28 CFR 501.2 - National security cases.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 28 Judicial Administration 2 2013-07-01 2013-07-01 false National security cases. 501.2 Section 501.2 Judicial Administration BUREAU OF PRISONS, DEPARTMENT OF JUSTICE GENERAL MANAGEMENT AND ADMINISTRATION SCOPE OF RULES § 501.2 National security cases. (a) Upon direction of the Attorney General, the...

28 CFR 501.2 - National security cases.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 28 Judicial Administration 2 2011-07-01 2011-07-01 false National security cases. 501.2 Section 501.2 Judicial Administration BUREAU OF PRISONS, DEPARTMENT OF JUSTICE GENERAL MANAGEMENT AND ADMINISTRATION SCOPE OF RULES § 501.2 National security cases. (a) Upon direction of the Attorney General, the...

28 CFR 501.2 - National security cases.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 28 Judicial Administration 2 2010-07-01 2010-07-01 false National security cases. 501.2 Section 501.2 Judicial Administration BUREAU OF PRISONS, DEPARTMENT OF JUSTICE GENERAL MANAGEMENT AND ADMINISTRATION SCOPE OF RULES § 501.2 National security cases. (a) Upon direction of the Attorney General, the...

Homeland Security Presidential Directives

EPA Pesticide Factsheets

Three of these directives directly affect EPA's role in the national emergency response system: HSPD-5 Management of Domestic Incidents; HSPD-7 Critical Infrastructure Identification, Prioritization, and Protection; and HSPD-8 National Preparedness.

Recovery and money management.

PubMed

Rowe, Michael; Serowik, Kristin L; Ablondi, Karen; Wilber, Charles; Rosen, Marc I

2013-06-01

Social recovery and external money management are important approaches in contemporary mental health care, but little research has been done on the relationship between the two or on application of recovery principles to money management for people at risk of being assigned a representative payee or conservator. Out of 49 total qualitative interviews, 25 transcripts with persons receiving Social Security insurance or Social Security disability insurance who were at risk of being assigned a money manager were analyzed to assess the presence of recognized recovery themes. The recovery principles of self-direction and responsibility were strong themes in participant comments related to money management. Money management interventions should incorporate peoples' recovery-related motivations to acquire financial management skills as a means to direct and assume responsibility for one's finances. Staff involved in money management should receive training to support client's recovery-related goals. (PsycINFO Database Record (c) 2013 APA, all rights reserved).

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

NASA Astrophysics Data System (ADS)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

41 CFR 101-25.101-3 - Supply through consolidated purchase for direct delivery to use points.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Property Management Federal Property Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS... to assure adequate supply. (4) Where contracts for production quantities are necessary to secure...

41 CFR 101-25.101-3 - Supply through consolidated purchase for direct delivery to use points.

Code of Federal Regulations, 2014 CFR

2014-07-01

... Property Management Federal Property Management Regulations System FEDERAL PROPERTY MANAGEMENT REGULATIONS... to assure adequate supply. (4) Where contracts for production quantities are necessary to secure...

Food security is related to adult type 2 diabetes control over time in a United States safety net primary care clinic population.

PubMed

Shalowitz, M U; Eng, J S; McKinney, C O; Krohn, J; Lapin, B; Wang, C-H; Nodine, E

2017-05-15

Successful Type 2 diabetes management requires adopting a high nutrient-density diet made up of food items that both meet dietary needs and preferences and can be feasibly obtained on a regular basis. However, access to affordable, nutrient-dense foods often is lacking in poorer neighbourhoods. Therefore, low food security should directly impair glucose control, even when patients have full access to and utilize comprehensive medical management. The present study sought to determine whether food security is related longitudinally to glucose control, over-and-above ongoing medication management, among Type 2 diabetes patients receiving comprehensive care at a Midwestern multi-site federally qualified health centre (FQHC). In this longitudinal observational study, we completed a baseline assessment of patients' food security (using the US Household Food Security Module), demographics (via Census items), and diabetes history/management (using a structured clinical encounter form) when patients began receiving diabetes care at the health centre. We then recorded those patients' A1C levels several times during a 24-month follow-up period. Three hundred and ninety-nine patients (56% with low food security) had a baseline A1c measurement; a subsample of 336 (median age=52 years; 56% female; 60% Hispanic, 27% African American, and 9% White) also had at least one follow-up A1c measurement. Patients with lower (vs higher) food security were more likely to be on insulin and have higher A1c levels at baseline. Moreover, the disparity in glucose control by food security status persisted throughout the next 2 years. Although results were based on one multi-site FQHC, potentially limiting their generalizability, they seem to suggest that among Type 2 diabetes patients, low food security directly impairs glucose control-even when patients receive full access to comprehensive medical management-thereby increasing their long-term risks of high morbidity, early mortality, and high health-care utilization and cost.

17 CFR 270.12b-1 - Distribution of shares by registered open-end management investment company.

Code of Federal Regulations, 2011 CFR

2011-04-01

...) Except as provided in this section, it shall be unlawful for any registered open-end management.... 80a-10(d))) to act as a distributor of securities of which it is the issuer, except through an... securities of which it is the issuer, other than through an underwriter, if it engages directly or indirectly...

The Department of Defense Information Security Process: A Study of Change Acceptance and Past-Performance-Based Outsourcing

ERIC Educational Resources Information Center

Hackney, Dennis W. G.

2011-01-01

Subchapter III of Chapter 35 of Title 44, United States Code, Federal Information Security Management Act of 2002; Department of Defense (DoD) Directive 8500.01E, Information Assurance, October 24, 2002; DoD Directive 8100.1, Global Information Grid Overarching Policy, September 19, 2002; and DoD Instruction 8500.2, Information Assurance…

76 FR 37403 - Treasury International Capital Form SLT: Report of Aggregate Holdings of Long-Term Securities by...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-27

... reporting entity's own account and for customers. The reporting entity should include reportable securities....- resident end-investor. Securities held as part of a direct investment relationship should not be reported... Management and Budget (OMB) in accordance with the Paperwork Reduction Act and assigned control number 1505...

75 FR 14179 - Agency Information Collection Activities: Form I-9 CNMI; Revision to an Existing Information...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-24

... DEPARTMENT OF HOMELAND SECURITY U.S. Citizenship and Immigration Services [OMB Control No. 1615... Employment Eligibility Verification; OMB Control No. 1615- 0112. The Department of Homeland Security, U.S..., should be directed to the Department of Homeland Security (DHS), and to the Office of Management and...

75 FR 33821 - Recovery Policy RP9524.10; Direct Disaster-Related Damage to Eligible Facilities

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-15

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID FEMA-2010-0024] Recovery Policy RP9524.10; Direct Disaster-Related Damage to Eligible Facilities AGENCY: Federal Emergency Management Agency, DHS. ACTION: Notice of availability; request for comments. SUMMARY: The Federal Emergency...

The Document Management Alliance.

ERIC Educational Resources Information Center

Fay, Chuck

1998-01-01

Describes the Document Management Alliance, a standards effort for document management systems that manages and tracks changes to electronic documents created and used by collaborative teams, provides secure access, and facilitates online information retrieval via the Internet and World Wide Web. Future directions are also discussed. (LRW)

49 CFR 8.7 - Spheres of responsibility.

Code of Federal Regulations, 2010 CFR

2010-10-01

... assisted by the Director of Security and Administrative Management, who, in addition to other actions... 12968, Office of Management and Budget Directives, the regulations in this part, and related issuances...

5 CFR 9901.351 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF DEFENSE HUMAN RESOURCES MANAGEMENT AND LABOR RELATIONS SYSTEMS (DEPARTMENT OF DEFENSE-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF DEFENSE NATIONAL SECURITY PERSONNEL SYSTEM... § 9901.354) in an NSPS position from a GS or FWS position through a management-directed action (except...

Device interoperability and authentication for telemedical appliance based on the ISO/IEEE 11073 Personal Health Device (PHD) Standards.

PubMed

Caranguian, Luther Paul R; Pancho-Festin, Susan; Sison, Luis G

2012-01-01

In this study, we focused on the interoperability and authentication of medical devices in the context of telemedical systems. A recent standard called the ISO/IEEE 11073 Personal Health Device (X73-PHD) Standards addresses the device interoperability problem by defining common protocols for agent (medical device) and manager (appliance) interface. The X73-PHD standard however has not addressed security and authentication of medical devices which is important in establishing integrity of a telemedical system. We have designed and implemented a security policy within the X73-PHD standards. The policy will enable device authentication using Asymmetric-Key Cryptography and the RSA algorithm as the digital signature scheme. We used two approaches for performing the digital signatures: direct software implementation and use of embedded security modules (ESM). The two approaches were evaluated and compared in terms of execution time and memory requirement. For the standard 2048-bit RSA, ESM calculates digital signatures only 12% of the total time for the direct implementation. Moreover, analysis shows that ESM offers more security advantage such as secure storage of keys compared to using direct implementation. Interoperability with other systems was verified by testing the system with LNI Healthlink, a manager software that implements the X73-PHD standard. Lastly, security analysis was done and the system's response to common attacks on authentication systems was analyzed and several measures were implemented to protect the system against them.

How to Secure and Manage Foundation and Federal Funds in the 1980's.

ERIC Educational Resources Information Center

Lawe, Theodore M.

Directed toward groups, organizations, and programs dependent on effective fund raising, this book views the grant management responsibility as an extension of fund-raising and offers advice on how to be successful at grant management. Such topics as grant program organization, management strategies, fiscal controls, monitoring, reporting and…

Safe teleradiology: information assurance as project planning methodology.

PubMed

Collmann, Jeff; Alaoui, Adil; Nguyen, Dan; Lindisch, David

2005-01-01

The Georgetown University Medical Center Department of Radiology used a tailored version of OCTAVE, a self-directed information security risk assessment method, to design a teleradiology system that complied with the regulation implementing the security provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The system addressed threats to and vulnerabilities in the privacy and security of protected health information. By using OCTAVE, Georgetown identified the teleradiology program's critical assets, described threats to the assurance of those assets, developed and ran vulnerability scans of a system pilot, evaluated the consequences of security breaches, and developed a risk management plan to mitigate threats to program assets, thereby implementing good information assurance practices. This case study illustrates the basic point that prospective, comprehensive planning to protect the privacy and security of an information system strategically benefits program management as well as system security.

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

PubMed Central

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-01-01

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

PubMed

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-12-04

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

5 CFR 9701.601 - Purpose.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF... MANAGEMENT SYSTEM Adverse Actions General § 9701.601 Purpose. This subpart contains regulations prescribing..., or removed. DHS may issue implementing directives to carry out the provisions of this subpart. ...

5 CFR 9701.601 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF... MANAGEMENT SYSTEM Adverse Actions General § 9701.601 Purpose. This subpart contains regulations prescribing..., or removed. DHS may issue implementing directives to carry out the provisions of this subpart. ...

Security in the Cache and Forward Architecture for the Next Generation Internet

NASA Astrophysics Data System (ADS)

Hadjichristofi, G. C.; Hadjicostis, C. N.; Raychaudhuri, D.

The future Internet architecture will be comprised predominately of wireless devices. It is evident at this stage that the TCP/IP protocol that was developed decades ago will not properly support the required network functionalities since contemporary communication profiles tend to be data-driven rather than host-based. To address this paradigm shift in data propagation, a next generation architecture has been proposed, the Cache and Forward (CNF) architecture. This research investigates security aspects of this new Internet architecture. More specifically, we discuss content privacy, secure routing, key management and trust management. We identify security weaknesses of this architecture that need to be addressed and we derive security requirements that should guide future research directions. Aspects of the research can be adopted as a step-stone as we build the future Internet.

CERT Resilience Management Model: A Maturity Model Approach to Managing Operational Resilience

DTIC Science & Technology

2010-07-28

manufacturing, and energy 8 years @ SEI concentrating in information security risk management BS-Accounting; MBA Frequent lecturer in Carnegie...impact Move all operational risk management activities in the same direction Optimize cost/effectiveness Meet mission no-matter-what How do you...processes Effective operational risk management requires harmonization: convergence of these activities working toward the same goals Operational

The Integration of It Governance, Information Security Leadership and Strategic Alignment in Healthcare: A Correlational Study

ERIC Educational Resources Information Center

Taft, Tiffany H.

2017-01-01

This dissertation is a study of the relationship between Information Technology Governance (ITG), information security leadership, and strategic alignment within a healthcare organization. Strong organizational leadership and adherence to the process are vital to the formulation and management of performance and implementation of key directives.…

Sandia National Laboratories: About Sandia: Leadership

Science.gov Websites

Working With Sandia Working With Sandia Prospective Suppliers What Sandia Looks For In Our Suppliers What provides leadership and management direction for the safe, secure execution of all Sandia missions. View implement the Labs Director's strategic vision for safe, secure operations at Sandia. View full biography

Managing Written Directives: A Software Solution to Streamline Workflow.

PubMed

Wagner, Robert H; Savir-Baruch, Bital; Gabriel, Medhat S; Halama, James R; Bova, Davide

2017-06-01

A written directive is required by the U.S. Nuclear Regulatory Commission for any use of 131 I above 1.11 MBq (30 μCi) and for patients receiving radiopharmaceutical therapy. This requirement has also been adopted and must be enforced by the agreement states. As the introduction of new radiopharmaceuticals increases therapeutic options in nuclear medicine, time spent on regulatory paperwork also increases. The pressure of managing these time-consuming regulatory requirements may heighten the potential for inaccurate or incomplete directive data and subsequent regulatory violations. To improve on the paper-trail method of directive management, we created a software tool using a Health Insurance Portability and Accountability Act (HIPAA)-compliant database. This software allows for secure data-sharing among physicians, technologists, and managers while saving time, reducing errors, and eliminating the possibility of loss and duplication. Methods: The software tool was developed using Visual Basic, which is part of the Visual Studio development environment for the Windows platform. Patient data are deposited in an Access database on a local HIPAA-compliant secure server or hard disk. Once a working version had been developed, it was installed at our institution and used to manage directives. Updates and modifications of the software were released regularly until no more significant problems were found with its operation. Results: The software has been used at our institution for over 2 y and has reliably kept track of all directives. All physicians and technologists use the software daily and find it superior to paper directives. They can retrieve active directives at any stage of completion, as well as completed directives. Conclusion: We have developed a software solution for the management of written directives that streamlines and structures the departmental workflow. This solution saves time, centralizes the information for all staff to share, and decreases confusion about the creation, completion, filing, and retrieval of directives. © 2017 by the Society of Nuclear Medicine and Molecular Imaging.

Remodeling: A Way to Strengthen the Department of Homeland Security Internal Management and Partnering Capability

DTIC Science & Technology

2013-05-24

Secretary of Homeland Security also has the responsibility for establishing International Security Cooperation with the countries of Canada and Mexico ...and goals”84 to improve its culture and morale issues. However, further study is required to determine ways to: de -conflict the overlap of...National Preparedness Description is one of the requirements for Presidental Policy Directive-8. 55 the Joint Staff integrates internal and external

Leveraging Safety Programs to Improve and Support Security Programs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Leach, Janice; Snell, Mark K.; Pratt, R.

2015-10-01

There has been a long history of considering Safety, Security, and Safeguards (3S) as three functions of nuclear security design and operations that need to be properly and collectively integrated with operations. This paper specifically considers how safety programmes can be extended directly to benefit security as part of an integrated facility management programme. The discussion will draw on experiences implementing such a programme at Sandia National Laboratories’ Annular Research Reactor Facility. While the paper focuses on nuclear facilities, similar ideas could be used to support security programmes at other types of high-consequence facilities and transportation activities.

Garnering Support

ERIC Educational Resources Information Center

Kincaid, Douglas W.; Dillinger, Eric T.; Clayton, Michael

2006-01-01

Maintenance and operations (M&O) requirements dominate the life-cycle cost of a school facility. Historically, facility managers have struggled to secure funding to meet these requirements. Many deferred-maintenance issues result directly from M&O underfunding. However, new approaches and technologies now enable facility managers to use…

Development and Management of University Research Groups.

ERIC Educational Resources Information Center

Smith, Robert V.

Guidelines for managers of university research groups cover securing resources, personnel, and services and choosing collaborators, as well as organizing, supervising, and controlling research activities. Attention is directed to: orientation of personnel; reporting mechanisms; boosting morale; the needs of different personnel; handling travel,…

Metering Best Practices, A Guide to Achieving Utility Resource Efficiency, Release 2.0

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sullivan, Greg; Hunt, W. D.; Pugh, Ray

2011-08-31

This release is an update and expansion of the information provided in Release 1.0 of the Metering Best Practice Guide that was issued in October 2007. This release, as was the previous release, was developed under the direction of the U.S. Department of Energy's Federal Energy Management Program (FEMP). The mission of FEMP is to facilitate the Federal Government's implementation of sound cost-effective energy management and investment practices to enhance the nation's energy security and environmental stewardship. Each of these activities is directly related to achieving requirements set forth in the Energy Policy Acts of 1992 and 2005, the Energymore » Independence and Security Act (EISA) of 2007, and the goals that have been established in Executive Orders 13423 and 13514 - and also those practices that are inherent in sound management of Federal financial and personnel resources.« less

76 FR 28315 - Security Zone; Vessels Carrying Hazardous Cargo, Sector Columbia River Captain of the Port Zone

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-17

..., but are not limited to, liquefied petroleum gas, ammonium nitrate and associated mixtures, anhydrous... Department of Homeland Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide... accordance with the general regulations in 33 CFR part 165, Subpart D, no person or vessel may enter or...

NRL Fact Book

DTIC Science & Technology

1983-03-01

Mr. W.S. Kratz BMC M.R. Fishe Mr. R.G. Trott Administrative Officer Security Officer r Operations Officer Facilities Manager and Head, Maintenance and...Division 20 Financial Management Division 22 Management Information Division 24 Civilian Personnel Division 26 THE TECHNICAL SERVICES DIRECTORATE 29 Office...the neighborhood of 3200. The overall management of the Laboratory is under the direction of a Naval Commanding Officer -nd a civilian Director of

A Humanistic Approach to Emotional Risk Management.

ERIC Educational Resources Information Center

Rubendall, Robert L.

Adventure programs attempt to control or limit injuries in high-risk programming. This risk management has concentrated on the physical safety of participants at the expense of emotional and developmental security. In the zeal for accident-free statistics, a highly controlled, directive approach is created that treats individuals according to a…

DOE Office of Scientific and Technical Information (OSTI.GOV)

Morris, John; Gilchrist, Phillip Charles

Processes, systems, devices, and articles of manufacture are provided. Each may include adapting micro-inverters initially configured for frame-mounting to mounting on a frameless solar panel. This securement may include using an adaptive clamp or several adaptive clamps secured to a micro-inverter or its components, and using compressive forces applied directly to the solar panel to secure the adaptive clamp and the components to the solar panel. The clamps can also include compressive spacers and safeties for managing the compressive forces exerted on the solar panels. Friction zones may also be used for managing slipping between the clamp and the solarmore » panel during or after installation. Adjustments to the clamps may be carried out through various means and by changing the physical size of the clamps themselves.« less

The Role of Healthcare Technology Management in Facilitating Medical Device Cybersecurity.

PubMed

Busdicker, Mike; Upendra, Priyanka

2017-09-02

This article discusses the role of healthcare technology management (HTM) in medical device cybersecurity and outlines concepts that are applicable to HTM professionals at a healthcare delivery organization or at an integrated delivery network, regardless of size. It provides direction for HTM professionals who are unfamiliar with the security aspects of managing healthcare technologies but are familiar with standards from The Joint Commission (TJC). It provides a useful set of recommendations, including relevant references for incorporating good security practices into HTM practice. Recommendations for policies, procedures, and processes referencing TJC standards are easily applicable to HTM departments with limited resources and to those with no resource concerns. The authors outline processes from their organization as well as best practices learned through information sharing at AAMI, National Health Information Sharing and Analysis Center (NH-ISAC), and Medical Device Innovation, Safety, and Security Consortium (MDISS) conferences and workshops.

Geospatial Informational Security Risks and Concerns of the U.S. Air Force GeoBase Program

DTIC Science & Technology

2007-03-01

multiple governmental directives such as the Government Performance and Results Act (GPRA), Paperwork Reduction Act (PRA), and Office of Management and... governments , non- governmental organizations (NGOs), universities, and commercial sector contractors (Lachman, 2006). One command noted that over...Defense, or the United States Government . AFIT/GEM/ENV/07-M1 GEOSPATIAL INFORMATIONAL SECURITY RISKS AND CONCERNS OF THE UNITED STATES

Secure Multicast Tree Structure Generation Method for Directed Diffusion Using A* Algorithms

NASA Astrophysics Data System (ADS)

Kim, Jin Myoung; Lee, Hae Young; Cho, Tae Ho

The application of wireless sensor networks to areas such as combat field surveillance, terrorist tracking, and highway traffic monitoring requires secure communication among the sensor nodes within the networks. Logical key hierarchy (LKH) is a tree based key management model which provides secure group communication. When a sensor node is added or evicted from the communication group, LKH updates the group key in order to ensure the security of the communications. In order to efficiently update the group key in directed diffusion, we propose a method for secure multicast tree structure generation, an extension to LKH that reduces the number of re-keying messages by considering the addition and eviction ratios of the history data. For the generation of the proposed key tree structure the A* algorithm is applied, in which the branching factor at each level can take on different value. The experiment results demonstrate the efficiency of the proposed key tree structure against the existing key tree structures of fixed branching factors.

Investigating Positive Psychology Approaches in Case Management and Residential Programming with Incarcerated Youth

ERIC Educational Resources Information Center

Cross, Lara E.; Morrison, William; Peterson, Patricia; Domene, Jose F.

2012-01-01

This article examines how a rural Canadian secure custody facility for youth implemented positive psychology principles in its case management protocols and residential programming. A directed content analysis design was utilized to identify specific factors of positive psychology in the facility's policy and programming manual, as well as in…

76 FR 41314 - Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-13

... Management and Budget for extension and approval for Rule 10b-17 (17 CFR 240.10b-17)-- Untimely Announcements... display a valid Office of Management and Budget (OMB) control number. Please direct your written comments... of securities: (1) A dividend or other distribution in cash or in kind other than interest payments...

5 CFR 1312.4 - Classified designations.

Code of Federal Regulations, 2014 CFR

2014-01-01

... describe. (3) Confidential. This classification shall be applied only to information the unauthorized... 1312.4 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.4 - Classified designations.

Code of Federal Regulations, 2012 CFR

2012-01-01

... describe. (3) Confidential. This classification shall be applied only to information the unauthorized... 1312.4 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.4 - Classified designations.

Code of Federal Regulations, 2013 CFR

2013-01-01

... describe. (3) Confidential. This classification shall be applied only to information the unauthorized... 1312.4 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

77 FR 3483 - National Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2012-01-24

... and Mitigation. The NAC will discuss the Presidential Policy Directive 8 (PPD-8) on National... Topics in Emergency Management during lunch, scheduled for 12:20 p.m. PST to 1:20 p.m. PST. PPD-8, signed... the Nation to achieve the goal. PPD-8 replaces Homeland Security Presidential Directive 8 (HSPD-8) and...

5 CFR 1312.2 - Responsibilities.

Code of Federal Regulations, 2014 CFR

2014-01-01

..., and Confidential original classification authority. (b) Heads of divisions or offices. The head of... Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National...

5 CFR 1312.2 - Responsibilities.

Code of Federal Regulations, 2013 CFR

2013-01-01

..., and Confidential original classification authority. (b) Heads of divisions or offices. The head of... Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National...

5 CFR 1312.2 - Responsibilities.

Code of Federal Regulations, 2012 CFR

2012-01-01

..., and Confidential original classification authority. (b) Heads of divisions or offices. The head of... Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National...

Multinational Experiment 7. Outcome 3 - Cyber Domain Objective 3.4: Cyber Situational Awareness Standard Operating Procedure

DTIC Science & Technology

2012-12-01

and activity coordination (for example, SOC management ). 10. In Reference D the information sharing framework represents a hub & node model in... management , vulnerabilities, critical assets, threats, impacts on operations etc. UNCLASSIFIED UNCLASSIFIED 6 PART 3 - CYBER SITUATIONAL AWARENESS...limit the effect of cyber incidents. 23. Tasks of the SOC include: • System maintenance and management including applying the directed security

Who Should Have the Hammer? Leadership of SSTR Planning and Operations

DTIC Science & Technology

2009-10-23

Security Presidential Directive/NSPD-44 was produced which clarified governmental management of reconstruction and stabilization efforts. 1 Additionally...President, “ Management of Interagency Efforts Concerning Reconstruction and Stabilization, pp. 1 2 U.S. Department of Defense, DoDD 3000.05, pp.1 3 U.S...from regional and local State personnel, and conditional stand up of teams within the Interagency Management System. 16 Defense Department guidance

17 CFR 260.0-2 - Definitions of terms used in the rules and regulations.

Code of Federal Regulations, 2012 CFR

2012-04-01

...) Electronic filing. The term electronic filing means a document under the federal securities laws that is... “control” means the power to direct the management and policies of a person, directly or through one or...) Electronic filer. The term electronic filer means a person or an entity that submits filings electronically...

17 CFR 260.0-2 - Definitions of terms used in the rules and regulations.

Code of Federal Regulations, 2011 CFR

2011-04-01

...) Electronic filing. The term electronic filing means a document under the federal securities laws that is... “control” means the power to direct the management and policies of a person, directly or through one or...) Electronic filer. The term electronic filer means a person or an entity that submits filings electronically...

17 CFR 260.0-2 - Definitions of terms used in the rules and regulations.

Code of Federal Regulations, 2010 CFR

2010-04-01

...) Electronic filing. The term electronic filing means a document under the federal securities laws that is... “control” means the power to direct the management and policies of a person, directly or through one or...) Electronic filer. The term electronic filer means a person or an entity that submits filings electronically...

17 CFR 260.0-2 - Definitions of terms used in the rules and regulations.

Code of Federal Regulations, 2013 CFR

2013-04-01

...) Electronic filing. The term electronic filing means a document under the federal securities laws that is... “control” means the power to direct the management and policies of a person, directly or through one or...) Electronic filer. The term electronic filer means a person or an entity that submits filings electronically...

17 CFR 260.0-2 - Definitions of terms used in the rules and regulations.

Code of Federal Regulations, 2014 CFR

2014-04-01

...) Electronic filing. The term electronic filing means a document under the federal securities laws that is... “control” means the power to direct the management and policies of a person, directly or through one or...) Electronic filer. The term electronic filer means a person or an entity that submits filings electronically...

5 CFR 1312.3 - Classification requirements.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Classification requirements. 1312.3 Section 1312.3 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.7 - Derivative classification.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 5 Administrative Personnel 3 2014-01-01 2014-01-01 false Derivative classification. 1312.7 Section 1312.7 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.3 - Classification requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 5 Administrative Personnel 3 2012-01-01 2012-01-01 false Classification requirements. 1312.3 Section 1312.3 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.7 - Derivative classification.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 5 Administrative Personnel 3 2012-01-01 2012-01-01 false Derivative classification. 1312.7 Section 1312.7 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.7 - Derivative classification.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Derivative classification. 1312.7 Section 1312.7 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.3 - Classification requirements.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 5 Administrative Personnel 3 2014-01-01 2014-01-01 false Classification requirements. 1312.3 Section 1312.3 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.3 - Classification requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Classification requirements. 1312.3 Section 1312.3 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.7 - Derivative classification.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Derivative classification. 1312.7 Section 1312.7 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.3 - Classification requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Classification requirements. 1312.3 Section 1312.3 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

5 CFR 1312.2 - Responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Responsibilities. 1312.2 Section 1312.2 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National...

Micro-Controllable, Multi-Functional Interface Module for Digital MP: A Wearable Computer Security Application

DTIC Science & Technology

2004-05-01

Army Soldier System Command: http://www.natick.armv.mil Role Name Facial Recognition Program Manager, Army Technical Lead Mark Chandler...security force with a facial recognition system. Mike Holloran, technology officer with the 6 Fleet, directed LCDR Hoa Ho and CAPT(s) Todd Morgan to...USN 6th Fleet was accomplished with the admiral expressing his support for continuing the evaluation of the a facial recognition system. This went

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines.

PubMed

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-07-11

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs) as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Network (WSN) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs.

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines

PubMed Central

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-01-01

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs)as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Networks (WSNs) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs. PMID:28696390

5 CFR 1312.6 - Duration of classification.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Duration of classification. 1312.6 Section 1312.6 Administrative Personnel OFFICE OF MANAGEMENT AND BUDGET OMB DIRECTIVES CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and...

Sandia National Laboratories: News: Image Gallery

Science.gov Websites

Environmental Management System Pollution Prevention History 60 impacts Diversity Locations Facts & Figures Programs Nuclear Weapons About Nuclear Weapons Safety & Security Weapons Science & Technology Robotics R&D 100 Awards Laboratory Directed Research & Development Technology Deployment Centers

Operations & Maintenance Best Practices - A Guide to Achieving Operational Efficiency Release 3.0

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

This Operations and Maintenance (O&M) Best Practices Guide was developed under the direction of the U.S. Department of Energy’s Federal Energy Management Program (FEMP). The mission of FEMP is to facilitate the Federal Government’s implementation of sound, cost effective energy management and investment practices to enhance the nation’s energy security and environmental stewardship.

IT-security challenges in IoT environments and autonomous systems

NASA Astrophysics Data System (ADS)

Heun, Ulrich

2017-05-01

Internet of Things will open the digital world for future services working across company borders. Together with autonomous systems intelligent things will communicate and work together without direct influence of human technicians or service managers. IT-security will become one of the most important challenges to ensure a stable service performance and to provide a trustful environment to let people use such service without any concerns regarding data privacy and eligibility of the outcomes.

78 FR 32121 - When Pigs Fly Fireworks Display; San Diego, CA

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-29

... Act (APA) (5 U.S.C. 553(b)). This provision authorizes an agency to issue a rule without prior notice... Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide the Coast Guard in...

77 FR 69388 - Safety Zone; Water Main Crossing; Choctawhatchee Bay; Santa Rosa Beach, FL

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-19

... to authority the Administrative Procedure Act (APA) (5 U.S.C. 533(d)). This provision authorizes an... Department of Homeland Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide...

44 CFR 352.1 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... boundaries. (q) Command and control means making and issuing protective action decisions and directing... 44 Emergency Management and Assistance 1 2010-10-01 2010-10-01 false Definitions. 352.1 Section... SECURITY PREPAREDNESS COMMERCIAL NUCLEAR POWER PLANTS: EMERGENCY PREPAREDNESS PLANNING § 352.1 Definitions...

Correlation Research of Medical Security Management System Network Platform in Medical Practice

NASA Astrophysics Data System (ADS)

Jie, Wang; Fan, Zhang; Jian, Hao; Li-nong, Yu; Jun, Fei; Ping, Hao; Ya-wei, Shen; Yue-jin, Chang

Objective-The related research of medical security management system network in medical practice. Methods-Establishing network platform of medical safety management system, medical security network host station, medical security management system(C/S), medical security management system of departments and sections, comprehensive query, medical security disposal and examination system. Results-In medical safety management, medical security management system can reflect the hospital medical security problem, and can achieve real-time detection and improve the medical security incident detection rate. Conclusion-The application of the research in the hospital management implementation, can find hospital medical security hidden danger and the problems of medical disputes, and can help in resolving medical disputes in time and achieve good work efficiency, which is worth applying in the hospital practice.

32 CFR 2001.71 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-07-01

..., specialized training, and termination briefings. This subpart establishes fundamental security education and... authorities, security managers, classification management officers, security specialists, and all other.... Classification management officers, security managers, security specialists, declassification authorities, and...

Security policies and trust in ubiquitous computing.

PubMed

Joshi, Anupam; Finin, Tim; Kagal, Lalana; Parker, Jim; Patwardhan, Anand

2008-10-28

Ubiquitous environments comprise resource-constrained mobile and wearable devices and computational elements embedded in everyday artefacts. These are connected to each other using both infrastructure-based as well as short-range ad hoc networks. Limited Internet connectivity limits the use of conventional security mechanisms such as public key infrastructures and other forms of server-centric authentication. Under these circumstances, peer-to-peer interactions are well suited for not just information interchange, but also managing security and privacy. However, practical solutions for protecting mobile devices, preserving privacy, evaluating trust and determining the reliability and accuracy of peer-provided data in such interactions are still in their infancy. Our research is directed towards providing stronger assurances of the reliability and trustworthiness of information and services, and the use of declarative policy-driven approaches to handle the open and dynamic nature of such systems. This paper provides an overview of some of the challenges and issues, and points out directions for progress.

Homeland security and public health: role of the Department of Veterans Affairs, the US Department of Homeland Security, and implications for the public health community.

PubMed

Koenig, Kristi L

2003-01-01

The terrorist attacks of 11 September 2001 led to the largest US Government transformation since the formation of the Department of Defense following World War II. More than 22 different agencies, in whole or in part, and >170,000 employees were reorganized to form a new Cabinet-level Department of Homeland Security (DHS), with the primary mission to protect the American homeland. Legislation enacted in November 2002 transferred the entire Federal Emergency Management Agency and several Department of Health and Human Services (HHS) assets to DHS, including the Office of Emergency Response, and oversight for the National Disaster Medical System, Strategic National Stockpile, and Metropolitan Medical Response System. This created a potential separation of "health" and "medical" assets between the DHS and HHS. A subsequent presidential directive mandated the development of a National Incident Management System and an all-hazard National Response Plan. While no Department of Veterans Affairs (VA) assets were targeted for transfer, the VA remains the largest integrated healthcare system in the nation with important support roles in homeland security that complement its primary mission to provide care to veterans. The Emergency Management Strategic Healthcare Group (EMSHG) within the VA's medical component, the Veteran Health Administration (VHA), is the executive agent for the VA's Fourth Mission, emergency management. In addition to providing comprehensive emergency management services to the VA, the EMSHG coordinates medical back-up to the Department of Defense, and assists the public via the National Disaster Medical System and the National Response Plan. This article describes the VA's role in homeland security and disasters, and provides an overview of the ongoing organizational and operational changes introduced by the formation of the new DHS. Challenges and opportunities for public health are highlighted.

CORBASec Used to Secure Distributed Aerospace Propulsion Simulations

NASA Technical Reports Server (NTRS)

Blaser, Tammy M.

2003-01-01

The NASA Glenn Research Center and its industry partners are developing a Common Object Request Broker (CORBA) Security (CORBASec) test bed to secure their distributed aerospace propulsion simulations. Glenn has been working with its aerospace propulsion industry partners to deploy the Numerical Propulsion System Simulation (NPSS) object-based technology. NPSS is a program focused on reducing the cost and time in developing aerospace propulsion engines. It was developed by Glenn and is being managed by the NASA Ames Research Center as the lead center reporting directly to NASA Headquarters' Aerospace Technology Enterprise. Glenn is an active domain member of the Object Management Group: an open membership, not-for-profit consortium that produces and manages computer industry specifications (i.e., CORBA) for interoperable enterprise applications. When NPSS is deployed, it will assemble a distributed aerospace propulsion simulation scenario from proprietary analytical CORBA servers and execute them with security afforded by the CORBASec implementation. The NPSS CORBASec test bed was initially developed with the TPBroker Security Service product (Hitachi Computer Products (America), Inc., Waltham, MA) using the Object Request Broker (ORB), which is based on the TPBroker Basic Object Adaptor, and using NPSS software across different firewall products. The test bed has been migrated to the Portable Object Adaptor architecture using the Hitachi Security Service product based on the VisiBroker 4.x ORB (Borland, Scotts Valley, CA) and on the Orbix 2000 ORB (Dublin, Ireland, with U.S. headquarters in Waltham, MA). Glenn, GE Aircraft Engines, and Pratt & Whitney Aircraft are the initial industry partners contributing to the NPSS CORBASec test bed. The test bed uses Security SecurID (RSA Security Inc., Bedford, MA) two-factor token-based authentication together with Hitachi Security Service digital-certificate-based authentication to validate the various NPSS users. The test bed is expected to demonstrate NPSS CORBASec-specific policy functionality, confirm adequate performance, and validate the required Internet configuration in a distributed collaborative aerospace propulsion environment.

Mobilization and Defense Management Technical Reports Series. Mobilization Studies Program Report: Coordinated Policy for the Aircraft Industry.

DTIC Science & Technology

1983-05-01

THE ARMED FORCES AREA 6 WORK UNIT NUMBERS -. FORT LESLEY J. MC NAIR WASHINGTON, DC 20319 11. CONTROLLING OFFICE NAME AND ADDRESS 12. REPORT DATE "Vt...yearly dollar volume and lead directly to cost- effective 𔃾.- national security. Such business generates research funding that can have important military...Mbreover, there is no central focus for these policies and no foru to discuss their effect on national security and international catetiiveness. The

Survey of business process management: challenges and solutions

NASA Astrophysics Data System (ADS)

Alotaibi, Youseef; Liu, Fei

2017-09-01

The current literature shows that creating a good framework on business process model (PM) is not an easy task. A successful business PM should have the ability to ensure accurate alignment between business processes (BPs) and information technology (IT) designs, provide security protection, manage the rapidly changing business environment and BPs, manage customer power, be flexible for reengineering and ensure that IT goals can be easily derived from business goals and hence an information system (IS) can be easily implemented. This article presents an overview of research in the business PM domain. We have presented a review of the challenges facing business PMs, such as misalignment between business and IT, difficulty of deriving IT goals from business goals, creating secured business PM, reengineering BPs, managing the rapidly changing BP and business environment and managing customer power. Also, it presents the limitations of existing business PM frameworks. Finally, we outline several guidelines to create good business PM and the possible further research directions in the business PM domain.

Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

NASA Astrophysics Data System (ADS)

Bui, Francis Minhthang; Hatzinakos, Dimitrios

2007-12-01

As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

Security Encryption Scheme for Communication of Web Based Control Systems

NASA Astrophysics Data System (ADS)

Robles, Rosslin John; Kim, Tai-Hoon

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

76 FR 62433 - Delegation of Authority to the Office of Disaster Management and National Security

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-07

... the Office of Disaster Management and National Security AGENCY: Office of the Secretary, HUD. ACTION... Disaster and National Security Officer, Office of Disaster Management and National Security. DATES... and National Security Officer, Office of Disaster Management and National Security, Department of...

17 CFR 240.3b-14 - Definition of cash management securities activities.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Definition of cash management... Under the Securities Exchange Act of 1934 Definitions § 240.3b-14 Definition of cash management securities activities. The term cash management securities activities means securities activities that are...

"Must-know" legal issues for healthcare CFOS.

PubMed

Peregrine, Michael W; Schwartz, James R

2002-03-01

Healthcare financial managers are finding that regulatory agencies' customary focus on Medicare and tax-exemption concerns is shifting to other issues directly related to financial management. Regulatory agencies, such as the Securities and Exchange Commission, are scrutinizing not-for-profit and charitable trust law matters. Because of this renewed attention to existing regulations, healthcare financial managers need to increase their diligence in ensuring their organizations' compliance with those laws governing areas for which they traditionally have been accountable, including auditor relationships, restricted gifts, consulting arrangements, investment management, and financial reporting.

Comparison of Airway Management Methods in Entrapped Patients: A Manikin Study.

PubMed

Martin, Andrew B; Lingg, Jim; Lubin, Jeffrey S

2016-01-01

Endotracheal intubation remains one of the most challenging skills in prehospital care. There is a minimal amount of data on the optimal technique to use when managing the airway of an entrapped patient. We hypothesized that use of a blindly placed device would result in both the shortest time to airway management and highest success rate. A difficult airway manikin was placed in a cervical collar and secured upside down in an overturned vehicle. Experienced paramedics and prehospital registered nurses used four different methods to secure the airway: direct laryngoscopy, digital intubation, King LT-D, and CMAC video laryngoscopy. Each participant was given three opportunities to secure the airway using each technique in random order. A study investigator timed each attempt and confirmed successful placement, which was determined upon inflation of the manikin's lungs. Intubation success rates were analyzed using a general estimating equations model to account for repeated measures and a linear mixed effects model for average time. Twenty-two prehospital providers participated in the study. The one-pass success rate for the King LT-D was significantly higher than direct laryngoscopy (OR 0.048, CI 0.006-0.351, p < 0.01) and digital intubation (OR 0.040, CI 0.005-0.297, p < 0.01). However, there was no statistical difference between the one-pass success rate of the King LT-D and CMAC video laryngoscopy (OR 0.302, 95% CI 0.026-3.44, p = 0.33). The one-pass median placement time of the King LT-D (22 seconds, IQR 17-26) was significantly lower (p < 0.001) than direct laryngoscopy (60 seconds, IQR 42-75), digital intubation (38 seconds, IQR 26-74), and the CMAC (51 seconds, IQR 43-76). In this study, while the King LT-D offered the quickest airway placement, success rates were not significantly greater than intubation using the CMAC video laryngoscope. Intubation using direct laryngoscopy and digital intubation were less successful and took more time. Use of a blindly placed device or a video laryngoscope may provide the best avenues for airway management of entrapped patients.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks.

PubMed

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-03-24

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure.

A Polynomial Subset-Based Efficient Multi-Party Key Management System for Lightweight Device Networks

PubMed Central

Mahmood, Zahid; Ning, Huansheng; Ghafoor, AtaUllah

2017-01-01

Wireless Sensor Networks (WSNs) consist of lightweight devices to measure sensitive data that are highly vulnerable to security attacks due to their constrained resources. In a similar manner, the internet-based lightweight devices used in the Internet of Things (IoT) are facing severe security and privacy issues because of the direct accessibility of devices due to their connection to the internet. Complex and resource-intensive security schemes are infeasible and reduce the network lifetime. In this regard, we have explored the polynomial distribution-based key establishment schemes and identified an issue that the resultant polynomial value is either storage intensive or infeasible when large values are multiplied. It becomes more costly when these polynomials are regenerated dynamically after each node join or leave operation and whenever key is refreshed. To reduce the computation, we have proposed an Efficient Key Management (EKM) scheme for multiparty communication-based scenarios. The proposed session key management protocol is established by applying a symmetric polynomial for group members, and the group head acts as a responsible node. The polynomial generation method uses security credentials and secure hash function. Symmetric cryptographic parameters are efficient in computation, communication, and the storage required. The security justification of the proposed scheme has been completed by using Rubin logic, which guarantees that the protocol attains mutual validation and session key agreement property strongly among the participating entities. Simulation scenarios are performed using NS 2.35 to validate the results for storage, communication, latency, energy, and polynomial calculation costs during authentication, session key generation, node migration, secure joining, and leaving phases. EKM is efficient regarding storage, computation, and communication overhead and can protect WSN-based IoT infrastructure. PMID:28338632

Introducing the CERT (Trademark) Resiliency Engineering Framework: Improving the Security and Sustainability Processes

DTIC Science & Technology

2007-05-01

business processes and services. 4. Security operations management addresses the day-to-day activities that the organization performs to protect the...Management TM – Technology Management Security Operations Management SOM – Security Operations Management 5.7.2 Important Operations Competency...deals with the provision of access rights to informa- tion and technical assets SOM – Security Operations Management , which addresses the fundamental

Security Operations Curriculum Package: BS in Global Security and Intelligence Studies, Security Operations Management Track, Embry-Riddle Aeronautical University, Prescott, AZ. BS in Security Operations Management, Model Curriculum

DTIC Science & Technology

2011-10-24

Operations Management Track in the established B.S. in Global Security and Intelligence Studies Degree offered at Embry-Riddle Aeronautical University...and a model 4 -year college curriculum for a BS degree in Security Operations Management

14 CFR 380.25 - Prospectus filing and related requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

..., origin city or destination city; and (3) A change in or addition of any direct air carrier, securer, or... Analysis, Special Authorities Division shall be advised of this fact within 2 business days. (Approved by the Office of Management and Budget under Control Number 2106-0005) ...

78 FR 62329 - Special Local Regulation; Tennessee River, Miles 255.0 to 256.5, Florence, AL

Federal Register 2010, 2011, 2012, 2013, 2014

2013-10-17

... pursuant to authority under section 4(a) of the Administrative Procedure Act (APA) (5 U.S.C. 553(b)). This... Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide the Coast Guard in...

44 CFR 206.110 - Federal assistance to individuals and households.

Code of Federal Regulations, 2013 CFR

2013-10-01

.... Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5174, as amended by the Disaster... MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY DISASTER ASSISTANCE FEDERAL DISASTER ASSISTANCE Federal... eligible individuals and households who, as a direct result of a major disaster or emergency, have...

44 CFR 206.110 - Federal assistance to individuals and households.

Code of Federal Regulations, 2012 CFR

2012-10-01

.... Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5174, as amended by the Disaster... MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY DISASTER ASSISTANCE FEDERAL DISASTER ASSISTANCE Federal... eligible individuals and households who, as a direct result of a major disaster or emergency, have...

44 CFR 206.110 - Federal assistance to individuals and households.

Code of Federal Regulations, 2014 CFR

2014-10-01

.... Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5174, as amended by the Disaster... MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY DISASTER ASSISTANCE FEDERAL DISASTER ASSISTANCE Federal... eligible individuals and households who, as a direct result of a major disaster or emergency, have...

44 CFR 206.110 - Federal assistance to individuals and households.

Code of Federal Regulations, 2011 CFR

2011-10-01

.... Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5174, as amended by the Disaster... MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY DISASTER ASSISTANCE FEDERAL DISASTER ASSISTANCE Federal... eligible individuals and households who, as a direct result of a major disaster or emergency, have...

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management.

PubMed

Sanchez-Guerrero, Rosa; Mendoza, Florina Almenarez; Diaz-Sanchez, Daniel; Cabarcos, Patricia Arias; Lopez, Andres Marin

2017-11-01

Collaborative healthcare environments offer potential benefits, including enhancing the healthcare quality delivered to patients and reducing costs. As a direct consequence, sharing of electronic health records (EHRs) among healthcare providers has experienced a noteworthy growth in the last years, since it enables physicians to remotely monitor patients' health and enables individuals to manage their own health data more easily. However, these scenarios face significant challenges regarding security and privacy of the extremely sensitive information contained in EHRs. Thus, a flexible, efficient, and standards-based solution is indispensable to guarantee selective identity information disclosure and preserve patient's privacy. We propose a privacy-aware profile management approach that empowers the patient role, enabling him to bring together various healthcare providers as well as user-generated claims into an unique credential. User profiles are represented through an adaptive Merkle Tree, for which we formalize the underlying mathematical model. Furthermore, performance of the proposed solution is empirically validated through simulation experiments.

Unauthorised absences from leave from an Australian security hospital.

PubMed

Scott, Russ; Goel, Vikram; Neillie, Darren; Stedman, Terry; Meehan, Tom

2014-04-01

To consider incidents relating to absences without permission from authorised leave from a security hospital. A retrospective audit over a 10-year period of all critical incidents relating to leave from the High Security Inpatient Services, Brisbane, Australia. There has been a low incidence of patients absenting themselves without permission from leave. Of the 12 patients who went absent without permission over the 10-year study period, only one patient was reported to have committed an offence and no patient seriously self-harmed. Attention to patient selection and risk management strategies have been effective in minimising the risk to patients and to the community as a direct result of absences without permission from authorised leave.

78 FR 23775 - Agency Information Collection Activities; Proposed Collection; Comment Request: Community...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-22

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2013-0014... Preparedness and Participation Survey used to identify progress and gaps in citizen and community preparedness... direction in Executive Order 13254 to study and track the progress of public service programs. Citizen Corps...

Construction Vibration Impacts on the Center for Integrated Nanotechnologies.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hearne, Sean J.; Kostranchuk, Theodore; Jungjohann, Katherine Leigh

Under the direction of the James W. Todd, Assistant Manager for Engineering within the National Nuclear Security Administration Sandia Field Office, the team listed above has performed the attached study to evaluate the vibration sensitivity of the Center for Integrated Nanotechnolog ies and propose possible mitigation strategies .

77 FR 49817 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-17

... identity and comply with the statutory requirement that federal Office of Child Support Enforcement (OCSE... persons. 42 U.S.C. 653(m)(2). After identity is authenticated, secure accounts will be created for... directly to the following: Office of Management and Budget, Paperwork Reduction Project, 725 17th Street NW...

76 FR 10262 - Information Security Program

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-24

... directives. (q) Senior agency official means the official designated by the Chairman under section 5.4(d) of... is safeguarded. * * * * * 0 3. Revise Sec. 503.52 to read as follows: Sec. 503.52 Senior agency official. The Managing Director is designated as Senior Agency Official of the Commission, and shall be...

47 CFR 64.1120 - Verification of orders for telecommunications service.

Code of Federal Regulations, 2010 CFR

2010-10-01

... data (e.g., the subscriber's date of birth or social security number). The independent third party must not be owned, managed, controlled, or directed by the carrier or the carrier's marketing agent; must... carrier's marketing agent; and must operate in a location physically separate from the carrier or the...

Functional limitation and chronic diseases are associated with food insecurity among U.S. adults.

PubMed

Venci, Brittany J; Lee, Seung-Yeon

2018-03-01

This study examined associations of functional limitation due to any health problems and six chronic diseases (arthritis, diabetes, coronary heart disease, heart attack, hypertension, and stroke) with food security among U.S. adults. The 2011 National Health Interview Survey data for 30,010 adults (≥18 years) were used. Adults were categorized into food secure, low food secure, or very low food secure. Multivariable logistic regressions were used to estimate adjusted odds ratio (OR) and 95% confidence interval (CI) for having functional limitation and chronic diseases while adjusting for sociodemographic and lifestyle factors. The prevalence of functional limitation and the chronic diseases were higher in low-food-secure and very low-food-secure than food-secure adults. The adjusted ORs were significant in both low food secure and very low food secure, respectively, for functional limitation (OR: 1.87; 95% CI: 1.63, 2.14), (OR: 2.20; 95% CI: 1.91, 2.52), inflammatory diseases or joint/muscular pain (OR: 1.42; 95% CI: 1.21, 1.68), (OR: 1.74; 95% CI: 1.49, 2.04), diabetes (OR: 1.26; 95% CI: 1.06, 1.51), (OR: 1.23; 95% CI: 1.02, 1.48), and hypertension (OR: 1.18; 95% CI: 1.04, 1.35), (OR: 1.42; 95% CI: 1.22, 1.65) when compared with food-secure adults. Findings indicate that food insecurity is associated with functional limitation and chronic diseases, whereas directionality is unknown. Besides the traditional food assistance program for food-insecure populations, interventions to prevent or manage chronic diseases may be necessary to help them reduce the risk of the diseases and manage their conditions. Copyright © 2018 Elsevier Inc. All rights reserved.

The Use of BS7799 Information Security Standard to Construct Mechanisms for the Management of Medical Organization Information Security

NASA Astrophysics Data System (ADS)

Liu, Shu-Fan; Chueh, Hao-En; Liao, Kuo-Hsiung

According to surveys, 80 % of security related events threatening information in medical organizations is due to improper management. Most research on information security has focused on information and security technology, such as network security and access control; rarely addressing issues at the management issues. The main purpose of this study is to construct a BS7799 based mechanism for the management of information with regard to security as it applies to medical organizations. This study analyzes and identifies the most common events related to information security in medical organizations and categorizes these events as high-risk, transferable-risk, and controlled-risk to facilitate the management of such risk.

31 CFR 306.23 - Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System.

Code of Federal Regulations, 2010 CFR

2010-07-01

... TREASURY DIRECT Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury Regulations... Securities eligible to be held in the TREASURY DIRECT Book-entry Securities System. (a) Eligible issues. The... conversion to the TREASURY DIRECT Book-entry Securities System. The notice shall specify the period during...

Data management issues in mobile ad hoc networks

PubMed Central

HARA, Takahiro

2017-01-01

Research on mobile ad hoc networks (MANETs) has become a hot research topic since the middle 1990’s. Over the first decade, most research focused on networking techniques, ignoring data management issues. We, however, realized early the importance of data management in MANETs, and have been conducting studies in this area for 15 years. In this review, we summarize some key technical issues related to data management in MANETs, and the studies we have done in addressing these issues, which include placement of data replicas, update management, and query processing with security management. The techniques proposed in our studies have been designed with deep considerations of MANET features including network partitioning, node participation/disappearance, limited network bandwidth, and energy efficiency. Our studies published in early 2000’s have developed a new research field as data management in MANETs. Also, our recent studies are expected to be significant guidelines of new research directions. We conclude the review by discussing some future directions for research. PMID:28496052

Data management issues in mobile ad hoc networks.

PubMed

Hara, Takahiro

2017-01-01

Research on mobile ad hoc networks (MANETs) has become a hot research topic since the middle 1990's. Over the first decade, most research focused on networking techniques, ignoring data management issues. We, however, realized early the importance of data management in MANETs, and have been conducting studies in this area for 15 years. In this review, we summarize some key technical issues related to data management in MANETs, and the studies we have done in addressing these issues, which include placement of data replicas, update management, and query processing with security management. The techniques proposed in our studies have been designed with deep considerations of MANET features including network partitioning, node participation/disappearance, limited network bandwidth, and energy efficiency. Our studies published in early 2000's have developed a new research field as data management in MANETs. Also, our recent studies are expected to be significant guidelines of new research directions. We conclude the review by discussing some future directions for research.

Optimizing Security of Cloud Computing within the DoD

DTIC Science & Technology

2010-12-01

information security governance and risk management; application security; cryptography; security architecture and design; operations security; business ...governance and risk management; application security; cryptography; security architecture and design; operations security; business continuity...20 7. Operational Security (OPSEC).........................................................20 8. Business Continuity Planning (BCP) and Disaster

5 CFR 9701.512 - Conferring on procedures for the exercise of management rights.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.512...

A cooperative model for IS security risk management in distributed environment.

PubMed

Feng, Nan; Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively.

The future of infrastructure security :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Garcia, Pablo; Turnley, Jessica Glicken; Parrott, Lori K.

2013-05-01

Sandia National Laboratories hosted a workshop on the future of infrastructure security on February 27-28, 2013, in Albuquerque, NM. The 17 participants came from backgrounds as diverse as federal policy, the insurance industry, infrastructure management, and technology development. The purpose of the workshop was to surface key issues, identify directions forward, and lay groundwork for cross-sectoral and cross-disciplinary collaborations. The workshop addressed issues such as the problem space (what is included in infrastructure problems?), the general types of threats to infrastructure (such as acute or chronic, system-inherent or exogenously imposed) and definitions of secure and resilient infrastructures. The workshop concludedmore » with a consideration of stakeholders and players in the infrastructure world, and identification of specific activities that could be undertaken by the Department of Homeland Security (DHS) and other players.« less

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2011 CFR

2011-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2010 CFR

2010-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning..., risk management, and contingency planning. (b) Provide the Federal information systems security...

Guidelines for developing NASA (National Aeronautics and Space Administration) ADP security risk management plans

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1983-01-01

This report presents guidance to NASA Computer security officials for developing ADP security risk management plans. The six components of the risk management process are identified and discussed. Guidance is presented on how to manage security risks that have been identified during a risk analysis performed at a data processing facility or during the security evaluation of an application system.

Globus Identity, Access, and Data Management: Platform Services for Collaborative Science

NASA Astrophysics Data System (ADS)

Ananthakrishnan, R.; Foster, I.; Wagner, R.

2016-12-01

Globus is software-as-a-service for research data management, developed at, and operated by, the University of Chicago. Globus, accessible at www.globus.org, provides high speed, secure file transfer; file sharing directly from existing storage systems; and data publication to institutional repositories. 40,000 registered users have used Globus to transfer tens of billions of files totaling hundreds of petabytes between more than 10,000 storage systems within campuses and national laboratories in the US and internationally. Web, command line, and REST interfaces support both interactive use and integration into applications and infrastructures. An important component of the Globus system is its foundational identity and access management (IAM) platform service, Globus Auth. Both Globus research data management and other applications use Globus Auth for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and a range of clients, including web, mobile, and desktop applications, and other services. Compliant with important standards such as OAuth, OpenID, and SAML, Globus Auth provides mechanisms required for an extensible, integrated ecosystem of services and clients for the research and education community. It underpins projects such as the US National Science Foundation's XSEDE system, NCAR's Research Data Archive, and the DOE Systems Biology Knowledge Base. Current work is extending Globus services to be compliant with FEDRAMP standards for security assessment, authorization, and monitoring for cloud services. We will present Globus IAM solutions and give examples of Globus use in various projects for federated access to resources. We will also describe how Globus Auth and Globus research data management capabilities enable rapid development and low-cost operations of secure data sharing platforms that leverage Globus services and integrate them with local policy and security.

Incentive Issues in Information Security Management

ERIC Educational Resources Information Center

Lee, Chul Ho

2012-01-01

This dissertation studies three incentive issues in information security management. The first essay studies contract issues between a firm that outsources security functions and a managed security service provider (MSSP) that provides security functions to the firm. Since MSSP and firms cannot observe each other's actions, both can suffer…

A Cooperative Model for IS Security Risk Management in Distributed Environment

PubMed Central

Zheng, Chundong

2014-01-01

Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively. PMID:24563626

5 CFR 9701.526 - Continuation of existing laws, recognitions, agreements, and procedures.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

76 FR 31968 - Agency Information Collection Activities: Proposed Collection; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-02

.... Proposed Project: SAMHSA SOAR Web-Based Data Form--NEW In 2009 the Substance Abuse and Mental Health... in all states. SOAR's primary objective is to improve the allowance rate for Social Security... Center under SAMHSA's direction developed a web-based data form that case managers can use to track the...

76 FR 51044 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-17

.... Project: SAMHSA SOAR Web-Based Data Form--NEW In 2009 the Substance Abuse and Mental Health Services... states. SOAR's primary objective is to improve the allowance rate for Social Security Administration (SSA... SAMHSA's direction developed a web-based data form that case managers can use to track the progress of...

Department of Homeland Security: Assessments of Selected Complex Acquisitions

DTIC Science & Technology

2010-06-01

10 The two nonmajor programs selected—the Biosurveillance Common...Management Directive AD 102-01, and approves acquisitions to proceed to their next acquisition life- cycle phases upon satisfaction of applicable ...programs are Biosurveillance Common Operating Network and the Integrated Public Alert and Warning System. BioWatch Generation-3 had not started

5 CFR 9701.101 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... establishment of a new human resources management system within the Department of Homeland Security (DHS), as...

31 CFR 357.25 - Security interests.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 31 Money and Finance:Treasury 2 2012-07-01 2012-07-01 false Security interests. 357.25 Section 357... Legacy Treasury Direct Book-Entry Securities System (Legacy Treasury Direct) § 357.25 Security interests... security interest of any kind, including a pledge, in a security in Legacy Treasury Direct ® except as...

31 CFR 357.25 - Security interests.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 31 Money and Finance:Treasury 2 2011-07-01 2011-07-01 false Security interests. 357.25 Section 357... Legacy Treasury Direct Book-Entry Securities System (Legacy Treasury Direct) § 357.25 Security interests... security interest of any kind, including a pledge, in a security in Legacy Treasury Direct ® except as...

31 CFR 357.25 - Security interests.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 31 Money and Finance:Treasury 2 2013-07-01 2013-07-01 false Security interests. 357.25 Section 357... Legacy Treasury Direct Book-Entry Securities System (Legacy Treasury Direct) § 357.25 Security interests... security interest of any kind, including a pledge, in a security in Legacy Treasury Direct ® except as...

5 CFR 9701.405 - Performance management system requirements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... requirements. 9701.405 Section 9701.405 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.405 Performance...

Examining the Impact of Non-Technical Security Management Factors on Information Security Management in Health Informatics

ERIC Educational Resources Information Center

Imam, Abbas H.

2013-01-01

Complexity of information security has become a major issue for organizations due to incessant threats to information assets. Healthcare organizations are particularly concerned with security owing to the inherent vulnerability of sensitive information assets in health informatics. While the non-technical security management elements have been at…

31 CFR 306.23 - Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System.

Code of Federal Regulations, 2011 CFR

2011-07-01

... Legacy Treasury Direct® Book-entry Securities System. 306.23 Section 306.23 Money and Finance: Treasury... Securities eligible to be held in the Legacy Treasury Direct® Book-entry Securities System. (a) Eligible... book-entry securities system. (b) Conversion of Registered Security to book-entry form to be held in...

Making Our Buildings Safer: Security Management and Equipment Issues.

ERIC Educational Resources Information Center

Clark, James H.

1997-01-01

Discusses three major components of library security: physical security of the environment; operating procedures for library staff, the public, and security personnel; and a contract security force (or campus security in academic institutions.) Topics include risk management; maintenance; appropriate technology, including security systems and…

31 CFR 357.20 - Securities account in Legacy Treasury Direct ®.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Securities System (Legacy Treasury Direct) § 357.20 Securities account in Legacy Treasury Direct ®. (a) Account. A securities account consists of: (1) An account master record, and (2) A securities portfolio... 31 Money and Finance: Treasury 2 2010-07-01 2010-07-01 false Securities account in Legacy Treasury...

Flattening the organization: implementing self-directed work groups.

PubMed

Brandon, G M

1996-01-01

In response to tremendous growth of managed care and threats to financial stability and job security, the Greater Baltimore Medical Center (GBMC) restructured itself into independent business units. The radiology department at GBMC resolved to reduce cost per unit-of-service, improve service, determine optimal staffing levels and reduce the number of layers of organization. It was decided to achieve those goals by implementing self-directed work groups. Staff buy-in was critical to success of the project. To begin, the staff was educated intensively about current trends in healthcare, managed care and potential changes in the job market. The radiology department was allowed to reduce the size of its staff through attrition and worked hard to focus staff concern on the impact each individual could have on the bottom line and the resultant effect on job security. Self-directed work groups were designed on a matrix that used small "service teams" in combinations to form larger "work groups." Actual work and daily activities occur at the service team level; information exchange and major decisions occue at the work group level. Seventeen months after beginning the project and 10 months after implementation, the organization has flattened, staff members have adjusted well to new roles, there have been no lay-offs, and the matrix system of small and large groups have proved particularly valuable.

Nevada National Security Site Environmental Report 2016

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wills

This Nevada National Security Site Environmental Report (NNSSER) was prepared to satisfy DOE Order DOE O 231.1B, “Environment, Safety and Health Reporting.” Its purpose is to (1) report compliance status with environmental standards and requirements, (2) present results of environmental monitoring of radiological and nonradiological effluents, (3) report estimated radiological doses to the public from releases of radioactive material, (4) summarize environmental incidents of noncompliance and actions taken in response to them, (5) describe the National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Environmental Management System and characterize its performance, and (6) highlight significant environmental programs and efforts. This NNSSERmore » summarizes data and compliance status for calendar year 2016 at the Nevada National Security Site (NNSS) and its two Nevada-based support facilities, the North Las Vegas Facility (NLVF) and the Remote Sensing Laboratory–Nellis (RSL-Nellis). It also addresses environmental restoration (ER) projects conducted at the Tonopah Test Range (TTR) and the Nevada Test and Training Range (NTTR). NNSA/NFO directs the management and operation of the NNSS and six sites across the nation. In addition to the NNSA itself, the six sites include two in Nevada (NLVF and RSL-Nellis) and four in other states (RSL-Andrews in Maryland, Livermore Operations in California, Los Alamos Operations in New Mexico, and Special Technologies Laboratory in California). Los Alamos, Lawrence Livermore, and Sandia National Laboratories are the principal organizations that sponsor and implement the nuclear weapons programs at the NNSS. National Security Technologies, LLC (NSTec), is the current Management and Operating contractor accountable for the successful execution of work and ensuring that work is performed in compliance with environmental regulations. The six sites all provide support to enhance the NNSS as a location for its multiple missions. The three major NNSS missions include National Security/Defense, Environmental Management, and Nondefense. The major programs that support these missions are Stockpile Stewardship and Management, Nonproliferation and Counterterrorism, Nuclear Emergency Response, Strategic Partnership Projects, Environmental Restoration, Waste Management, Conservation and Renewable Energy, Other Research and Development, and Infrastructure. The major facilities that support the programs include the U1a Facility, Big Explosives Experimental Facility (BEEF), Device Assembly Facility, Dense Plasma Focus Facility, Joint Actinide Shock Physics Experimental Research Facility, Radiological/Nuclear Countermeasures Test and Evaluation Complex, Nonproliferation Test and Evaluation Complex (NPTEC), Radiological/Nuclear Weapons of Mass Destruction Incident Exercise Site, the Area 5 Radioactive Waste Management Complex (RWMC), and the Area 3 Radioactive Waste Management Site (RWMS).« less

Information security for compliance with select agent regulations.

PubMed

Lewis, Nick; Campbell, Mark J; Baskin, Carole R

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as "select agents." While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts--still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment.

Information Security for Compliance with Select Agent Regulations

PubMed Central

Lewis, Nick; Campbell, Mark J.

2015-01-01

The past decade has seen a significant rise in research on high-consequence human and animal pathogens, many now known as “select agents.” While physical security around these agents is tightly regulated, information security standards are still lagging. The understanding of the threats unique to the academic and research environment is still evolving, in part due to poor communication between the various stakeholders. Perhaps as a result, information security guidelines published by select agent regulators lack the critical details and directives needed to achieve even the lowest security level of the Federal Information Security Management Act (FISMA). While only government agencies are currently required to abide by the provisions of FISMA (unless specified as preconditions for obtaining government grants or contracts—still a relatively rare or narrowly scoped occurrence), the same strategies were recently recommended by executive order for others. We propose that information security guidelines for select agent research be updated to promulgate and detail FISMA standards and processes and that the latter be ultimately incorporated into select agent regulations. We also suggest that information security in academic and research institutions would greatly benefit from active efforts to improve communication among the biosecurity, security, and information technology communities, and from a secure venue for exchange of timely information on emerging threats and solutions in the research environment. PMID:26042864

Information Security Management (ISM)

NASA Astrophysics Data System (ADS)

Šalgovičová, Jarmila; Prajová, Vanessa

2012-12-01

Currently, all organizations have to tackle the issue of information security. The paper deals with various aspects of Information Security Management (ISM), including procedures, processes, organizational structures, policies and control processes. Introduction of Information Security Management should be a strategic decision. The concept and implementation of Information Security Management in an organization are determined by the corporate needs and objectives, security requirements, the processes deployed as well as the size and structure of the organization. The implementation of ISM should be carried out to the extent consistent with the needs of the organization.

Climate challenges, vulnerabilities, and food security

PubMed Central

Nelson, Margaret C.; Ingram, Scott E.; Dugmore, Andrew J.; Streeter, Richard; Peeples, Matthew A.; McGovern, Thomas H.; Hegmon, Michelle; Arneborg, Jette; Brewington, Seth; Spielmann, Katherine A.; Simpson, Ian A.; Strawhacker, Colleen; Comeau, Laura E. L.; Torvinen, Andrea; Madsen, Christian K.; Hambrecht, George; Smiarowski, Konrad

2016-01-01

This paper identifies rare climate challenges in the long-term history of seven areas, three in the subpolar North Atlantic Islands and four in the arid-to-semiarid deserts of the US Southwest. For each case, the vulnerability to food shortage before the climate challenge is quantified based on eight variables encompassing both environmental and social domains. These data are used to evaluate the relationship between the “weight” of vulnerability before a climate challenge and the nature of social change and food security following a challenge. The outcome of this work is directly applicable to debates about disaster management policy. PMID:26712017

Climate challenges, vulnerabilities, and food security.

PubMed

Nelson, Margaret C; Ingram, Scott E; Dugmore, Andrew J; Streeter, Richard; Peeples, Matthew A; McGovern, Thomas H; Hegmon, Michelle; Arneborg, Jette; Kintigh, Keith W; Brewington, Seth; Spielmann, Katherine A; Simpson, Ian A; Strawhacker, Colleen; Comeau, Laura E L; Torvinen, Andrea; Madsen, Christian K; Hambrecht, George; Smiarowski, Konrad

2016-01-12

This paper identifies rare climate challenges in the long-term history of seven areas, three in the subpolar North Atlantic Islands and four in the arid-to-semiarid deserts of the US Southwest. For each case, the vulnerability to food shortage before the climate challenge is quantified based on eight variables encompassing both environmental and social domains. These data are used to evaluate the relationship between the "weight" of vulnerability before a climate challenge and the nature of social change and food security following a challenge. The outcome of this work is directly applicable to debates about disaster management policy.

Information Security Assessment of SMEs as Coursework -- Learning Information Security Management by Doing

ERIC Educational Resources Information Center

Ilvonen, Ilona

2013-01-01

Information security management is an area with a lot of theoretical models. The models are designed to guide practitioners in prioritizing management resources in companies. Information security management education should address the gap between the academic ideals and practice. This paper introduces a teaching method that has been in use as…

Controlled information destruction: the final frontier in preserving information security for every organisation

NASA Astrophysics Data System (ADS)

Curiac, Daniel-Ioan; Pachia, Mihai

2015-05-01

Information security represents the cornerstone of every data processing system that resides in an organisation's trusted network, implementing all necessary protocols, mechanisms and policies to be one step ahead of possible threats. Starting from the need to strengthen the set of security services, in this article we introduce a new and innovative process named controlled information destruction (CID) that is meant to secure sensitive data that are no longer needed for the organisation's future purposes but would be very damaging if revealed. The disposal of this type of data has to be controlled carefully in order to delete not only the information itself but also all its splinters spread throughout the network, thus denying any possibility of recovering the information after its alleged destruction. This process leads to a modified model of information assurance and also reconfigures the architecture of any information security management system. The scheme we envisioned relies on a reshaped information lifecycle, which reveals the impact of the CID procedure directly upon the information states.

EMRlog method for computer security for electronic medical records with logic and data mining.

PubMed

Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

2015-01-01

The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

PubMed Central

Frausto Solis, Juan; Monroy Borja, Raúl

2015-01-01

The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system. PMID:26495300

Automated electric power management and control for Space Station Freedom

NASA Technical Reports Server (NTRS)

Dolce, James L.; Mellor, Pamela A.; Kish, James A.

1990-01-01

A comprehensive automation design is being developed for Space Station Freedom's electric power system. It strives to increase station productivity by applying expert systems and conventional algorithms to automate power system operation. An integrated approach to the power system command and control problem is defined and used to direct technology development in: diagnosis, security monitoring and analysis, battery management, and cooperative problem-solving for resource allocation. The prototype automated power system is developed using simulations and test-beds.

An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds

DOE Office of Scientific and Technical Information (OSTI.GOV)

Simmhan, Yogesh; Kumbhare, Alok; Cao, Baohua

2011-07-09

Power utilities globally are increasingly upgrading to Smart Grids that use bi-directional communication with the consumer to enable an information-driven approach to distributed energy management. Clouds offer features well suited for Smart Grid software platforms and applications, such as elastic resources and shared services. However, the security and privacy concerns inherent in an information rich Smart Grid environment are further exacerbated by their deployment on Clouds. Here, we present an analysis of security and privacy issues in a Smart Grids software architecture operating on different Cloud environments, in the form of a taxonomy. We use the Los Angeles Smart Gridmore » Project that is underway in the largest U.S. municipal utility to drive this analysis that will benefit both Cloud practitioners targeting Smart Grid applications, and Cloud researchers investigating security and privacy.« less

5 CFR 9701.527 - Savings provision.

Code of Federal Regulations, 2011 CFR

2011-01-01

....527 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.527 Savings provision. This subpart does not...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.516 - Allotments to representatives.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Section 9701.516 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.516 Allotments to representatives...

5 CFR 9701.523 - Official time.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.523 Official time. (a) Any employee representing an...

5 CFR 9701.527 - Savings provision.

Code of Federal Regulations, 2010 CFR

2010-01-01

....527 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.527 Savings provision. This subpart does not...

5 CFR 9701.401 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.401 Purpose. (a) This subpart provides for the establishment...

5 CFR 9701.410 - DHS responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.410 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.410 DHS responsibilities. In carrying out its...

5 CFR 9701.507 - Employee rights.

Code of Federal Regulations, 2010 CFR

2010-01-01

....507 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.507 Employee rights. Each employee has the...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Contingency Measures § 1542.303 Security Directives and Information Circulars. (a) TSA may issue an... Security Directive by submitting data, views, or arguments in writing to TSA. TSA may amend the Security...

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

PubMed

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

PubMed Central

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

Airway Management of Near-Complete Tracheal Transection by Through-the-Wound Intubation: A Case Report.

PubMed

Jean, Yuel-Kai; Potnuru, Paul; Diez, Christian

2018-06-11

We present an approach to airway management in a patient with machete injuries culminating in near-complete cricotracheal transection, in addition to a gunshot wound to the neck. Initial airway was established by direct intubation through the cricotracheal wound. Once the airway was secured, a bronchoscopy-guided orotracheal intubation was performed with simultaneous retraction of the cricotracheal airway to optimize the surgical field. This case offers insight into a rarely performed approach to airway management. Furthermore, our case report demonstrates that, in select airway injuries, performing through-the-wound intubation engenders a multitude of benefits.

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2010 CFR

2010-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2014 CFR

2014-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

32 CFR Appendix A to Part 806 - References

Code of Federal Regulations, 2012 CFR

2012-07-01

..., Information Security Program Management AFI 31-501, Personnel Security Program Management AFI 31-601, Industrial Security Program Management AFI 33-129, Transmission of Information Via the Internet AFI 35-205... Management (will convert to AFPD 33-3) AFI 37-124, The Information Collections and Reports Management Program...

5 CFR 9701.511 - Management rights.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 5 Administrative Personnel 3 2012-01-01 2012-01-01 false Management rights. 9701.511 Section 9701.511 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN...

5 CFR 9701.511 - Management rights.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Management rights. 9701.511 Section 9701.511 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN...

5 CFR 9701.511 - Management rights.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 5 Administrative Personnel 3 2014-01-01 2014-01-01 false Management rights. 9701.511 Section 9701.511 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN...

5 CFR 9701.511 - Management rights.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Management rights. 9701.511 Section 9701.511 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN...

5 CFR 9701.511 - Management rights.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Management rights. 9701.511 Section 9701.511 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN...

5 CFR 9701.522 - Exceptions to arbitration awards.

Code of Federal Regulations, 2010 CFR

2010-01-01

....522 Section 9701.522 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.522 Exceptions to arbitration...

5 CFR 9701.502 - Rule of construction.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.502 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.502 Rule of construction. In interpreting this...

5 CFR 9701.517 - Unfair labor practices.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.517 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.517 Unfair labor practices. (a) For the...

5 CFR 9701.407 - Monitoring performance and providing feedback.

Code of Federal Regulations, 2010 CFR

2010-01-01

... feedback. 9701.407 Section 9701.407 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.407 Monitoring...

Waste biomass toward hydrogen fuel supply chain management for electricity: Malaysia perspective

NASA Astrophysics Data System (ADS)

Zakaria, Izatul Husna; Ibrahim, Jafni Azhan; Othman, Abdul Aziz

2016-08-01

Green energy is becoming an important aspect of every country in the world toward energy security by reducing dependence on fossil fuel import and enhancing better life quality by living in the healthy environment. This conceptual paper is an approach toward determining physical flow's characteristic of waste wood biomass in high scale plantation toward producing gas fuel for electricity using gasification technique. The scope of this study is supply chain management of syngas fuel from wood waste biomass using direct gasification conversion technology. Literature review on energy security, Malaysia's energy mix, Biomass SCM and technology. This paper uses the theoretical framework of a model of transportation (Lumsden, 2006) and the function of the terminal (Hulten, 1997) for research purpose. To incorporate biomass unique properties, Biomass Element Life Cycle Analysis (BELCA) which is a novel technique develop to understand the behaviour of biomass supply. Theoretical framework used to answer the research questions are Supply Chain Operations Reference (SCOR) framework and Sustainable strategy development in supply chain management framework

49 CFR 1548.19 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... CARRIER SECURITY § 1548.19 Security Directives and Information Circulars. (a) TSA may issue an Information... security measures are necessary to respond to a threat assessment, or to a specific threat against civil...

10 CFR 73.26 - Transportation physical protection systems, subsystems, components, and procedures.

Code of Federal Regulations, 2010 CFR

2010-01-01

... by individuals independent of both security program management and personnel who have direct... hour to convey the status and position of the shipment. In the event no call is received in accordance... made at least every half hour to convey the status and position of the shipment. In the event no call...

2015 Enterprise Strategic Vision

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2015-08-01

This document aligns with the Department of Energy Strategic Plan for 2014-2018 and provides a framework for integrating our missions and direction for pursuing DOE’s strategic goals. The vision is a guide to advancing world-class science and engineering, supporting our people, modernizing our infrastructure, and developing a management culture that operates a safe and secure enterprise in an efficient manner.

Securing the human perimeter: beyond operational approaches to developing community capacity to live with fire. Two examples from Victoria, Australia

Treesearch

Simone Blair; Matt Campbell; Tom Lowe; Claire Campbell

2011-01-01

This paper explores the parallels that frequently exist in fire management organizations between operational approaches to fire and engagement approaches in the community. We observe that community issues are often treated in the same way as a fire incident—"controlled" and "contained" through education and "direct attack"...

Intelligence Community Programs, Management, and Enduring Issues

DTIC Science & Technology

2016-11-08

proliferators, money launderers , drug kingpins, and other national security threats.” 110 The Senate Intelligence Committee report accompanying the IAA...and economic expertise. Financial intelligence analysts focus on terrorist financing, counterfeiting, money laundering , funds transfers, weapons...budgets provide resources ( money and manpower) considered necessary to accomplish IC goals, directives, duties and responsibilities defined by the U.S

5 CFR 9701.525 - Regulations of the HSLRB.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Section 9701.525 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.525 Regulations of the HSLRB. The...

5 CFR 9701.406 - Setting and communicating performance expectations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... expectations. 9701.406 Section 9701.406 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.406 Setting and...

5 CFR 9701.513 - Exclusive recognition of labor organizations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... organizations. 9701.513 Section 9701.513 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.513 Exclusive...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2014 CFR

2014-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2011 CFR

2011-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2012 CFR

2012-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

49 CFR 1542.303 - Security Directives and Information Circulars.

Code of Federal Regulations, 2013 CFR

2013-10-01

...) TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY... Information Circular to notify airport operators of security concerns. When TSA determines that additional... aviation, TSA issues a Security Directive setting forth mandatory measures. (b) Each airport operator must...

A baseline assessment of emergency planning and preparedness in Italian universities.

PubMed

Marincioni, Fausto; Fraboni, Rita

2012-04-01

Besides offering teaching and research services, schools and universities also must provide for the safety and security of their employees, students, and visitors. This paper describes emergency preparedness in a sample of Italian universities. In particular it examines risk perception within a specific professional category (university safety and security officers) in a specific cultural context (Italy). In addition, it discusses the transposition and implementation in a European Union (EU) member state of EU Council Directive 89/391/EEC of 12 June 1989, on the introduction of measures to encourage improvements in the safety and health of workers. The findings highlight heterogeneous and fragmented emergency management models within the Italian university system, underlining the need for a stricter framework of standardised safety protocols and emergency management guidelines. The study also points out that enhancing emergency planning and preparedness in Italian universities entails increasing safety leadership, employee engagement and individual responsibility for safety and security; essentially, it necessitates improving the culture of risk prevention. © 2012 The Author(s). Disasters © Overseas Development Institute, 2012.

31 CFR 363.203 - After I purchase my marketable Treasury security in TreasuryDirect ®, is there a period of time...

Code of Federal Regulations, 2012 CFR

2012-07-01

... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the security? Once you purchase a marketable Treasury security in TreasuryDirect, you may not transfer that...

31 CFR 363.203 - After I purchase my marketable Treasury security in TreasuryDirect ®, is there a period of time...

Code of Federal Regulations, 2014 CFR

2014-07-01

... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the security? Once you purchase a marketable Treasury security in TreasuryDirect, you may not transfer that...

31 CFR 363.203 - After I purchase my marketable Treasury security in TreasuryDirect ®, is there a period of time...

Code of Federal Regulations, 2011 CFR

2011-07-01

... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the security? Once you purchase a marketable Treasury security in TreasuryDirect, you may not transfer that...

31 CFR 363.203 - After I purchase my marketable Treasury security in TreasuryDirect ®, is there a period of time...

Code of Federal Regulations, 2010 CFR

2010-07-01

... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the security? Once you purchase a marketable Treasury security in TreasuryDirect, you may not transfer that...

31 CFR 363.203 - After I purchase my marketable Treasury security in TreasuryDirect ®, is there a period of time...

Code of Federal Regulations, 2013 CFR

2013-07-01

... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the... Treasury security in TreasuryDirect ®, is there a period of time during which I may not transfer the security? Once you purchase a marketable Treasury security in TreasuryDirect, you may not transfer that...

5 CFR 9701.231 - Conversion of positions and employees to the DHS classification system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Transitional...

Office of Command Security Total Quality Management Plan

DTIC Science & Technology

1989-07-01

outlines the Office of Command Security instruction for TQM implementation. Keywords: TQM (Total Quality Management ), DLA Office of Command Security, Continuous process improvement, Automatic data processing security.

Cyber indicators of compromise: a domain ontology for security information and event management

DTIC Science & Technology

2017-03-01

COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT by Marsha D. Rowell March 2017 Thesis Co-Advisors: J. D...to automate this work is Security Information and Event Management (SIEM). In short, SIEM technology works by aggregating log information , and then...Distribution is unlimited. CYBER INDICATORS OF COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT Marsha D. Rowell

5 CFR 9701.313 - Homeland Security Compensation Committee.

Code of Federal Regulations, 2010 CFR

2010-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.313... Undersecretary for Management. The Compensation Committee has 14 members, including 4 officials of labor...

5 CFR 9701.520 - Standards of conduct for labor organizations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... organizations. 9701.520 Section 9701.520 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.520 Standards of...

Information Security Management - Part Of The Integrated Management System

NASA Astrophysics Data System (ADS)

Manea, Constantin Adrian

2015-07-01

The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

5 CFR 9701.334 - Setting and adjusting locality and special rate supplements.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Locality and...

44 CFR 8.3 - Senior FEMA official responsible for the information security program.

Code of Federal Regulations, 2011 CFR

2011-10-01

... responsible for the information security program. 8.3 Section 8.3 Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.3 Senior FEMA official responsible for the information security program. The Director of the Security...

5 CFR 9701.323 - Eligibility for pay increase associated with a rate range adjustment.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Setting and...

5 CFR 9701.335 - Eligibility for pay increase associated with a supplement adjustment.

Code of Federal Regulations, 2010 CFR

2010-01-01

... SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Locality and...

5 CFR 9701.103 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES..., to provide Governmentwide oversight in human resources management programs and practices. Department...

17 CFR 240.3b-14 - Definition of cash management securities activities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... derivative instruments or other financial instruments; (b) Cash management, in connection with any securities... § 240.15a-1 or any non-securities activities that involve eligible OTC derivative instruments or other... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Definition of cash management...

Security engineering: systems engineering of security through the adaptation and application of risk management

NASA Technical Reports Server (NTRS)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

5 CFR 9701.212 - Bands.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Structure § 9701.212 Bands. (a) For purposes of identifying...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.221 - Classification requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.221 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.221 Classification...

5 CFR 9701.601 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.601 Purpose. This subpart contains regulations prescribing...

5 CFR 9701.301 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... resources are allocated for the design, implementation, and administration of the performance management...

5 CFR 9701.211 - Occupational clusters.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.211 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Structure § 9701.211 Occupational clusters. For...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

5 CFR 9701.105 - Continuing collaboration.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Section 9701.105 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.105 Continuing collaboration. (a) In...

5 CFR 9701.609 - Proposal notice.

Code of Federal Regulations, 2010 CFR

2010-01-01

....609 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions Requirements for Furlough of 30 Days Or Less, Suspension...

5 CFR 9701.612 - Departmental record.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.612 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions Requirements for Furlough of 30 Days Or Less, Suspension...

5 CFR 9701.301 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration General § 9701.301 Purpose. (a) This subpart contains...

5 CFR 9701.603 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.603 Definitions. In this subpart: Adverse action means a...

5 CFR 9701.604 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions General § 9701.604 Coverage. (a) Actions covered. This subpart covers...

5 CFR 9701.107 - Program evaluation.

Code of Federal Regulations, 2010 CFR

2010-01-01

....107 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.107 Program evaluation. (a) DHS will establish...

Building a Practical Framework for Enterprise-Wide Security Management

DTIC Science & Technology

2004-04-28

management. They have found that current efforts to manage security vulnerabilities and security risks only take an enterprise so far, with results...analyzed reports to determine the cause of the increase. Slide 5 © 2004 by Carnegie Mellon University Version 1.0 Secure IT 2004 - page 5 Attack...Nearly 1 in 5 of those surveyed reported that none of their IT staff have any formal security training. [A survey of 896 Computing Technology

Wireless Distribution Systems To Support Medical Response to Disasters

PubMed Central

Arisoylu, Mustafa; Mishra, Rajesh; Rao, Ramesh; Lenert, Leslie A.

2005-01-01

We discuss the design of multi-hop access networks with multiple gateways that supports medical response to disasters. We examine and implement protocols to ensure high bandwidth, robust, self-healing and secure wireless multi-hop access networks for extreme conditions. Address management, path setup, gateway discovery and selection protocols are described. Future directions and plans are also considered. PMID:16779171

Evaluation of DoD Biological Safety and Security Implementation

DTIC Science & Technology

2016-04-27

biosecurity policy and directives, plans, orders, and guidance across DoD Component laboratories that were conducting research using biological select ...taken, • ensure that all BSAT laboratories are inspected regularly according to a standardized set of criteria , • coordinate external technical and...Biological Select Agent and Toxins laboratory inspections. Management Comments and Our Response The Under Secretary of Defense for Acquisition

Improving Land Armaments: Lessons from the Balkans. The U.S. Army Effort (Abbreviated)

DTIC Science & Technology

2004-09-01

NATO multinational force deployments ADF Automatic Direction Finder ADOCS Automated Deep Operations Coordination System ; a LAN system for...Management Information Systems TACSAT Tactical Satellite (for communications) Tactical circuit/message switch Automatic telephone switch used to... automatic crypto secured; the Netherlands’ automated tactical radio relay/telephone system that serves all HQs from corps to brigade ZOS Zone of

33 CFR 104.145 - Maritime Security (MARSEC) Directive.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC) Directive. 104.145 Section 104.145 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: VESSELS General § 104.145 Maritime Security (MARSEC...

33 CFR 105.145 - Maritime Security (MARSEC) Directive.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC) Directive. 105.145 Section 105.145 Navigation and Navigable Waters COAST GUARD, DEPARTMENT OF HOMELAND SECURITY MARITIME SECURITY MARITIME SECURITY: FACILITIES General § 105.145 Maritime Security (MARSEC...

49 CFR 1554.103 - Security Directives.

Code of Federal Regulations, 2014 CFR

2014-10-01

... necessary to respond to a threat assessment or to a specific threat against civil aviation, TSA issues a..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRCRAFT REPAIR STATION SECURITY Security Measures... each Security Directive TSA issues to the repair station within the time prescribed. Each repair...

49 CFR 1549.109 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SCREENING PROGRAM Operations § 1549.109 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify certified cargo screening facilities of security concerns. (b) When TSA...

49 CFR 1544.305 - Security Directives and Information Circulars.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Security Directives and Information Circulars... SECURITY: AIR CARRIERS AND COMMERCIAL OPERATORS Threat and Threat Response § 1544.305 Security Directives and Information Circulars. (a) TSA may issue an Information Circular to notify aircraft operators of...

31 CFR 357.25 - Security interests.

Code of Federal Regulations, 2010 CFR

2010-07-01

... BONDS, NOTES AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy Treasury Direct) § 357.25 Security interests. (a) General. The Department will not... 31 Money and Finance: Treasury 2 2010-07-01 2010-07-01 false Security interests. 357.25 Section...

Analysis of the Security and Privacy Requirements of Cloud-Based Electronic Health Records Systems

PubMed Central

Fernández, Gonzalo; López-Coronado, Miguel

2013-01-01

Background The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients’ medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. Objective To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. Methods To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Results Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Conclusions Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access and data breaches. Patients must be kept informed about how their data are being managed. PMID:23965254

Analysis of the security and privacy requirements of cloud-based electronic health records systems.

PubMed

Rodrigues, Joel J P C; de la Torre, Isabel; Fernández, Gonzalo; López-Coronado, Miguel

2013-08-21

The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients' medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access and data breaches. Patients must be kept informed about how their data are being managed.

Improving organisational resilience through enterprise security risk management.

PubMed

Petruzzi, John; Loyear, Rachelle

Enterprise Security Risk Management (ESRM) is a new philosophy and method of managing security programmes through the use of traditional risk principles. As a philosophy and life cycle, ESRM is focused on creating a business partnership between security practitioners and business leaders to more effectively provide protection against security risks in line with acceptable risk tolerances as defined by business asset owners and stakeholders. This paper explores the basics of the ESRM philosophy and life cycle and also shows how embracing the ESRM philosophy and implementing a risk-based security management model in the business organisation can lead to higher levels of organisational resilience as desired by organisation leaders, executives and the board of directors.

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-02-23

... risk of harm to economic or property interests, identity theft or fraud, or harm to the security or... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [Docket No. DHS-2009-0041] Privacy Act of 1974; Department of Homeland Security/ALL--023 Personnel Security Management System of Records AGENCY...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

[How to establish the hospital information system security policies].

PubMed

Gong, Qing-Yue; Shi, Cheng

2008-03-01

It is important to establish the hospital information system security policies. While these security policies are being established, a comprehensive consideration should be given to the acceptable levels of users, IT supporters and hospital managers. We should have a formal policy designing process that is consistently followed by all security policies. Reasons for establishing the security policies and their coverage and applicable objects should be stated clearly. Besides, each policy should define user's responsibilities and penalties of violation. Every organization will need some key policies, such as of information sources usage, remote access, information protection, perimeter security, and baseline host/device security. Security managing procedures are the mechanisms to enforce the policies. An incident-handling procedure is the most important security managing procedure for all organizations.

Security Requirements Management in Software Product Line Engineering

NASA Astrophysics Data System (ADS)

Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

5 CFR 9701.204 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification General § 9701.204 Definitions. In this subpart: Band means a work level or...

5 CFR 9701.204 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification General § 9701.204 Definitions. In this subpart: Band means a work level or...

5 CFR 9701.345 - Developmental pay adjustments.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 9701.345 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Performance-Based Pay § 9701.345...

5 CFR 9701.204 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification General § 9701.204 Definitions. In this subpart: Band means a work level or...

5 CFR 9701.345 - Developmental pay adjustments.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Section 9701.345 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Performance-Based Pay § 9701.345...

5 CFR 9701.204 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification General § 9701.204 Definitions. In this subpart: Band means a work level or...

5 CFR 9701.345 - Developmental pay adjustments.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Section 9701.345 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Performance-Based Pay § 9701.345...

5 CFR 9701.345 - Developmental pay adjustments.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Section 9701.345 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Performance-Based Pay § 9701.345...

5 CFR 9701.102 - Eligibility and coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Section 9701.102 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.102 Eligibility and coverage. (a) All...

5 CFR 9701.610 - Opportunity to reply.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.610 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Adverse Actions Requirements for Furlough of 30 Days Or Less, Suspension...

5 CFR 9701.325 - Treatment of employees whose rate of basic pay falls below the minimum rate of their band.

Code of Federal Regulations, 2010 CFR

2010-01-01

... DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay...

5 CFR 9701.104 - Scope of authority.

Code of Federal Regulations, 2010 CFR

2010-01-01

....104 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM General Provisions § 9701.104 Scope of authority. Subject to the requirements...

5 CFR 9701.314 - DHS responsibilities.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.314 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.314 DHS...

5 CFR 9701.336 - Treatment of employees whose pay does not fall below the minimum adjusted rate of their band.

Code of Federal Regulations, 2010 CFR

2010-01-01

... DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay...

5 CFR 9701.222 - Reconsideration of classification decisions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... decisions. 9701.222 Section 9701.222 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.222...

5 CFR 9701.361 - Special skills payments.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.361 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Special Payments § 9701.361 Special skills payments...

5 CFR 9701.343 - Within-band reductions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 9701.343 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Performance-Based Pay § 9701.343 Within-band...

5 CFR 9701.321 - Structure of bands.

Code of Federal Regulations, 2010 CFR

2010-01-01

....321 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Setting and Adjusting Rate Ranges § 9701.321...

5 CFR 9701.337 - Treatment of employees whose rate of pay falls below the minimum adjusted rate of their band.

Code of Federal Regulations, 2010 CFR

2010-01-01

... DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay...

31 CFR 357.26 - Direct Deposit.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy... security shall be by direct deposit unless it is deemed necessary by the Department to make payment by... account. Where the Legacy Treasury Direct ® securities account is in the name of individual(s) in their...

33 CFR 106.140 - Maritime Security (MARSEC) Directive.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 33 Navigation and Navigable Waters 1 2010-07-01 2010-07-01 false Maritime Security (MARSEC... SECURITY MARITIME SECURITY MARINE SECURITY: OUTER CONTINENTAL SHELF (OCS) FACILITIES General § 106.140 Maritime Security (MARSEC) Directive. All OCS facility owners or operators subject to this part must comply...

Managing information technology security risk

NASA Technical Reports Server (NTRS)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gibbs, P. W.

Secure Transport Management Course (STMC) course provides managers with information related to procedures and equipment used to successfully transport special nuclear material. This workshop outlines these procedures and reinforces the information presented with the aid of numerous practical examples. The course focuses on understanding the regulatory framework for secure transportation of special nuclear materials, identifying the insider and outsider threat(s) to secure transportation, organization of a secure transportation unit, management and supervision of secure transportation units, equipment and facilities required, training and qualification needed.

17 CFR 240.3b-15 - Definition of ancillary portfolio management securities activities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... governing body of the dealer and included in the internal risk management control system for the dealer... of incidental trading activities for portfolio management purposes; and (3) Are limited to risk... portfolio management securities activities. 240.3b-15 Section 240.3b-15 Commodity and Securities Exchanges...

2017 Joint Annual NDIA/AIA Industrial Security Committee Fall Conference

DTIC Science & Technology

2017-11-15

beyond credit data to offer the insights that government professionals need to make informed decisions and ensure citizen safety, manage compliance...business that provides information technology and professional services. We specialize in managing business processes and systems integration for both... Information Security System ISFD Industrial Security Facilities Database OBMS ODAA Business Management System STEPP Security, Training, Education and

5 CFR 9701.324 - Treatment of employees whose rate of basic pay does not fall below the minimum rate of their band.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and...

Birds of a Feather: Supporting Secure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Braswell III, H V

2006-04-24

Over the past few years Lawrence Livermore National Laboratory has begun the process of moving to a diskless environment in the Secure Computer Support realm. This movement has included many moving targets and increasing support complexity. We would like to set up a forum for Security and Support professionals to get together from across the Complex and discuss current deployments, lessons learned, and next steps. This would include what hardware, software, and hard copy based solutions are being used to manage Secure Computing. The topics to be discussed include but are not limited to: Diskless computing, port locking and management,more » PC, Mac, and Linux/UNIX support and setup, system imaging, security setup documentation and templates, security documentation and management, customer tracking, ticket tracking, software download and management, log management, backup/disaster recovery, and mixed media environments.« less

5 CFR 930.301 - Information systems security awareness training program.

Code of Federal Regulations, 2012 CFR

2012-01-01

... training in system/application life cycle management, risk management, and contingency planning. (4) Chief... security management, system/application life cycle management, risk management, and contingency planning... management; and management and implementation level training in system/application life cycle management...

75 FR 22151 - National Maritime Security Advisory Committee; Vacancies

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-27

... field are encouraged to apply: Port Operations Management/Port Authorities. Maritime Security Operations and Training. Marine Salvage Operations. Maritime Security Related Academics/Public Policy. Marine Facilities and Terminals Security Management. Vessel Owners/Operators. Maritime Labor. International and...

Homeland Security. Management Challenges Facing Federal Leadership

DTIC Science & Technology

2002-12-01

Security Management Challenges Facing Federal Leadership 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT...including attention to management practices and key success factors. HOMELAND SECURITY Management Challenges Facing Federal Leadership www.gao.gov/cgi...significant management and coordination challenges if it is to provide this leadership and be successful in preventing and responding to any future

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

PubMed

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

PubMed Central

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-01-01

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism. PMID:26694409

17 CFR 200.17 - Chief Management Analyst.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Chief Management Analyst. 200.17 Section 200.17 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION ORGANIZATION; CONDUCT AND ETHICS; AND INFORMATION AND REQUESTS Organization and Program Management General Organization...

77 FR 56662 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-13

... as new developments in systems engineering, cyber-security, knowledge management and how best to... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Science and... the Under Secretary on policies, management processes, and organizational constructs as needed. Agenda...

76 FR 41274 - Committee Name: Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-13

..., cyber-security, knowledge management and how best to leverage related technologies funded by other... Science and Technology Advisory Committee (HSSTAC) ACTION: Committee Management; Notice of Federal... Committee Management Secretariat, General Services Administration. Name of Committee: Homeland Security...

78 FR 66949 - Homeland Security Science and Technology Advisory Committee (HSSTAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-07

... Technology, such as new developments in systems engineering, cyber-security, knowledge management and how... Management; Notice of Federal Advisory Committee Meeting. SUMMARY: The Homeland Security Science and... also advises the Under Secretary on policies, management processes, and organizational constructs as...

5 CFR 9701.232 - Special transition rules for Federal Air Marshal Service.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Marshal Service. 9701.232 Section 9701.232 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Transitional Provisions § 9701.232...

5 CFR 9701.373 - Conversion of employees to the DHS pay system.

Code of Federal Regulations, 2010 CFR

2010-01-01

... system. 9701.373 Section 9701.373 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Transitional Provisions...

5 CFR 9701.374 - Special transition rules for Federal Air Marshal Service.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Marshal Service. 9701.374 Section 9701.374 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Transitional Provisions...

31 CFR 357.22 - Transfers.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy...-entry system, and TreasuryDirect ®. A security may also be transferred between accounts in Legacy... system. A transfer of a security from Legacy Treasury Direct to the commercial book-entry system is...

20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 20 Employees' Benefits 2 2014-04-01 2014-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or the...

20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 20 Employees' Benefits 2 2012-04-01 2012-04-01 false Other process directed to the Social Security Administration or the Commissioner. 423.3 Section 423.3 Employees' Benefits SOCIAL SECURITY ADMINISTRATION SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or the...

Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

PubMed

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-04-09

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

PubMed Central

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-01-01

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes. PMID:24721764

Defense in Depth: Foundation for Secure and Resilient IT Enterprises

DTIC Science & Technology

2006-09-01

Gabbard , D., & May, C. (2003). Outsourcing Managed Security Service. http://www.sei.cmu.edu/publications/documents/sims/sim012.html. 296 CMU/SEI...security_matters/2001/2q01/security-2q01.htm. [Allen 03] Allen, J., Gabbard , D., & May, C. Outsourcing Managed Security Service (CMU/SEI-SIM-012

75 FR 18841 - Office for Civil Rights; Privacy Act of 1974, Amended System of Records

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-13

... Privacy Act of 1974, Federal Information Security Management Act of 2002, Computer Security Act of 1987... 1974, Federal Information Security Management Act of 2002, Computer Security Act of 1987, the Paperwork... Oversight, the Chair of the Senate Committee on Homeland Security and Governmental Affairs, and the...

17 CFR 274.11A - Form N-1A, registration statement of open-end management investment companies.

Code of Federal Regulations, 2010 CFR

2010-04-01

... statement of open-end management investment companies. 274.11A Section 274.11A Commodity and Securities...(b) of the Investment Company Act of 1940 by open-end management investment companies other than... registration under the Securities Act of 1933 of the securities of all open-end management investment companies...

GPs' role security and therapeutic commitment in managing alcohol problems: a randomised controlled trial of a tailored improvement programme.

PubMed

Keurhorst, Myrna; van Beurden, Ivonne; Anderson, Peter; Heinen, Maud; Akkermans, Reinier; Wensing, Michel; Laurant, Miranda

2014-04-17

General practitioners with more positive role security and therapeutic commitment towards patients with hazardous or harmful alcohol consumption are more involved and manage more alcohol-related problems than others. In this study we evaluated the effects of our tailored multi-faceted improvement implementation programme on GPs' role security and therapeutic commitment and, in addition, which professional related factors influenced the impact of the implementation programme. In a cluster randomised controlled trial, 124 GPs from 82 Dutch general practices were randomised to either the intervention or control group. The tailored, multi-faceted programme included combined physician, organisation, and patient directed alcohol-specific implementation strategies to increase role security and therapeutic commitment in GPs. The control group was mailed the national guideline and patients received feedback letters. Questionnaires were completed before and 12 months after start of the programme. We performed linear multilevel regression analysis to evaluate effects of the implementation programme. Participating GPs were predominantly male (63%) and had received very low levels of alcohol related education before start of the study (0.4 h). The programme increased therapeutic commitment (p = 0.005; 95%-CI 0.13 - 0.73) but not role security (p = 0.58; 95%-CI -0.31 - 0.54). How important GPs thought it was to improve their care for problematic alcohol consumption, and the GPs' reported proportion of patients asked about alcohol consumption at baseline, contributed to the effect of the programme on therapeutic commitment. A tailored, multi-faceted programme aimed at improving GP management of patients with hazardous and harmful alcohol consumption improved GPs' therapeutic commitment towards patients with alcohol-related problems, but failed to improve GPs' role security. How important GPs thought it was to improve their care for problematic alcohol consumption, and the GPs' reported proportion of patients asked about alcohol consumption at baseline, both increased the impact of the programme on therapeutic commitment. It might be worthwhile to monitor proceeding of role security and therapeutic commitment throughout the year after the implementation programme, to see whether the programme is effective on short term but faded out on the longer term. ClinicalTrials.gov Identifier: NCT00298220.

ITIL{sup ®} and information security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Jašek, Roman; Králík, Lukáš; Popelka, Miroslav

2015-03-10

This paper discusses the context of ITIL framework and management of information security. It is therefore a summary study, where the first part is focused on the safety objectives in connection with the ITIL framework. First of all, there is a focus on ITIL process ISM (Information Security Management), its principle and system management. The conclusion is about link between standards, which are related to security, and ITIL framework.

FAA computer security : concerns remain due to personnel and other continuing weaknesses

DOT National Transportation Integrated Search

2000-08-01

FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

Implementing an Information Security Program

DOE Office of Scientific and Technical Information (OSTI.GOV)

Glantz, Clifford S.; Lenaeus, Joseph D.; Landine, Guy P.

The threats to information security have dramatically increased with the proliferation of information systems and the internet. Chemical, biological, radiological, nuclear, and explosives (CBRNe) facilities need to address these threats in order to protect themselves from the loss of intellectual property, theft of valuable or hazardous materials, and sabotage. Project 19 of the European Union CBRN Risk Mitigation Centres of Excellence Initiative is designed to help CBRN security managers, information technology/cybersecurity managers, and other decision-makers deal with these threats through the application of cost-effective information security programs. Project 19 has developed three guidance documents that are publically available to covermore » information security best practices, planning for an information security management system, and implementing security controls for information security.« less

6 CFR 25.7 - Litigation management.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Litigation management. 25.7 Section 25.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.7 Litigation management. (a) Liability for all claims...

6 CFR 25.7 - Litigation management.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Litigation management. 25.7 Section 25.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.7 Litigation management. (a) Liability for all claims...

6 CFR 25.7 - Litigation management.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Litigation management. 25.7 Section 25.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.7 Litigation management. (a) Liability for all claims...

6 CFR 25.7 - Litigation management.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Litigation management. 25.7 Section 25.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.7 Litigation management. (a) Liability for all claims...

5 CFR 9701.313 - Homeland Security Compensation Committee.

Code of Federal Regulations, 2011 CFR

2011-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Overview of Pay System § 9701.313... to provide options and/or recommendations for consideration by the Secretary or designee on strategic...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2013 CFR

2013-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2014 CFR

2014-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2012 CFR

2012-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

49 CFR 1548.11 - Training and knowledge for individuals with security-related duties.

Code of Federal Regulations, 2011 CFR

2011-10-01

...; (2) Applicable Security Directives and Information Circulars; (3) The approved airport security... Directives and Information Circulars; (4) The approved airport security program(s) applicable to their... security-related duties. 1548.11 Section 1548.11 Transportation Other Regulations Relating to...

Intelligent community management system based on the devicenet fieldbus

NASA Astrophysics Data System (ADS)

Wang, Yulan; Wang, Jianxiong; Liu, Jiwen

2013-03-01

With the rapid development of the national economy and the improvement of people's living standards, people are making higher demands on the living environment. And the estate management content, management efficiency and service quality have been higher required. This paper in-depth analyzes about the intelligent community of the structure and composition. According to the users' requirements and related specifications, it achieves the district management systems, which includes Basic Information Management: the management level of housing, household information management, administrator-level management, password management, etc. Service Management: standard property costs, property charges collecting, the history of arrears and other property expenses. Security Management: household gas, water, electricity and security and other security management, security management district and other public places. Systems Management: backup database, restore database, log management. This article also carries out on the Intelligent Community System analysis, proposes an architecture which is based on B / S technology system. And it has achieved a global network device management with friendly, easy to use, unified human - machine interface.

Synchronizing U.S. Government Efforts Toward Collaborative Health Care Policymaking in Iraq

DTIC Science & Technology

2010-03-01

Cerami and Boggs, eds., The Interagency and Counterinsurgency Warfare, pp. 25-46; see also Amanda Smith, “Strategic Communication: Interagency Rhetoric...Security Presidential Directive 44, Management of Interagency Efforts, December 7, 2005; see also Douglas C. Lovelace , Jr., “Foreword” in Greg Kaufmann...U.S. ARMY WAR COLLEGE Major General Robert M. Williams Commandant ***** STRATEGIC STUDIES INSTITUTE Director Professor Douglas C. Lovelace , Jr

78 FR 31402 - Safety Zones and Special Local Regulations; Recurring Marine Events in Captain of the Port Long...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-24

..., 073[deg]10'58'' W (NAD 83). 11 November 11.1 Charles W. Morgan Anniversary Date: A day during the... 213(a) of the Small Business Regulatory Enforcement Fairness Act of 1996 (Pub. L. 104-121), we want to... Department of Homeland Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide...

Policy Challenges of Accelerating Technological Change: Security Policy and Strategy Implications of Parallel Scientific Revolutions

DTIC Science & Technology

2014-09-01

generation, exotic storage technologies, smart power grid management, and better power sources for directed-energy weapons (DEW). Accessible partner nation...near term will help to mitigate risks and improve outcomes. 2 Forecasting typically extrapolates predictions based...eventually, diminished national power . Within this context, this paper examines policy, legal, ethical, and strategy implications for DoD from the impact

5 CFR 9701.408 - Developing performance and addressing poor performance.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.408...

Security Risks: Management and Mitigation in the Software Life Cycle

NASA Technical Reports Server (NTRS)

Gilliam, David P.

2004-01-01

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Sotfware Security Assessment Instrument (SSAI) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Airport Managers' Perspectives on Security and Safety Management Systems in Aviation Operations: A Multiple Case Study

NASA Astrophysics Data System (ADS)

Brown, Willie L., Jr.

Global terrorism continues to persist despite the great efforts of various countries to protect and safely secure their citizens. As airports form the entry and exit ports of a country, they are one of the most vulnerable locations to terror attacks. Managers of international airports constantly face similar challenges in developing and implementing airport security protocols. Consequently, the technological advances of today have brought both positive and negative impacts on security and terrorism of airports, which are mostly managed by the airport managers. The roles of the managers have greatly increased over the years due to technological advances. The developments in technology have had different roles in security, both in countering terrorism and, at the same time, increasing the communication methods of the terrorists. The purpose of this qualitative multiple case study was to investigate the perspectives of airport managers with regard to societal security and social interactions in the socio-technical systems of the National Terrorism Advisory System (NTAS). Through the data gained regarding managers' perception and experiences, the researcher hoped to enable the development of security measures and policies that are appropriate for airports as socio-technical systems. The researcher conducted interviews with airport managers to gather relevant data to fulfill the rationale of the study. Ten to twelve airport managers based in three commercial aviation airports in Maryland, United States participated in the study. The researcher used a qualitative thematic analysis procedure to analyze the data responses of participants in the interview sessions.

Analysis of information security management systems at 5 domestic hospitals with more than 500 beds.

PubMed

Park, Woo-Sung; Seo, Sun-Won; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-06-01

The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS.

Information security risk management for computerized health information systems in hospitals: a case study of Iran.

PubMed

Zarei, Javad; Sadoughi, Farahnaz

2016-01-01

In recent years, hospitals in Iran - similar to those in other countries - have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts' opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Information security risk management is not followed by Iran's hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran's Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran.

5 CFR 9701.355 - Setting pay upon movement to a different occupational cluster.

Code of Federal Regulations, 2010 CFR

2010-01-01

... occupational cluster. 9701.355 Section 9701.355 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Pay and Pay Administration Pay Administration § 9701...

Report: Fiscal Year 2011 Federal Information Security Management Act Report Status of EPA’s Computer Security Program

EPA Pesticide Factsheets

Report #12-P-0062, November 9, 2011. Attached is the Office of Inspector General’s (OIG’s) Fiscal Year 2011 Federal Information Security Management Act (FISMA) Reporting Template, as prescribed by the Office of Management and Budget (OMB).

Achieving Safety through Security Management

NASA Astrophysics Data System (ADS)

Ridgway, John

Whilst the achievement of safety objectives may not be possible purely through the administration of an effective Information Security Management System (ISMS), your job as safety manager will be significantly eased if such a system is in place. This paper seeks to illustrate the point by drawing a comparison between two of the prominent standards within the two disciplines of security and safety management.

Designing new institutions for implementing integrated disaster risk management: key elements and future directions.

PubMed

Gopalakrishnan, Chennat; Okada, Norio

2007-12-01

The goal of integrated disaster risk management is to promote an overall improvement in the quality of safety and security in a region, city or community at disaster risk. This paper presents the case for a thorough overhaul of the institutional component of integrated disaster risk management. A review of disaster management institutions in the United States indicates significant weaknesses in their ability to contribute effectively to the implementation of integrated disaster risk management. Our analysis and findings identify eight key elements for the design of dynamic new disaster management institutions. Six specific approaches are suggested for incorporating the identified key elements in building new institutions that would have significant potential for enhancing the effective implementation of integrated disaster risk management. We have developed a possible blueprint for effective design and construction of efficient, sustainable and functional disaster management institutions.

77 FR 31643 - Siltronic Corporation FAB1 Plant Including On-Site Leased Workers From Express Temporaries...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-29

... Secure Solutions USA, SBM Management Services, LP, ALSCO Portland Industrial, VWR International, Inc... G4S Secure Solutions USA, SBM Management Services, LP, Alsco Portland Industrial, VWR International... workers from Express Temporaries, Aerotek Commercial Staffing, G4S Secure Solutions USA, SBM Management...

41 CFR 109-38.202-50 - Security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false Security. 109-38.202-50 Section 109-38.202-50 Public Contracts and Property Management Federal Property Management Regulations....202-50 Security. Unissued license tags shall be stored in a locked drawer, cabinet, or storage area...

41 CFR 109-38.202-50 - Security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false Security. 109-38.202-50 Section 109-38.202-50 Public Contracts and Property Management Federal Property Management Regulations....202-50 Security. Unissued license tags shall be stored in a locked drawer, cabinet, or storage area...

41 CFR 109-38.202-50 - Security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Security. 109-38.202-50 Section 109-38.202-50 Public Contracts and Property Management Federal Property Management Regulations....202-50 Security. Unissued license tags shall be stored in a locked drawer, cabinet, or storage area...

41 CFR 109-38.202-50 - Security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false Security. 109-38.202-50 Section 109-38.202-50 Public Contracts and Property Management Federal Property Management Regulations....202-50 Security. Unissued license tags shall be stored in a locked drawer, cabinet, or storage area...

78 FR 16869 - Agency Information Collection Activities; Submission for OMB Review; Comment Request; Employee...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-19

... for OMB Review; Comment Request; Employee Retirement Income Security Act of 1974 Investment Manager... Retirement Income Security Act of 1974 Investment Manager Electronic Registration,'' to the Office of... order to meet the definition of investment manager under Employee Retirement Income Security Act of 1974...

17 CFR 204.55 - Change in notification to Financial Management Service.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false Change in notification to Financial Management Service. 204.55 Section 204.55 Commodity and Securities Exchanges SECURITIES AND... Financial Management Service. After the Commission sends FMS notification of an individual's liability for a...

41 CFR 102-192.80 - How do we develop written security policies and plans?

Code of Federal Regulations, 2014 CFR

2014-01-01

... service and/or the Federal Protective Service to develop agency mail security policies and plans. The... written security policies and plans? 102-192.80 Section 102-192.80 Public Contracts and Property Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION...

41 CFR 102-192.80 - How do we develop written security policies and plans?

Code of Federal Regulations, 2013 CFR

2013-07-01

... service and/or the Federal Protective Service to develop agency mail security policies and plans. The... written security policies and plans? 102-192.80 Section 102-192.80 Public Contracts and Property Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION...

41 CFR 102-192.80 - How do we develop written security policies and plans?

Code of Federal Regulations, 2012 CFR

2012-01-01

... service and/or the Federal Protective Service to develop agency mail security policies and plans. The... written security policies and plans? 102-192.80 Section 102-192.80 Public Contracts and Property Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION...

41 CFR 102-192.80 - How do we develop written security policies and plans?

Code of Federal Regulations, 2011 CFR

2011-01-01

... service and/or the Federal Protective Service to develop agency mail security policies and plans. The... written security policies and plans? 102-192.80 Section 102-192.80 Public Contracts and Property Management Federal Property Management Regulations System (Continued) FEDERAL MANAGEMENT REGULATION...

A Security Audit Framework to Manage Information System Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

ASIS healthcare security benchmarking study.

PubMed

2001-01-01

Effective security has aligned itself into the everyday operations of a healthcare organization. This is evident in every regional market segment, regardless of size, location, and provider clinical expertise or organizational growth. This research addresses key security issues from an acute care provider to freestanding facilities, from rural hospitals and community hospitals to large urban teaching hospitals. Security issues and concerns are identified and addressed daily by senior and middle management. As provider campuses become larger and more diverse, the hospitals surveyed have identified critical changes and improvements that are proposed or pending. Mitigating liabilities and improving patient, visitor, and/or employee safety are consequential to the performance and viability of all healthcare providers. Healthcare organizations have identified the requirement to compete for patient volume and revenue. The facility that can deliver high-quality healthcare in a comfortable, safe, secure, and efficient atmosphere will have a significant competitive advantage over a facility where patient or visitor security and safety is deficient. Continuing changes in healthcare organizations' operating structure and healthcare geographic layout mean changes in leadership and direction. These changes have led to higher levels of corporate responsibility. As a result, each organization participating in this benchmark study has added value and will derive value for the overall benefit of the healthcare providers throughout the nation. This study provides a better understanding of how the fundamental security needs of security in healthcare organizations are being addressed and its solutions identified and implemented.

The Design of Data Disaster Recovery of National Fundamental Geographic Information System

NASA Astrophysics Data System (ADS)

Zhai, Y.; Chen, J.; Liu, L.; Liu, J.

2014-04-01

With the development of information technology, data security of information system is facing more and more challenges. The geographic information of surveying and mapping is fundamental and strategic resource, which is applied in all areas of national economic, defence and social development. It is especially vital to national and social interests when such classified geographic information is directly concerning Chinese sovereignty. Several urgent problems that needs to be resolved for surveying and mapping are how to do well in mass data storage and backup, establishing and improving the disaster backup system especially after sudden natural calamity accident, and ensuring all sectors rapidly restored on information system will operate correctly. For overcoming various disaster risks, protect the security of data and reduce the impact of the disaster, it's no doubt the effective way is to analysis and research on the features of storage and management and security requirements, as well as to ensure that the design of data disaster recovery system suitable for the surveying and mapping. This article analyses the features of fundamental geographic information data and the requirements of storage management, three site disaster recovery system of DBMS plan based on the popular network, storage and backup, data replication and remote switch of application technologies. In LAN that synchronous replication between database management servers and the local storage of backup management systems, simultaneously, remote asynchronous data replication between local storage backup management systems and remote database management servers. The core of the system is resolving local disaster in the remote site, ensuring data security and business continuity of local site. This article focuses on the following points: background, the necessity of disaster recovery system, the analysis of the data achievements and data disaster recovery plan. Features of this program is to use a hardware-based data hot backup, and remote online disaster recovery support for Oracle database system. The achievement of this paper is in summarizing and analysing the common characteristics of disaster of surveying and mapping business system requirements, while based on the actual situation of the industry, designed the basic GIS disaster recovery solutions, and we also give the conclusions about key technologies of RTO and RPO.

78 FR 69861 - Privacy Act of 1974; Department of Homeland Security, Federal Emergency Management Agency...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-21

... DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [DHS-2013-0073] Privacy Act of 1974; Department of Homeland Security, Federal Emergency Management Agency, Federal Government--001 National Defense Executive Reserve System of Records AGENCY: Department of Homeland Security, Privacy Office...

14 CFR 380.34a - Substitution of direct air carrier's security or depository agreement.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 14 Aeronautics and Space 4 2014-01-01 2014-01-01 false Substitution of direct air carrier's... Applicable to Charter Operators § 380.34a Substitution of direct air carrier's security or depository agreement. (a) A direct air carrier may substitute its own security agreement and/or depository arrangements...

14 CFR 380.34a - Substitution of direct air carrier's security or depository agreement.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 14 Aeronautics and Space 4 2010-01-01 2010-01-01 false Substitution of direct air carrier's... Applicable to Charter Operators § 380.34a Substitution of direct air carrier's security or depository agreement. (a) A direct air carrier may substitute its own security agreement and/or depository arrangements...

14 CFR 380.34a - Substitution of direct air carrier's security or depository agreement.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 14 Aeronautics and Space 4 2012-01-01 2012-01-01 false Substitution of direct air carrier's... Applicable to Charter Operators § 380.34a Substitution of direct air carrier's security or depository agreement. (a) A direct air carrier may substitute its own security agreement and/or depository arrangements...

14 CFR 380.34a - Substitution of direct air carrier's security or depository agreement.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 14 Aeronautics and Space 4 2011-01-01 2011-01-01 false Substitution of direct air carrier's... Applicable to Charter Operators § 380.34a Substitution of direct air carrier's security or depository agreement. (a) A direct air carrier may substitute its own security agreement and/or depository arrangements...

14 CFR 380.34a - Substitution of direct air carrier's security or depository agreement.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 14 Aeronautics and Space 4 2013-01-01 2013-01-01 false Substitution of direct air carrier's... Applicable to Charter Operators § 380.34a Substitution of direct air carrier's security or depository agreement. (a) A direct air carrier may substitute its own security agreement and/or depository arrangements...

31 CFR 363.37 - How do I purchase and make payment for eligible Treasury securities through my TreasuryDirect...

Code of Federal Regulations, 2013 CFR

2013-07-01

... Treasury securities through my TreasuryDirect ® account? (a) Online purchase. Purchases of eligible Treasury securities through your TreasuryDirect account must be made online. (b) Payment for savings bonds...

31 CFR 363.37 - How do I purchase and make payment for eligible Treasury securities through my TreasuryDirect...

Code of Federal Regulations, 2010 CFR

2010-07-01

... eligible Treasury securities through my TreasuryDirect ® account? (a) Online purchase. Purchases of eligible Treasury securities through your TreasuryDirect account must be made online. (b) Payment for...

31 CFR 363.37 - How do I purchase and make payment for eligible Treasury securities through my TreasuryDirect...

Code of Federal Regulations, 2014 CFR

2014-07-01

... eligible Treasury securities through my TreasuryDirect ® account? (a) Online purchase. Purchases of eligible Treasury securities through your TreasuryDirect account must be made online. (b) Payment for...

31 CFR 363.37 - How do I purchase and make payment for eligible Treasury securities through my TreasuryDirect...

Code of Federal Regulations, 2011 CFR

2011-07-01

... Treasury securities through my TreasuryDirect ® account? (a) Online purchase. Purchases of eligible Treasury securities through your TreasuryDirect account must be made online. (b) Payment for savings bonds...

31 CFR 363.37 - How do I purchase and make payment for eligible Treasury securities through my TreasuryDirect...

Code of Federal Regulations, 2012 CFR

2012-07-01

... Treasury securities through my TreasuryDirect ® account? (a) Online purchase. Purchases of eligible Treasury securities through your TreasuryDirect account must be made online. (b) Payment for savings bonds...

5 CFR 9701.510 - Powers and duties of the Federal Labor Relations Authority.

Code of Federal Regulations, 2010 CFR

2010-01-01

... HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.510...

Assessing the Impact of Urbanization on Direct Runoff Using Improved Composite CN Method in a Large Urban Area.

PubMed

Li, Chunlin; Liu, Miao; Hu, Yuanman; Shi, Tuo; Zong, Min; Walter, M Todd

2018-04-17

Urbanization is one of the most widespread anthropogenic activities, which brings a range of physical and biochemical changes to hydrological system and processes. Increasing direct runoff caused by land use change has become a major challenge for urban ecological security. Reliable prediction of the quantity and rate of surface runoff is an inherently difficult and time-consuming task for large ungauged urban areas. In this study, we combined Geographic Information System and remote sensing technology with an improved Soil Conservation Service curve number model to evaluate the effects of land use change on direct runoff volume of the four-ring area in Shenyang, China, and analyzed trends of direct runoff at different scales. Through analyzing trends of direct runoff from 1984 to 2015 at different scales, we explored how urbanization and other potential factors affect direct runoff changes. Total direct runoff volume increased over time, and trends varied from the inner urban area to suburban area. Zones 1 and 2 had a tendency toward decreasing direct runoff volume and risks, while Zones 3 and 4 showed gradual increases at both regional and pixel scales. The most important influence on direct runoff change was urban surface change caused by urbanization. This study presents a framework for identifying hotspots of runoff increase, which can provide important guidance to urban managers in future green infrastructure planning, in the hopes of improving the security of urban water ecological patterns.

Assessing the Impact of Urbanization on Direct Runoff Using Improved Composite CN Method in a Large Urban Area

PubMed Central

Li, Chunlin; Liu, Miao; Hu, Yuanman; Shi, Tuo; Zong, Min; Walter, M. Todd

2018-01-01

Urbanization is one of the most widespread anthropogenic activities, which brings a range of physical and biochemical changes to hydrological system and processes. Increasing direct runoff caused by land use change has become a major challenge for urban ecological security. Reliable prediction of the quantity and rate of surface runoff is an inherently difficult and time-consuming task for large ungauged urban areas. In this study, we combined Geographic Information System and remote sensing technology with an improved Soil Conservation Service curve number model to evaluate the effects of land use change on direct runoff volume of the four-ring area in Shenyang, China, and analyzed trends of direct runoff at different scales. Through analyzing trends of direct runoff from 1984 to 2015 at different scales, we explored how urbanization and other potential factors affect direct runoff changes. Total direct runoff volume increased over time, and trends varied from the inner urban area to suburban area. Zones 1 and 2 had a tendency toward decreasing direct runoff volume and risks, while Zones 3 and 4 showed gradual increases at both regional and pixel scales. The most important influence on direct runoff change was urban surface change caused by urbanization. This study presents a framework for identifying hotspots of runoff increase, which can provide important guidance to urban managers in future green infrastructure planning, in the hopes of improving the security of urban water ecological patterns. PMID:29673182

Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

NASA Technical Reports Server (NTRS)

Tompkins, F. G.

1983-01-01

The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

17 CFR 249.325 - Form 13F, report of institutional investment manager pursuant to section 13(f) of the Securities...

Code of Federal Regulations, 2010 CFR

2010-04-01

... institutional investment manager pursuant to section 13(f) of the Securities Exchange Act of 1934. 249.325... manager pursuant to section 13(f) of the Securities Exchange Act of 1934. This form shall be used by institutional investment managers which are required to furnish reports pursuant to section 13(f) of the...

Water security-National and global issues

USGS Publications Warehouse

Tindall, James A.; Campbell, Andrew A.

2010-01-01

Potable or clean freshwater availability is crucial to life and economic, environmental, and social systems. The amount of freshwater is finite and makes up approximately 2.5 percent of all water on the Earth. Freshwater supplies are small and randomly distributed, so water resources can become points of conflict. Freshwater availability depends upon precipitation patterns, changing climate, and whether the source of consumed water comes directly from desalination, precipitation, or surface and (or) groundwater. At local to national levels, difficulties in securing potable water sources increase with growing populations and economies. Available water improves living standards and drives urbanization, which increases average water consumption per capita. Commonly, disruptions in sustainable supplies and distribution of potable water and conflicts over water resources become major security issues for Government officials. Disruptions are often influenced by land use, human population, use patterns, technological advances, environmental impacts, management processes and decisions, transnational boundaries, and so forth.

Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

NASA Astrophysics Data System (ADS)

Ahmad, Mushtaq

Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

Security Management Strategies for Protecting Your Library's Network.

ERIC Educational Resources Information Center

Ives, David J.

1996-01-01

Presents security procedures for protecting a library's computer system from potential threats by patrons or personnel, and describes how security can be breached. A sidebar identifies four areas of concern in security management: the hardware, the operating system, the network, and the user interface. A selected bibliography of sources on…

School Security Assessment Programme in Australia

ERIC Educational Resources Information Center

Marrapodi, John

2007-01-01

This article describes a successful security risk management programme in Australia. The state-wide programme follows a structured risk management approach focusing on the safety and security of people, information, provision, and assets in the school environment. To assist school principals, a Security Risk Assessment Programme was developed on a…

Information security risk management for computerized health information systems in hospitals: a case study of Iran

PubMed Central

Zarei, Javad; Sadoughi, Farahnaz

2016-01-01

Background In recent years, hospitals in Iran – similar to those in other countries – have experienced growing use of computerized health information systems (CHISs), which play a significant role in the operations of hospitals. But, the major challenge of CHIS use is information security. This study attempts to evaluate CHIS information security risk management at hospitals of Iran. Materials and methods This applied study is a descriptive and cross-sectional research that has been conducted in 2015. The data were collected from 551 hospitals of Iran. Based on literature review, experts’ opinion, and observations at five hospitals, our intensive questionnaire was designed to assess security risk management for CHISs at the concerned hospitals, which was then sent to all hospitals in Iran by the Ministry of Health. Results Sixty-nine percent of the studied hospitals pursue information security policies and procedures in conformity with Iran Hospitals Accreditation Standards. At some hospitals, risk identification, risk evaluation, and risk estimation, as well as risk treatment, are unstructured without any specified approach or methodology. There is no significant structured approach to risk management at the studied hospitals. Conclusion Information security risk management is not followed by Iran’s hospitals and their information security policies. This problem can cause a large number of challenges for their CHIS security in future. Therefore, Iran’s Ministry of Health should develop practical policies to improve information security risk management in the hospitals of Iran. PMID:27313481

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

PubMed Central

Park, Woo-Sung; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-01-01

Objectives The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. Methods The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. Results With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. Conclusions The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS. PMID:21818429

78 FR 39302 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-01

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2013-0008... addressed to the Desk Officer for the Department of Homeland Security, Federal Emergency Management Agency... Management Agency, Department of Homeland Security. [FR Doc. 2013-15646 Filed 6-28-13; 8:45 am] BILLING CODE...

41 CFR 109-40.305-50 - Negotiations involving national security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 41 Public Contracts and Property Management 3 2013-07-01 2013-07-01 false Negotiations involving national security. 109-40.305-50 Section 109-40.305-50 Public Contracts and Property Management Federal... Management § 109-40.305-50 Negotiations involving national security. Title 49 U.S.C., section 10721(b)(2...

41 CFR 109-40.305-50 - Negotiations involving national security.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 41 Public Contracts and Property Management 3 2011-01-01 2011-01-01 false Negotiations involving national security. 109-40.305-50 Section 109-40.305-50 Public Contracts and Property Management Federal... Management § 109-40.305-50 Negotiations involving national security. Title 49 U.S.C., section 10721(b)(2...

41 CFR 109-40.305-50 - Negotiations involving national security.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 41 Public Contracts and Property Management 3 2012-01-01 2012-01-01 false Negotiations involving national security. 109-40.305-50 Section 109-40.305-50 Public Contracts and Property Management Federal... Management § 109-40.305-50 Negotiations involving national security. Title 49 U.S.C., section 10721(b)(2...

41 CFR 109-40.305-50 - Negotiations involving national security.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 41 Public Contracts and Property Management 3 2010-07-01 2010-07-01 false Negotiations involving national security. 109-40.305-50 Section 109-40.305-50 Public Contracts and Property Management Federal... Management § 109-40.305-50 Negotiations involving national security. Title 49 U.S.C., section 10721(b)(2...

41 CFR 109-40.305-50 - Negotiations involving national security.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 41 Public Contracts and Property Management 3 2014-01-01 2014-01-01 false Negotiations involving national security. 109-40.305-50 Section 109-40.305-50 Public Contracts and Property Management Federal... Management § 109-40.305-50 Negotiations involving national security. Title 49 U.S.C., section 10721(b)(2...

Expanded managed care liability: what impact on employer coverage?

PubMed

Studdert, D M; Sage, W M; Gresenz, C R; Hensler, D R

1999-01-01

Policymakers are considering legislative changes that would increase managed care organizations' exposure to civil liability for withholding coverage or failing to deliver needed care. Using a combination of empirical information and theoretical analysis, we assess the likely responses of health plans and Employee Retirement Income Security Act (ERISA) plan sponsors to an expansion of liability, and we evaluate the policy impact of those moves. We conclude that the direct costs of liability are uncertain but that the prospect of litigation may have other important effects on coverage decision making, information exchange, risk contracting, and the extent of employers' involvement in health coverage.

The ISACA Business Model for Information Security: An Integrative and Innovative Approach

NASA Astrophysics Data System (ADS)

von Roessing, Rolf

In recent years, information security management has matured into a professional discipline that covers both technical and managerial aspects in an organisational environment. Information security is increasingly dependent on business-driven parameters and interfaces to a variety of organisational units and departments. In contrast, common security models and frameworks have remained largely technical. A review of extant models ranging from [LaBe73] to more recent models shows that technical aspects are covered in great detail, while the managerial aspects of security are often neglected.Likewise, the business view on organisational security is frequently at odds with the demands of information security personnel or information technology management. In practice, senior and executive level management remain comparatively distant from technical requirements. As a result, information security is generally regarded as a cost factor rather than a benefit to the organisation.

A 3S Risk ?3SR? Assessment Approach for Nuclear Power: Safety Security and Safeguards.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Forrest, Robert; Reinhardt, Jason Christian; Wheeler, Timothy A.

Safety-focused risk analysis and assessment approaches struggle to adequately include malicious, deliberate acts against the nuclear power industry's fissile and waste material, infrastructure, and facilities. Further, existing methods do not adequately address non- proliferation issues. Treating safety, security, and safeguards concerns independently is inefficient because, at best, it may not take explicit advantage of measures that provide benefits against multiple risk domains, and, at worst, it may lead to implementations that increase overall risk due to incompatibilities. What is needed is an integrated safety, security and safeguards risk (or "3SR") framework for describing and assessing nuclear power risks that canmore » enable direct trade-offs and interactions in order to inform risk management processes -- a potential paradigm shift in risk analysis and management. These proceedings of the Sandia ePRA Workshop (held August 22-23, 2017) are an attempt to begin the discussions and deliberations to extend and augment safety focused risk assessment approaches to include security concerns and begin moving towards a 3S Risk approach. Safeguards concerns were not included in this initial workshop and are left to future efforts. This workshop focused on four themes in order to begin building out a the safety and security portions of the 3S Risk toolkit: 1. Historical Approaches and Tools 2. Current Challenges 3. Modern Approaches 4. Paths Forward and Next Steps This report is organized along the four areas described above, and concludes with a summary of key points. 2 Contact: rforres@sandia.gov; +1 (925) 294-2728« less

Food insecurity and diabetes self-management among food pantry clients.

PubMed

Ippolito, Matthew M; Lyles, Courtney R; Prendergast, Kimberly; Marshall, Michelle Berger; Waxman, Elaine; Seligman, Hilary Kessler

2017-01-01

To examine the association between level of food security and diabetes self-management among food pantry clients, which is largely not possible using clinic-based sampling methods. Cross-sectional descriptive study. Community-based food pantries in California, Ohio and Texas, USA, from March 2012 through March 2014. Convenience sample of adults with diabetes queuing at pantries (n 1237; 83 % response). Sampled adults were stratified as food secure, low food secure or very low food secure. We used point-of-care glycated Hb (HbA1c) testing to determine glycaemic control and captured diabetes self-management using validated survey items. The sample was 70 % female, 55 % Latino/Hispanic, 25 % white and 10 % black/African American, with a mean age of 56 years. Eighty-four per cent were food insecure, one-half of whom had very low food security. Mean HbA1c was 8·1 % and did not vary significantly by food security status. In adjusted models, very-low-food-secure participants, compared with both low-food-secure and food-secure participants, had poorer diabetes self-efficacy, greater diabetes distress, greater medication non-adherence, higher prevalence of severe hypoglycaemic episodes, higher prevalence of depressive symptoms, more medication affordability challenges, and more food and medicine or health supply trade-offs. Few studies of the health impact of food security have been able to examine very low food security. In a food pantry sample with high rates of food insecurity, we found that diabetes self-management becomes increasingly difficult as food security worsens. The efficacy of interventions to improve diabetes self-management may increase if food security is simultaneously addressed.

Insider Threat and Information Security Management

NASA Astrophysics Data System (ADS)

Coles-Kemp, Lizzie; Theoharidou, Marianthi

The notion of insider has multiple facets. An organization needs to identify which ones to respond to. The selection, implementetion and maintenance of information security countermeasures requires a complex combination of organisational policies, functions and processes, which form Information Security Management. This chapter examines the role of current information security management practices in addressing the insider threat. Most approaches focus on frameworks for regulating insider behaviour and do not allow for the various cultural responses to the regulatory and compliance framework. Such responses are not only determined by enforcement of policies and awareness programs, but also by various psychological and organisational factors at an individual or group level. Crime theories offer techniques that focus on such cultural responses and can be used to enhance the information security management design. The chapter examines the applicability of several crime theories and concludes that they can contribute in providing additional controls and redesign of information security management processes better suited to responding to the insider threat.

5 CFR 9701.222 - Reconsideration of classification decisions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.222...

5 CFR 9701.222 - Reconsideration of classification decisions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.222...

5 CFR 9701.222 - Reconsideration of classification decisions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.222...

5 CFR 9701.222 - Reconsideration of classification decisions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Classification Classification Process § 9701.222...

Structuring the Chief Information Security Officer Organization

DTIC Science & Technology

2015-09-07

GP9 Objectively Evaluate Adherence CERT-RMM HRM Human Resource Management CERT-RMM ID Identity Management CERT-RMM IMC Incident Management and...Detect, triage, analyze, respond to, and recover from suspicious events and security incidents Security incident management IMC IR IR-1, IR- 2, IR-3...2015-TN-007 | SOFTWARE ENGINEERING INSTITUTE | CARNEGIE MELLON UNIVERSITY 6 Table 2: Source Acronyms3 CERT-RMM NIST 800-53 C2M2 IMC Incident

Analyzing Cases of Resilience Success and Failure - A Research Study

DTIC Science & Technology

2012-12-01

controls [NIST 2012, NIST 2008] ISO 27002 and ISO 27004 Guidelines for initiating, implementing, maintaining, and improving information security...Commission ( ISO /IEC). Information technology—Security techniques—Code of practice for information security management ( ISO /IEC 27002 :2005). ISO /IEC, 2005...security management system and controls or groups of controls [ ISO /IEC 2005, ISO /IEC 2009] CIS Security Metrics Outcome and practice metrics measuring

76 FR 37690 - Special Local Regulations and Safety Zones; Recurring Events in Captain of the Port Boston Zone

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-28

... section 213(a) of the Small Business Regulatory Enforcement Fairness Act of 1996 (Pub. L. 104-121), we... Security Management Directive 023-01 and Commandant Instruction M16475.lD, which guide the Coast Guard in... Sheep's Island within the following points (NAD 83): 42[deg]18.3' N, 070[deg]55.8' W. 42[deg]18.3' N...

A Survey on Trust Management for Mobile Ad Hoc Networks

DTIC Science & Technology

2011-11-01

expects, trust is dangerous implying the possible betrayal of trust. In his comments on Lagerspetz’s book titled Trust: The Tacit Demand, Lahno [24...AODV Zouridaki et al. (2005 ) [79] (2006) [80] Secure routing Direct observation [79][80] Reputation by secondhand information [80] Packet dropping...areas of signal processing, wireless communications, sensor and mobile ad hoc networks. He is co-editor of the book Wireless Sensor Networks: Signal

Global Networks: Emerging Constraints on Strategy (Defense Horizons, July 2004)

DTIC Science & Technology

2004-07-01

that will have a substantial and long-term economic impact , as well as political, social , and security implications.28 This is not just about selling...fundamentally, the economic, social , and political relationships premised on them change as well. Historical forces drive the system to a new...telecommunications network design. These are not sweatshops . Working conditions at India’s IT develop- ment companies—whether managed directly by Western

Improving the All-Hazards Homeland Security Enterprise Through the Use of an Emergency Management Intelligence Model

DTIC Science & Technology

2013-09-01

Office of the Inspector General OSINT Open Source Intelligence PPD Presidential Policy Directive SIGINT Signals Intelligence SLFC State/Local Fusion...Geospatial Intelligence (GEOINT) from Geographic Information Systems (GIS), and Open Source Intelligence ( OSINT ) from Social Media. GIS is widely...and monitor make it a feasible tool to capitalize on for OSINT . A formalized EM intelligence process would help expedite the processing of such

Troubled Partnership. A History of U.S.-Japan Collaboration on the

DTIC Science & Technology

1995-01-01

and intellectual contributions of Project AIR FORCE managers, particularly Michael Kennedy, Dennis Smallwood , Jeff Drezner, and Robert Roll. Cindy...June 14-20, 1993b. Lerner, Preston, "Stall Tactics," Air & Space, April/May 1991. Levin, Norman D., Japan’s Changing Defense Posture, Santa...Monica, Calif: RAND, N-2739-OSD, 1988. Levin, Norman D., Mark Lorell, and Arthur Alexander, The Wary Warriors: Future Directions in Japanese Security

5 CFR 9701.401 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... adequate resources are allocated for the design, implementation, and administration of the performance...

Securing PCs and Data in Libraries and Schools: A Handbook with Menuing, Anti-Virus, and Other Protective Software.

ERIC Educational Resources Information Center

Benson, Allen C.

This handbook is designed to help readers identify and eliminate security risks, with sound recommendations and library-tested security software. Chapter 1 "Managing Your Facilities and Assessing Your Risks" addresses fundamental management responsibilities including planning for a secure system, organizing computer-related information, assessing…

Computer and Network Security in Small Libraries: A Guide for Planning.

ERIC Educational Resources Information Center

Williams, Robert L.

This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

Management of Security Services in Higher Education. National Report.

ERIC Educational Resources Information Center

Higher Education Funding Council for Wales, Cardiff.

This report, the seventh in a series from the Value for Money Steering Group, identifies the key management issues for governors, senior managers, and heads of security services at institutions of higher education in the United Kingdom in developing and reviewing security services to ensure that they are effective and provide value for money.…

The adoption of IT security standards in a healthcare environment.

PubMed

Gomes, Rui; Lapão, Luís Velez

2008-01-01

Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just such a guarantee, increasing patient and partner confidence. This paper introduces one best practice for implementing four security controls in a hospital datacenter infrastructure (ISO27002), and describes the security assessment for implementing such controls.

Concepts for a standard based cross-organisational information security management system in the context of a nationwide EHR.

PubMed

Mense, Alexander; Hoheiser-Pförtner, Franz; Schmid, Martin; Wahl, Harald

2013-01-01

Working with health related data necessitates appropriate levels of security and privacy. Information security, meaning ensuring confidentiality, integrity, and availability, is more organizational, than technical in nature. It includes many organizational and management measures, is based on well-defined security roles, processes, and documents, and needs permanent adaption of security policies, continuously monitoring, and measures assessment. This big challenge for any organization leads to implementation of an information security management system (ISMS). In the context of establishing a regional or national electronic health record for integrated care (ICEHR), the situation is worse. Changing the medical information exchange from on-demand peer-to-peer connections to health information networks requires all organizations participating in the EHR system to have consistent security levels and to follow the same security guidelines and rules. Also, the implementation must be monitored and audited, establishing cross-organizational information security management systems (ISMS) based on international standards. This paper evaluates requirements and defines basic concepts for an ISO 27000 series-based cross-organizational ISMS in the healthcare domain and especially for the implementation of the nationwide electronic health record in Austria (ELGA).

44 CFR 334.2 - Policy.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY... government to meet essential defense and civilian needs during any national security emergency. Accordingly, each Federal department and agency shall prepare its national security emergency preparedness plans and...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability. Contracting Officers are responsible for ensuring that all information technology acquisitions comply with the Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

48 CFR 339.7102 - Applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Section 339.7102 Federal Acquisition Regulations System HEALTH AND HUMAN SERVICES SPECIAL CATEGORIES OF CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7102 Applicability... Federal Information Security Management Act (FISMA), the HHS-OCIO Information Systems Security and Privacy...

5 CFR 9701.501 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES... Department's mission foremost in mind. The regulations also recognize the rights of DHS employees to organize...

How to implement security controls for an information security program at CBRN facilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lenaeus, Joseph D.; O'Neil, Lori Ross; Leitch, Rosalyn M.

This document was prepared by PNNL within the framework of Project 19 of the European Union Chemical Biological Radiological and Nuclear Risk Mitigation Centres of Excellence Initiative entitled, ''Development of procedures and guidelines to create and improve secure information management systems and data exchange mechanisms for CBRN materials under regulatory control.'' It provides management and workers at CBRN facilities, parent organization managers responsible for those facilities, and regulatory agencies (governmental and nongovernmental) with guidance on the best practices for protecting information security. The security mitigation approaches presented in this document were chosen because they present generally accepted guidance in anmore » easy-to-understand manner, making it easier for facility personnel to grasp key concepts and envision how security controls could be implemented by the facility. This guidance is presented from a risk management perspective.« less

Symmetric Link Key Management for Secure Neighbor Discovery in a Decentralized Wireless Sensor Network

DTIC Science & Technology

2017-09-01

and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2. REPORT...KEY MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK by Kelvin T. Chew September 2017 Thesis Advisor...DATE September 2017 3. REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE SYMMETRIC LINK KEY MANAGEMENT FOR SECURE NEIGHBOR

Strengthening the Security of ESA Ground Data Systems

NASA Astrophysics Data System (ADS)

Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

2013-08-01

A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

On Business-Driven IT Security Management and Mismatches between Security Requirements in Firms, Industry Standards and Research Work

NASA Astrophysics Data System (ADS)

Frühwirth, Christian

Industry managers have long recognized the vital importance of information security for their businesses, but at the same time they perceived security as a technology-driven rather then a business-driven field. Today, this notion is changing and security management is shifting from technology- to business-oriented approaches. Whereas there is evidence of this shift in the literature, this paper argues that security standards and academic work have not yet taken it fully into account. We examine whether this disconnect has lead to a misalignment of IT security requirements in businesses versus industry standards and academic research. We conducted 13 interviews with practitioners from 9 different firms to investigate this question. The results present evidence for a significant gap between security requirements in industry standards and actually reported security vulnerabilities. We further find mismatches between the prioritization of security factors in businesses, standards and real-world threats. We conclude that security in companies serves the business need of protecting information availability to keep the business running at all times.

In acceptance we trust? Conceptualising acceptance as a viable approach to NGO security management.

PubMed

Fast, Larissa A; Freeman, C Faith; O'Neill, Michael; Rowley, Elizabeth

2013-04-01

This paper documents current understanding of acceptance as a security management approach and explores issues and challenges non-governmental organisations (NGOs) confront when implementing an acceptance approach to security management. It argues that the failure of organisations to systematise and clearly articulate acceptance as a distinct security management approach and a lack of organisational policies and procedures concerning acceptance hinder its efficacy as a security management approach. The paper identifies key and cross-cutting components of acceptance that are critical to its effective implementation in order to advance a comprehensive and systematic concept of acceptance. The key components of acceptance illustrate how organisational and staff functions affect positively or negatively an organisation's acceptance, and include: an organisation's principles and mission, communications, negotiation, programming, relationships and networks, stakeholder and context analysis, staffing, and image. The paper contends that acceptance is linked not only to good programming, but also to overall organisational management and structures. © 2013 The Author(s). Journal compilation © Overseas Development Institute, 2013.

Laboratory directed research and development fy1999 annual report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Al-Ayat, R A

2000-04-11

The Lawrence Livermore National Laboratory (LLNL) was founded in 1952 and has been managed since its inception by the University of California (UC) for the U.S. Department of Energy (DOE). Because of this long association with UC, the Laboratory has been able to recruit a world-class workforce, establish an atmosphere of intellectual freedom and innovation, and achieve recognition in relevant fields of knowledge as a scientific and technological leader. This environment and reputation are essential for sustained scientific and technical excellence. As a DOE national laboratory with about 7,000 employees, LLNL has an essential and compelling primary mission to ensuremore » that the nation's nuclear weapons remain safe, secure, and reliable and to prevent the spread and use of nuclear weapons worldwide. The Laboratory receives funding from the DOE Assistant Secretary for Defense Programs, whose focus is stewardship of our nuclear weapons stockpile. Funding is also provided by the Deputy Administrator for Defense Nuclear Nonproliferation, many Department of Defense sponsors, other federal agencies, and the private sector. As a multidisciplinary laboratory, LLNL has applied its considerable skills in high-performance computing, advanced engineering, and the management of large research and development projects to become the science and technology leader in those areas of its mission responsibility. The Laboratory Directed Research and Development (LDRD) Program was authorized by the U.S. Congress in 1984. The Program allows the Director of each DOE laboratory to fund advanced, creative, and innovative research and development (R&D) activities that will ensure scientific and technical vitality in the continually evolving mission areas at DOE and the Laboratory. In addition, the LDRD Program provides LLNL with the flexibility to nurture and enrich essential scientific and technical competencies, which attract the most qualified scientists and engineers. The LDRD Program also enables many collaborations with the scientific community in academia, national and international laboratories, and industry. The projects in the FY1999 LDRD portfolio were carefully selected to continue vigorous support of the strategic vision and the long-term goals of DOE and the Laboratory. Projects chosen for LDRD funding undergo stringent selection processes, which look for high-potential scientific return, emphasize strategic relevance, and feature technical peer reviews by external and internal experts. The FY1999 projects described in this annual report focus on supporting the Laboratory's national security needs: stewardship of the U.S. nuclear weapons stockpile, responsibility for the counter- and nonproliferation of weapons of mass destruction, development of high-performance computing, and support of DOE environmental research and waste management programs. In the past, LDRD investments have significantly enhanced LLNL scientific capabilities and greatly contributed to the Laboratory's ability to meet its national security programmatic requirements. Examples of past investments include technical precursors to the Accelerated Strategic Computing Initiative (ASCI), special-materials processing and characterization, and biodefense. Our analysis of the FY1999 portfolio shows that it strongly supports the Laboratory's national security mission. About 95% of the LDRD dollars have directly supported LLNL's national security activities in FY1999, which far exceeds the portion of LLNL's overall budget supported by National Security Programs, which is 63% for FY1999.« less

Competition, Speculative Risks, and IT Security Outsourcing

NASA Astrophysics Data System (ADS)

Cezar, Asunur; Cavusoglu, Huseyin; Raghunathan, Srinivasan

Information security management is becoming a more critical and, simultaneously, a challenging function for many firms. Even though many security managers are skeptical about outsourcing of IT security, others have cited reasons that are used for outsourcing of traditional IT functions for why security outsourcing is likely to increase. Our research offers a novel explanation, based on competitive externalities associated with IT security, for firms' decisions to outsource IT security. We show that if competitive externalities are ignored, then a firm will outsource security if and only if the MSSP offers a quality (or a cost) advantage over in-house operations, which is consistent with the traditional explanation for security outsourcing. However, a higher quality is neither a prerequisite nor a guarantee for a firm to outsource security. The competitive risk environment and the nature of the security function outsourced, in addition to quality, determine firms' outsourcing decisions. If the reward from the competitor's breach is higher than the loss from own breach, then even if the likelihood of a breach is higher under the MSSP the expected benefit from the competitive demand externality may offset the loss from the higher likelihood of breaches, resulting in one or both firms outsourcing security. The incentive to outsource security monitoring is higher than that of infrastructure management because the MSSP can reduce the likelihood of breach on both firms and thus enhance the demand externality effect. The incentive to outsource security monitoring (infrastructure management) is higher (lower) if either the likelihood of breach on both firms is lower (higher) when security is outsourced or the benefit (relative to loss) from the externality is higher (lower). The benefit from the demand externality arising out of a security breach is higher when more of the customers that leave the breached firm switch to the non-breached firm.

47 CFR 0.332 - Actions taken under delegated authority.

Code of Federal Regulations, 2012 CFR

2012-10-01

... safety, homeland security, national security, emergency management and preparedness, and disaster management communications—the Public Safety and Homeland Security Bureau. (d) Complaints involving equal... frequencies shared with broadcast, common carrier, or government services—Office of Engineering and Technology...

48 CFR 339.7100 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7100 Definitions. As... with OMB Circular A-130, Management of Federal Information Resources, Appendix 3 (Security of Federal Automated Information Resources), security commensurate with the risk and magnitude of harm resulting from...

48 CFR 339.7100 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7100 Definitions. As used in this subpart, the following definitions shall apply: Adequate security means, in accordance with OMB Circular A-130, Management of Federal Information Resources, Appendix 3 (Security of Federal...

48 CFR 339.7100 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7100 Definitions. As used in this subpart, the following definitions shall apply: Adequate security means, in accordance with OMB Circular A-130, Management of Federal Information Resources, Appendix 3 (Security of Federal...

48 CFR 339.7100 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7100 Definitions. As used in this subpart, the following definitions shall apply: Adequate security means, in accordance with OMB Circular A-130, Management of Federal Information Resources, Appendix 3 (Security of Federal...

48 CFR 339.7100 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... CONTRACTING ACQUISITION OF INFORMATION TECHNOLOGY Information Security Management 339.7100 Definitions. As used in this subpart, the following definitions shall apply: Adequate security means, in accordance with OMB Circular A-130, Management of Federal Information Resources, Appendix 3 (Security of Federal...

5 CFR 9701.504 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Definitions. 9701.504 Section 9701.504 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.371 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false General. 9701.371 Section 9701.371 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.505 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Coverage. 9701.505 Section 9701.505 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.503 - Waivers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Waivers. 9701.503 Section 9701.503 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.201 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Purpose. 9701.201 Section 9701.201 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.403 - Waivers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Waivers. 9701.403 Section 9701.403 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.404 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Definitions. 9701.404 Section 9701.404 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.304 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Definitions. 9701.304 Section 9701.304 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.501 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Purpose. 9701.501 Section 9701.501 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.303 - Waivers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Waivers. 9701.303 Section 9701.303 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.204 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Definitions. 9701.204 Section 9701.204 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.203 - Waivers.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Waivers. 9701.203 Section 9701.203 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.212 - Bands.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Bands. 9701.212 Section 9701.212 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.331 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false General. 9701.331 Section 9701.331 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.341 - General.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false General. 9701.341 Section 9701.341 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.357 - Miscellaneous.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Miscellaneous. 9701.357 Section 9701.357 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.202 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Coverage. 9701.202 Section 9701.202 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.402 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Coverage. 9701.402 Section 9701.402 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.302 - Coverage.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Coverage. 9701.302 Section 9701.302 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

CMMI(Registered) for Services, Version 1.3

DTIC Science & Technology

2010-11-01

ISO 2008b] ISO /IEC 27001 :2005 Information technology – Security techniques – Information Security Management Systems – Requirements [ ISO /IEC 2005...Commission. ISO /IEC 27001 Information Technology – Security Techniques – Information Security Management Systems – Requirements, 2005. http...CMM or International Organization for Standardization ( ISO ) 9001, you will immediately recognize many similarities in their structure and content

Auditing Organizational Security

DTIC Science & Technology

2017-01-01

Managing organizational security is no different from managing any other of the command’s missions. Establish your policies, goals and risk...parameters; implement, train, measure and benchmark them. And then audit, audit, audit. Today, more than ever, Organizational Security is an essential...not be regarded as independent or standing alone. Cybersecurity is an indispensable element of organizational security, which is the subject of

Challenges in researching violence affecting health service delivery in complex security environments.

PubMed

Foghammar, Ludvig; Jang, Suyoun; Kyzy, Gulzhan Asylbek; Weiss, Nerina; Sullivan, Katherine A; Gibson-Fall, Fawzia; Irwin, Rachel

2016-08-01

Complex security environments are characterized by violence (including, but not limited to "armed conflict" in the legal sense), poverty, environmental disasters and poor governance. Violence directly affecting health service delivery in complex security environments includes attacks on individuals (e.g. doctors, nurses, administrators, security guards, ambulance drivers and translators), obstructions (e.g. ambulances being stopped at checkpoints), discrimination (e.g. staff being pressured to treat one patient instead of another), attacks on and misappropriation of health facilities and property (e.g. vandalism, theft and ambulance theft by armed groups), and the criminalization of health workers. This paper examines the challenges associated with researching the context, scope and nature of violence directly affecting health service delivery in these environments. With a focus on data collection, it considers how these challenges affect researchers' ability to analyze the drivers of violence and impact of violence. This paper presents key findings from two research workshops organized in 2014 and 2015 which convened researchers and practitioners in the fields of health and humanitarian aid delivery and policy, and draws upon an analysis of organizational efforts to address violence affecting healthcare delivery and eleven in-depth interviews with representatives of organizations working in complex security environments. Despite the urgency and impact of violence affecting healthcare delivery, there is an overall lack of research that is of health-specific, publically accessible and comparable, as well as a lack of gender-disaggregated data, data on perpetrator motives and an assessment of the 'knock-on' effects of violence. These gaps limit analysis and, by extension, the ability of organizations operating in complex security environments to effectively manage the security of their staff and facilities and to deliver health services. Increased research collaboration among aid organizations, researchers and multilateral organizations, such as the WHO, is needed to address these challenges. Copyright © 2016 Elsevier Ltd. All rights reserved.

MAVEN Information Security Governance, Risk Management, and Compliance (GRC): Lessons Learned

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Gomez-Rosa, Carlos A.; Mangum, Kevin; Wasiak, Fran

2014-01-01

As the first interplanetary mission managed by the NASA Goddard Space Flight Center, the Mars Atmosphere and Volatile EvolutioN (MAVEN) had three IT security goals for its ground system: COMPLIANCE, (IT) RISK REDUCTION, and COST REDUCTION. In a multiorganizational environment in which government, industry and academia work together in support of the ground system and mission operations, information security governance, risk management, and compliance (GRC) becomes a challenge as each component of the ground system has and follows its own set of IT security requirements. These requirements are not necessarily the same or even similar to each other's, making the auditing of the ground system security a challenging feat. A combination of standards-based information security management based on the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), due diligence by the Mission's leadership, and effective collaboration among all elements of the ground system enabled MAVEN to successfully meet NASA's requirements for IT security, and therefore meet Federal Information Security Management Act (FISMA) mandate on the Agency. Throughout the implementation of GRC on MAVEN during the early stages of the mission development, the Project faced many challenges some of which have been identified in this paper. The purpose of this paper is to document these challenges, and provide a brief analysis of the lessons MAVEN learned. The historical information documented herein, derived from an internal pre-launch lessons learned analysis, can be used by current and future missions and organizations implementing and auditing GRC.

31 CFR 363.12 - Who may purchase and hold book-entry securities in TreasuryDirect ®?

Code of Federal Regulations, 2011 CFR

2011-07-01

... 31 Money and Finance:Treasury 2 2011-07-01 2011-07-01 false Who may purchase and hold book-entry securities in TreasuryDirect ®? 363.12 Section 363.12 Money and Finance: Treasury Regulations Relating to... TreasuryDirect § 363.12 Who may purchase and hold book-entry securities in TreasuryDirect ®? (a) A Treasury...

31 CFR 363.12 - Who may purchase and hold book-entry securities in TreasuryDirect ®?

Code of Federal Regulations, 2010 CFR

2010-07-01

... 31 Money and Finance: Treasury 2 2010-07-01 2010-07-01 false Who may purchase and hold book-entry... TreasuryDirect § 363.12 Who may purchase and hold book-entry securities in TreasuryDirect ®? (a) A TreasuryDirect account owner may purchase and hold securities through his or her account. (b) We do not permit a...

6 CFR 29.5 - Requirements for protection.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL... PCII Program Manager or the PCII Program Manager's designee; (2) The information is submitted for... information initially provided received by the PCII Program Manager or the PCII Program Manager's designee...

6 CFR 29.5 - Requirements for protection.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL... PCII Program Manager or the PCII Program Manager's designee; (2) The information is submitted for... information initially provided received by the PCII Program Manager or the PCII Program Manager's designee...

7 CFR 3560.61 - Loan security.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 15 2010-01-01 2010-01-01 false Loan security. 3560.61 Section 3560.61 Agriculture... DIRECT MULTI-FAMILY HOUSING LOANS AND GRANTS Direct Loan and Grant Origination § 3560.61 Loan security... collateral. (2) The amount of the loan against the collateral does not exceed its estimated security value...

31 CFR 357.27 - Reinvestment.

Code of Federal Regulations, 2010 CFR

2010-07-01

... AND BILLS HELD IN LEGACY TREASURY DIRECT Legacy Treasury Direct Book-Entry Securities System (Legacy... of a security may be reinvested at maturity in a new security in the same form of registration, provided a new security is then being offered by the Department and provision for reinvestment is made in...

17 CFR 300.306 - Completion or closeout pursuant to SIPC direction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Completion or closeout pursuant to SIPC direction. 300.306 Section 300.306 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) Schedule A to Part 285 RULES OF THE SECURITIES INVESTOR PROTECTION...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2010 CFR

2010-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2014 CFR

2014-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2012 CFR

2012-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2013 CFR

2013-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

32 CFR Appendix J to Part 154 - ADP Position Categories and Criteria for Designating Positions

Code of Federal Regulations, 2011 CFR

2011-07-01

..., and implementation of a computer security program; major responsibility for the direction, planning... agency computer security programs, and also including direction and control of risk analysis and/or... OF DEFENSE SECURITY DEPARTMENT OF DEFENSE PERSONNEL SECURITY PROGRAM REGULATION Pt. 154, App. J...

Social Security Administration

MedlinePlus

... Plan Costs my Social Security Check out your Social Security Statement , change your address & manage your benefits online today. Social Security Number Your Social Security number remains your ...

Analysis Of Using Firewall And Single Honeypot In Training Attack On Wireless Network

NASA Astrophysics Data System (ADS)

Mohd. Diansyah, Tengku.; Faisal, Ilham; Perdana, Adidtya; Octaviani Sembiring, Boni; Hidayati Sinaga, Tantri

2017-12-01

Security issues become one of the important aspects of a network, especially a network security on the server. These problems underlie the need to build a system that can detect threats from parties who do not have access rights (hackers) that are by building a security system honeypot. A Honeypot is a diversion of intruders' attention, in order for intruders to think that it has managed to break down and retrieve data from a network, when in fact the data is not important and the location is isolated. A way to trap or deny unauthorized use of effort in an information system. One type of honeypot is honeyd. Honeyd is a low interaction honeypot that has a smaller risk compared to high interaction types because the interaction with the honeypot does not directly involve the real system. The purpose of the implementation of honeypot and firewall, firewall is used on Mikrotik. Can be used as an administrative tool to view reports of Honeyd generated activity and administrators can also view reports that are stored in the logs in order to assist in determining network security policies.

Security in the management of information systems.

PubMed

Huston, T L; Huston, J L

1998-06-01

Although security technology exists in abundance in health information management systems, the implementation of that technology is often lacking. This lack of implementation can be heavily affected by the attitudes and perceptions of users and management, the "people part" of systems. Particular operational, organizational, and economic factors must be addressed along with employment of security objectives and accountability. Unique threats, as well as controls, pervade the use of microcomputer-based systems as these systems permeate health care information management.

Library Operations Policies and Procedures, Volume 2. Central Archive for Reusable Defense Software (CARDS)

DTIC Science & Technology

1994-02-28

improvements. Pare 10 ka•- V •DkI U Release Manager The Release Manager provides franchisees with media copies of existing libraries, as needed. Security...implementors, and potential library franchisees . Security Team The Security Team assists the Security Officer with security analysis. Team members are...and Franchisees . A Potential User is an individual who requests a Library Account. A User Recruit has been sent a CARDS Library Account Registration

44 CFR 8.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Emergency Management and Assistance FEDERAL EMERGENCY MANAGEMENT AGENCY, DEPARTMENT OF HOMELAND SECURITY GENERAL NATIONAL SECURITY INFORMATION § 8.1 Purpose. (a) Section 5.3(b) of Executive Order (EO) 12356, “National Security Information” requires agencies to promulgate implementing policies and regulations. To...

5 CFR 9701.356 - Pay retention.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Pay retention. 9701.356 Section 9701.356 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.312 - Maximum rates.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Maximum rates. 9701.312 Section 9701.312 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

5 CFR 9701.311 - Major features.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 5 Administrative Personnel 3 2010-01-01 2010-01-01 false Major features. 9701.311 Section 9701.311 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES...

Identity and Access Management and Security in Higher Education.

ERIC Educational Resources Information Center

Bruhn, Mark; Gettes, Michael; West, Ann

2003-01-01

Discusses the drivers for an identity management system (IdM), components of this system, and its role within a school security strategy, focusing on: basic access management; requirements for access management; middleware support for an access management system; IdM implementation considerations (e.g., access eligibilities, authentication…

A framework for analyzing the economic tradeoffs between urban commerce and security against terrorism.

PubMed

Rose, Adam; Avetisyan, Misak; Chatterjee, Samrat

2014-08-01

This article presents a framework for economic consequence analysis of terrorism countermeasures. It specifies major categories of direct and indirect costs, benefits, spillover effects, and transfer payments that must be estimated in a comprehensive assessment. It develops a spreadsheet tool for data collection, storage, and refinement, as well as estimation of the various components of the necessary economic accounts. It also illustrates the usefulness of the framework in the first assessment of the tradeoffs between enhanced security and changes in commercial activity in an urban area, with explicit attention to the role of spillover effects. The article also contributes a practical user interface to the model for emergency managers. © 2014 Society for Risk Analysis.

A Survey on Trust Management for Mobile Ad Hoc Networks

DTIC Science & Technology

2010-07-01

betrayal of trust. In his comments on Lagerspetz’s book titled Trust: The Tacit Demand, Lahno [24] describes the author’s view on trust as a moral...extension of AODV Zouridaki et al. (2005 ) [79] (2006) [80] Secure routing Direct observation [79][80] Reputation by secondhand information [80...the broad areas of signal processing, wireless communications, sensor and mobile ad hoc networks. He is co-editor of the book Wireless Sensor Networks

Financial Management Regulation. Volume 15. Security Assistance Policy and Procedures

DTIC Science & Technology

1993-03-01

Definitions DEFINITIONS case level, i.e., commitments, obligations and 1. Above-the-line-Cost. Cost identified as disbursements resulting from contract award...of the asset or was a direct result of O ment is made when SAAC determines it does negligence, simple or gross. not have the accounting capability to... resulting from ments leaving the DoD system, contracts with operation of the FMS program: commercial firms, General Services Administra- tion

Overseas Contingency Operations: Observations on the Use of Force Management Levels in Afghanistan, Iraq, and Syria

DTIC Science & Technology

2016-12-01

relating to security force assistance activities and readiness of U.S. Special Operations Forces. • Increased Use of Contractors and Personnel on...Temporary Duty. DOD relies on contractors to support a wide range of military operations and free up uniformed personnel to directly support mission...needs. During operations in Afghanistan and Iraq contractor personnel played a critical role in supporting U.S. troops and sometimes exceeded the

A survey of pandemic influenza preparedness and response capabilities in Chicago area hospital security departments.

PubMed

Kimmerly, David P

2009-01-01

This article is a summary based on a December 2007 paper prepared by the author in partial fulfillment of the requirements for a master's degree in business and organizational security management at Webster University. The project described was intended to assess Chicago-area healthcare organization security departments' preparedness and response capabilities for a potential influenza pandemic. While the author says healthcare organizations are learning from the pandemics of the past, little research has been conducted on the requirements necessary within hospital security departments. The article explores staffing, planning, preparation and response capabilities within a healthcare security context to determine existing resources available to the healthcare security community. Eleven completed surveys were received from hospital security managers throughout the geographical Chicago area. They reveal that hospital security managers are conscious of the risks of a pandemic influenza outbreak. Yet, it was found that several gaps existed within hospital security department staffing and response capabilities, as hospital security departments may not have the available resources necessary to adequately maintain their operations during a pandemic incident.

5 CFR 9701.409 - Rating and rewarding performance.

Code of Federal Regulations, 2014 CFR

2014-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.409 Rating and rewarding... 5 Administrative Personnel 3 2014-01-01 2014-01-01 false Rating and rewarding performance. 9701...

5 CFR 9701.409 - Rating and rewarding performance.

Code of Federal Regulations, 2012 CFR

2012-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.409 Rating and rewarding... 5 Administrative Personnel 3 2012-01-01 2012-01-01 false Rating and rewarding performance. 9701...

5 CFR 9701.409 - Rating and rewarding performance.

Code of Federal Regulations, 2011 CFR

2011-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.409 Rating and rewarding... 5 Administrative Personnel 3 2011-01-01 2011-01-01 false Rating and rewarding performance. 9701...

5 CFR 9701.409 - Rating and rewarding performance.

Code of Federal Regulations, 2013 CFR

2013-01-01

... MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Performance Management § 9701.409 Rating and rewarding... 5 Administrative Personnel 3 2013-01-01 2013-01-01 false Rating and rewarding performance. 9701...

17 CFR 240.3a12-9 - Exemption of certain direct participation program securities from the arranging provisions of...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Exemption of certain direct participation program securities from the arranging provisions of sections 7(c) and 11(d)(1). 240.3a12-9 Section 240.3a12-9 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL...

31 CFR 363.208 - Can I transfer my marketable Treasury security from my TreasuryDirect ® account to an account in...

Code of Federal Regulations, 2010 CFR

2010-07-01

... security from my TreasuryDirect ® account to an account in another book-entry system? 363.208 Section 363..., DEPARTMENT OF THE TREASURY BUREAU OF THE PUBLIC DEBT REGULATIONS GOVERNING SECURITIES HELD IN TREASURYDIRECT Marketable Treasury Securities § 363.208 Can I transfer my marketable Treasury security from my Treasury...

How ISO/IEC 17799 can be used for base lining information assurance among entities using data mining for defense, homeland security, commercial, and other civilian/commercial domains

NASA Astrophysics Data System (ADS)

Perry, William G.

2006-04-01

One goal of database mining is to draw unique and valid perspectives from multiple data sources. Insights that are fashioned from closely-held data stores are likely to possess a high degree of reliability. The degree of information assurance comes into question, however, when external databases are accessed, combined and analyzed to form new perspectives. ISO/IEC 17799, Information technology-Security techniques-Code of practice for information security management, can be used to establish a higher level of information assurance among disparate entities using data mining in the defense, homeland security, commercial and other civilian/commercial domains. Organizations that meet ISO/IEC information security standards have identified and assessed risks, threats and vulnerabilities and have taken significant proactive steps to meet their unique security requirements. The ISO standards address twelve domains: risk assessment and treatment, security policy, organization of information security, asset management, human resources security, physical and environmental security, communications and operations management, access control, information systems acquisition, development and maintenance, information security incident management and business continuity management and compliance. Analysts can be relatively confident that if organizations are ISO 17799 compliant, a high degree of information assurance is likely to be a characteristic of the data sets being used. The reverse may be true. Extracting, fusing and drawing conclusions based upon databases with a low degree of information assurance may be wrought with all of the hazards that come from knowingly using bad data to make decisions. Using ISO/IEC 17799 as a baseline for information assurance can help mitigate these risks.

17 CFR 274.220 - Form N-17f-2, cover page for each certificate of accounting of securities and similar investments...

Code of Federal Regulations, 2010 CFR

2010-04-01

... each certificate of accounting of securities and similar investments in the custody of a registered management investment company, filed pursuant to rule 17f-2. 274.220 Section 274.220 Commodity and Securities... accounting of securities and similar investments in the custody of a registered management investment company...

Preparing Information Systems (IS) Graduates to Meet the Challenges of Global IT Security: Some Suggestions

ERIC Educational Resources Information Center

Sauls, Jeff; Gudigantala, Naveen

2013-01-01

Managing IT security and assurance is a top priority for organizations. Aware of the costs associated with a security or privacy breach, organizations are constantly vigilant about protecting their data and IT systems. In addition, organizations are investing heavily in IT resources to keep up with the challenges of managing their IT security and…

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 3 2013-04-01 2013-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

17 CFR 240.17i-4 - Internal risk management control system requirements for supervised investment bank holding...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 3 2012-04-01 2012-04-01 false Internal risk management control system requirements for supervised investment bank holding companies. 240.17i-4 Section 240.17i-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934...

The Operational Manager - Enemy or Hero of Secure Business Practice?

NASA Astrophysics Data System (ADS)

Goucher, Wendy

This paper will investigate the role of the non-IT manager in information security. He can, for example, be the reason why sensitive work is carried out on the move and security focused spending is given a low priority in the budget. Alternatively, he can also be the driving force behind empowering the team to have a dynamic attitude to protecting data both at work and at home. Now is the time for managers to stop pushing information security issues away from their desk and into the in-tray of the IT department.

Limitations and challenges towards an effective business continuity management in Nuklear Malaysia

NASA Astrophysics Data System (ADS)

Hamid, A. H. A.

2018-01-01

One of Nuklear Malaysia’s top concerns is radiological and nuclear safety as well as security preparedness of its operational facility management, which was bonded by Act 304, Directive 20 and International Atomic Energy Agency (IAEA) guidelines. In 2012, the Malaysian government initialised the Business Continuity Management System under the supervision of Malaysian Administrative Modernization and Management Planning Unit (MAMPU), referring to MAMPU.BPICT.700-4/2/11 (3), ISO 22301:2012 and Business Continuity Good Practice Guidelines 2013 documentation. These standards are integral to the implementation of a resilient management program that indicates an organisation’s capability to prevent any accident from occurring and spreading its impact, which includes sufficient recovery action to post-accident situation towards a normal operational and managerial state. Unfortunately, there is a lack of certified Business Continuity Management standard among the public sector agencies compared to local private sectors. Subsequently, Nuklear Malaysia has been selected by MAMPU and CyberSecurity Malaysia as one of the pioneering agencies to be certified accordingly. This paper significantly recognized Nuklear Malaysia’s effort to plan, analyse, design, implement, review and validate the establishment of this standard currently. The project was implemented using a case study approach to complete the required certification activities. As a result, this paper proposed benchmarking the selected literature reviews against the Nuklear Malaysia experience to determine best practices in implementing and managing Business Continuity effectively. It concluded that a resilient Business Continuity Management program needs to be incorporated into Nuclear Malaysia’s capabilities in ensuring its mitigation capacities to survive any unexpected event and subsequently overcome future challenges.

[Access control management in electronic health records: a systematic literature review].

PubMed

Carrión Señor, Inmaculada; Fernández Alemán, José Luis; Toval, Ambrosio

2012-01-01

This study presents the results of a systematic literature review of aspects related to access control in electronic health records systems, wireless security and privacy and security training for users. Information sources consisted of original articles found in Medline, ACM Digital Library, Wiley InterScience, IEEE Digital Library, Science@Direct, MetaPress, ERIC, CINAHL and Trip Database, published between January 2006 and January 2011. A total of 1,208 articles were extracted using a predefined search string and were reviewed by the authors. The final selection consisted of 24 articles. Of the selected articles, 21 dealt with access policies in electronic health records systems. Eleven articles discussed whether access to electronic health records should be granted by patients or by health organizations. Wireless environments were only considered in three articles. Finally, only four articles explicitly mentioned that technical training of staff and/or patients is required. Role-based access control is the preferred mechanism to deploy access policy by the designers of electronic health records. In most systems, access control is managed by users and health professionals, which promotes patients' right to control personal information. Finally, the security of wireless environments is not usually considered. However, one line of research is eHealth in mobile environments, called mHealth. Copyright © 2011 SESPAS. Published by Elsevier Espana. All rights reserved.

Security credentials management system (SCMS) design and analysis for the connected vehicle system : draft.

DOT National Transportation Integrated Search

2013-12-27

This report presents an analysis by Booz Allen Hamilton (Booz Allen) of the technical design for the Security Credentials Management System (SCMS) intended to support communications security for the connected vehicle system. The SCMS technical design...

Report on {open_quotes}audit of internal controls over special nuclear materials{close_quotes}

DOE Office of Scientific and Technical Information (OSTI.GOV)

NONE

1996-04-01

The Department of Energy (Department) is responsible for safeguarding a significant amount of plutonium, uranium-233 and enriched uranium - collectively referred to as special nuclear materials - stored in the United States. The Department`s office of Nonproliferation and National Security has overall management cognizance for developing policies for safeguarding these materials, while other Headquarters program offices have {open_quotes}landlord{close_quotes} responsibilities for the sites where the materials are stored, and the Department`s operations and field offices provide onsite management of contractor operations. The Department`s management and operating contractors, under the direction of the Department, safeguard and account for the special nuclear materialmore » stored at Department sites.« less

Securing, Stabilizing, and Rebuilding Iraq: Key Issues for Congressional Oversight

DTIC Science & Technology

2007-01-01

Been Constrained by Security, Management , and Funding Challenges 72 U.S. Military Readiness 79 Enclosure XII: Extended Operations Have Had...Forces Have Resulted in Shortages of Critical Items 92 Improving Acquisition Outcomes 97 Enclosure XV: DOD Needs to Improve Its Capacity to Manage ...International Monetary Fund IRMO Iraq Reconstruction Management Office IRRF Iraqi Relief and Reconstruction Fund ISF Iraqi security forces ISFF

Transitions: Managing the Transfer of Security Responsibility

DTIC Science & Technology

2010-02-05

Index 1.2_Transitions-ConceptNote_v2.0_draft Index Transitions: Managing the Transfer of Security Responsibility A Concept Paper...reporting burden for the collection of information is estimated to average 1 hour per response , including the time for reviewing instructions...TITLE AND SUBTITLE Transitions: Managing the Transfer of Security Responsibility 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6

Secure real-time wireless video streaming in the aeronautical telecommunications network

NASA Astrophysics Data System (ADS)

Czernik, Pawel; Olszyna, Jakub

2010-09-01

As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor development kid and Embedded Linux operation system.

Additional Security Considerations for Grid Management

NASA Technical Reports Server (NTRS)

Eidson, Thomas M.

2003-01-01

The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

47 CFR 0.191 - Functions of the Bureau.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Telecommunication FEDERAL COMMUNICATIONS COMMISSION GENERAL COMMISSION ORGANIZATION Organization Public Safety and... management and preparedness, disaster management, and ancillary operations. The Bureau has responsibility for coordinating public safety, homeland security, national security, emergency management and preparedness...

47 CFR 0.191 - Functions of the Bureau.

Code of Federal Regulations, 2010 CFR

2010-10-01

... Telecommunication FEDERAL COMMUNICATIONS COMMISSION GENERAL COMMISSION ORGANIZATION Organization Public Safety and... management and preparedness, disaster management, and ancillary operations. The Bureau has responsibility for coordinating public safety, homeland security, national security, emergency management and preparedness...

Nevada National Security Site: Site-Directed Research and Development (SDRD) Fiscal Year 2015 Annual Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bender, Howard A.

This report presents results of multiple research projects, new and ongoing, funded under the Site-Directed Research and Development Program for the Nevada National Security Site during federal fiscal year 2015. The Site's legacy capabilities in remote sensing combined with new paradigms for emergency response and consequence management help drive the need to develop advanced aerial sensor platforms. Likewise, dynamic materials science is a critical area of scientific research for which basic physics issues are still unresolved. New methods of characterizing materials in extreme states are vitally needed, and these efforts are paving the way with new knowledge. Projects selected inmore » FY 2015 for the Exploratory Research portfolio exhibit a strong balance of NNSS mission relevance. Geoscience, seismology, and techniques for detecting underground nuclear events are still essential focus areas. Many of the project reports in the second major section of this annual report are ongoing continuations in multi-year lifecycles. Diagnostic techniques for stockpile and nuclear security science figured prominently as well, with a few key efforts coming to fruition, such as phase transition detection. In other areas, modeling efforts toward better understanding plasma focus physics has also started to pay dividends for major program needs.« less

20 CFR 423.3 - Other process directed to the Social Security Administration or the Commissioner.

Code of Federal Regulations, 2010 CFR

2010-04-01

... SERVICE OF PROCESS § 423.3 Other process directed to the Social Security Administration or the Commissioner. Subpoenas and other process (other than summonses and complaints) that are required to be served... 20 Employees' Benefits 2 2010-04-01 2010-04-01 false Other process directed to the Social Security...

Connected Vehicle Pilot Deployment Program phase 1 : security management operating concept : New York City : final report.

DOT National Transportation Integrated Search

2016-05-18

This document describes the Security Management Operating Concept (SMOC) for the New York City Department of Transportation (NYCDOT) Connected Vehicle Pilot Deployment (CVPD) Project. This SMOC outlines the security mechanisms that will be used to pr...

78 FR 69099 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-18

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2013-0034... addressed to the Desk Officer for the Department of Homeland Security, Federal Emergency Management Agency... . SUPPLEMENTARY INFORMATION: Collection of Information Title: FEMA Preparedness Grants: Homeland Security Grant...

78 FR 50430 - Agency Information Collection Activities: Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-08-19

... DEPARTMENT OF HOMELAND SECURITY Federal Emergency Management Agency [Docket ID: FEMA-2013-0020... addressed to the Desk Officer for the Department of Homeland Security, Federal Emergency Management Agency... . SUPPLEMENTARY INFORMATION: Collection of Information Title: FEMA Preparedness Grants: Port Security Grant...

78 FR 42113 - Submission for OMB Review; Comment Request

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-15

... Securities and Exchange Commission (``Commission'') has submitted to the Office of Management and Budget... settlement price for each cash-settled security futures product fairly reflect the opening price of the... Securities and Exchange Commission, Office of Information and Regulatory Affairs, Office of Management and...

Homeland Security

EPA Pesticide Factsheets

Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

76 FR 39447 - J.P. Morgan Securities LLC, et al.; Notice of Application and Temporary Order

Federal Register 2010, 2011, 2012, 2013, 2014

2011-07-06

... Capital Management, LLC (``Highbridge''); JF International Management Inc. (``JFIMI''); JPMorgan Asset... order. Applicants: J.P. Morgan Securities; Bear Stearns Asset Management Inc. (``BSAM''); Bear Stearns Health Innoventures Management, L.L.C. (``BSHIM''); BSCGP Inc. (``BSCGP''); Constellation Growth Capital...

Managing the Aviation Insider Threat

DTIC Science & Technology

2010-12-01

World Airport NSAS National Strategy for Aviation Security OIS Office of Intelligence SIDA Security Identification Display Area STA Security...Security of the secured area”, 1542.205, “Security of the security identification display area ( SIDA )”, and 1542.209, “Fingerprint-based criminal

17 CFR 240.15c3-4 - Internal risk management control systems for OTC derivatives dealers.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 4 2014-04-01 2014-04-01 false Internal risk management control systems for OTC derivatives dealers. 240.15c3-4 Section 240.15c3-4 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION (CONTINUED) GENERAL RULES AND REGULATIONS, SECURITIES EXCHANGE ACT OF 1934 Rules and Regulations Under the...

Securely and Flexibly Sharing a Biomedical Data Management System

PubMed Central

Wang, Fusheng; Hussels, Phillip; Liu, Peiya

2011-01-01

Biomedical database systems need not only to address the issues of managing complex data, but also to provide data security and access control to the system. These include not only system level security, but also instance level access control such as access of documents, schemas, or aggregation of information. The latter is becoming more important as multiple users can share a single scientific data management system to conduct their research, while data have to be protected before they are published or IP-protected. This problem is challenging as users’ needs for data security vary dramatically from one application to another, in terms of who to share with, what resources to be shared, and at what access level. We develop a comprehensive data access framework for a biomedical data management system SciPort. SciPort provides fine-grained multi-level space based access control of resources at not only object level (documents and schemas), but also space level (resources set aggregated in a hierarchy way). Furthermore, to simplify the management of users and privileges, customizable role-based user model is developed. The access control is implemented efficiently by integrating access privileges into the backend XML database, thus efficient queries are supported. The secure access approach we take makes it possible for multiple users to share the same biomedical data management system with flexible access management and high data security. PMID:21625285