-BI); paired combinations of these three strategies, and all three strategies combined. To explore the impact of initial role security and therapeutic commitment on implementing brief interventions, we performed multilevel linear regression analyses adapted to the factorial design. Data from 746 providers from 120 PHCUs were included in the analyses. Baseline role security and therapeutic commitment were found not to influence implementation of brief interventions. Furthermore, there were no significant interactions between these characteristics and allocated implementation groups. The extent to which providers changed their brief intervention delivery following experience of different implementation strategies was not determined by their initial attitudes towards alcohol problems. In future research, more attention is needed to unravel the causal relation between practitioners' attitudes, their actual behaviour and care improvement strategies to enhance implementation science. ClinicalTrials.gov: NCT01501552.

Public views on multiple dimensions of security : nuclear waepons, terrorism, energy, and the environment : 2007.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Herron, Kerry Gale; Jenkins-Smith, Hank C.

2008-01-01

We analyze and compare findings from identical national surveys of the US general public on nuclear security and terrorism administered by telephone and Internet in mid-2007. Key areas of investigation include assessments of threats to US security; valuations of US nuclear weapons and nuclear deterrence; perspectives on nuclear proliferation, including the specific cases of North Korea and Iran; and support for investments in nuclear weapons capabilities. Our analysis of public views on terrorism include assessments of the current threat, progress in the struggle against terrorism, preferences for responding to terrorist attacks at different levels of assumed casualties, and support formore » domestic policies intended to reduce the threat of terrorism. Also we report findings from an Internet survey conducted in mid 2007 that investigates public views of US energy security, to include: energy supplies and reliability; energy vulnerabilities and threats, and relationships among security, costs, energy dependence, alternative sources, and research and investment priorities. We analyze public assessments of nuclear energy risks and benefits, nuclear materials management issues, and preferences for the future of nuclear energy in the US. Additionally, we investigate environmental issues as they relate to energy security, to include expected implications of global climate change, and relationships among environmental issues and potential policy options.« less

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment

PubMed Central

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun

2015-01-01

Objectives Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. Methods This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. Results The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. Conclusions The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff. PMID:26618034

Service-Oriented Security Framework for Remote Medical Services in the Internet of Things Environment.

PubMed

Lee, Jae Dong; Yoon, Tae Sik; Chung, Seung Hyun; Cha, Hyo Soung

2015-10-01

Remote medical services have been expanding globally, and this is expansion is steadily increasing. It has had many positive effects, including medical access convenience, timeliness of service, and cost reduction. The speed of research and development in remote medical technology has been gradually accelerating. Therefore, it is expected to expand to enable various high-tech information and communications technology (ICT)-based remote medical services. However, the current state lacks an appropriate security framework that can resolve security issues centered on the Internet of things (IoT) environment that will be utilized significantly in telemedicine. This study developed a medical service-oriented frame work for secure remote medical services, possessing flexibility regarding new service and security elements through its service-oriented structure. First, the common architecture of remote medical services is defined. Next medical-oriented secu rity threats and requirements within the IoT environment are identified. Finally, we propose a "service-oriented security frame work for remote medical services" based on previous work and requirements for secure remote medical services in the IoT. The proposed framework is a secure framework based on service-oriented cases in the medical environment. A com parative analysis focusing on the security elements (confidentiality, integrity, availability, privacy) was conducted, and the analysis results demonstrate the security of the proposed framework for remote medical services with IoT. The proposed framework is service-oriented structure. It can support dynamic security elements in accordance with demands related to new remote medical services which will be diversely generated in the IoT environment. We anticipate that it will enable secure services to be provided that can guarantee confidentiality, integrity, and availability for all, including patients, non-patients, and medical staff.

Research and realization implementation of monitor technology on illegal external link of classified computer

NASA Astrophysics Data System (ADS)

Zhang, Hong

2017-06-01

In recent years, with the continuous development and application of network technology, network security has gradually entered people's field of vision. The host computer network external network of violations is an important reason for the threat of network security. At present, most of the work units have a certain degree of attention to network security, has taken a lot of means and methods to prevent network security problems such as the physical isolation of the internal network, install the firewall at the exit. However, these measures and methods to improve network security are often not comply with the safety rules of human behavior damage. For example, the host to wireless Internet access and dual-network card to access the Internet, inadvertently formed a two-way network of external networks and computer connections [1]. As a result, it is possible to cause some important documents and confidentiality leak even in the the circumstances of user unaware completely. Secrecy Computer Violation Out-of-band monitoring technology can largely prevent the violation by monitoring the behavior of the offending connection. In this paper, we mainly research and discuss the technology of secret computer monitoring.

Simple group password-based authenticated key agreements for the integrated EPR information system.

PubMed

Lee, Tian-Fu; Chang, I-Pin; Wang, Ching-Cheng

2013-04-01

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients' medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users' overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users' public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.

A survey of selected Internet pharmacies in the United States.

PubMed

Peterson, A M

2001-01-01

To determine whether differences in the provision of pharmacy services exist among different types of Internet pharmacies. Survey of selected pharmacies with a presence on the Internet. Data were abstracted onto a data collection form for further analysis. Data collection was limited to 3 weeks. U.S.-based Internet pharmacies that allow patients to purchase prescription medications online. Pharmacies were identified using a metasearch engine with the search terms "Internet pharmacy" and "Internet pharmacist." Survey. Comparisons of availability of 10 commonly used products representing a variety of product categories, prescription verification methods, and privacy issues; and determinations of site navigability, drug information and provider access, and payment methods. Sites were categorized as "chain pharmacy extensions," "mail order pharmacies," "independent pharmacy extensions," and "online pharmacies." Thirty-three sites were reviewed. There was significant variation among the four types of pharmacies selling prescriptions over the Internet. Most pharmacies provided all of the drugs in the survey. Patients were required to provide their own prescription at 88% of the sites, and 75% of sites used mail or fax to verify prescription integrity. More than 50% of sites had privacy policies posted, and 64% used cookies. Chain pharmacy extensions required completion of an average of 10.2 pages to order drugs versus 2.4 to 4 pages for all other site types. Drug information was written at an eighth-grade reading level at 36% of the sites. More than two-thirds of the sites provided a toll-free telephone for a health care professional. Nearly 80% of the sites accepted health insurance, and 95% accepted credit cards; however, only 40% used a secure transmission mechanism for patient or payment information. Internet pharmacies provide varying levels of service. Policies regarding the use of the Internet for obtaining medications should focus on improving the privacy of consumer information and ensuring the secure transmission of financial information.

Using TARGET Data | Office of Cancer Genomics

Cancer.gov

- ANNOUNCEMENT - The TARGET data matrix will not function properly in Internet Explorer unless the Compatibility View is completely turned off. Visit the How to use Compatibility View in Internet Explorer 9 on the Microsoft Support website for more information. ........................

Performance optimization of internet firewalls

NASA Astrophysics Data System (ADS)

Chiueh, Tzi-cker; Ballman, Allen

1997-01-01

Internet firewalls control the data traffic in and out of an enterprise network by checking network packets against a set of rules that embodies an organization's security policy. Because rule checking is computationally more expensive than routing-table look-up, it could become a potential bottleneck for scaling up the performance of IP routers, which typically implement firewall functions in software. in this paper, we analyzed the performance problems associated with firewalls, particularly packet filters, propose a good connection cache to amortize the costly security check over the packets in a connection, and report the preliminary performance results of a trace-driven simulation that show the average packet check time can be reduced by a factor of 2.5 at the least.

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2014 CFR

2014-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2012 CFR

2012-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2013 CFR

2013-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

17 CFR 232.312 - Accommodation for certain information in filings with respect to asset-backed securities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... (§ 229.1105 of this chapter) may be provided under the following conditions on an Internet Web site for... Internet address where the information is posted. (2) Such information shall be provided through the Web site unrestricted as to access and free of charge. (3) Such information shall remain available on the...

Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress

DTIC Science & Technology

2009-09-30

responsibilities of cybersecurity stakeholders. Privacy and civil liberties—maintaining privacy and freedom of speech protections on the Internet...securing networks before tackling the attendant issues such as freedom of speech , privacy, and civil liberty protections as they pertain to the Internet...legislation to mandate privacy and freedom of speech protections to be incorporated into a national strategy. • Assessing current congressional

2015 Marine Corps Security Environment Forecast: Futures 2030-2045

DTIC Science & Technology

2015-01-01

The technologies that make the iPhone “smart” were publically funded—the Internet, wireless networks, the global positioning system, microelectronics...Energy Revolution (63 percent);  Internet of Things (ubiquitous sensors embedded in interconnected computing devices) (50 percent);  “Sci-Fi...Neuroscience & artificial intelligence - Sensors /control systems -Power & energy -Human-robot interaction Robots/autonomous systems will become part of the

CAPTCHA: Impact on User Experience of Users with Learning Disabilities

ERIC Educational Resources Information Center

Gafni, Ruti; Nagar, Idan

2016-01-01

CAPTCHA is one of the most common solutions to check if the user trying to enter a Website is a real person or an automated piece of software. This challenge-response test, implemented in many Internet Websites, emphasizes the gaps between accessibility and security on the Internet, as it poses an obstacle for the learning-impaired in the reading…

Internetting tactical security sensor systems

NASA Astrophysics Data System (ADS)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control stations.

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things

PubMed Central

Cha, Shi-Cho; Chen, Jyun-Fu

2017-01-01

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim’s devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts. PMID:29036900

Toward a Robust Security Paradigm for Bluetooth Low Energy-Based Smart Objects in the Internet-of-Things.

PubMed

Cha, Shi-Cho; Yeh, Kuo-Hui; Chen, Jyun-Fu

2017-10-14

Bluetooth Low Energy (BLE) has emerged as one of the most promising technologies to enable the Internet-of-Things (IoT) paradigm. In BLE-based IoT applications, e.g., wearables-oriented service applications, the Bluetooth MAC addresses of devices will be swapped for device pairings. The random address technique is adopted to prevent malicious users from tracking the victim's devices with stationary Bluetooth MAC addresses and accordingly the device privacy can be preserved. However, there exists a tradeoff between privacy and security in the random address technique. That is, when device pairing is launched and one device cannot actually identify another one with addresses, it provides an opportunity for malicious users to break the system security via impersonation attacks. Hence, using random addresses may lead to higher security risks. In this study, we point out the potential risk of using random address technique and then present critical security requirements for BLE-based IoT applications. To fulfill the claimed requirements, we present a privacy-aware mechanism, which is based on elliptic curve cryptography, for secure communication and access-control among BLE-based IoT objects. Moreover, to ensure the security of smartphone application associated with BLE-based IoT objects, we construct a Smart Contract-based Investigation Report Management framework (SCIRM) which enables smartphone application users to obtain security inspection reports of BLE-based applications of interest with smart contracts.

The Internet’s Multiple Roles in Facilitating the Sexual Orientation Identity Development of Gay and Bisexual Male Adolescents

PubMed Central

Harper, Gary W.; Serrano, Pedro A.; Bruce, Douglas; Bauermeister, Jose A.

2016-01-01

One emerging avenue for the exploration of adolescents’ sexual orientation identity development is the Internet since it allows for varying degrees of anonymity and exploration. The purpose of this phenomenological study was to examine the role of the Internet in facilitating the sexual orientation identity development process of gay and bisexual male adolescents. Qualitative interviews were conducted with an ethnically diverse sample of 63 gay/bisexual male adolescents (ages 15–23). Participants reported using a range of Internet applications as they explored and came to accept their sexual orientation identity, with the intended purpose and degree of anonymity desired determining which applications were used. Youth reported that the Internet provided a range of functions with regard to the exploration and acceptance of their sexual orientation identity, including: 1) increasing self awareness of sexual orientation identity; 2) learning about gay/bisexual community life; 3) communicating with other gay/bisexual people; 4) meeting other gay/bisexual people; 5) finding comfort and acceptance with sexual orientation; and 6) facilitating the coming out process. Future research and practice may explore the Internet as a platform for promoting the healthy development of gay and bisexual male adolescents by providing a developmentally and culturally appropriate venue for the exploration and subsequent commitment to an integrated sexual orientation identity. PMID:25585861

Design and Implementation of an Enterprise Internet of Things

NASA Astrophysics Data System (ADS)

Sun, Jing; Zhao, Huiqun; Wang, Ka; Zhang, Houyong; Hu, Gongzhu

Since the notion of "Internet of Things" (IoT) introduced about 10 years ago, most IoT research has focused on higher level issues, such as strategies, architectures, standardization, and enabling technologies, but studies of real cases of IoT are still lacking. In this paper, a real case of Internet of Things called ZB IoT is introduced. It combines the Service Oriented Architecture (SOA) with EPC global standards in the system design, and focuses on the security and extensibility of IoT in its implementation.

Exploring the Use of Internet by University Students for Seeking Health Related Information

ERIC Educational Resources Information Center

Ahmad, Asad; Khan, Mohammed Naved; Rahman, Obaidur

2017-01-01

Purpose: Internet is both a medium and a platform for information exchange. This characteristic of internet is gradually metamorphosing it into an e-learning enabler. A significant percentage of internet users access health-related information through the medium of internet, but little is known about the factors that determine such behaviour. This…

Call Me... Maybe: A Framework for Integrating the Internet into ELT

ERIC Educational Resources Information Center

Chinnery, George M.

2014-01-01

This article outlines reasons to use (or not use) the Internet in English language teaching, exploring the Internet as tutor and tool. Discussion of Internet content includes types of content and how to select, save, and use content. Various learning tasks, appropriate even for those without Internet access, are presented and highlighted in a…

Patient-directed Internet-based Medical Image Exchange: Experience from an Initial Multicenter Implementation

PubMed Central

Greco, Giampaolo; Patel, Anand S.; Lewis, Sara C.; Shi, Wei; Rasul, Rehana; Torosyan, Mary; Erickson, Bradley J.; Hiremath, Atheeth; Moskowitz, Alan J.; Tellis, Wyatt M.; Siegel, Eliot L.; Arenson, Ronald L.; Mendelson, David S.

2015-01-01

Rationale and Objectives Inefficient transfer of personal health records among providers negatively impacts quality of health care and increases cost. This multicenter study evaluates the implementation of the first Internet-based image-sharing system that gives patients ownership and control of their imaging exams, including assessment of patient satisfaction. Materials and Methods Patients receiving any medical imaging exams in four academic centers were eligible to have images uploaded into an online, Internet-based personal health record. Satisfaction surveys were provided during recruitment with questions on ease of use, privacy and security, and timeliness of access to images. Responses were rated on a five-point scale and compared using logistic regression and McNemar's test. Results A total of 2562 patients enrolled from July 2012 to August 2013. The median number of imaging exams uploaded per patient was 5. Most commonly, exams were plain X-rays (34.7%), computed tomography (25.7%), and magnetic resonance imaging (16.1%). Of 502 (19.6%) patient surveys returned, 448 indicated the method of image sharing (Internet, compact discs [CDs], both, other). Nearly all patients (96.5%) responded favorably to having direct access to images, and 78% reported viewing their medical images independently. There was no difference between Internet and CD users in satisfaction with privacy and security and timeliness of access to medical images. A greater percentage of Internet users compared to CD users reported access without difficulty (88.3% vs. 77.5%, P < 0.0001). Conclusion A patient-directed, interoperable, Internet-based image-sharing system is feasible and surpasses the use of CDs with respect to accessibility of imaging exams while generating similar satisfaction with respect to privacy. PMID:26625706

Patient-directed Internet-based Medical Image Exchange: Experience from an Initial Multicenter Implementation.

PubMed

Greco, Giampaolo; Patel, Anand S; Lewis, Sara C; Shi, Wei; Rasul, Rehana; Torosyan, Mary; Erickson, Bradley J; Hiremath, Atheeth; Moskowitz, Alan J; Tellis, Wyatt M; Siegel, Eliot L; Arenson, Ronald L; Mendelson, David S

2016-02-01

Inefficient transfer of personal health records among providers negatively impacts quality of health care and increases cost. This multicenter study evaluates the implementation of the first Internet-based image-sharing system that gives patients ownership and control of their imaging exams, including assessment of patient satisfaction. Patients receiving any medical imaging exams in four academic centers were eligible to have images uploaded into an online, Internet-based personal health record. Satisfaction surveys were provided during recruitment with questions on ease of use, privacy and security, and timeliness of access to images. Responses were rated on a five-point scale and compared using logistic regression and McNemar's test. A total of 2562 patients enrolled from July 2012 to August 2013. The median number of imaging exams uploaded per patient was 5. Most commonly, exams were plain X-rays (34.7%), computed tomography (25.7%), and magnetic resonance imaging (16.1%). Of 502 (19.6%) patient surveys returned, 448 indicated the method of image sharing (Internet, compact discs [CDs], both, other). Nearly all patients (96.5%) responded favorably to having direct access to images, and 78% reported viewing their medical images independently. There was no difference between Internet and CD users in satisfaction with privacy and security and timeliness of access to medical images. A greater percentage of Internet users compared to CD users reported access without difficulty (88.3% vs. 77.5%, P < 0.0001). A patient-directed, interoperable, Internet-based image-sharing system is feasible and surpasses the use of CDs with respect to accessibility of imaging exams while generating similar satisfaction with respect to privacy. Copyright © 2015 The Association of University Radiologists. Published by Elsevier Inc. All rights reserved.

Security Implications of Electronic Commerce: A Survey of Consumers and Businesses.

ERIC Educational Resources Information Center

Furnell, S. M.; Karweni, T.

1999-01-01

Examines general requirement for security technologies that provide a basis for trust in the electronic commerce environment. Discusses the results of two surveys that included general Internet users who are potential customers as well as commercial businesses, that considered attitudes to electronic commerce in general and options relating to…

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

17 CFR 10.22 - Complaint and notice of hearing.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Complaint and notice of hearing. 10.22 Section 10.22 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES... Internet web site during the period referred to in paragraph (b)(1) of this section. [41 FR 2511, Jan. 16...

17 CFR 10.22 - Complaint and notice of hearing.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Complaint and notice of hearing. 10.22 Section 10.22 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION RULES... Internet web site during the period referred to in paragraph (b)(1) of this section. [41 FR 2511, Jan. 16...

17 CFR 162.7 - Reasonable and simple methods of opting out.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Reasonable and simple methods of opting out. 162.7 Section 162.7 Commodity and Securities Exchanges COMMODITY FUTURES TRADING... electronically mailed or processed through an Internet Web site; (4) Providing a toll-free telephone number; or...

Transformative Rendering of Internet Resources

DTIC Science & Technology

2012-10-01

4 Securing WiFi Connections...comes from legitimate web sites that have themselves been hacked . There is no way of anticipating which of these sites have been hacked and therefore...pose a security threat to visitors. The purpose of most of this web page hacking is to plant malicious code on the web site that will attack any

77 FR 71201 - Order Extending Temporary Conditional Exemption for Nationally Recognized Statistical Rating...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-29

... following conflict of interest: Issuing or maintaining a credit rating for a security or money market... that was paid for by the issuer, sponsor, or underwriter of the security or money market instrument. 17...; Provide free and unlimited access to such password- protected Internet Web site during the applicable...

A New Look at Security Education: YouTube as YouTool

ERIC Educational Resources Information Center

Werner, Laurie A.; Frank, Charles E.

2010-01-01

Teaching a computer security course which includes network administration and protection software is especially challenging because textbook tools are out of date by the time the text is published. In an effort to use lab activities that work effectively, we turned to the internet. This paper describes several resources for teaching computer…

78 FR 54756 - Extension of Expiration Dates for Two Body System Listings

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-06

... SOCIAL SECURITY ADMINISTRATION 20 CFR Part 404 [Docket No. SSA-2013-0039] RIN 0960-AH60 Extension of Expiration Dates for Two Body System Listings AGENCY: Social Security Administration. ACTION... national toll-free number, 1-800-772-1213, or TTY 1-800-325-0778, or visit our Internet site, Social...

76 FR 1559 - Guidelines for the Use of Electronic Voting Systems in Union Officer Elections

Federal Register 2010, 2011, 2012, 2013, 2014

2011-01-11

... voting. Id. However, there are still concerns regarding on-line computer security, viruses and attacks... casting votes at polling sites; electronic voting from remote site personal computers via the Internet..., Washington, DC 20210. Because of security precautions, the Department continues to experience delays in U.S...

[Internet research methods: advantages and challenges].

PubMed

Liu, Yi; Tien, Yueh-Hsuan

2009-12-01

Compared to traditional research methods, using the Internet to conduct research offers a number of advantages to the researcher, which include increased access to sensitive issues and vulnerable / hidden populations; decreased data entry time requirements; and enhanced data accuracy. However, Internet research also presents certain challenges to the researcher. In this article, the advantages and challenges of Internet research methods are discussed in four principle issue areas: (a) recruitment, (b) data quality, (c) practicality, and (d) ethics. Nursing researchers can overcome problems related to sampling bias and data truthfulness using creative methods; resolve technical problems through collaboration with other disciplines; and protect participant's privacy, confidentiality and data security by maintaining a high level of vigilance. Once such issues have been satisfactorily addressed, the Internet should open a new window for Taiwan nursing research.

Army Communicator. Volume 28, Number 1, Spring 2003

DTIC Science & Technology

2003-01-01

SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT Same as Report (SAR) 18. NUMBER OF PAGES 72 19a. NAME OF RESPONSIBLE PERSON ...does business to meet these requirements and the growing expectations from the president and his staff for instantaneous, global, secure , reliable and...by COL Tim Gibson Do you have access to a secure Internet-protocol router network terminal on a regular basis? If you answered yes, you’re wrong

Secure Networks for First Responders and Special Forces

NASA Technical Reports Server (NTRS)

2005-01-01

When NASA needed help better securing its communications with orbiting satellites, the Agency called on Western DataCom Co., Inc., to help develop a prototype Internet Protocol (IP) router. Westlake, Ohio-based Western DataCom designs, develops, and manufactures hardware that secures voice, video, and data transmissions over any IP-based network. The technology that it jointly developed with NASA is now serving as a communications solution in military and first-response situations.

Structural Causes and Cyber Effects: A Response to Our Critics

DTIC Science & Technology

2015-01-01

the incident, saying “North Korea’s attack on [Sony] reaf- firms that cyber threats pose one of the gravest national security dangers to the United...around the world to strengthen cyber - security , promote norms of acceptable state behavior, uphold freedom of expression, and ensure that the Internet... cyber working group that made progress toward “interna- tional cyberspace rules, and measures to boost dialogue and cooperation on cyber security .”15

Multicultural Resources on the Internet: An Introduction.

ERIC Educational Resources Information Center

Jacobson, Trudi E.

1995-01-01

Explores the Internet system and Internet resources for particular culture groups. The author provides some Internet definitions as well as descriptions of available resources listed by cultural group including resources for African American, Chicano/Latino, Native American, Middle Eastern/Jewish/Islamic, and Asian American/Asian people. (GR)

On Using Home Networks and Cloud Computing for a Future Internet of Things

NASA Astrophysics Data System (ADS)

Niedermayer, Heiko; Holz, Ralph; Pahl, Marc-Oliver; Carle, Georg

In this position paper we state four requirements for a Future Internet and sketch our initial concept. The requirements: (1) more comfort, (2) integration of home networks, (3) resources like service clouds in the network, and (4) access anywhere on any machine. Future Internet needs future quality and future comfort. There need to be new possiblities for everyone. Our focus is on higher layers and related to the many overlay proposals. We consider them to run on top of a basic Future Internet core. A new user experience means to include all user devices. Home networks and services should be a fundamental part of the Future Internet. Home networks extend access and allow interaction with the environment. Cloud Computing can provide reliable resources beyond local boundaries. For access anywhere, we also need secure storage for data and profiles in the network, in particular for access with non-personal devices (Internet terminal, ticket machine, ...).

XNsim: Internet-Enabled Collaborative Distributed Simulation via an Extensible Network

NASA Technical Reports Server (NTRS)

Novotny, John; Karpov, Igor; Zhang, Chendi; Bedrossian, Nazareth S.

2007-01-01

In this paper, the XNsim approach to achieve Internet-enabled, dynamically scalable collaborative distributed simulation capabilities is presented. With this approach, a complete simulation can be assembled from shared component subsystems written in different formats, that run on different computing platforms, with different sampling rates, in different geographic locations, and over singlelmultiple networks. The subsystems interact securely with each other via the Internet. Furthermore, the simulation topology can be dynamically modified. The distributed simulation uses a combination of hub-and-spoke and peer-topeer network topology. A proof-of-concept demonstrator is also presented. The XNsim demonstrator can be accessed at http://www.jsc.draver.corn/xn that hosts various examples of Internet enabled simulations.

A REST-ful interpretation for embedded modular systems based on open architecture

NASA Astrophysics Data System (ADS)

Lyke, James

2016-05-01

The much-anticipated revolution of the "Internet of things" (IoT) is expected to generate one trillion internet devices within the next 15 years, mostly in the form of simple wireless sensor devices. While this revolution promises to transform silicon markets and drive a number of disruptive changes in society, it is also the case that the protocols, complexity, and security issues of extremely large dynamic, co-mingled networks is still poorly understood. Furthermore, embedded system developers, to include military and aerospace users, have largely ignored the potential (good and bound) of the cloudlike, possibly intermingling networks having variable structure to how future systems might be engineered. In this paper, we consider a new interpretation of IoT inspired modular architecture strategies involving the representational state transfer (REST) model, in which dynamic networks with variable structure employ stateless application programming interface (API) concepts. The power of the method, which extends concepts originally developed for space plug-and-play avionics, is that it allows for the fluid co-mingling of hardware and software in networks whose structure can overlap and evolve. Paradoxically, these systems may have the most stringent determinism and fault-tolerant needs. In this paper we review how RESTful APIs can potentially be used to design, create, test, and deploy systems rapidly while addressing security and referential integrity even when the nodes of many systems might physically co-mingle. We will also explore ways to take advantage of the RESTful paradigm for fault tolerance and what extensions might be necessary to deal with high-performance and determinism.

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

Hospital marketing and the Internet: revisited.

PubMed

Shepherd, C D; Fell, D

1998-01-01

In 1995 a study was conducted to explore the use of the Internet in hospital marketing. Use of the Internet has exploded since that study was published. This manuscript replicates the 1995 study and extends it by investigating several managerial and operational issues concerning the use of the Internet in hospital marketing.

How to Protect Children from Internet Predators: A Phenomenological Study

ERIC Educational Resources Information Center

Alexander, Rodney T.

2012-01-01

Teenage Internet users are the fastest growing segment in the Internet user population. These teenagers are at risk of sexual assault from Internet predators. This phenomenological study explored teacher and counselors' perceptions of how to prevent this sexual assault. Twenty-five teacher and counselor participants were interviewed. A…

Student Use of the Internet

ERIC Educational Resources Information Center

Malaney, Gary D.

2004-01-01

This article explores Internet use among undergraduates, especially at one public research university where researchers have studied students' self-reported Internet use for several years. Analysis of data from a survey administered to 490 undergraduates in Fall 2000 and a survey of 593 undergraduates in Fall 2003 revealed that Internet use is…

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.