Spatial Data Transfer Standard (SDTS), part 5 : SDTS raster profile and extensions

DOT National Transportation Integrated Search

1999-02-01

The Spatial Data Transfer Standard (SDTS) defines a general mechanism for the transfer of : geographically referenced spatial data and its supporting metadata, i.e., attributes, data quality reports, : coordinate reference systems, security informati...

Study of Software Tools to Support Systems Engineering Management

DTIC Science & Technology

2015-06-01

Management 15. NUMBER OF PAGES 137 16. PRICE CODE 17. SECURITY CLASSIFICATION OF REPORT Unclassified 18. SECURITY CLASSIFICATION OF THIS...AVAILABILITY STATEMENT Approved for public release; distribution is unlimited 12b. DISTRIBUTION CODE 13. ABSTRACT (maximum 200 words) According to a...PAGE Unclassified 19. SECURITY CLASSIFICATION OF ABSTRACT Unclassified 20. LIMITATION OF ABSTRACT UU NSN 7540–01–280–5500 Standard Form 298

75 FR 9493 - Commission Statement in Support of Convergence and Global Accounting Standards

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-02

...The Securities and Exchange Commission (the ``Commission'') is publishing this statement to provide an update regarding its consideration of global accounting standards, including its continued support for the convergence of U.S. Generally Accepted Accounting Principles (``U.S. GAAP'') and International Financial Reporting Standards (``IFRS'') and the implications of convergence with respect to the Commission's ongoing consideration of incorporating IFRS into the financial reporting system for U.S. issuers.

An Image Understanding Environment for DARPA Supported Research and Applications, First Annual Report

DTIC Science & Technology

1991-10-01

patient names by lexicographical ordering b) patient by social security number c) patient by local institution id d) anatomy by hierarchical anatomical...names, social security or other id numbers, etc. should support partial matches, be case insensitive and accept all possible standard syntaxes (e.g...capabilities (or phobias ), and the uses that output information is put to. Assumptions: The developer has access to view and analyze operational

Developing a Standard Method for Link-Layer Security of CCSDS Space Communications

NASA Technical Reports Server (NTRS)

Biggerstaff, Craig

2009-01-01

Communications security for space systems has been a specialized field generally far removed from considerations of mission interoperability and cross-support in fact, these considerations often have been viewed as intrinsically opposed to security objectives. The space communications protocols defined by the Consultative Committee for Space Data Systems (CCSDS) have a twenty-five year history of successful use in over 400 missions. While the CCSDS Telemetry, Telecommand, and Advancing Orbiting Systems protocols for use at OSI Layer 2 are operationally mature, there has been no direct support within these protocols for communications security techniques. Link-layer communications security has been successfully implemented in the past using mission-unique methods, but never before with an objective of facilitating cross-support and interoperability. This paper discusses the design of a standard method for cryptographic authentication, encryption, and replay protection at the data link layer that can be integrated into existing CCSDS protocols without disruption to legacy communications services. Integrating cryptographic operations into existing data structures and processing sequences requires a careful assessment of the potential impediments within spacecraft, ground stations, and operations centers. The objective of this work is to provide a sound method for cryptographic encapsulation of frame data that also facilitates Layer 2 virtual channel switching, such that a mission may procure data transport services as needed without involving third parties in the cryptographic processing, or split independent data streams for separate cryptographic processing.

Developing an ANSI standard for image quality tools for the testing of active millimeter wave imaging systems

NASA Astrophysics Data System (ADS)

Barber, Jeffrey; Greca, Joseph; Yam, Kevin; Weatherall, James C.; Smith, Peter R.; Smith, Barry T.

2017-05-01

In 2016, the millimeter wave (MMW) imaging community initiated the formation of a standard for millimeter wave image quality metrics. This new standard, American National Standards Institute (ANSI) N42.59, will apply to active MMW systems for security screening of humans. The Electromagnetic Signatures of Explosives Laboratory at the Transportation Security Laboratory is supporting the ANSI standards process via the creation of initial prototypes for round-robin testing with MMW imaging system manufacturers and experts. Results obtained for these prototypes will be used to inform the community and lead to consensus objective standards amongst stakeholders. Images collected with laboratory systems are presented along with results of preliminary image analysis. Future directions for object design, data collection and image processing are discussed.

Analysis of information security management systems at 5 domestic hospitals with more than 500 beds.

PubMed

Park, Woo-Sung; Seo, Sun-Won; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-06-01

The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS.

77 FR 7960 - Unified Agenda of Federal Regulatory and Deregulatory Actions

Federal Register 2010, 2011, 2012, 2013, 2014

2012-02-13

... Identifier No. 373 Secure Handling of 1601-AA52 Ammonium Nitrate Program (Reg Plan Seq No. 53). 374 Homeland...) Proposed Rule Stage 373. Secure Handling of Ammonium Nitrate Program Regulatory Plan: This entry is Seq. No... performance standards to 33 CFR part 151, subparts C and D, for discharges of ballast water. It supports the...

Inventory of Safety-related Codes and Standards for Energy Storage Systems with some Experiences related to Approval and Acceptance

DOE Office of Scientific and Technical Information (OSTI.GOV)

Conover, David R.

The purpose of this document is to identify laws, rules, model codes, codes, standards, regulations, specifications (CSR) related to safety that could apply to stationary energy storage systems (ESS) and experiences to date securing approval of ESS in relation to CSR. This information is intended to assist in securing approval of ESS under current CSR and to identification of new CRS or revisions to existing CRS and necessary supporting research and documentation that can foster the deployment of safe ESS.

DOE Office of Scientific and Technical Information (OSTI.GOV)

AISL-CRYPTO is a library of cryptography functions supporting other AISL software. It provides various crypto functions for Common Lisp, including Digital Signature Algorithm, Data Encryption Standard, Secure Hash Algorithm, and public-key cryptography.

Ebola Virus Genome Plasticity as a Marker of Its Passaging History: A Comparison of In Vitro Passaging to Non-Human Primate Infection

DTIC Science & Technology

2012-11-28

Simulation Sciences Branch, United States Army Research Laboratory , Aberdeen Proving Ground, Maryland, United States of America Abstract To identify...culture and may support filovirus stock standardization for medical countermeasure development. Citation: Kugelman JR, Lee MS, Rossi CA, McCarthy SE...support filovirus stock standardization for medical countermeasure development. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF

Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds

PubMed Central

Park, Woo-Sung; Son, Seung-Sik; Lee, Mee-Jeong; Kim, Shin-Hyo; Choi, Eun-Mi; Bang, Ji-Eon; Kim, Yea-Eun; Kim, Ok-Nam

2010-01-01

Objectives The information security management systems (ISMS) of 5 hospitals with more than 500 beds were evaluated with regards to the level of information security, management, and physical and technical aspects so that we might make recommendations on information security and security countermeasures which meet both international standards and the needs of individual hospitals. Methods The ISMS check-list derived from international/domestic standards was distributed to each hospital to complete and the staff of each hospital was interviewed. Information Security Indicator and Information Security Values were used to estimate the present security levels and evaluate the application of each hospital's current system. Results With regard to the moderate clause of the ISMS, the hospitals were determined to be in compliance. The most vulnerable clause was asset management, in particular, information asset classification guidelines. The clauses of information security incident management and business continuity management were deemed necessary for the establishment of successful ISMS. Conclusions The level of current ISMS in the hospitals evaluated was determined to be insufficient. Establishment of adequate ISMS is necessary to ensure patient privacy and the safe use of medical records for various purposes. Implementation of ISMS which meet international standards with a long-term and comprehensive perspective is of prime importance. To reflect the requirements of the varied interests of medical staff, consumers, and institutions, the establishment of political support is essential to create suitable hospital ISMS. PMID:21818429

76 FR 14110 - Order Regarding Review of FASB Accounting Support Fee for 2011 Under Section 109 of the Sarbanes...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-15

... recognize, as generally accepted for purposes of the securities laws, any accounting principles established... policy statement concluding that the Financial Accounting Standards Board (``FASB'') and its parent organization, the Financial Accounting Foundation (``FAF''), satisfied the criteria for an accounting standard...

Recovery Act: Water Heater ZigBee Open Standard Wireless Controller

DOE Office of Scientific and Technical Information (OSTI.GOV)

Butler, William P.; Buescher, Tom

2014-04-30

The objective of Emerson's Water Heater ZigBee Open Standard Wireless Controller is to support the DOE's AARA priority for Clean, Secure Energy by designing a water heater control that levels out residential and small business peak electricity demand through thermal energy storage in the water heater tank.

A Security-façade Library for Virtual-observatory Software

NASA Astrophysics Data System (ADS)

Rixon, G.

2009-09-01

The security-façade library implements, for Java, IVOA's security standards. It supports the authentication mechanisms for SOAP and REST web-services, the sign-on mechanisms (with MyProxy, AstroGrid Accounts protocol or local credential-caches), the delegation protocol, and RFC3820-enabled HTTPS for Apache Tomcat. Using the façade, a developer who is not a security specialist can easily add access control to a virtual-observatory service and call secured services from an application. The library has been an internal part of AstroGrid software for some time and it is now offered for use by other developers.

Evaluating Software Assurance Knowledge and Competency of Acquisition Professionals

DTIC Science & Technology

2014-10-01

of ISO 12207 -2008, both internationally and in the United States [7]. That standard documents a comprehensive set of activities and supporting...grows, organizations must ensure that their procurement agents acquire high quality, secure software. ISO 12207 and the Software Assurance Competency...cyberattacks grows, organizations must ensure that their procurement agents acquire high quality, secure software. ISO 12207 and the Software Assurance

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

PubMed

Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroaki; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

2015-01-01

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

PubMed Central

Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

2015-01-01

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic. PMID:26580963

Server-Based and Server-Less Byod Solutions to Support Electronic Learning

DTIC Science & Technology

2016-06-01

Knowledge Online NSD National Security Directive OS operating system OWA Outlook Web Access PC personal computer PED personal electronic device PDA...mobile devices, institute mobile device policies and standards, and promote the development and use of DOD mobile and web -enabled applications” (DOD...with an isolated BYOD web server, properly educated system administrators must carry out and execute the necessary, pre-defined network security

The Cost-Effectiveness of Supported Employment for Adults with Autism in the United Kingdom

ERIC Educational Resources Information Center

Mavranezouli, Ifigeneia; Megnin-Viggars, Odette; Cheema, Nadir; Howlin, Patricia; Baron-Cohen, Simon; Pilling, Stephen

2014-01-01

Adults with autism face high rates of unemployment. Supported employment enables individuals with autism to secure and maintain a paid job in a regular work environment. The objective of this study was to assess the cost-effectiveness of supported employment compared with standard care (day services) for adults with autism in the United Kingdom.…

New secure communication-layer standard for medical image management (ISCL)

NASA Astrophysics Data System (ADS)

Kita, Kouichi; Nohara, Takashi; Hosoba, Minoru; Yachida, Masuyoshi; Yamaguchi, Masahiro; Ohyama, Nagaaki

1999-07-01

This paper introduces a summary of the standard draft of ISCL 1.00 which will be published by MEDIS-DC officially. ISCL is abbreviation of Integrated Secure Communication Layer Protocols for Secure Medical Image Management Systems. ISCL is a security layer which manages security function between presentation layer and TCP/IP layer. ISCL mechanism depends on basic function of a smart IC card and symmetric secret key mechanism. A symmetry key for each session is made by internal authentication function of a smart IC card with a random number. ISCL has three functions which assure authentication, confidently and integrity. Entity authentication process is done through 3 path 4 way method using functions of internal authentication and external authentication of a smart iC card. Confidentially algorithm and MAC algorithm for integrity are able to be selected. ISCL protocols are communicating through Message Block which consists of Message Header and Message Data. ISCL protocols are evaluating by applying to regional collaboration system for image diagnosis, and On-line Secure Electronic Storage system for medical images. These projects are supported by Medical Information System Development Center. These project shows ISCL is useful to keep security.

Charliecloud: Unprivileged containers for user-defined software stacks in HPC

DOE Office of Scientific and Technical Information (OSTI.GOV)

Priedhorsky, Reid; Randles, Timothy C.

Supercomputing centers are seeing increasing demand for user-defined software stacks (UDSS), instead of or in addition to the stack provided by the center. These UDSS support user needs such as complex dependencies or build requirements, externally required configurations, portability, and consistency. The challenge for centers is to provide these services in a usable manner while minimizing the risks: security, support burden, missing functionality, and performance. We present Charliecloud, which uses the Linux user and mount namespaces to run industry-standard Docker containers with no privileged operations or daemons on center resources. Our simple approach avoids most security risks while maintaining accessmore » to the performance and functionality already on offer, doing so in less than 500 lines of code. Charliecloud promises to bring an industry-standard UDSS user workflow to existing, minimally altered HPC resources.« less

An IPSO-SVM algorithm for security state prediction of mine production logistics system

NASA Astrophysics Data System (ADS)

Zhang, Yanliang; Lei, Junhui; Ma, Qiuli; Chen, Xin; Bi, Runfang

2017-06-01

A theoretical basis for the regulation of corporate security warning and resources was provided in order to reveal the laws behind the security state in mine production logistics. Considering complex mine production logistics system and the variable is difficult to acquire, a superior security status predicting model of mine production logistics system based on the improved particle swarm optimization and support vector machine (IPSO-SVM) is proposed in this paper. Firstly, through the linear adjustments of inertia weight and learning weights, the convergence speed and search accuracy are enhanced with the aim to deal with situations associated with the changeable complexity and the data acquisition difficulty. The improved particle swarm optimization (IPSO) is then introduced to resolve the problem of parameter settings in traditional support vector machines (SVM). At the same time, security status index system is built to determine the classification standards of safety status. The feasibility and effectiveness of this method is finally verified using the experimental results.

In the Face of Cybersecurity: How the Common Information Model Can Be Used

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skare, Paul; Falk, Herbert; Rice, Mark

2016-01-01

Efforts are underway to combine smart grid information, devices, networking, and emergency response information to create messages that are not dependent on specific standards development organizations (SDOs). This supports a future-proof approach of allowing changes in the canonical data models (CDMs) going forward without having to perform forklift replacements of solutions that use the messages. This also allows end users (electric utilities) to upgrade individual components of a larger system while keeping the message payload definitions intact. The goal is to enable public and private information sharing securely in a standards-based approach that can be integrated into existing operations. Wemore » provide an example architecture that could benefit from this multi-SDO, secure message approach. This article also describes how to improve message security« less

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks

PubMed Central

Castillo, Encarnación; López-Ramos, Juan A.; Morales, Diego P.

2018-01-01

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature. PMID:29337921

Unified Compact ECC-AES Co-Processor with Group-Key Support for IoT Devices in Wireless Sensor Networks.

PubMed

Parrilla, Luis; Castillo, Encarnación; López-Ramos, Juan A; Álvarez-Bermejo, José A; García, Antonio; Morales, Diego P

2018-01-16

Security is a critical challenge for the effective expansion of all new emerging applications in the Internet of Things paradigm. Therefore, it is necessary to define and implement different mechanisms for guaranteeing security and privacy of data interchanged within the multiple wireless sensor networks being part of the Internet of Things. However, in this context, low power and low area are required, limiting the resources available for security and thus hindering the implementation of adequate security protocols. Group keys can save resources and communications bandwidth, but should be combined with public key cryptography to be really secure. In this paper, a compact and unified co-processor for enabling Elliptic Curve Cryptography along to Advanced Encryption Standard with low area requirements and Group-Key support is presented. The designed co-processor allows securing wireless sensor networks with independence of the communications protocols used. With an area occupancy of only 2101 LUTs over Spartan 6 devices from Xilinx, it requires 15% less area while achieving near 490% better performance when compared to cryptoprocessors with similar features in the literature.

Draft secure medical database standard.

PubMed

Pangalos, George

2002-01-01

Medical database security is a particularly important issue for all Healthcare establishments. Medical information systems are intended to support a wide range of pertinent health issues today, for example: assure the quality of care, support effective management of the health services institutions, monitor and contain the cost of care, implement technology into care without violating social values, ensure the equity and availability of care, preserve humanity despite the proliferation of technology etc.. In this context, medical database security aims primarily to support: high availability, accuracy and consistency of the stored data, the medical professional secrecy and confidentiality, and the protection of the privacy of the patient. These properties, though of technical nature, basically require that the system is actually helpful for medical care and not harmful to patients. These later properties require in turn not only that fundamental ethical principles are not violated by employing database systems, but instead, are effectively enforced by technical means. This document reviews the existing and emerging work on the security of medical database systems. It presents in detail the related problems and requirements related to medical database security. It addresses the problems of medical database security policies, secure design methodologies and implementation techniques. It also describes the current legal framework and regulatory requirements for medical database security. The issue of medical database security guidelines is also examined in detailed. The current national and international efforts in the area are studied. It also gives an overview of the research work in the area. The document also presents in detail the most complete to our knowledge set of security guidelines for the development and operation of medical database systems.

Efficient Authorization of Rich Presence Using Secure and Composed Web Services

NASA Astrophysics Data System (ADS)

Li, Li; Chou, Wu

This paper presents an extended Role-Based Access Control (RBAC) model for efficient authorization of rich presence using secure web services composed with an abstract presence data model. Following the information symmetry principle, the standard RBAC model is extended to support context sensitive social relations and cascaded authority. In conjunction with the extended RBAC model, we introduce an extensible presence architecture prototype using WS-Security and WS-Eventing to secure rich presence information exchanges based on PKI certificates. Applications and performance measurements of our presence system are presented to show that the proposed RBAC framework for presence and collaboration is well suited for real-time communication and collaboration.

Standardized and Repeatable Technology Evaluation for Cybersecurity Acquisition

DTIC Science & Technology

2017-02-01

methodology for evaluating cybersecurity technologies. In this report, we introduce the Department of Defense (DoD)-centric and Independent Technology...Evaluation Capability (DITEC), an experimental decision support service within the U.S. DoD which aims to provide a standardized framework for...13 5.3.1 The Technology Matching Tool: A Recommender System for Security Non - Experts

A Tool for Rating the Resilience of Critical Infrastructures in Extreme Fires

DTIC Science & Technology

2014-05-01

provide a tool for NRC to help the Canadian industry to develop extreme fire protection materials and technologies for critical infrastructures. Future...supported by the Canadian Safety and Security Program (CSSP) which is led by Defence Research and Development Canada’s Centre for Security Science, in...in oil refinery and chemical industry facilities. The only available standard in North America that addresses the transportation infrastructure is

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

NASA Astrophysics Data System (ADS)

Sklavos, N.; Selimis, G.; Koufopavlou, O.

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

Radiological Threat Reduction (RTR) program : implementing physical security to protect large radioactive sources worldwide.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lowe, Daniel L.

2004-11-01

The U.S. Department of Energy's Radiological Threat Reduction (RTR) Program strives to reduce the threat of a Radiological Dispersion Device (RDD) incident that could affect U.S. interests worldwide. Sandia National Laboratories supports the RTR program on many different levels. Sandia works directly with DOE to develop strategies, including the selection of countries to receive support and the identification of radioactive materials to be protected. Sandia also works with DOE in the development of guidelines and in training DOE project managers in physical protection principles. Other support to DOE includes performing rapid assessments and providing guidance for establishing foreign regulatory andmore » knowledge infrastructure. Sandia works directly with foreign governments to establish cooperative agreements necessary to implement the RTR Program efforts to protect radioactive sources. Once necessary agreements are in place, Sandia works with in-country organizations to implement various security related initiatives, such as installing security systems and searching for (and securing) orphaned radioactive sources. The radioactive materials of interest to the RTR program include Cobalt 60, Cesium 137, Strontium 90, Iridium 192, Radium 226, Plutonium 238, Americium 241, Californium 252, and Others. Security systems are implemented using a standardized approach that provides consistency through out the RTR program efforts at Sandia. The approach incorporates a series of major tasks that overlap in order to provide continuity. The major task sequence is to: Establish in-country contacts - integrators, Obtain material characterizations, Perform site assessments and vulnerability assessments, Develop upgrade plans, Procure and install equipment, Conduct acceptance testing and performance testing, Develop procedures, and Conduct training. Other tasks are incorporated as appropriate and commonly include such as support of reconfiguring infrastructure, and developing security plans, etc. This standardized approach is applied to specific country and regional needs. Recent examples (FY 2003-2004) include foreign missions to Lithuania, Russian Federation Navy, Russia - PNPI, Greece (joint mission with IAEA), Tanzania, Iraq, Chile, Ecuador, and Egypt. Some of the ambitions and results of the RTR program may be characterized by the successes in Lithuania, Greece, and Russia.« less

Miniature housing with standard addressable interface for smart sensors and drive electronics

NASA Technical Reports Server (NTRS)

Howard, David E. (Inventor); Smith, Dennis A. (Inventor); Alhorn, Dean C. (Inventor)

2006-01-01

A miniature assembly is disclosed which includes a housing assembly with a cover configured to be sealably secured to a box-like receptacle. The receptacle comprises openings on opposing sides for the seating therein of communications connectors. Enclosed within housing is custom-sized circuit board for supporting, at least, a standard communications interface and at least one electronic device.

Automating Small Libraries.

ERIC Educational Resources Information Center

Swan, James

1996-01-01

Presents a four-phase plan for small libraries strategizing for automation: inventory and weeding, data conversion, implementation, and enhancements. Other topics include selecting a system, MARC records, compatibility, ease of use, industry standards, searching capabilities, support services, system security, screen displays, circulation modules,…

Realizing Informed Consent in Times of Controversy: Lessons from the SUPPORT Study.

PubMed

Morse, Robert J; Wilson, Robin Fretwell

2016-09-01

This Essay examines the elegantly simple idea that consent to medical treatment or participation in human research must be "informed" to be valid. It does so by using as a case study the controversial clinical research trial known as the Surfactant, Positive Pressure, and Oxygenation Randomized Trial ("SUPPORT"). The Essay begins by charting, through case law and the adoption of the common rule, the evolution of duties to secure fully informed consent in both research and treatment. The Essay then utilizes the SUPPORT study, which sought to pinpoint the level of saturated oxygen that should be provided to extremely low birth weight infants to demonstrate modern complexities and shortcomings of the duty to secure informed consent. This Essay shows how the duty is measured by foreseeability of risks and benefits in human research and why federal regulators believed the trade-offs in risk and benefits from differing oxygen levels administered in the support study were foreseeable. It then explores the contours of the duty to secure informed consent when applied to researchers who also serve as treating physicians, highlighting how common law duties differ in jurisdictions that apply the professional standard and those that apply the patient-centered material risk standard. This Essay provides new insight into what the law must do to make real the notion that [e]very human being of adult years and sound mind has a right to determine what shall be done with his body." © 2016 American Society of Law, Medicine & Ethics.

45 CFR 164.318 - Compliance dates for the initial implementation of the security standards.

Code of Federal Regulations, 2010 CFR

2010-10-01

... the security standards. 164.318 Section 164.318 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection... of the security standards. (a) Health plan. (1) A health plan that is not a small health plan must...

Secure Mobile Distributed File System (MDFS)

DTIC Science & Technology

2011-03-01

dissemination of data. In a mobile ad - hoc network, there are two classes of devices: content generators and content consumers. One im- plementation of...use of infrastructure mode is necessary because current Android implemen- tations do not support Mobile Ad - Hoc network without modification of the...NUMBER (include area code ) Standard Form 298 (Rev. 8–98) Prescribed by ANSI Std. Z39.18 24–3–2011 Master’s Thesis 2009-03-01—2011-03-31 Secure Mobile

Performance-Based Design for Arson Threats: Policy Analysis of the Physical Security for Federal Facilities Standard

DTIC Science & Technology

2013-09-01

2012.0002- IR -EP7-A 12a. DISTRIBUTION / AVAILABILITY STATEMENT Approved for public release; distribution is unlimited 12b. DISTRIBUTION CODE A...extremist web forums is directed at Western audiences and supports Homeland attacks. (U.S. Department of Homeland Security Office of Intelligence and...23 In this context, “before the event.” 24 Yung and Benichou’s paper originally was presented at the 5th Fire

Cryptographically supported NFC tags in medication for better inpatient safety.

PubMed

Özcanhan, Mehmet Hilal; Dalkılıç, Gökhan; Utku, Semih

2014-08-01

Reliable sources report that errors in drug administration are increasing the number of harmed or killed inpatients, during healthcare. This development is in contradiction to patient safety norms. A correctly designed hospital-wide ubiquitous system, using advanced inpatient identification and matching techniques, should provide correct medicine and dosage at the right time. Researchers are still making grouping proof protocol proposals based on the EPC Global Class 1 Generation 2 ver. 1.2 standard tags, for drug administration. Analyses show that such protocols make medication unsecure and hence fail to guarantee inpatient safety. Thus, the original goal of patient safety still remains. In this paper, a very recent proposal (EKATE) upgraded by a cryptographic function is shown to fall short of expectations. Then, an alternative proposal IMS-NFC which uses a more suitable and newer technology; namely Near Field Communication (NFC), is described. The proposed protocol has the additional support of stronger security primitives and it is compliant to ISO communication and security standards. Unlike previous works, the proposal is a complete ubiquitous system that guarantees full patient safety; and it is based on off-the-shelf, new technology products available in every corner of the world. To prove the claims the performance, cost, security and scope of IMS-NFC are compared with previous proposals. Evaluation shows that the proposed system has stronger security, increased patient safety and equal efficiency, at little extra cost.

46 CFR 154.425 - General.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 5 2010-10-01 2010-10-01 false General. 154.425 Section 154.425 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF... membrane tank, secondary barrier, including welds, the supporting insulation, and pressure control...

46 CFR 154.425 - General.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 5 2011-10-01 2011-10-01 false General. 154.425 Section 154.425 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF... membrane tank, secondary barrier, including welds, the supporting insulation, and pressure control...

Activities report of PTT Research

NASA Astrophysics Data System (ADS)

In the field of postal infrastructure research, activities were performed on postcode readers, radiolabels, and techniques of operations research and artificial intelligence. In the field of telecommunication, transportation, and information, research was made on multipurpose coding schemes, speech recognition, hypertext, a multimedia information server, security of electronic data interchange, document retrieval, improvement of the quality of user interfaces, domotics living support (techniques), and standardization of telecommunication prototcols. In the field of telecommunication infrastructure and provisions research, activities were performed on universal personal telecommunications, advanced broadband network technologies, coherent techniques, measurement of audio quality, near field facilities, local beam communication, local area networks, network security, coupling of broadband and narrowband integrated services digital networks, digital mapping, and standardization of protocols.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

PubMed

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

PubMed Central

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

38 CFR 61.1 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-07-01

... condition of schizophrenia or major affective disorder (including bipolar disorder) or posttraumatic stress... assessment on a standardized scale of any serious symptomology or serious impairment in the areas of work... related to administering the grant after the award), maintenance, repair and security for the supportive...

38 CFR 61.1 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-07-01

... condition of schizophrenia or major affective disorder (including bipolar disorder) or posttraumatic stress... assessment on a standardized scale of any serious symptomology or serious impairment in the areas of work... related to administering the grant after the award), maintenance, repair and security for the supportive...

Is emergency management an integrated element of business continuity management? A case study with security professionals in Western Australia.

PubMed

Frohde, Kenny; Brooks, David J

Emergency management (EM) and business continuity management (BCM) frameworks incorporate various strategic and operational measures. Defined within a number of national and international standards and guidelines, such concepts may be integrated within one another to provide increased resilience to disruptive events. Nevertheless, there is a degree of dispute regarding concept integration among security and EM professionals and bodies of knowledge. In line with cognitive psychology exemplar-based concepts, such disputes may be associated with a lack of precision in communality in the approach to EM and BCM. This paper presents a two-stage study, where stage 1 critiqued national and international literature and stage 2 applied semi-structured interviews with security managers in Western Australia. Findings indicate the existence of contradictory views on EM and its integration within BCM. As such, this study concludes that EM is considered a vital component of BCM by the majority of security managers. However, there is broader dispute regarding its degree of integration. Understanding the underpinnings of such disputes will aid in raising the standards and application of professionalism within security, EM and BCM domains, supporting clarification and definition of professional boundaries.

45 CFR 164.306 - Security standards: General rules.

Code of Federal Regulations, 2012 CFR

2012-10-01

... RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164.306 Security standards: General rules. (a) General requirements. Covered... covered entity to reasonably and appropriately implement the standards and implementation specifications...

45 CFR 164.306 - Security standards: General rules.

Code of Federal Regulations, 2013 CFR

2013-10-01

... RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164.306 Security standards: General rules. (a) General requirements. Covered... and appropriately implement the standards and implementation specifications as specified in this...

INcreasing Security and Protection through Infrastructure REsilience: The INSPIRE Project

NASA Astrophysics Data System (ADS)

D'Antonio, Salvatore; Romano, Luigi; Khelil, Abdelmajid; Suri, Neeraj

The INSPIRE project aims at enhancing the European potential in the field of security by ensuring the protection of critical information infrastructures through (a) the identification of their vulnerabilities and (b) the development of innovative techniques for securing networked process control systems. To increase the resilience of such systems INSPIRE will develop traffic engineering algorithms, diagnostic processes and self-reconfigurable architectures along with recovery techniques. Hence, the core idea of the INSPIRE project is to protect critical information infrastructures by appropriately configuring, managing, and securing the communication network which interconnects the distributed control systems. A working prototype will be implemented as a final demonstrator of selected scenarios. Controls/Communication Experts will support project partners in the validation and demonstration activities. INSPIRE will also contribute to standardization process in order to foster multi-operator interoperability and coordinated strategies for securing lifeline systems.

Grid Modernization | NREL

Science.gov Websites

development to improve the nation's electrical grid infrastructure, making it more flexible, reliable Standard, IEEE 1547 Blue cover page of report with hexagon shapes over electric grid Basic Research Needs Controls Power Systems Design and Studies Security and Resilience Institutional Support NREL grid research

MAVEN Information Security Governance, Risk Management, and Compliance (GRC): Lessons Learned

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Gomez-Rosa, Carlos A.; Mangum, Kevin; Wasiak, Fran

2014-01-01

As the first interplanetary mission managed by the NASA Goddard Space Flight Center, the Mars Atmosphere and Volatile EvolutioN (MAVEN) had three IT security goals for its ground system: COMPLIANCE, (IT) RISK REDUCTION, and COST REDUCTION. In a multiorganizational environment in which government, industry and academia work together in support of the ground system and mission operations, information security governance, risk management, and compliance (GRC) becomes a challenge as each component of the ground system has and follows its own set of IT security requirements. These requirements are not necessarily the same or even similar to each other's, making the auditing of the ground system security a challenging feat. A combination of standards-based information security management based on the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), due diligence by the Mission's leadership, and effective collaboration among all elements of the ground system enabled MAVEN to successfully meet NASA's requirements for IT security, and therefore meet Federal Information Security Management Act (FISMA) mandate on the Agency. Throughout the implementation of GRC on MAVEN during the early stages of the mission development, the Project faced many challenges some of which have been identified in this paper. The purpose of this paper is to document these challenges, and provide a brief analysis of the lessons MAVEN learned. The historical information documented herein, derived from an internal pre-launch lessons learned analysis, can be used by current and future missions and organizations implementing and auditing GRC.

IT Security Support for the Spaceport Command Control System Development

NASA Technical Reports Server (NTRS)

Varise, Brian

2014-01-01

My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

Interpreting international governance standards for health IT use within general medical practice.

PubMed

Mahncke, Rachel J; Williams, Patricia A H

2014-01-01

General practices in Australia recognise the importance of comprehensive protective security measures. Some elements of information security governance are incorporated into recommended standards, however the governance component of information security is still insufficiently addressed in practice. The International Organistion for Standardisation (ISO) released a new global standard in May 2013 entitled, ISO/IEC 27014:2013 Information technology - Security techniques - Governance of information security. This standard, applicable to organisations of all sizes, offers a framework against which to assess and implement the governance components of information security. The standard demonstrates the relationship between governance and the management of information security, provides strategic principles and processes, and forms the basis for establishing a positive information security culture. An analysis interpretation of this standard for use in Australian general practice was performed. This work is unique as such interpretation for the Australian healthcare environment has not been undertaken before. It demonstrates an application of the standard at a strategic level to inform existing development of an information security governance framework.

12 CFR Appendix B to Part 30 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2011 CFR

2011-01-01

... Establishing Information Security Standards Table of Contents I. Introduction A. Scope B. Preservation of... Security Program B. Objectives III. Development and Implementation of Customer Information Security Program.... Introduction The Interagency Guidelines Establishing Information Security Standards (Guidelines) set forth...

A Security Audit Framework to Manage Information System Security

NASA Astrophysics Data System (ADS)

Pereira, Teresa; Santos, Henrique

The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

45 CFR 164.306 - Security standards: General rules.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 45 Public Welfare 1 2010-10-01 2010-10-01 false Security standards: General rules. 164.306 Section 164.306 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected...

45 CFR 164.306 - Security standards: General rules.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 45 Public Welfare 1 2011-10-01 2011-10-01 false Security standards: General rules. 164.306 Section 164.306 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected...

45 CFR 164.306 - Security standards: General rules.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Security standards: General rules. 164.306 Section 164.306 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected...

Development and Application of Skill Standards for Security Practitioners

DTIC Science & Technology

2006-07-01

Development and Application of Skill Standards for Security Practitioners Henry K. Simpson Northrop Grumman Technical Services Lynn F. Fischer...and Application of Skill Standards for Security Practitioners Henry K. Simpson, Northrop Grumman Technical Services Lynn F. Fischer, Defense...described in the present report was driven by a JSTC tasking to develop skill standards for security practitioners in seven different security

46 CFR 154.428 - Allowable stress.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 5 2010-10-01 2010-10-01 false Allowable stress. 154.428 Section 154.428 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR... § 154.428 Allowable stress. The membrane tank and the supporting insulation must have allowable stresses...

46 CFR 154.428 - Allowable stress.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 5 2013-10-01 2013-10-01 false Allowable stress. 154.428 Section 154.428 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR... § 154.428 Allowable stress. The membrane tank and the supporting insulation must have allowable stresses...

46 CFR 154.428 - Allowable stress.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 5 2014-10-01 2014-10-01 false Allowable stress. 154.428 Section 154.428 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR... § 154.428 Allowable stress. The membrane tank and the supporting insulation must have allowable stresses...

46 CFR 154.428 - Allowable stress.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Allowable stress. 154.428 Section 154.428 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR... § 154.428 Allowable stress. The membrane tank and the supporting insulation must have allowable stresses...

46 CFR 154.428 - Allowable stress.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 5 2011-10-01 2011-10-01 false Allowable stress. 154.428 Section 154.428 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR... § 154.428 Allowable stress. The membrane tank and the supporting insulation must have allowable stresses...

75 FR 15440 - Guidance for Industry on Standards for Securing the Drug Supply Chain-Standardized Numerical...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-03-29

...] Guidance for Industry on Standards for Securing the Drug Supply Chain--Standardized Numerical... industry entitled ``Standards for Securing the Drug Supply Chain-Standardized Numerical Identification for... the Drug Supply Chain-Standardized Numerical Identification for Prescription Drug Packages.'' In the...

Fully Integrated Passive UHF RFID Tag for Hash-Based Mutual Authentication Protocol.

PubMed

Mikami, Shugo; Watanabe, Dai; Li, Yang; Sakiyama, Kazuo

2015-01-01

Passive radio-frequency identification (RFID) tag has been used in many applications. While the RFID market is expected to grow, concerns about security and privacy of the RFID tag should be overcome for the future use. To overcome these issues, privacy-preserving authentication protocols based on cryptographic algorithms have been designed. However, to the best of our knowledge, evaluation of the whole tag, which includes an antenna, an analog front end, and a digital processing block, that runs authentication protocols has not been studied. In this paper, we present an implementation and evaluation of a fully integrated passive UHF RFID tag that runs a privacy-preserving mutual authentication protocol based on a hash function. We design a single chip including the analog front end and the digital processing block. We select a lightweight hash function supporting 80-bit security strength and a standard hash function supporting 128-bit security strength. We show that when the lightweight hash function is used, the tag completes the protocol with a reader-tag distance of 10 cm. Similarly, when the standard hash function is used, the tag completes the protocol with the distance of 8.5 cm. We discuss the impact of the peak power consumption of the tag on the distance of the tag due to the hash function.

Interoperability and security in wireless body area network infrastructures.

PubMed

Warren, Steve; Lebak, Jeffrey; Yao, Jianchu; Creekmore, Jonathan; Milenkovic, Aleksandar; Jovanov, Emil

2005-01-01

Wireless body area networks (WBANs) and their supporting information infrastructures offer unprecedented opportunities to monitor state of health without constraining the activities of a wearer. These mobile point-of-care systems are now realizable due to the convergence of technologies such as low-power wireless communication standards, plug-and-play device buses, off-the-shelf development kits for low-power microcontrollers, handheld computers, electronic medical records, and the Internet. To increase acceptance of personal monitoring technology while lowering equipment cost, advances must be made in interoperability (at both the system and device levels) and security. This paper presents an overview of WBAN infrastructure work in these areas currently underway in the Medical Component Design Laboratory at Kansas State University (KSU) and at the University of Alabama in Huntsville (UAH). KSU efforts include the development of wearable health status monitoring systems that utilize ISO/IEEE 11073, Bluetooth, Health Level 7, and OpenEMed. WBAN efforts at UAH include the development of wearable activity and health monitors that incorporate ZigBee-compliant wireless sensor platforms with hardware-level encryption and the TinyOS development environment. WBAN infrastructures are complex, requiring many functional support elements. To realize these infrastructures through collaborative efforts, organizations such as KSU and UAH must define and utilize standard interfaces, nomenclature, and security approaches.

76 FR 7817 - Announcing Draft Federal Information Processing Standard 180-4, Secure Hash Standard, and Request...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-02-11

... before May 12, 2011. ADDRESSES: Written comments may be sent to: Chief, Computer Security Division... FURTHER INFORMATION CONTACT: Elaine Barker, Computer Security Division, National Institute of Standards... Quynh Dang, Computer Security Division, National Institute of Standards and Technology, Gaithersburg, MD...

Trust-Based Security Level Evaluation Using Bayesian Belief Networks

NASA Astrophysics Data System (ADS)

Houmb, Siv Hilde; Ray, Indrakshi; Ray, Indrajit; Chakraborty, Sudip

Security is not merely about technical solutions and patching vulnerabilities. Security is about trade-offs and adhering to realistic security needs, employed to support core business processes. Also, modern systems are subject to a highly competitive market, often demanding rapid development cycles, short life-time, short time-to-market, and small budgets. Security evaluation standards, such as ISO 14508 Common Criteria and ISO/IEC 27002, are not adequate for evaluating the security of many modern systems for resource limitations, time-to-market, and other constraints. Towards this end, we propose an alternative time and cost effective approach for evaluating the security level of a security solution, system or part thereof. Our approach relies on collecting information from different sources, who are trusted to varying degrees, and on using a trust measure to aggregate available information when deriving security level. Our approach is quantitative and implemented as a Bayesian Belief Network (BBN) topology, allowing us to reason over uncertain information and seemingly aggregating disparate information. We illustrate our approach by deriving the security level of two alternative Denial of Service (DoS) solutions. Our approach can also be used in the context of security solution trade-off analysis.

Internetting tactical security sensor systems

NASA Astrophysics Data System (ADS)

Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

1998-08-01

The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control stations.

Medical image security in a HIPAA mandated PACS environment.

PubMed

Cao, F; Huang, H K; Zhou, X Q

2003-01-01

Medical image security is an important issue when digital images and their pertinent patient information are transmitted across public networks. Mandates for ensuring health data security have been issued by the federal government such as Health Insurance Portability and Accountability Act (HIPAA), where healthcare institutions are obliged to take appropriate measures to ensure that patient information is only provided to people who have a professional need. Guidelines, such as digital imaging and communication in medicine (DICOM) standards that deal with security issues, continue to be published by organizing bodies in healthcare. However, there are many differences in implementation especially for an integrated system like picture archiving and communication system (PACS), and the infrastructure to deploy these security standards is often lacking. Over the past 6 years, members in the Image Processing and Informatics Laboratory, Childrens Hospital, Los Angeles/University of Southern California, have actively researched image security issues related to PACS and teleradiology. The paper summarizes our previous work and presents an approach to further research on the digital envelope (DE) concept that provides image integrity and security assurance in addition to conventional network security protection. The DE, including the digital signature (DS) of the image as well as encrypted patient information from the DICOM image header, can be embedded in the background area of the image as an invisible permanent watermark. The paper outlines the systematic development, evaluation and deployment of the DE method in a PACS environment. We have also proposed a dedicated PACS security server that will act as an image authority to check and certify the image origin and integrity upon request by a user, and meanwhile act also as a secure DICOM gateway to the outside connections and a PACS operation monitor for HIPAA supporting information. Copyright 2002 Elsevier Science Ltd.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ladendorff, Marlene Z.

Considerable money and effort has been expended by generation, transmission, and distribution entities in North America to implement the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards for the bulk electric system. Assumptions have been made that as a result of the implementation of the standards, the grid is more cyber secure than it was pre-NERC CIP, but are there data supporting these claims, or only speculation? Has the implementation of the standards had an effect on the grid? Furthermore, developing a research study to address these and other questions provided surprising results.

46 CFR 64.29 - Tank saddles.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 46 Shipping 2 2011-10-01 2011-10-01 false Tank saddles. 64.29 Section 64.29 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.29 Tank saddles. If a tank is not completely supported by a framework...

46 CFR 64.29 - Tank saddles.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 2 2013-10-01 2013-10-01 false Tank saddles. 64.29 Section 64.29 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.29 Tank saddles. If a tank is not completely supported by a framework...

46 CFR 64.29 - Tank saddles.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 46 Shipping 2 2010-10-01 2010-10-01 false Tank saddles. 64.29 Section 64.29 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.29 Tank saddles. If a tank is not completely supported by a framework...

46 CFR 64.29 - Tank saddles.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 2 2012-10-01 2012-10-01 false Tank saddles. 64.29 Section 64.29 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.29 Tank saddles. If a tank is not completely supported by a framework...

46 CFR 64.29 - Tank saddles.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 2 2014-10-01 2014-10-01 false Tank saddles. 64.29 Section 64.29 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) MARINE ENGINEERING MARINE PORTABLE TANKS AND CARGO HANDLING SYSTEMS Standards for an MPT § 64.29 Tank saddles. If a tank is not completely supported by a framework...

47 CFR 10.320 - Provider alert gateway requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... must be identified by a unique IP address or domain name. (b) Authentication and validation. The CMS... alert gateway if a validation fails. (c) Security. The CMS provider gateway must support standardized IP... CMSP Name Unique identification of CMSP. CMSP gateway Address IP address or Domain Name Alternate IP...

46 CFR 154.471 - Design criteria.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 46 Shipping 5 2012-10-01 2012-10-01 false Design criteria. 154.471 Section 154.471 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES Design, Construction and Equipment Support System § 154.471 Design criteria. (a) The cargo...

46 CFR 154.471 - Design criteria.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 46 Shipping 5 2013-10-01 2013-10-01 false Design criteria. 154.471 Section 154.471 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES Design, Construction and Equipment Support System § 154.471 Design criteria. (a) The cargo...

46 CFR 154.471 - Design criteria.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 46 Shipping 5 2014-10-01 2014-10-01 false Design criteria. 154.471 Section 154.471 Shipping COAST GUARD, DEPARTMENT OF HOMELAND SECURITY (CONTINUED) CERTAIN BULK DANGEROUS CARGOES SAFETY STANDARDS FOR SELF-PROPELLED VESSELS CARRYING BULK LIQUEFIED GASES Design, Construction and Equipment Support System § 154.471 Design criteria. (a) The cargo...

75 FR 71519 - National Family Week, 2010

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-24

..., which aims to protect working families' economic security and raise their standard of living. And the... brave service members and their families who keep our loved ones safe here at home and abroad. This... dreams. As we confront our challenges as a Nation, let us support our families in creating safe...

45 CFR 164.318 - Compliance dates for the initial implementation of the security standards.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 45 Public Welfare 1 2011-10-01 2011-10-01 false Compliance dates for the initial implementation of the security standards. 164.318 Section 164.318 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection...

45 CFR 164.318 - Compliance dates for the initial implementation of the security standards.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Compliance dates for the initial implementation of the security standards. 164.318 Section 164.318 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection...

The cost-effectiveness of supported employment for adults with autism in the United Kingdom

PubMed Central

Megnin-Viggars, Odette; Cheema, Nadir; Howlin, Patricia; Baron-Cohen, Simon; Pilling, Stephen

2014-01-01

Adults with autism face high rates of unemployment. Supported employment enables individuals with autism to secure and maintain a paid job in a regular work environment. The objective of this study was to assess the cost-effectiveness of supported employment compared with standard care (day services) for adults with autism in the United Kingdom. Thus, a decision-analytic economic model was developed, which used outcome data from the only trial that has evaluated supported employment for adults with autism in the United Kingdom. The main analysis considered intervention costs, while cost-savings associated with changes in accommodation status and National Health Service and personal social service resource use were examined in secondary analyses. Two outcome measures were used: the number of weeks in employment and the quality-adjusted life year. Supported employment resulted in better outcomes compared with standard care, at an extra cost of £18 per additional week in employment or £5600 per quality-adjusted life year. In secondary analyses that incorporated potential cost-savings, supported employment dominated standard care (i.e. it produced better outcomes at a lower total cost). The analysis suggests that supported employment schemes for adults with autism in the United Kingdom are cost-effective compared with standard care. Further research needs to confirm these findings. PMID:24126866

Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

DTIC Science & Technology

2012-03-01

SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD) THESIS...protection in the United States. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY DISTRIBUTION (QKD...FOR PUBLIC RELEASE; DISTRIBUTION UNLIMITED. AFIT/GSE/ENV/12-M05 SECURITY STANDARDS AND BEST PRACTICE CONSIDERATIONS FOR QUANTUM KEY

7 CFR 160.75 - Loan of standards under security deposit.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 7 Agriculture 3 2010-01-01 2010-01-01 false Loan of standards under security deposit. 160.75... REGULATIONS AND STANDARDS FOR NAVAL STORES Loan and Care of United States Standards § 160.75 Loan of standards under security deposit. Duplicates of the United States Standards for rosin may be loaned to interested...

GEMSS: grid-infrastructure for medical service provision.

PubMed

Benkner, S; Berti, G; Engelbrecht, G; Fingberg, J; Kohring, G; Middleton, S E; Schmidt, R

2005-01-01

The European GEMSS Project is concerned with the creation of medical Grid service prototypes and their evaluation in a secure service-oriented infrastructure for distributed on demand/supercomputing. Key aspects of the GEMSS Grid middleware include negotiable QoS support for time-critical service provision, flexible support for business models, and security at all levels in order to ensure privacy of patient data as well as compliance to EU law. The GEMSS Grid infrastructure is based on a service-oriented architecture and is being built on top of existing standard Grid and Web technologies. The GEMSS infrastructure offers a generic Grid service provision framework that hides the complexity of transforming existing applications into Grid services. For the development of client-side applications or portals, a pluggable component framework has been developed, providing developers with full control over business processes, service discovery, QoS negotiation, and workflow, while keeping their underlying implementation hidden from view. A first version of the GEMSS Grid infrastructure is operational and has been used for the set-up of a Grid test-bed deploying six medical Grid service prototypes including maxillo-facial surgery simulation, neuro-surgery support, radio-surgery planning, inhaled drug-delivery simulation, cardiovascular simulation and advanced image reconstruction. The GEMSS Grid infrastructure is based on standard Web Services technology with an anticipated future transition path towards the OGSA standard proposed by the Global Grid Forum. GEMSS demonstrates that the Grid can be used to provide medical practitioners and researchers with access to advanced simulation and image processing services for improved preoperative planning and near real-time surgical support.

78 FR 59981 - Proposed Revision to Physical Security-Standard Design Certification and Operating Reactors

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-30

... the Standard Review Plan (SRP), concerning the physical security reviews of design certification... NRC staff with the physical security review of applications for design certifications, incorporate... NUCLEAR REGULATORY COMMISSION [NRC-2013-0225] Proposed Revision to Physical Security--Standard...

Can GPs working in secure environments in England re-license using the Royal College of General Practitioners revalidation proposals?

PubMed Central

2012-01-01

Background Revalidation for UK doctors is expected to be introduced from late 2012. For general practitioners (GPs), this entails collecting supporting information to be submitted and assessed in a revalidation portfolio every five years. The aim of this study was to explore the feasibility of GPs working in secure environments to collect supporting information for the Royal College of General Practitioners’ (RCGP) proposed revalidation portfolio. Methods We invited GPs working in secure environments in England to submit items of supporting information collected during the previous 12 months using criteria and standards required for the proposed RCGP revalidation portfolio and complete a GP issues log. Initial focus groups and initial and follow-up semi-structured face-to-face and telephone interviews were held to explore GPs’ views of this process. Quantitative and qualitative data were analysed using descriptive statistics and identifying themes respectively. Results Of the 50 GPs who consented to participate in the study, 20 submitted a portfolio. Thirty-eight GPs participated in an initial interview, nine took part in a follow-up interview and 17 completed a GP issues log. GPs reported difficulty in collecting supporting information for valid patient feedback, full-cycle clinical audits and evidence for their extended practice role(s) as sessional practitioners in the high population turnover custodial environment. Peripatetic practitioners experienced more difficulty than their institution based counterparts collating this evidence. Conclusions GPs working in secure environments may experience difficulties in collecting the newer types of supporting information for the proposed RCGP revalidation portfolio primarily due to their employment status within a non-medical environment and characteristics of the detainee population. Increased support from secure environment service commissioners and employers will be a prerequisite for these practitioners to enable them to re-license using the RCGP revalidation proposals. PMID:23253694

On Business-Driven IT Security Management and Mismatches between Security Requirements in Firms, Industry Standards and Research Work

NASA Astrophysics Data System (ADS)

Frühwirth, Christian

Industry managers have long recognized the vital importance of information security for their businesses, but at the same time they perceived security as a technology-driven rather then a business-driven field. Today, this notion is changing and security management is shifting from technology- to business-oriented approaches. Whereas there is evidence of this shift in the literature, this paper argues that security standards and academic work have not yet taken it fully into account. We examine whether this disconnect has lead to a misalignment of IT security requirements in businesses versus industry standards and academic research. We conducted 13 interviews with practitioners from 9 different firms to investigate this question. The results present evidence for a significant gap between security requirements in industry standards and actually reported security vulnerabilities. We further find mismatches between the prioritization of security factors in businesses, standards and real-world threats. We conclude that security in companies serves the business need of protecting information availability to keep the business running at all times.

The JPEG XT suite of standards: status and future plans

NASA Astrophysics Data System (ADS)

Richter, Thomas; Bruylants, Tim; Schelkens, Peter; Ebrahimi, Touradj

2015-09-01

The JPEG standard has known an enormous market adoption. Daily, billions of pictures are created, stored and exchanged in this format. The JPEG committee acknowledges this success and spends continued efforts in maintaining and expanding the standard specifications. JPEG XT is a standardization effort targeting the extension of the JPEG features by enabling support for high dynamic range imaging, lossless and near-lossless coding, and alpha channel coding, while also guaranteeing backward and forward compatibility with the JPEG legacy format. This paper gives an overview of the current status of the JPEG XT standards suite. It discusses the JPEG legacy specification, and details how higher dynamic range support is facilitated both for integer and floating-point color representations. The paper shows how JPEG XT's support for lossless and near-lossless coding of low and high dynamic range images is achieved in combination with backward compatibility to JPEG legacy. In addition, the extensible boxed-based JPEG XT file format on which all following and future extensions of JPEG will be based is introduced. This paper also details how the lossy and lossless representations of alpha channels are supported to allow coding transparency information and arbitrarily shaped images. Finally, we conclude by giving prospects on upcoming JPEG standardization initiative JPEG Privacy & Security, and a number of other possible extensions in JPEG XT.

Endogenous fertility, altruistic behavior across generations, and social security systems.

PubMed

Prinz, A

1990-01-01

This study examines the possible link between the existence of a pay-as-you-go social security program and individual procreative behavior. When a public old-age income support system takes the place of within-family support, the theoretical literature preducts that fertility rates will decline since children are no longer perceived as important to the old age security of the parents. The author takes up this theoretical problem and examines it through three different but related issues: optimal capital accumulation, optimal population growth and the role of social institutions affecting efficient intergenerational allocations. Econometric analysis employing a steady state growth model is used. Altruism between generations is studied for effect on the standard model. The model shows that for social optimum the per capita pension is related to the growth rate of the population, therefore, for society as a whole, children are investment goods. However, given the existence of a social security system, it is in each household's best interest to have no children at all. Only a government transfer, a child allowance to parents, changes the model and fertility rates. When modified to account for "caring" the model demonstrates that altruistic behavior between generations is not symmetrical. The study concludes that a pay-as-you-go funded social security system should be supplemented by a system of child allowances or replaced by a fully funded social security system.

Construct validity of the Thai version of the job content questionnaire in a large population of heterogeneous occupations.

PubMed

Phakthongsuk, Pitchaya

2009-04-01

To test the construct validity of the Thai version of the job content questionnaire (TJCQ). The present descriptive study recruited 10415 participants from all occupations according to the International Standard Classification of Occupations. The instrument consisted of a 48-item of the job content questionnaire. Eight items newly developed by the authors from in-depth interviews were added. Exploratory factor analysis showed six factor models of work hazards, decision latitude, psychological demand, social support, physical demand, and job security. However, supervisor and co-worker support were not distinguished into two factors and some items distributed differently along the factors extracted. Confirmatory factor analysis supported the construct of six latent factors, although the overall fit was moderately acceptable. Cronbach's alpha coefficients higher than 0.7, supported the internal consistency of TJCQ scales except for job security (0.55). These findings suggest that TJCQ is valid and reliable for assessing job stress among Thai populations.

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Physical security standards. 110.44 Section 110.44 Energy NUCLEAR REGULATORY COMMISSION (CONTINUED) EXPORT AND IMPORT OF NUCLEAR EQUIPMENT AND MATERIAL Review of License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient...

Information Systems Security Management: A Review and a Classification of the ISO Standards

NASA Astrophysics Data System (ADS)

Tsohou, Aggeliki; Kokolakis, Spyros; Lambrinoudakis, Costas; Gritzalis, Stefanos

The need for common understanding and agreement of functional and non-functional requirements is well known and understood by information system designers. This is necessary for both: designing the "correct" system and achieving interoperability with other systems. Security is maybe the best example of this need. If the understanding of the security requirements is not the same for all involved parties and the security mechanisms that will be implemented do not comply with some globally accepted rules and practices, then the system that will be designed will not necessarily achieve the desired security level and it will be very difficult to securely interoperate with other systems. It is therefore clear that the role and contribution of international standards to the design and implementation of security mechanisms is dominant. In this paper we provide a state of the art review on information security management standards published by the International Organization for Standardization and the International Electrotechnical Commission. Such an analysis is meaningful to security practitioners for an efficient management of information security. Moreover, the classification of the standards in the clauses of ISO/IEC 27001:2005 that results from our analysis is expected to provide assistance in dealing with the plethora of security standards.

Security Blanket or Mother: Which Benefits Linus during Pediatric Examinations?

ERIC Educational Resources Information Center

Ybarra, Gabriel; Passman, Richard H.; Eisenberg, Carl S. L.

This study compared the degree to which young children were placated during a standard medical evaluation by the presence of their mother, blanket, mother plus blanket, or no supportive agent. Participating were 64 three-year-olds who underwent 4 routine medical procedures. Children were rated by their mothers as attached or nonattached to…

Supporting Safe, Secure and Caring Schools in Alberta.

ERIC Educational Resources Information Center

McMullen, Dean

Alberta Learning expects all schools to have a safe and caring teaching and learning environment to ensure students have the opportunity to meet the standards of education set by the Minister of Learning. The primary objectives of this manual are to facilitate action that is legally, professionally, and educationally sound; identify and support…

The effect of the NERC CIP standards on the reliability of the North American Bulk Electric System

DOE PAGES

Ladendorff, Marlene Z.

2016-06-01

Considerable money and effort has been expended by generation, transmission, and distribution entities in North America to implement the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards for the bulk electric system. Assumptions have been made that as a result of the implementation of the standards, the grid is more cyber secure than it was pre-NERC CIP, but are there data supporting these claims, or only speculation? Has the implementation of the standards had an effect on the grid? Furthermore, developing a research study to address these and other questions provided surprising results.

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 2 2014-01-01 2014-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 2 2013-01-01 2013-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 2 2012-01-01 2012-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

10 CFR 110.44 - Physical security standards.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 2 2011-01-01 2011-01-01 false Physical security standards. 110.44 Section 110.44 Energy... License Applications § 110.44 Physical security standards. (a) Physical security measures in recipient... publication INFCIRC/225/Rev. 4 (corrected), June 1999, “The Physical Protection of Nuclear Material and...

12 CFR Appendix B to Part 170 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2014 CFR

2014-01-01

... Security Standards B Appendix B to Part 170 Banks and Banking COMPTROLLER OF THE CURRENCY, DEPARTMENT OF... Part 170—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of...

12 CFR Appendix B to Part 170 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2013 CFR

2013-01-01

... Security Standards B Appendix B to Part 170 Banks and Banking COMPTROLLER OF THE CURRENCY, DEPARTMENT OF... Part 170—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of...

75 FR 2013 - Health Information Technology: Initial Set of Standards, Implementation Specifications, and...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-01-13

...The Department of Health and Human Services (HHS) is issuing this interim final rule with a request for comments to adopt an initial set of standards, implementation specifications, and certification criteria, as required by section 3004(b)(1) of the Public Health Service Act. This interim final rule represents the first step in an incremental approach to adopting standards, implementation specifications, and certification criteria to enhance the interoperability, functionality, utility, and security of health information technology and to support its meaningful use. The certification criteria adopted in this initial set establish the capabilities and related standards that certified electronic health record (EHR) technology will need to include in order to, at a minimum, support the achievement of the proposed meaningful use Stage 1 (beginning in 2011) by eligible professionals and eligible hospitals under the Medicare and Medicaid EHR Incentive Programs.

Health information technology: initial set of standards, implementation specifications, and certification criteria for electronic health record technology. Interim final rule.

PubMed

2010-01-13

The Department of Health and Human Services (HHS) is issuing this interim final rule with a request for comments to adopt an initial set of standards, implementation specifications, and certification criteria, as required by section 3004(b)(1) of the Public Health Service Act. This interim final rule represents the first step in an incremental approach to adopting standards, implementation specifications, and certification criteria to enhance the interoperability, functionality, utility, and security of health information technology and to support its meaningful use. The certification criteria adopted in this initial set establish the capabilities and related standards that certified electronic health record (EHR) technology will need to include in order to, at a minimum, support the achievement of the proposed meaningful use Stage 1 (beginning in 2011) by eligible professionals and eligible hospitals under the Medicare and Medicaid EHR Incentive Programs.

A Standardization Framework for Electronic Government Service Portals

NASA Astrophysics Data System (ADS)

Sarantis, Demetrios; Tsiakaliaris, Christos; Lampathaki, Fenareti; Charalabidis, Yannis

Although most eGovernment interoperability frameworks (eGIFs) cover adequately the technical aspects of developing and supporting the provision of electronic services to citizens and businesses, they do not exclusively address several important areas regarding the organization, presentation, accessibility and security of the content and the electronic services offered through government portals. This chapter extends the scope of existing eGIFs presenting the overall architecture and the basic concepts of the Greek standardization framework for electronic government service portals which, for the first time in Europe, is part of a country's eGovernment framework. The proposed standardization framework includes standards, guidelines and recommendations regarding the design, development and operation of government portals that support the provision of administrative information and services to citizens and businesses. By applying the guidelines of the framework, the design, development and operation of portals in central, regional and municipal government can be systematically addressed resulting in an applicable, sustainable and ever-expanding framework.

Information risk and security modeling

NASA Astrophysics Data System (ADS)

Zivic, Predrag

2005-03-01

This research paper presentation will feature current frameworks to addressing risk and security modeling and metrics. The paper will analyze technical level risk and security metrics of Common Criteria/ISO15408, Centre for Internet Security guidelines, NSA configuration guidelines and metrics used at this level. Information IT operational standards view on security metrics such as GMITS/ISO13335, ITIL/ITMS and architectural guidelines such as ISO7498-2 will be explained. Business process level standards such as ISO17799, COSO and CobiT will be presented with their control approach to security metrics. Top level, the maturity standards such as SSE-CMM/ISO21827, NSA Infosec Assessment and CobiT will be explored and reviewed. For each defined level of security metrics the research presentation will explore the appropriate usage of these standards. The paper will discuss standards approaches to conducting the risk and security metrics. The research findings will demonstrate the need for common baseline for both risk and security metrics. This paper will show the relation between the attribute based common baseline and corporate assets and controls for risk and security metrics. IT will be shown that such approach spans over all mentioned standards. The proposed approach 3D visual presentation and development of the Information Security Model will be analyzed and postulated. Presentation will clearly demonstrate the benefits of proposed attributes based approach and defined risk and security space for modeling and measuring.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew A.

2014-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere has heightened from airports to the communication among the military branches legionnaires. With advanced persistent threats (APT's) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning, and configuration of network devices i.e. routers and IDS's/IPS's. In addition, I will be completing security assessments on software and hardware, vulnerability assessments and reporting, and conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out the tasks stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, as well as policies and procedures.

IT Security Support for the Spaceport Command Control Systems Development Ground Support Development Operations

NASA Technical Reports Server (NTRS)

Branch, Drew

2013-01-01

Security is one of the most if not the most important areas today. After the several attacks on the United States, security everywhere was heightened from Airports to the communication among the military branches legionnaires. With advanced persistent threats (APTs) on the rise following Stuxnet, government branches and agencies are required, more than ever, to follow several standards, policies and procedures to reduce the likelihood of a breach. Attack vectors today are very advanced and are going to continue to get more and more advanced as security controls advance. This creates a need for networks and systems to be in an updated and secured state in a launch control system environment. FISMA is a law that is mandated by the government to follow when government agencies secure networks and devices. My role on this project is to ensure network devices and systems are in compliance with NIST, as outlined in FISMA. I will achieve this by providing assistance with security plan documentation and collection, system hardware and software inventory, malicious code and malware scanning and configuration of network devices i.e. routers and IDSsIPSs. In addition I will be completing security assessments on software and hardware, vulnerability assessments and reporting, conducting patch management and risk assessments. A guideline that will help with compliance with NIST is the SANS Top 20 Critical Controls. SANS Top 20 Critical Controls as well as numerous security tools, security software and the conduction of research will be used to successfully complete the tasks given to me. This will ensure compliance with FISMA and NIST, secure systems and a secured network. By the end of this project, I hope to have carried out stated above as well as gain an immense knowledge about compliance, security tools, networks and network devices, policies and procedures.

Fully Integrated Passive UHF RFID Tag for Hash-Based Mutual Authentication Protocol

PubMed Central

Mikami, Shugo; Watanabe, Dai; Li, Yang; Sakiyama, Kazuo

2015-01-01

Passive radio-frequency identification (RFID) tag has been used in many applications. While the RFID market is expected to grow, concerns about security and privacy of the RFID tag should be overcome for the future use. To overcome these issues, privacy-preserving authentication protocols based on cryptographic algorithms have been designed. However, to the best of our knowledge, evaluation of the whole tag, which includes an antenna, an analog front end, and a digital processing block, that runs authentication protocols has not been studied. In this paper, we present an implementation and evaluation of a fully integrated passive UHF RFID tag that runs a privacy-preserving mutual authentication protocol based on a hash function. We design a single chip including the analog front end and the digital processing block. We select a lightweight hash function supporting 80-bit security strength and a standard hash function supporting 128-bit security strength. We show that when the lightweight hash function is used, the tag completes the protocol with a reader-tag distance of 10 cm. Similarly, when the standard hash function is used, the tag completes the protocol with the distance of 8.5 cm. We discuss the impact of the peak power consumption of the tag on the distance of the tag due to the hash function. PMID:26491714

National Laboratory Planning: Developing Sustainable Biocontainment Laboratories in Limited Resource Areas.

PubMed

Yeh, Kenneth B; Adams, Martin; Stamper, Paul D; Dasgupta, Debanjana; Hewson, Roger; Buck, Charles D; Richards, Allen L; Hay, John

2016-01-01

Strategic laboratory planning in limited resource areas is essential for addressing global health security issues. Establishing a national reference laboratory, especially one with BSL-3 or -4 biocontainment facilities, requires a heavy investment of resources, a multisectoral approach, and commitments from multiple stakeholders. We make the case for donor organizations and recipient partners to develop a comprehensive laboratory operations roadmap that addresses factors such as mission and roles, engaging national and political support, securing financial support, defining stakeholder involvement, fostering partnerships, and building trust. Successful development occurred with projects in African countries and in Azerbaijan, where strong leadership and a clear management framework have been key to success. A clearly identified and agreed management framework facilitate identifying the responsibility for developing laboratory capabilities and support services, including biosafety and biosecurity, quality assurance, equipment maintenance, supply chain establishment, staff certification and training, retention of human resources, and sustainable operating revenue. These capabilities and support services pose rate-limiting yet necessary challenges. Laboratory capabilities depend on mission and role, as determined by all stakeholders, and demonstrate the need for relevant metrics to monitor the success of the laboratory, including support for internal and external audits. Our analysis concludes that alternative frameworks for success exist for developing and implementing capabilities at regional and national levels in limited resource areas. Thus, achieving a balance for standardizing practices between local procedures and accepted international standards is a prerequisite for integrating new facilities into a country's existing public health infrastructure and into the overall international scientific community.

Security architecture for HL/7 message interchange.

PubMed

Chen, T S; Liao, B S; Lin, M G; Gough, T G

2001-01-01

The promotion of quality medical treatment is very important to the healthcare providers as well as to patients. It requires that the medical resources of different hospitals be combined to ensure that medical information is shared and that resources are not wasted. A computer-based patient record is one of the best methods to accomplish the interchange of the patient's clinical data. In our system, the Health Level/Seven (HL/7) format is used for the interchange of the clinical data, as it has been supported by many healthcare providers and become a â standard'. The security of the interchange of clinical data is a serious issue for people using the Internet for data communication. Several international well-developed security algorithms, models and secure policies are adopted in the design of a security handler for an HL/7 architecture. The goal of our system is to combine our security system with the end-to-end communication systems constructed from the HL/7 format to establish a safe delivery channel. A suitable security interchange environment is implemented to address some shortcomings in clinical data interchange. located at the application layer of the ISO/OSI reference model. The medical message components, sub-components, and related types of message event are the primary goals of the HL/7 protocols. The patient management system, the doctor's system for recording his advice, examination and diagnosis as well as any financial management system are all covered by the HL/7 protocols. Healthcare providers and hospitals in Taiwan are very interested in developing the HL/7 protocols as a common standard for clinical data interchange.

Increasing the Percentage of Children Living in Two-Parent Families. KIDS COUNT Indicator Brief

ERIC Educational Resources Information Center

Shore, Rima; Shore, Barbara

2009-01-01

Married couples with children, on average, have a higher standard of living and greater economic security than one-parent families (Thomas & Sawhill, 2005). Parents raising children together tend to have more money, more flexibility and more time to supervise their children, offer emotional support, take an active part in their education, and…

Flight Physical Standards of the 1980’s: Spinal Column Considerations

DTIC Science & Technology

1979-10-01

disease and spondylosis deformans. In addition, the role of vertebral body fractures oni subsequent spinal column impact is discussed. SECURITY...11 Spondylosis D eform ans ......................................... ................... 11 III...5th lumbar vertebra supports the superimposed weight of the torso upon the inclined plane of the sacrum. The necessity for bony continuity of the 5th

Ontology for Life-Cycle Modeling of Electrical Distribution Systems: Model View Definition

DTIC Science & Technology

2013-06-01

building information models ( BIM ) at the coordinated design stage of building construction. 1.3 Approach To...standard for exchanging Building Information Modeling ( BIM ) data, which defines hundreds of classes for common use in software, currently supported by...specifications, Construction Operations Building in- formation exchange (COBie), Building Information Modeling ( BIM ) 16. SECURITY CLASSIFICATION OF:

The Roadmap: Future Opportunities for Bioengagement in the MENA Region

DTIC Science & Technology

2013-12-01

research to improving biosafety and biosecurity training of laboratory staff, enhancing physical security of research and diagnostic facilities, and...enhancing laboratory and institutional capacity to address biological risks according to international standards ; or building scientific capacity...outbreaks. BEP often supports scientific exchanges to enhance laboratory biosafety and biosecurity training; it could enrich its efforts by

Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

NASA Astrophysics Data System (ADS)

Johnson, C. W.; Atencia Yepez, A.

2012-01-01

Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

21 CFR 1311.08 - Incorporation by reference.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of Standards and Technology, Computer Security Division, Information Technology Laboratory, National... standards are available from the National Institute of Standards and Technology, Computer Security Division... 140-2, Security Requirements for Cryptographic Modules, May 25, 2001, as amended by Change Notices 2...

Search for supporting methodologies - Or how to support SEI for 35 years

NASA Technical Reports Server (NTRS)

Handley, Thomas H., Jr.; Masline, Richard C.

1991-01-01

Concepts relevant to the development of an evolvable information management system are examined in terms of support for the Space Exploration Initiative. The issues of interoperability within NASA and industry initiatives are studied including the Open Systems Interconnection standard and the operating system of the Open Software Foundation. The requirements of partitioning functionality into separate areas are determined with attention given to the infrastructure required to ensure system-wide compliance. The need for a decision-making context is a key to the distributed implementation of the program, and this environment is concluded to be next step in developing an evolvable, interoperable, and securable support network.

Provision of healthcare in a remote base of operations in southern Chad.

PubMed

Hickey, J P

2010-09-01

The Irish Defence Forces maintained a presence in south eastern Chad under the authority of the United Nations Security Council from January 2008 until May 2010, operating in a peace support role as the lead contingent in a multinational battalion. In September 2009 the task of establishing a forward operating base in a remote location within the area of operations was ordered by mission headquarters. Irish and Finnish troops duly deployed and began the task of establishing a safe and secure base from which to operate. This involved securing the location, installing accommodation, electricity, lighting and facilities for ablutions, removing natural hazards, establishing secure communications and ensuring rapid access and egress in the event of hostile contact or emergency. The incidence of disease at this location was low, with the notable exception of a limited outbreak of gastroenteritis. The high standard of engineering work carried out around the camp, especially the latrines, washing facilities and other hygiene measures, significantly contributed to minimising the transmission of infectious disease. The past experiences of the Defence Forces in Congo, Lebanon, East Timor, Eritrea and Liberia have led to a high standard of forward planning and logistical awareness within the organisation which served personnel well in this latest mission. Copyright © 2010 Elsevier Ltd. All rights reserved.

Analysis of ISO/IEEE 11073 built-in security and its potential IHE-based extensibility.

PubMed

Rubio, Óscar J; Trigo, Jesús D; Alesanco, Álvaro; Serrano, Luis; García, José

2016-04-01

The ISO/IEEE 11073 standard for Personal Health Devices (X73PHD) aims to ensure interoperability between Personal Health Devices and aggregators-e.g. health appliances, routers-in ambulatory setups. The Integrating the Healthcare Enterprise (IHE) initiative promotes the coordinated use of different standards in healthcare systems (e.g. Personal/Electronic Health Records, alert managers, Clinical Decision Support Systems) by defining profiles intended for medical use cases. X73PHD provides a robust syntactic model and a comprehensive terminology, but it places limited emphasis on security and on interoperability with IHE-compliant systems and frameworks. However, the implementation of eHealth/mHealth applications in environments such as health and fitness monitoring, independent living and disease management (i.e. the X73PHD domains) increasingly requires features such as secure connections to mobile aggregators-e.g. smartphones, tablets-, the sharing of devices among different users with privacy, and interoperability with certain IHE-compliant healthcare systems. This work proposes a comprehensive IHE-based X73PHD extension consisting of additive layers adapted to different eHealth/mHealth applications, after having analyzed the features of X73PHD (especially its built-in security), IHE profiles related with these applications and other research works. Both the new features proposed for each layer and the procedures to support them have been carefully chosen to minimize the impact on X73PHD, on its architecture (in terms of delays and overhead) and on its framework. Such implications are thoroughly analyzed in this paper. As a result, an extended model of X73PHD is proposed, preserving its essential features while extending them with added value. Copyright © 2016 Elsevier Inc. All rights reserved.

78 FR 57445 - Charging Standard Administrative Fees for Nonprogram-Related Information

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-18

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0026] Charging Standard Administrative Fees for Nonprogram-Related Information AGENCY: Social Security Administration. ACTION: Notice of standard... administration of a program under the Social Security Act (Act). SUPPLEMENTARY INFORMATION: Section 1106 of the...

Good Manufacturing Practices (GMP) / Good Laboratory Practices (GLP) Review and Applicability for Chemical Security Enhancements

DOE Office of Scientific and Technical Information (OSTI.GOV)

Iveson, Steven W.

Global chemical security has been enhanced through the determined use and integration of both voluntary and legislated standards. Many popular standards contain components that specifically detail requirements for the security of materials, facilities and other vital assets. In this document we examine the roll of quality management standards and how they affect the security culture within the institutions that adopt these standards in order to conduct business within the international market place. Good manufacturing practices and good laboratory practices are two of a number of quality management systems that have been adopted as law in many nations. These standards aremore » designed to protect the quality of drugs, medicines, foods and analytical test results in order to provide the world-wide consumer with safe and affective products for consumption. These standards provide no established security protocols and yet manage to increase the security of chemicals, materials, facilities and the supply chain via the effective and complete control over the manufacturing, the global supply chains and testing processes. We discuss the means through which these systems enhance security and how nations can further improve these systems with additional regulations that deal specifically with security in the realm of these management systems. We conclude with a discussion of new technologies that may cause disruption within the industries covered by these standards and how these issues might be addressed in order to maintain or increase the level of security within the industries and nations that have adopted these standards.« less

A Lightweight Protocol for Secure Video Streaming

PubMed Central

Morkevicius, Nerijus; Bagdonas, Kazimieras

2018-01-01

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

A Lightweight Protocol for Secure Video Streaming.

PubMed

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

Applying your corporate compliance skills to the HIPAA security standard.

PubMed

Carter, P I

2000-01-01

Compliance programs are an increasingly hot topic among healthcare providers. These programs establish policies and procedures covering billing, referrals, gifts, confidentiality of patient records, and many other areas. The purpose is to help providers prevent and detect violations of the law. These programs are voluntary, but are also simply good business practice. Any compliance program should now incorporate the Health Insurance Portability and Accountability Act (HIPAA) security standard. Several sets of guidelines for development of compliance programs have been issued by the federal government, and each is directed toward a different type of healthcare provider. These guidelines share certain key features with the HIPAA security standard. This article examines the common areas between compliance programs and the HIPAA security standard to help you to do two very important things: (1) Leverage your resources by combining compliance with the security standard with other legal and regulatory compliance efforts, and (2) apply the lessons learned in developing your corporate compliance program to developing strategies for compliance with the HIPAA security standard.

Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

ERIC Educational Resources Information Center

Branstad, Dennis K., Ed.

The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

39 CFR 267.4 - Information security standards.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 39 Postal Service 1 2013-07-01 2013-07-01 false Information security standards. 267.4 Section 267.4 Postal Service UNITED STATES POSTAL SERVICE ORGANIZATION AND ADMINISTRATION PROTECTION OF INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of...

39 CFR 267.4 - Information security standards.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 39 Postal Service 1 2012-07-01 2012-07-01 false Information security standards. 267.4 Section 267.4 Postal Service UNITED STATES POSTAL SERVICE ORGANIZATION AND ADMINISTRATION PROTECTION OF INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of...

39 CFR 267.4 - Information security standards.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 39 Postal Service 1 2014-07-01 2014-07-01 false Information security standards. 267.4 Section 267.4 Postal Service UNITED STATES POSTAL SERVICE ORGANIZATION AND ADMINISTRATION PROTECTION OF INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of...

39 CFR 267.4 - Information security standards.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 39 Postal Service 1 2011-07-01 2011-07-01 false Information security standards. 267.4 Section 267.4 Postal Service UNITED STATES POSTAL SERVICE ORGANIZATION AND ADMINISTRATION PROTECTION OF INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of...

39 CFR 267.4 - Information security standards.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 39 Postal Service 1 2010-07-01 2010-07-01 false Information security standards. 267.4 Section 267.4 Postal Service UNITED STATES POSTAL SERVICE ORGANIZATION AND ADMINISTRATION PROTECTION OF INFORMATION § 267.4 Information security standards. (a) The Postal Service will operate under a uniform set of...

National Laboratory Planning: Developing Sustainable Biocontainment Laboratories in Limited Resource Areas

PubMed Central

Adams, Martin; Stamper, Paul D.; Dasgupta, Debanjana; Hewson, Roger; Buck, Charles D.; Richards, Allen L.; Hay, John

2016-01-01

Strategic laboratory planning in limited resource areas is essential for addressing global health security issues. Establishing a national reference laboratory, especially one with BSL-3 or -4 biocontainment facilities, requires a heavy investment of resources, a multisectoral approach, and commitments from multiple stakeholders. We make the case for donor organizations and recipient partners to develop a comprehensive laboratory operations roadmap that addresses factors such as mission and roles, engaging national and political support, securing financial support, defining stakeholder involvement, fostering partnerships, and building trust. Successful development occurred with projects in African countries and in Azerbaijan, where strong leadership and a clear management framework have been key to success. A clearly identified and agreed management framework facilitate identifying the responsibility for developing laboratory capabilities and support services, including biosafety and biosecurity, quality assurance, equipment maintenance, supply chain establishment, staff certification and training, retention of human resources, and sustainable operating revenue. These capabilities and support services pose rate-limiting yet necessary challenges. Laboratory capabilities depend on mission and role, as determined by all stakeholders, and demonstrate the need for relevant metrics to monitor the success of the laboratory, including support for internal and external audits. Our analysis concludes that alternative frameworks for success exist for developing and implementing capabilities at regional and national levels in limited resource areas. Thus, achieving a balance for standardizing practices between local procedures and accepted international standards is a prerequisite for integrating new facilities into a country's existing public health infrastructure and into the overall international scientific community. PMID:27559843

Food safety regulations in Australia and New Zealand Food Standards.

PubMed

Ghosh, Dilip

2014-08-01

Citizens of Australia and New Zealand recognise that food security is a major global issue. Food security also affects Australia and New Zealand's status as premier food exporting nations and the health and wellbeing of the Australasian population. Australia is uniquely positioned to help build a resilient food value chain and support programs aimed at addressing existing and emerging food security challenges. The Australian food governance system is fragmented and less transparent, being largely in the hands of government and semi-governmental regulatory authorities. The high level of consumer trust in Australian food governance suggests that this may be habitual and taken for granted, arising from a lack of negative experiences of food safety. In New Zealand the Ministry of Primary Industries regulates food safety issues. To improve trade and food safety, New Zealand and Australia work together through Food Standards Australia New Zealand (FSANZ) and other co-operative agreements. Although the potential risks to the food supply are dynamic and constantly changing, the demand, requirement and supply for providing safe food remains firm. The Australasian food industry will need to continually develop its system that supports the food safety program with the help of scientific investigations that underpin the assurance of what is and is not safe. The incorporation of a comprehensive and validated food safety program is one of the total quality management systems that will ensure that all areas of potential problems are being addressed by industry. © 2014 Society of Chemical Industry.

45 CFR 303.70 - Requests by the State Parent Locator Service (SPLS) for information from the Federal Parent...

Code of Federal Regulations, 2010 CFR

2010-10-01

...), ADMINISTRATION FOR CHILDREN AND FAMILIES, DEPARTMENT OF HEALTH AND HUMAN SERVICES STANDARDS FOR PROGRAM... information: (1) The parent's name; (2) The parent's social security number (SSN). If the SSN is unknown, the... noncustodial parent who owes a support obligation to a family on whose behalf the IV-D agency is providing...

High Throughput Determination of Ricinine Abrine and Alpha ...

EPA Pesticide Factsheets

Analytical Method This document provides the standard operating procedure for determination of ricinine (RIC), abrine (ABR), and α-amanitin (AMAN) in drinking water by isotope dilution liquid chromatography tandem mass spectrometry (LC/MS/MS). This method is designed to support site-specific cleanup goals of environmental remediation activities following a homeland security incident involving one or a combination of these analytes.

Spring 2006. Industry Study. Information Technology Industry

DTIC Science & Technology

2006-01-01

unclassified c . THIS PAGE unclassified Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18 i Information Technology 2006 ABSTRACT...integration of processors, coprocessors, memory, storage, etc. into a user-programmable final product. C . Software (Apple, Oracle): These firms...able to support the U.S. national security interests. C . Manufacturing: The personal computer manufacturing industry has also changed considerably

76 FR 46668 - Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-03

... SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 [Release No. 34-64766; File No. S7-25-11] RIN 3235-AL10 Business Conduct Standards for Security-Based Swap Dealers and Major Security-Based Swap Participants Correction In proposed rule document number 2011-16758, appearing on pages 42396-42455 in the...

Do You Take Credit Cards? Security and Compliance for the Credit Card Payment Industry

ERIC Educational Resources Information Center

Willey, Lorrie; White, Barbara Jo

2013-01-01

Security is a significant concern in business and in information systems (IS) education from both a technological and a strategic standpoint. Students can benefit from the study of information systems security when security concepts are introduced in the context of real-world industry standards. The development of a data security standard for…

78 FR 20705 - Securities Act of 1933; Securities Exchange Act of 1934; Order Regarding Review of FASB...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-05

... accepted for purposes of the securities laws, any accounting principles established by a standard setting... Financial Accounting Standards Board (``FASB'') and its parent organization, the Financial Accounting... recognizing the FASB's financial accounting and reporting standards as ``generally accepted'' under Section...

Trust in Anonymity Networks

NASA Astrophysics Data System (ADS)

Sassone, Vladimiro; Hamadou, Sardaouna; Yang, Mu

Anonymity is a security property of paramount importance, as we move steadily towards a wired, online community. Its import touches upon subjects as different as eGovernance, eBusiness and eLeisure, as well as personal freedom of speech in authoritarian societies. Trust metrics are used in anonymity networks to support and enhance reliability in the absence of verifiable identities, and a variety of security attacks currently focus on degrading a user's trustworthiness in the eyes of the other users. In this paper, we analyse the privacy guarantees of the Crowds anonymity protocol, with and without onion forwarding, for standard and adaptive attacks against the trust level of honest users.

Cyber Security and Reliability in a Digital Cloud

DTIC Science & Technology

2013-01-01

a higher utilization of servers, lower professional support staff needs, economies of scale for the physical facility, and the flexibility to locate...as  a  system,  the  DoD  can  achieve  the  economies  of scale typically associated with large data centers.  Recommendation 3: The DoD CIO and DISA...providers will help set  standards for secure cloud computing across the  economy .  Recommendation 7: The DoD CIO and DISA should participate in the

The link between national security and biometrics

NASA Astrophysics Data System (ADS)

Etter, Delores M.

2005-03-01

National security today requires identification of people, things and activities. Biometrics plays an important role in the identification of people, and indirectly, in the identification of things and activities. Therefore, the development of technology and systems that provide faster and more accurate biometric identification is critical to the defense of our country. In addition, the development of a broad range of biometrics is necessary to provide the range of options needed to address flexible and adaptive adversaries. This paper will discuss the importance of a number of critical areas in the development of an environment to support biometrics, including research and development, biometric education, standards, pilot projects, and privacy assurance.

76 FR 65740 - Extension of Agency Information Collection Activity Under OMB Review: Employment Standards

Federal Register 2010, 2011, 2012, 2013, 2014

2011-10-24

... standards. The collection also requires airport operators to comply with a security directive by maintaining... airport operators maintain records of criminal history records checks and security threat assessments in... DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency...

Intra-building telecommunications cabling standards for Sandia National Laboratories, New Mexico

DOE Office of Scientific and Technical Information (OSTI.GOV)

Adams, R.L.

1993-08-01

This document establishes a working standard for all telecommunications cable installations at Sandia National Laboratories, New Mexico. It is based on recent national commercial cabling standards. The topics addressed are Secure and Open/Restricted Access telecommunications environments and both twisted-pair and optical-fiber components of communications media. Some of the state-of-the-art technologies that will be supported by the intrabuilding cable infrastructure are Circuit and Packet Switched Networks (PBX/5ESS Voice and Low-Speed Data), Local Area Networks (Ethernet, Token Ring, Fiber and Copper Distributed Data Interface), and Wide Area Networks (Asynchronous Transfer Mode). These technologies can be delivered to every desk and can transportmore » data at rates sufficient to support all existing applications (such as Voice, Text and graphics, Still Images, Full-motion Video), as well as applications to be defined in the future.« less

It Security and EO Systems

NASA Astrophysics Data System (ADS)

Burnett, M.

2010-12-01

One topic that is beginning to influence the systems that support these goals is that of Information Technology (IT) Security. Unsecure systems are vulnerable to increasing attacks and other negative consequences; sponsoring agencies are correspondingly responding with more refined policies and more stringent security requirements. These affect how EO systems can meet the goals of data and service interoperability and harmonization through open access, transformation and visualization services. Contemporary systems, including the vision of a system-of-systems (such as GEOSS, the Global Earth Observation System of Systems), utilize technologies that support a distributed, global, net-centric environment. These types of systems have a high reliance on the open systems, web services, shared infrastructure and data standards. The broader IT industry has developed and used these technologies in their business and mission critical systems for many years. Unfortunately, the IT industry, and their customers have learned the importance of protecting their assets and resources (computing and information) as they have been forced to respond to an ever increasing number and more complex illegitimate “attackers”. This presentation will offer an overview of work done by the CEOS WGISS organization in summarizing security threats, the challenges to responding to them and capturing the current state of the practice within the EO community.

12 CFR Appendix B to Part 364 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2011 CFR

2011-01-01

... Part 364—Interagency Guidelines Establishing Information Security Standards Table of Contents I... Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B. Assess Risk C. Manage and...

Real-Time Surveillance in Emergencies Using the Early Warning Alert and Response Network.

PubMed

Cordes, Kristina M; Cookson, Susan T; Boyd, Andrew T; Hardy, Colleen; Malik, Mamunur Rahman; Mala, Peter; El Tahir, Khalid; Everard, Marthe; Jasiem, Mohamad; Husain, Farah

2017-11-01

Humanitarian emergencies often result in population displacement and increase the risk for transmission of communicable diseases. To address the increased risk for outbreaks during humanitarian emergencies, the World Health Organization developed the Early Warning Alert and Response Network (EWARN) for early detection of epidemic-prone diseases. The US Centers for Disease Control and Prevention has worked with the World Health Organization, ministries of health, and other partners to support EWARN through the implementation and evaluation of these systems and the development of standardized guidance. Although protocols have been developed for the implementation and evaluation of EWARN, a need persists for standardized training and additional guidance on supporting these systems remotely when access to affected areas is restricted. Continued collaboration between partners and the Centers for Disease Control and Prevention for surveillance during emergencies is necessary to strengthen capacity and support global health security.

Real-Time Surveillance in Emergencies Using the Early Warning Alert and Response Network

PubMed Central

Cordes, Kristina M.; Cookson, Susan T.; Boyd, Andrew T.; Hardy, Colleen; Malik, Mamunur Rahman; Mala, Peter; El Tahir, Khalid; Everard, Marthe; Jasiem, Mohamad

2017-01-01

Humanitarian emergencies often result in population displacement and increase the risk for transmission of communicable diseases. To address the increased risk for outbreaks during humanitarian emergencies, the World Health Organization developed the Early Warning Alert and Response Network (EWARN) for early detection of epidemic-prone diseases. The US Centers for Disease Control and Prevention has worked with the World Health Organization, ministries of health, and other partners to support EWARN through the implementation and evaluation of these systems and the development of standardized guidance. Although protocols have been developed for the implementation and evaluation of EWARN, a need persists for standardized training and additional guidance on supporting these systems remotely when access to affected areas is restricted. Continued collaboration between partners and the Centers for Disease Control and Prevention for surveillance during emergencies is necessary to strengthen capacity and support global health security. PMID:29155660

45 CFR 164.318 - Compliance dates for the initial implementation of the security standards.

Code of Federal Regulations, 2013 CFR

2013-10-01

... of Electronic Protected Health Information § 164.318 Compliance dates for the initial implementation of the security standards. (a) Health plan. (1) A health plan that is not a small health plan must... the security standards. 164.318 Section 164.318 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES...

45 CFR 164.318 - Compliance dates for the initial implementation of the security standards.

Code of Federal Regulations, 2012 CFR

2012-10-01

... of Electronic Protected Health Information § 164.318 Compliance dates for the initial implementation of the security standards. (a) Health plan. (1) A health plan that is not a small health plan must... the security standards. 164.318 Section 164.318 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES...

Acceptance Factors Influencing Adoption of National Institute of Standards and Technology Information Security Standards: A Quantitative Study

ERIC Educational Resources Information Center

Kiriakou, Charles M.

2012-01-01

Adoption of a comprehensive information security governance model and security controls is the best option organizations may have to protect their information assets and comply with regulatory requirements. Understanding acceptance factors of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) comprehensive…

Integrating QoS and security functions in an IP-VPN gateway

NASA Astrophysics Data System (ADS)

Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

2001-10-01

IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

IPv6 Security

NASA Astrophysics Data System (ADS)

Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

2017-10-01

IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

Research review of nongovernmental organizations' security policies for humanitarian programs in war, conflict, and postconflict environments.

PubMed

Rowley, Elizabeth; Burns, Lauren; Burnham, Gilbert

2013-06-01

To identify the most and least commonly cited security management messages that nongovernmental organizations (NGOs) are communicating to their field staff, to determine the types of documentation that NGOs most often use to communicate key security messages, and to distinguish the points of commonality and divergence across organizations in the content of key security messages. The authors undertook a systematic review of available security policies, manuals, and training materials from 20 international humanitarian NGOs using the InterAction Minimum Operating Security Standards as the basis for a review framework. The most commonly cited standards include analytical security issues such as threat and risk assessment processes and guidance on acceptance, protection, and deterrence approaches. Among the least commonly cited standards were considering security threats to national staff during staffing decision processes, incorporating security awareness into job descriptions, and ensuring that national staff security issues are addressed in trainings. NGO staff receive security-related messages through multiple document types, but only 12 of the 20 organizations have a distinct security policy document. Points of convergence across organizations in the content of commonly cited standards were found in many areas, but differences in security risk and threat assessment guidance may undermine communication between aid workers about changes in local security environments. Although the humanitarian community has experienced significant progress in the development of practical staff security guidance during the past 10 years, gaps remain that can hinder efforts to garner needed resources, clarify security responsibilities, and ensure that the distinct needs of national staff are recognized and addressed.

Research on Secure Systems and Automatic Programming. Volume I

DTIC Science & Technology

1977-10-14

for the enforcement of adherence to authorization; they include physical limitations, legal codes, social pressures, and the psychological makeup of...systems job statistics and possibly indications of an support instructions. The criteria for their abnormal termination. * inclusion were high execution...interrupt processes, for the output data page. Jobs may also terminate however, use the standard SWI TCH PROCESS instruc- abnormally by executing an

Report Of Environmental Security Technology Certification Program (ESTCP) UXO Discrimination Study Support Activities: Former Camp Sibert, Etowah and St. Clair Counties, Alabama

DTIC Science & Technology

2007-11-01

PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) PARSONS 4890 University Square Suite 2 Huntsville, Alabama 35816 8 . PERFORMING ORGANIZATION REPORT NUMBER...PERSON a. REPORT unclassified b. ABSTRACT unclassified c. THIS PAGE unclassified Standard Form 298 (Rev. 8 -98) Prescribed by ANSI Std Z39-18...Intrusive Investigation Results ...................................................................................... 8 8.2 CLUSTER ANOMALIES

6 CFR 5.34 - Standards of conduct for administration of the Privacy Act.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Standards of conduct for administration of the Privacy Act. 5.34 Section 5.34 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY DISCLOSURE OF RECORDS AND INFORMATION Privacy Act § 5.34 Standards of conduct for administration of the...

Factor structure of the Essen Climate Evaluation Schema measure of social climate in a UK medium-security setting.

PubMed

Milsom, Sophia A; Freestone, Mark; Duller, Rachel; Bouman, Marisa; Taylor, Celia

2014-04-01

Social climate has an influence on a number of treatment-related factors, including service users' behaviour, staff morale and treatment outcomes. Reliable assessment of social climate is, therefore, beneficial within forensic mental health settings. The Essen Climate Evaluation Schema (EssenCES) has been validated in forensic mental health services in the UK and Germany. Preliminary normative data have been produced for UK high-security national health services and German medium-security and high-security services. We aim to validate the use of the EssenCES scale (English version) and provide preliminary normative data in UK medium-security hospital settings. The EssenCES scale was completed in a medium-security mental health service as part of a service-wide audit. A total of 89 patients and 112 staff completed the EssenCES. The three-factor structure of the EssenCES and its internal construct validity were maintained within the sample. Scores from this medium-security hospital sample were significantly higher than those from earlier high-security hospital data, with three exceptions--'patient cohesion' according to the patients and 'therapeutic hold' according to staff and patients. Our data support the use of the EssenCES scale as a valid measure for assessing social climate within medium-security hospital settings. Significant differences between the means of high-security and medium-security service samples imply that degree of security is a relevant factor affecting the ward climate and that in monitoring quality of secure services, it is likely to be important to apply different scores to reflect standards. Copyright © 2013 John Wiley & Sons, Ltd.

Enhancing security and improving interoperability in healthcare information systems.

PubMed

Gritzalis, D A

1998-01-01

Security is a key issue in healthcare information systems, since most aspects of security become of considerable or even critical importance when handling healthcare information. In addition, the intense need for information exchange has revealed interoperability of systems and applications as another key issue. Standardization can play an important role towards both these issues. In this paper, relevant standardization activities are briefly presented, and existing and emerging healthcare information security standards are identified and critically analysed. The analysis is based on a framework which has been developed for this reason. Therefore, the identification of gaps and inconsistencies in current standardization, the description of the conflicts of standards with legislation, and the analysis of implications of these standards to user organizations, are the main results of this paper.

5 CFR 1312.8 - Standard identification and markings.

Code of Federal Regulations, 2011 CFR

2011-01-01

... CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National Security Information § 1312.8 Standard identification and markings... or event for declassification that corresponds to the lapse of the information's national security...

5 CFR 1312.8 - Standard identification and markings.

Code of Federal Regulations, 2010 CFR

2010-01-01

... CLASSIFICATION, DOWNGRADING, DECLASSIFICATION AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION Classification and Declassification of National Security Information § 1312.8 Standard identification and markings... or event for declassification that corresponds to the lapse of the information's national security...

Motivations for Providing a Secure Base: Links with Attachment Orientation and Secure Base Support Behavior

PubMed Central

Feeney, Brooke C.; Collins, Nancy L.; Van Vleet, Meredith; Tomlinson, Jennifer

2015-01-01

This investigation examined the importance of underlying motivations in predicting secure base support behavior, as well as the extent to which support motivations are predicted by individual differences in attachment orientation. Participants were 189 married couples who participated in two laboratory sessions: During a questionnaire session, couples completed assessments of their underlying motivations for providing, and for not providing, support for their partner's exploration (i.e., goal-strivings), as well as assessments of their typical secure base support behavior. In an observational session, couples engaged in a discussion of one member's personal goals, during which the partner's secure base support was assessed. Results revealed a variety of distinct motivations for providing, and for not providing, secure base support to one's partner, as well as theoretically expected links between these motivations and both secure base behavior and attachment orientation. This work establishes motivations as important mechanisms that underlie the effective or ineffective provision of relational support. PMID:23581972

Mongolia’s Economic Security: How can Economic Development Further Support Mongolian National Security through Developing its Mining Sector

DTIC Science & Technology

2017-06-09

MONGOLIA’S ECONOMIC SECURITY: HOW CAN ECONOMIC DEVELOPMENT FURTHER SUPPORT MONGOLIAN NATIONAL SECURITY THROUGH DEVELOPING ITS MINING SECTOR... Economic Security: How can Economic Development Further Support Mongolian National Security through Developing its Mining Sector? 5a. CONTRACT NUMBER...geographic position between two political and economic powers (China and Russia) provides both opportunities and disadvantages for Mongolia’s economy

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

PubMed

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

PubMed

You, Ilsun; Kwon, Soonhyun; Choudhary, Gaurav; Sharma, Vishal; Seo, Jung Taek

2018-06-08

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).

45 CFR 164.308 - Administrative safeguards.

Code of Federal Regulations, 2013 CFR

2013-10-01

... REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health... accordance with § 164.306: (1)(i) Standard: Security management process. Implement policies and procedures to... to the confidentiality, integrity, and availability of electronic protected health information held...

45 CFR 164.308 - Administrative safeguards.

Code of Federal Regulations, 2014 CFR

2014-10-01

... REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health... accordance with § 164.306: (1)(i) Standard: Security management process. Implement policies and procedures to... to the confidentiality, integrity, and availability of electronic protected health information held...

32 CFR 2001.80 - Prescribed standard forms.

Code of Federal Regulations, 2011 CFR

2011-07-01

... when their use will enhance the protection of national security information and/or will reduce the....80 National Defense Other Regulations Relating to National Defense INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Standard...

mHealth data security: the need for HIPAA-compliant standardization.

PubMed

Luxton, David D; Kayl, Robert A; Mishkind, Matthew C

2012-05-01

The rise in the use of mobile devices, such as smartphones, tablet personal computers, and wireless medical devices, as well as the wireless networks that enable their use, has raised new concerns for data security and integrity. Standardized Health Insurance Portability and Accountability Act of 1996 (HIPAA)-compliant electronic data security that will allow ubiquitous use of mobile health technologies is needed. The lack of standardized data security to assure privacy, to allow interoperability, and to maximize the full capabilities of mobile devices presents a significant barrier to care. The purpose of this article is to provide an overview of the issue and to encourage discussion of this important topic. Current security needs, standards, limitations, and recommendations for how to address this barrier to care are discussed.

Framework and prototype for a secure XML-based electronic health records system.

PubMed

Steele, Robert; Gardner, William; Chandra, Darius; Dillon, Tharam S

2007-01-01

Security of personal medical information has always been a challenge for the advancement of Electronic Health Records (EHRs) initiatives. eXtensible Markup Language (XML), is rapidly becoming the key standard for data representation and transportation. The widespread use of XML and the prospect of its use in the Electronic Health (e-health) domain highlights the need for flexible access control models for XML data and documents. This paper presents a declarative access control model for XML data repositories that utilises an expressive XML role control model. The operational semantics of this model are illustrated by Xplorer, a user interface generation engine which supports search-browse-navigate activities on XML repositories.

Effectiveness of the Civil Aviation Security Program.

DTIC Science & Technology

1980-10-14

CEASE FUNDING OF TRAINING"OF LAW ENFORCEMENT OFFICERS SUPPORTING AIRPORT SECURITY ACTIVITIES. F. FEDERAL AIR MARSHALS PROVIDE LAW ENFORCEMENT SUPPORT...enforcement officer authority through special deputations by the U.S. Marshals Service on an annual basis. Airport Security - Continuing activities...which contributed signifi- cantly to airport security include the training of local law enforcement officers supporting airport security programs, the

Effectiveness of the Civil Aviation Security Program.

DTIC Science & Technology

1980-05-22

SECURITY. - CONTINUED TRAINING OF LAW ENFORCEMENT OFFICERS SUPPORTING AIRPORT SECURITY ACTIVITIES. - SECURITY PROGRAMS IMPLEMENTED BY AIR FREIGHT...cooperation by all concerned. (See Exhibit 14) Airport Security - Ongoing activities which contributed significantly to airport security included full...implementation of the revised Federal Aviation Regulations (FAR) Part 107 governing airport security , training of law enforcement officers supporting

Building Assured Systems Framework

DTIC Science & Technology

2010-09-01

of standards such as ISO 27001 as frameworks [NASCIO 2009]. In this context, a framework is a standard intended to assist in auditing and compliance...Information Security ISO /IEC 27004 Information technology – Security techniques - Information security management measurement ISO /IEC 15939, System and

78 FR 67210 - Charging Standard Administrative Fees for Nonprogram-Related Information; Correction

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-08

... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA-2012-0026] Charging Standard Administrative Fees for Nonprogram-Related Information; Correction AGENCY: Social Security Administration. ACTION: Notice... Social Security Administration published a document in the Federal Register of September 18, 2013...

48 CFR 1804.470-1 - Scope.

Code of Federal Regulations, 2011 CFR

2011-10-01

... implements NASA's acquisition requirements pertaining to Federal policies for the security of unclassified... (FISMA) of 2002, Homeland Security Presidential Directive (HSPD) 12, Clinger-Cohen Act of 1996 (40 U.S.C... Institute of Standards and Technology (NIST) security requirements and standards. These requirements...

48 CFR 1804.470-1 - Scope.

Code of Federal Regulations, 2013 CFR

2013-10-01

... implements NASA's acquisition requirements pertaining to Federal policies for the security of unclassified... (FISMA) of 2002, Homeland Security Presidential Directive (HSPD) 12, Clinger-Cohen Act of 1996 (40 U.S.C... Institute of Standards and Technology (NIST) security requirements and standards. These requirements...

Food security -- an insurance approach.

PubMed

1979-01-01

An adequate standard of nutrition at national and individual level is a basic -- and not wholly altruistic -- objective for mankind. Its ingredients are food production and distribution. Of these the latter is currently considered the more limiting, but fluctuations in the former -- over various geographical and time scales -- can be the overriding factor when national supplies are critical. Under these conditions the automatic operations of a legal mandatory food support system -- free from political strings or connotations of welfare -- would be advantageous. A system for providing a measure of food security, using insurance principles and based on a compromise between international stockpiling and direct financial subventions, is outlined in a recent publication of the International Food Policy Research Institute. Essentially it is a means by which the international community could contribute to the food security of food deficit, developing countries without having to create large buffer stocks and stabilize world grain prices. Extracts from this publication are given below.

Midlevel Maternity Providers' Preferences of a Childbirth Monitoring Tool in Low-Income Health Units in Uganda.

PubMed

Balikuddembe, Michael S; Wakholi, Peter K; Tumwesigye, Nazarius M; Tylleskär, Thorkild

2018-01-01

A third of women in childbirth are inadequately monitored, partly due to the tools used. Some stakeholders assert that the current labour monitoring tools are not efficient and need improvement to become more relevant to childbirth attendants. The study objective was to explore the expectations of maternity service providers for a mobile childbirth monitoring tool in maternity facilities in a low-income country like Uganda. Semi-structured interviews of purposively selected midwives and doctors in rural-urban childbirth facilities in Uganda were conducted before thematic data analysis. The childbirth providers expected a tool that enabled fast and secure childbirth record storage and sharing. They desired a tool that would automatically and conveniently register patient clinical findings, and actively provide interactive clinical decision support on a busy ward. The tool ought to support agreed upon standards for good pregnancy outcomes but also adaptable to the patient and their difficult working conditions. The tool functionality should include clinical data management and real-time decision support to the midwives, while the non-functional attributes include versatility and security.

17 CFR 155.4 - Trading standards for introducing brokers.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 2 2014-04-01 2014-04-01 false Trading standards for introducing brokers. 155.4 Section 155.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) TRADING STANDARDS § 155.4 Trading standards for introducing brokers. (a) Each...

Assessing the Security of Connected Diabetes Devices.

PubMed

Out, Dirk-Jan; Tettero, Olaf

2017-03-01

This article discusses the assessment of the (cyber)security of wirelessly connected diabetes devices under the DTSEC standard. We discuss the relation between diabetes devices and hackers, provide an overview of the DTSEC standard, and describe the process of security assessment of diabetes devices.

31 CFR 1023.600 - General.

Code of Federal Regulations, 2013 CFR

2013-07-01

... ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Standards of Diligence; Prohibitions; and Special Measures for Brokers or Dealers in Securities § 1023.600 General. Brokers or dealers in securities are subject to the special standards of diligence; prohibitions...

31 CFR 1023.600 - General.

Code of Federal Regulations, 2011 CFR

2011-07-01

... ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Standards of Diligence; Prohibitions; and Special Measures for Brokers or Dealers in Securities § 1023.600 General. Brokers or dealers in securities are subject to the special standards of diligence; prohibitions...

31 CFR 1023.600 - General.

Code of Federal Regulations, 2012 CFR

2012-07-01

... ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Standards of Diligence; Prohibitions; and Special Measures for Brokers or Dealers in Securities § 1023.600 General. Brokers or dealers in securities are subject to the special standards of diligence; prohibitions...

31 CFR 1023.600 - General.

Code of Federal Regulations, 2014 CFR

2014-07-01

... ENFORCEMENT NETWORK, DEPARTMENT OF THE TREASURY RULES FOR BROKERS OR DEALERS IN SECURITIES Special Standards of Diligence; Prohibitions; and Special Measures for Brokers or Dealers in Securities § 1023.600 General. Brokers or dealers in securities are subject to the special standards of diligence; prohibitions...

5 CFR 9701.520 - Standards of conduct for labor organizations.

Code of Federal Regulations, 2010 CFR

2010-01-01

... organizations. 9701.520 Section 9701.520 Administrative Personnel DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM (DEPARTMENT OF HOMELAND SECURITY-OFFICE OF PERSONNEL MANAGEMENT) DEPARTMENT OF HOMELAND SECURITY HUMAN RESOURCES MANAGEMENT SYSTEM Labor-Management Relations § 9701.520 Standards of...

Joint Force Quarterly. Number 9, Autumn 1995

DTIC Science & Technology

1995-11-01

since senior NCOs perform three distinct functions to support the chain of command. First, they assist in decisionmaking and enforcing standards...data communi- cations afloat— to meet fleet CINC requirements. In fact, the Deputy Assistant Secretary of Defense for Intelligence and Security, in...Printing Office, 1993). 8 Based on its draft “Activation Plan” (October 27, 1994), the JWFC mission is to “ assist the CJCS, CINCs, and service chiefs in

Developing a Standard Update Process for the Army’s Annual MOS Availability Factors (AMAFs)

DTIC Science & Technology

2007-01-01

as a public service of the RAND Corporation. 6Jump down to document THE ARTS CHILD POLICY CIVIL JUSTICE EDUCATION ENERGY AND ENVIRONMENT HEALTH AND...HEALTH CARE INTERNATIONAL AFFAIRS NATIONAL SECURITY POPULATION AND AGING PUBLIC SAFETY SCIENCE AND TECHNOLOGY SUBSTANCE ABUSE TERRORISM AND HOMELAND...RAND Arroyo Center View document details For More Information Purchase this document Browse Books & Publications Make a charitable contribution Support

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

PubMed Central

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

17 CFR 155.4 - Trading standards for introducing brokers.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Trading standards for introducing brokers. 155.4 Section 155.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.4 Trading standards for introducing brokers. (a) Each introducing broker...

17 CFR 155.4 - Trading standards for introducing brokers.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Trading standards for introducing brokers. 155.4 Section 155.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.4 Trading standards for introducing brokers. (a) Each introducing broker...

17 CFR 155.4 - Trading standards for introducing brokers.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 1 2013-04-01 2013-04-01 false Trading standards for introducing brokers. 155.4 Section 155.4 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.4 Trading standards for introducing brokers. (a) Each introducing broker...

45 CFR Appendix A to Subpart C of... - Security Standards: Matrix

Code of Federal Regulations, 2011 CFR

2011-10-01

... C of Part 164 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS... Protected Health Information Pt. 164, Subpt. C, App. A Appendix A to Subpart C of Part 164—Security Standards: Matrix Standards Sections Implementation Specifications (R)=Required, (A)=Addressable...

45 CFR Appendix A to Subpart C of... - Security Standards: Matrix

Code of Federal Regulations, 2010 CFR

2010-10-01

... C of Part 164 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS... Protected Health Information Pt. 164, Subpt. C, App. A Appendix A to Subpart C of Part 164—Security Standards: Matrix Standards Sections Implementation Specifications (R)=Required, (A)=Addressable...

Wide-area situation awareness in electric power grid

NASA Astrophysics Data System (ADS)

Greitzer, Frank L.

2010-04-01

Two primary elements of the US energy policy are demand management and efficiency and renewable sources. Major objectives are clean energy transmission and integration, reliable energy transmission, and grid cyber security. Development of the Smart Grid seeks to achieve these goals by lowering energy costs for consumers, achieving energy independence and reducing greenhouse gas emissions. The Smart Grid is expected to enable real time wide-area situation awareness (SA) for operators. Requirements for wide-area SA have been identified among interoperability standards proposed by the Federal Energy Regulatory Commission and the National Institute of Standards and Technology to ensure smart-grid functionality. Wide-area SA and enhanced decision support and visualization tools are key elements in the transformation to the Smart Grid. This paper discusses human factors research to promote SA in the electric power grid and the Smart Grid. Topics that will be discussed include the role of human factors in meeting US energy policy goals, the impact and challenges for Smart Grid development, and cyber security challenges.

A dual-mode secure UHF RFID tag with a crypto engine in 0.13-μm CMOS

NASA Astrophysics Data System (ADS)

Tao, Yang; Linghao, Zhu; Xi, Tan; Junyu, Wang; Lirong, Zheng; Hao, Min

2016-07-01

An ultra-high-frequency (UHF) radio frequency identification (RFID) secure tag chip with a non-crypto mode and a crypto mode is presented. During the supply chain management, the tag works in the non-crypto mode in which the on-chip crypto engine is not enabled and the tag chip has a sensitivity of -12.8 dBm for long range communication. At the point of sales (POS), the tag will be switched to the crypto mode in order to protect the privacy of customers. In the crypto mode, an advanced encryption standard (AES) crypto engine is enabled and the sensitivity of the tag chip is switched to +2 dBm for short range communication, which is a method of physical protection. The tag chip is implemented and verified in a standard 0.13-μm CMOS process. Project supported by the National Science & Technology Pillar Program of China (No. 2015BAK36B01).

Assessing the Security of Connected Diabetes Devices

PubMed Central

Out, Dirk-Jan; Tettero, Olaf

2017-01-01

This article discusses the assessment of the (cyber)security of wirelessly connected diabetes devices under the DTSEC standard. We discuss the relation between diabetes devices and hackers, provide an overview of the DTSEC standard, and describe the process of security assessment of diabetes devices. PMID:28264190

45 CFR 164.308 - Administrative safeguards.

Code of Federal Regulations, 2012 CFR

2012-10-01

...)(i) Standard: Security management process. Implement policies and procedures to prevent, detect... this subpart for the entity. (3)(i) Standard: Workforce security. Implement policies and procedures to...) Standard: Information access management. Implement policies and procedures for authorizing access to...

45 CFR 164.308 - Administrative safeguards.

Code of Federal Regulations, 2011 CFR

2011-10-01

...)(i) Standard: Security management process. Implement policies and procedures to prevent, detect... this subpart for the entity. (3)(i) Standard: Workforce security. Implement policies and procedures to...) Standard: Information access management. Implement policies and procedures for authorizing access to...

Cyber Incidents Involving Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert J. Turk

2005-10-01

The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Managementmore » Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this information available to Department of Homeland Security (DHS) and others who require it. This report summarizes the rise in frequency of cyber attacks, describes the perpetrators, and identifies the means of attack. This type of analysis, when used in conjunction with vulnerability analyses, can be used to support a proactive approach to prevent cyber attacks. CSSC will use this document to evolve a standardized approach to incident reporting and analysis. This document will be updated as needed to record additional event analyses and insights regarding incident reporting. This report represents 120 cyber security incidents documented in a number of sources, including: the British Columbia Institute of Technology (BCIT) Industrial Security Incident Database, the 2003 CSI/FBI Computer Crime and Security Survey, the KEMA, Inc., Database, Lawrence Livermore National Laboratory, the Energy Incident Database, the INL Cyber Incident Database, and other open-source data. The National Memorial Institute for the Prevention of Terrorism (MIPT) database was also interrogated but, interestingly, failed to yield any cyber attack incidents. The results of this evaluation indicate that historical evidence provides insight into control system related incidents or failures; however, that the limited available information provides little support to future risk estimates. The documented case history shows that activity has increased significantly since 1988. The majority of incidents come from the Internet by way of opportunistic viruses, Trojans, and worms, but a surprisingly large number are directed acts of sabotage. A substantial number of confirmed, unconfirmed, and potential events that directly or potentially impact control systems worldwide are also identified. Twelve selected cyber incidents are presented at the end of this report as examples of the documented case studies (see Appendix B).« less

METAL MEDIA FILTERS, AG-1 SECTION FI

DOE Office of Scientific and Technical Information (OSTI.GOV)

Adamson, D.

One application of metal media filters is in various nuclear air cleaning processes including applications for protecting workers, the public and the environment from hazardous and radioactive particles. To support this application the development of the ASME AG-1 FI Standard on Metal Media has been under way for more than ten years. Development of the proposed section has required resolving several difficult issues associated with operating conditions (media velocity, pressure drop, etc.), qualification testing, and quality acceptance testing. Performance characteristics of metal media are dramatically different than the glass fiber media with respect to parameters like differential pressures, operating temperatures,more » media strength, etc. These differences make existing data for a glass fiber media inadequate for qualifying a metal media filter for AG-1. In the past much work has been conducted on metal media filters at facilities such as Lawrence Livermore National Laboratory (LLNL) and Savannah River National Laboratory (SRNL) to qualify the media as High Efficiency Particulate Air (HEPA) Filters. Particle retention testing has been conducted at Oak Ridge Filter Test Facility and at Air Techniques International (ATI) to prove that the metal media meets or exceeds the 99.97% particle retention required for a HEPA Filter. Even with his testing, data was lacking to complete an AG-1 FI Standard on metal media. With funding secured by Mississippi State University (MSU) from National Nuclear Security Administration (NNSA), a research test stand is being designed and fabricated at MSU's Institute for Clean Energy Technology (ICET) Facility to obtain qualification data on metal media. This in turn will support required data needed for the FI Standard. The paper will discuss in detail how the test stand at MSU will obtain the necessary data to complete the FI Standard.« less

An approach to quality and security of supply for single-use bioreactors.

PubMed

Barbaroux, Magali; Gerighausen, Susanne; Hackel, Heiko

2014-01-01

Single-use systems (also referred to as disposables) have become a huge part of the bioprocessing industry, which raised concern in the industry regarding quality and security of supply. Processes must be in place to assure the supply and control of outsourced activities and quality of purchased materials along the product life cycle. Quality and security of supply for single-use bioreactors (SUBs) are based on a multidisciplinary approach. Developing a state-of-the-art SUB-system based on quality by design (QbD) principles requires broad expertise and know-how including the cell culture application, polymer chemistry, regulatory requirements, and a deep understanding of the biopharmaceutical industry. Using standardized products reduces the complexity and strengthens the robustness of the supply chain. Well-established supplier relations including risk mitigation strategies are the basis for achieving long-term security of supply. Well-developed quality systems including change control approaches aligned with the requirements of the biopharmaceutical industry are a key factor in supporting long-term product availability. This chapter outlines the approach to security of supply for key materials used in single-use production processes for biopharmaceuticals from a supplier perspective.

Secure and interoperable communication infrastructures for PPDR organisations

NASA Astrophysics Data System (ADS)

Müller, Wilmuth; Marques, Hugo; Pereira, Luis; Rodriguez, Jonathan; Brouwer, Frank; Bouwers, Bert; Politis, Ilias; Lykourgiotis, Asimakis; Ladas, Alexandros; Adigun, Olayinka; Jelenc, David

2016-05-01

The growing number of events affecting public safety and security (PS&S) on a regional scale with potential to grow up to large scale cross border disasters puts an increased pressure on agencies and organisation responsible for PS&S. In order to respond timely and in an adequate manner to such events, Public Protection and Disaster Relief (PPDR) organisations need to cooperate, align their procedures and activities, share the needed information and be interoperable. Existing PPDR/PMR technologies such as TETRA, TETRAPOL or P25, do not currently provide broadband capability nor is expected such technologies to be upgraded in the future. This presents a major limitation in supporting new services and information flows. Furthermore, there is no known standard that addresses interoperability of these technologies. In this contribution the design of a next generation communication infrastructure for PPDR organisations which fulfills the requirements of secure and seamless end-to-end communication and interoperable information exchange within the deployed communication networks is presented. Based on Enterprise Architecture of PPDR organisations, a next generation PPDR network that is backward compatible with legacy communication technologies is designed and implemented, capable of providing security, privacy, seamless mobility, QoS and reliability support for mission-critical Private Mobile Radio (PMR) voice and broadband data services. The designed solution provides a robust, reliable, and secure mobile broadband communications system for a wide variety of PMR applications and services on PPDR broadband networks, including the ability of inter-system, interagency and cross-border operations with emphasis on interoperability between users in PMR and LTE.

Tailoring NIST Security Controls for the Ground System: Selection and Implementation -- Recommendations for Information System Owners

NASA Technical Reports Server (NTRS)

Takamura, Eduardo; Mangum, Kevin

2016-01-01

The National Aeronautics and Space Administration (NASA) invests millions of dollars in spacecraft and ground system development, and in mission operations in the pursuit of scientific knowledge of the universe. In recent years, NASA sent a probe to Mars to study the Red Planet's upper atmosphere, obtained high resolution images of Pluto, and it is currently preparing to find new exoplanets, rendezvous with an asteroid, and bring a sample of the asteroid back to Earth for analysis. The success of these missions is enabled by mission assurance. In turn, mission assurance is backed by information assurance. The information systems supporting NASA missions must be reliable as well as secure. NASA - like every other U.S. Federal Government agency - is required to manage the security of its information systems according to federal mandates, the most prominent being the Federal Information Security Management Act (FISMA) of 2002 and the legislative updates that followed it. Like the management of enterprise information technology (IT), federal information security management takes a "one-size fits all" approach for protecting IT systems. While this approach works for most organizations, it does not effectively translate into security of highly specialized systems such as those supporting NASA missions. These systems include command and control (C&C) systems, spacecraft and instrument simulators, and other elements comprising the ground segment. They must be carefully configured, monitored and maintained, sometimes for several years past the missions' initially planned life expectancy, to ensure the ground system is protected and remains operational without any compromise of its confidentiality, integrity and availability. Enterprise policies, processes, procedures and products, if not effectively tailored to meet mission requirements, may not offer the needed security for protecting the information system, and they may even become disruptive to mission operations. Certain protective measures for the general enterprise may not be as efficient within the ground segment. This is what the authors have concluded through observations and analysis of patterns identified from the various security assessments performed on NASA missions such as MAVEN, OSIRIS-REx, New Horizons and TESS, to name a few. The security audits confirmed that the framework for managing information system security developed by the National Institute of Standards and Technology (NIST) for the federal government, and adopted by NASA, is indeed effective. However, the selection of the technical, operational and management security controls offered by the NIST model - and how they are implemented - does not always fit the nature and the environment where the ground system operates in even though there is no apparent impact on mission success. The authors observed that unfit controls, that is, controls that are not necessarily applicable or sufficiently effective in protecting the mission systems, are often selected to facilitate compliance with security requirements and organizational expectations even if the selected controls offer minimum or non-existent protection. This paper identifies some of the standard security controls that can in fact protect the ground system, and which of them offer little or no benefit at all. It offers multiple scenarios from real security audits in which the controls are not effective without, of course, disclosing any sensitive information about the missions assessed. In addition to selection and implementation of controls, the paper also discusses potential impact of recent legislation such as the Federal Information Security Modernization Act (FISMA) of 2014 - aimed at the enterprise - on the ground system, and offers other recommendations to Information System Owners (ISOs).

6 CFR 27.215 - Security vulnerability assessments.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Security vulnerability assessments. 27.215... FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.215 Security vulnerability...-risk, the facility must complete a Security Vulnerability Assessment. A Security Vulnerability...

Security Requirements Management in Software Product Line Engineering

NASA Astrophysics Data System (ADS)

Mellado, Daniel; Fernández-Medina, Eduardo; Piattini, Mario

Security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this chapter we will propose a security requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.

12 CFR Appendix D-2 to Part 208 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2010 CFR

2010-01-01

... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for.... Definitions II. Standards for Safeguarding Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of...

12 CFR Appendix F to Part 225 - Interagency Guidelines Establishing Information Security Standards

Code of Federal Regulations, 2010 CFR

2010-01-01

... Relationships Risk Management Principles,” Nov. 1, 2001; FDIC FIL 68-99, Risk Assessment Tools and Practices for.... Standards for Safeguarding Customer Information A. Information Security Program B. Objectives III. Development and Implementation of Customer Information Security Program A. Involve the Board of Directors B...

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 42 Public Health 2 2012-10-01 2012-10-01 false HIPAA privacy, security, administrative data standards, and national identifiers. 403.812 Section 403.812 Public Health CENTERS FOR MEDICARE & MEDICAID... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security...

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 42 Public Health 2 2014-10-01 2014-10-01 false HIPAA privacy, security, administrative data standards, and national identifiers. 403.812 Section 403.812 Public Health CENTERS FOR MEDICARE & MEDICAID... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security...

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 42 Public Health 2 2010-10-01 2010-10-01 false HIPAA privacy, security, administrative data standards, and national identifiers. 403.812 Section 403.812 Public Health CENTERS FOR MEDICARE & MEDICAID... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security...

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 42 Public Health 2 2013-10-01 2013-10-01 false HIPAA privacy, security, administrative data standards, and national identifiers. 403.812 Section 403.812 Public Health CENTERS FOR MEDICARE & MEDICAID... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security...

42 CFR 403.812 - HIPAA privacy, security, administrative data standards, and national identifiers.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 42 Public Health 2 2011-10-01 2011-10-01 false HIPAA privacy, security, administrative data standards, and national identifiers. 403.812 Section 403.812 Public Health CENTERS FOR MEDICARE & MEDICAID... Prescription Drug Discount Card and Transitional Assistance Program § 403.812 HIPAA privacy, security...

76 FR 80241 - Revisions to Rules of Conduct and Standards of Responsibility for Representatives

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-23

... SOCIAL SECURITY ADMINISTRATION 20 CFR Parts 404 and 416 [Docket No. SSA-2011-0016] RIN 0960-AH32 Revisions to Rules of Conduct and Standards of Responsibility for Representatives AGENCY: Social Security.... FOR FURTHER INFORMATION CONTACT: Andrew Maunz, Office of the General Counsel, Social Security...

Contemporary women's secure psychiatric services in the United Kingdom: A qualitative analysis of staff views.

PubMed

Walker, T; Edge, D; Shaw, J; Wilson, H; McNair, L; Mitchell, H; Gutridge, K; Senior, J; Sutton, M; Meacock, R; Abel, K

2017-11-01

WHAT IS KNOWN ON THE SUBJECT?: Three pilot UK-only Women's Enhanced Medium Secure Services (WEMSS) was opened in 2007 to support women's movement from high secure care and provide a bespoke, women-only service. Evidence suggests that women's secure services are particularly challenging environments to work in and staffing issues (e.g., high turnover) can cause difficulties in establishing a therapeutic environment. Research in this area has focused on the experiences of service users. Studies which have examined staff views have focused on their feelings towards women in their care and the emotional burden of working in women's secure services. No papers have made a direct comparison between staff working in different services. WHAT DOES THIS STUDY ADD TO EXISTING KNOWLEDGE?: This is the first study to explore the views and experiences of staff in the three UK WEMSS pilot services and contrast them with staff from women's medium secure services. Drawing upon data from eighteen semi-structured interviews (nine WEMSS, nine non-WEMSS), key themes cover staff perceptions of factors important for women's recovery and their views on operational aspects of services. This study extends our understanding of the experiences of staff working with women in secure care and bears relevance for staff working internationally, as well as in UK services. WHAT ARE THE IMPLICATIONS FOR PRACTICE?: The study reveals the importance of induction and training for bank and agency staff working in women's secure services. Further, regular clinical supervision should be mandatory for all staff so they are adequately supported. Introduction Women's Enhanced Medium Secure Services (WEMSS) is bespoke, gender-sensitive services which opened in the UK in 2007 at three pilot sites. This study is the first of its kind to explore the experiences of WEMSS staff, directly comparing them to staff in a standard medium secure service for women. The literature to date has focused on the experiences of service users or staff views on working with women in secure care. Aim This qualitative study, embedded in a multimethod evaluation of WEMSS, aimed to explore the views and experiences of staff in WEMSS and comparator medium secure services. Methods Qualitative interviews took place with nine WEMSS staff and nine comparator medium secure staff. Interviews focused on factors important for recovery, barriers to facilitating recovery and operational aspects of the service. Discussion This study provides a rare insight into the perspectives of staff working in UK women's secure services, an under-researched area in the UK and internationally. Findings suggest that the success of services, including WEMSS, is compromised by operational factors such as the use of bank staff. Implications for practice Comprehensive training and supervision should be mandatory for all staff, so best practice is met and staff adequately supported. © 2017 John Wiley & Sons Ltd.

SocialRAD: an infrastructure for a secure, cooperative, asynchronous teleradiology system.

PubMed

Figueiredo, João Filho Matos; Motta, Gustavo Henrique Matos Bezerra

2013-01-01

The popularity of teleradiology services has enabled a major advance in the provision of health services to areas with difficult geographical access. However, this potential has also brought with it a number of challenges: the large volume of data, characteristic of imaging tests, and security requirements designed to ensure confidentiality and integrity. Moreover, there is also a number of ethical questions involving the dominant model on the market, whereby this service is outsourced to private companies, and is not directly undertaken by professional radiologists. Therefore, the present paper proposes a cooperative model of teleradiology, where health professionals interact directly with the hospitals providing patient care. This has involved the integration of a wide range of technologies, such as the interconnection models Peer-to-Peer, Cloud Computing, Dynamic DNS, RESTful Web Services, as well as security and interoperability standards, with the aim of promoting a secure, collaborative asynchronous environment. The developed model is currently being used on an experimental basis, providing teleradiology support to cities in the north-eastern hinterland of Brazil, and is fulfilling all expectations.

17 CFR 450.3 - Exemption for holdings subject to fiduciary standards.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 3 2010-04-01 2010-04-01 false Exemption for holdings subject to fiduciary standards. 450.3 Section 450.3 Commodity and Securities Exchanges DEPARTMENT OF THE... standards. (a) The Secretary has determined that the rules and standards of the Comptroller of the Currency...

17 CFR 450.3 - Exemption for holdings subject to fiduciary standards.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Exemption for holdings subject to fiduciary standards. 450.3 Section 450.3 Commodity and Securities Exchanges DEPARTMENT OF THE... standards. (a) The Secretary has determined that the rules and standards of the Comptroller of the Currency...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law enforcement support. (a) In accordance with § 1542.217, each airport operator required to have a security... system. (b) Each airport required to have a security program under § 1542.103(c) must ensure that: (1...

Proof of Concept Integration of a Single-Level Service-Oriented Architecture into a Multi-Domain Secure Environment

DTIC Science & Technology

2008-03-01

Machine [29]. OC4J applications support Java Servlets , Web services, and the following J2EE specific standards: Extensible Markup Language (XML...IMAP Internet Message Access Protocol IP Internet Protocol IT Information Technology xviii J2EE Java Enterprise Environment JSR 168 Java ...LDAP), World Wide Web Distributed Authoring and Versioning (WebDav), Java Specification Request 168 (JSR 168), and Web Services for Remote

Device interoperability and authentication for telemedical appliance based on the ISO/IEEE 11073 Personal Health Device (PHD) Standards.

PubMed

Caranguian, Luther Paul R; Pancho-Festin, Susan; Sison, Luis G

2012-01-01

In this study, we focused on the interoperability and authentication of medical devices in the context of telemedical systems. A recent standard called the ISO/IEEE 11073 Personal Health Device (X73-PHD) Standards addresses the device interoperability problem by defining common protocols for agent (medical device) and manager (appliance) interface. The X73-PHD standard however has not addressed security and authentication of medical devices which is important in establishing integrity of a telemedical system. We have designed and implemented a security policy within the X73-PHD standards. The policy will enable device authentication using Asymmetric-Key Cryptography and the RSA algorithm as the digital signature scheme. We used two approaches for performing the digital signatures: direct software implementation and use of embedded security modules (ESM). The two approaches were evaluated and compared in terms of execution time and memory requirement. For the standard 2048-bit RSA, ESM calculates digital signatures only 12% of the total time for the direct implementation. Moreover, analysis shows that ESM offers more security advantage such as secure storage of keys compared to using direct implementation. Interoperability with other systems was verified by testing the system with LNI Healthlink, a manager software that implements the X73-PHD standard. Lastly, security analysis was done and the system's response to common attacks on authentication systems was analyzed and several measures were implemented to protect the system against them.

A demonstration of CMOS VLSI circuit prototyping in support of the site facility using the 1.2 micron standard cell library developed by National Security Agency

NASA Technical Reports Server (NTRS)

Smith, Edwyn D.

1991-01-01

Two silicon CMOS application specific integrated circuits (ASICs), a data generation chip, and a data checker chip were designed. The conversion of the data generator circuitry into a pair of CMOS ASIC chips using the 1.2 micron standard cell library is documented. The logic design of the data checker is discussed. The functions of the control circuitry is described. An accurate estimate of timing relationships is essential to make sure that the logic design performs correctly under practical conditions. Timing and delay information are examined.

Birds of a Feather: Supporting Secure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Braswell III, H V

2006-04-24

Over the past few years Lawrence Livermore National Laboratory has begun the process of moving to a diskless environment in the Secure Computer Support realm. This movement has included many moving targets and increasing support complexity. We would like to set up a forum for Security and Support professionals to get together from across the Complex and discuss current deployments, lessons learned, and next steps. This would include what hardware, software, and hard copy based solutions are being used to manage Secure Computing. The topics to be discussed include but are not limited to: Diskless computing, port locking and management,more » PC, Mac, and Linux/UNIX support and setup, system imaging, security setup documentation and templates, security documentation and management, customer tracking, ticket tracking, software download and management, log management, backup/disaster recovery, and mixed media environments.« less

HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation

NASA Astrophysics Data System (ADS)

Jin, Jin; Zhang, Jianguo; Chen, Xiaomeng; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Feng, Jie; Sheng, Liwei; Huang, H. K.

2006-03-01

As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails can be used for surveillance purposes, to detect when interesting events might be happening that warrant further investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong and who or what was at fault. In order to provide security control services and to achieve the high and continuous availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the Monitor Server gathers all audit messages and processes them to provide security information in three levels: system resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server. This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation, and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.

77 FR 14843 - [Securities Act of 1933; Release No. 9300/March 7, 2012; Securities Exchange Act of 1934; Release...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-13

..., as generally accepted for purposes of the securities laws, any accounting principles established by a... concluding that the Financial Accounting Standards Board (``FASB'') and its parent organization, the Financial Accounting Foundation (``FAF''), satisfied the criteria for an accounting standard-setting body...

75 FR 39437 - Optimizing the Security of Biological Select Agents and Toxins in the United States

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-08

... recommended laboratory critical infrastructure security standards in these areas; and 5. other emerging policy... legitimate activities. (c) Understanding that research and laboratory work on BSAT is essential to both... of the SAR that would establish security standards specific to Tier 1 agents and toxins. (b) The...

A risk management approach to CAIS development

NASA Technical Reports Server (NTRS)

Hart, Hal; Kerner, Judy; Alden, Tony; Belz, Frank; Tadman, Frank

1986-01-01

The proposed DoD standard Common APSE Interface Set (CAIS) was developed as a framework set of interfaces that will support the transportability and interoperability of tools in the support environments of the future. While the current CAIS version is a promising start toward fulfilling those goals and current prototypes provide adequate testbeds for investigations in support of completing specifications for a full CAIS, there are many reasons why the proposed CAIS might fail to become a usable product and the foundation of next-generation (1990'S) project support environments such as NASA's Space Station software support environment. The most critical threats to the viability and acceptance of the CAIS include performance issues (especially in piggybacked implementations), transportability, and security requirements. To make the situation worse, the solution to some of these threats appears to be at conflict with the solutions to others.

Alternative Futures: United States Air Force Security Police in the Twenty-First Century

DTIC Science & Technology

1988-04-01

34What policies should today’s Air Force leadership be pursuing to prepare for tomorrow’s combat support and security police roles?’ The monograph...Further, it addresses the capability of the Air Force to respond to its future combat support and security police missions and their integration into the...security police organizations. His most recent assignments were as the deputy commander of a combat support group and the commander of a security police

Compliance with HIPAA security standards in U.S. Hospitals.

PubMed

Davis, Diane; Having, Karen

2006-01-01

With the widespread use of computer networks, the amount of information stored electronically has grown exponentially, resulting in increased concern for privacy and security of information. The healthcare industry has been put to the test with the federally mandated Health Insurance Portability and Accountability Act (HIPAA) of 1996. To assess the compliance status of HIPAA security standards, a random sample of 1,000 U.S. hospitals was surveyed in January 2004, yielding a return rate of 29 percent. One year later, a follow-up survey was sent to all previous respondents, with 50 percent replying. HIPAA officers'perceptions of security compliance in 2004 and 2005 are compared in this article. The security standards achieving the highest level of compliance in both 2004 and 2005 were obtaining required business associate agreements and physical safeguards to limit access to electronic information systems. Respondents indicated least compliance both years in performing periodic evaluation of security practices governed by the Security Rule. Roadblocks, threats, problems and solutions regarding HIPAA compliance are discussed. This information may be applied to current and future strategies toward maintaining security of information systems throughout the healthcare industry.

17 CFR 5.18 - Trading and operational standards.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Trading and operational standards. 5.18 Section 5.18 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION OFF-EXCHANGE FOREIGN CURRENCY TRANSACTIONS § 5.18 Trading and operational standards. (a) For purposes of this...

77 FR 52692 - NIST Federal Information Processing Standard (FIPS) 140-3 (Second Draft), Security Requirements...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-08-30

...-03] NIST Federal Information Processing Standard (FIPS) 140-3 (Second Draft), Security Requirements... Technology (NIST), Commerce. ACTION: Notice and Request for Comments. SUMMARY: The National Institute of Standards and Technology (NIST) seeks additional comments on specific sections of Federal Information...

12 CFR 234.4 - Standards for central securities depositories and central counterparties.

Code of Federal Regulations, 2013 CFR

2013-01-01

... it meets or exceeds the following risk-management standards with respect to the payment, clearing... central counterparty's risk-management procedures. (9) The central securities depository or central... plausible market conditions. (b) The Board, by order, may apply heightened risk-management standards to a...

12 CFR 234.4 - Standards for central securities depositories and central counterparties.

Code of Federal Regulations, 2014 CFR

2014-01-01

... it meets or exceeds the following risk-management standards with respect to the payment, clearing... central counterparty's risk-management procedures. (9) The central securities depository or central... plausible market conditions. (b) The Board, by order, may apply heightened risk-management standards to a...

Dataset on the Impact of GO-NGO Support on Crop Intensification and Food Security in Bangladesh.

PubMed

Islam, Md Monirul; Jannat, Arifa; Dhar, Aurup Ratan

2018-06-01

The data used in this article elucidated crop intensification and farmers' food security status through GO-NGO support in Bangladesh. A total of 200 farmers (100 from non-supported and 100 from GO-NGO supported) were selected for data collection using purposive sampling technique. The collected data showed that GO-NGO support has a significant impact on changes in agricultural enterprises. Majority (63.3%) of the households belong to the low intensity category for non-supported farmers. In case of GO-NGO supported farmers, majority (73.3%) of the households belong to the high intensity category. The food security indices values showed that the food security index for non-supported farm households was 0.97 and for GO-NGO supported farm households, it was 1.07.

Clinicians, security and information technology support services in practice settings--a pilot study.

PubMed

Fernando, Juanita

2010-01-01

This case study of 9 information technology (IT) support staff in 3 Australian (Victoria) public hospitals juxtaposes their experiences at the user-level of eHealth security in the Natural Hospital Environment with that previously reported by 26 medical, nursing and allied healthcare clinicians. IT support responsibilities comprised the entire hospital, of which clinician eHealth security needs were only part. IT staff believed their support tasks were often fragmented while work responsibilities were hampered by resources shortages. They perceived clinicians as an ongoing security risk to private health information. By comparison clinicians believed IT staff would not adequately support the private and secure application of eHealth for patient care. Preliminary data analysis suggests the tension between these cohorts manifests as an eHealth environment where silos of clinical work are disconnected from silos of IT support work. The discipline-based silos hamper health privacy outcomes. Privacy and security policies, especially those influencing the audit process, will benefit by further research of this phenomenon.

17 CFR 41.21 - Requirements for underlying securities.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Requirements for underlying securities. 41.21 Section 41.21 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SECURITY FUTURES PRODUCTS Requirements and Standards for Listing Security Futures Products § 41.21...

Social security and mortality: the role of income support policies and population health in the United States.

PubMed

Arno, Peter S; House, James S; Viola, Deborah; Schechter, Clyde

2011-05-01

Social Security is the most important and effective income support program ever introduced in the United States, alleviating the burden of poverty for millions of elderly Americans. We explored the possible role of Social Security in reducing mortality among the elderly. In support of this hypothesis, we found that declines in mortality among the elderly exceeded those among younger age groups following the initial implementation of Social Security in 1940, and also in the periods following marked improvements in Social Security benefits via legislation and indexing of benefits that occurred between the mid-1960s and the early 1970s. A better understanding of the link between Social Security and health status among the elderly would add a significant and missing dimension to the public discourse over the future of Social Security, and the potential role of income support programs in reducing health-related socioeconomic disparities and improving population health.

Safe and Effective Deployment of Personnel to Support the Ebola Response - West Africa.

PubMed

Rouse, Edward N; Zarecki, Shauna Mettee; Flowers, Donald; Robinson, Shawn T; Sheridan, Reed J; Goolsby, Gary D; Nemhauser, Jeffrey; Kuwabara, Sachiko

2016-07-08

From the initial task of getting "50 deployers within 30 days" into the field to support the 2014-2016 Ebola virus disease (Ebola) epidemic response in West Africa to maintaining well over 200 staff per day in the most affected countries (Guinea, Liberia, and Sierra Leone) during the peak of the response, ensuring the safe and effective deployment of international responders was an unprecedented accomplishment by CDC. Response experiences shared by CDC deployed staff returning from West Africa were quickly incorporated into lessons learned and resulted in new activities to better protect the health, safety, security, and resiliency of responding personnel. Enhanced screening of personnel to better match skill sets and experience with deployment needs was developed as a staffing strategy. The mandatory predeployment briefings were periodically updated with these lessons to ensure that staff were aware of what to expect before, during, and after their deployments. Medical clearance, security awareness, and resiliency programs became a standard part of both predeployment and postdeployment activities. Response experience also led to the identification and provision of more appropriate equipment for the environment. Supporting the social and emotional needs of deployed staff and their families also became an agency focus for care and communication. These enhancements set a precedent as a new standard for future CDC responses, regardless of size or complexity.The activities summarized in this report would not have been possible without collaboration with many U.S and international partners (http://www.cdc.gov/vhf/ebola/outbreaks/2014-west-africa/partners.html).

17 CFR 230.238 - Exemption for standardized options.

Code of Federal Regulations, 2010 CFR

2010-04-01

... options. 230.238 Section 230.238 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION... Exemption for standardized options. (a) Exemption. Except as expressly provided in paragraphs (b) and (c) of this section, the Act does not apply to any standardized option, as that term is defined by section 240...

The Internet: friend or foe when providing patient education?

PubMed

Anderson, Amy Shelton; Klemm, Paula

2008-02-01

The Internet has changed how patients with cancer learn about and cope with their disease. Newly diagnosed patients with cancer often have complex educational and informational needs related to diagnosis and treatment. Nurses frequently encounter time and work-related constraints that can interfere with the provision of patient education. They are challenged to educate patients in an environment of rapidly expanding and innovative computer technology. Barriers that hinder nurses in integrating educational Internet resources into patient care include lack of training, time constraints, and inadequate administrative support. Advantages of Internet use for patient education and support include wide-ranging and current information, a variety of teaching formats, patient empowerment, new communication options, and support 24 hours a day, seven days a week. Pitfalls associated with Internet use for patients with cancer include inaccurate information, lack of access, poor quality of online resources, and security and privacy issues. Nurses routinely use computer technology in the workplace and follow rigorous security and privacy standards to protect patient information. Those skills can provide the foundation for the use of online sources for patient teaching. Nurses play an important role in helping patients evaluate the veracity of online information and introducing them to reliable Internet resources.

75 FR 36125 - Office of New Reactors; Proposed Revision to Standard Review Plan, Section 13.6.2, Revision 1 on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-24

... Standard Review Plan, Section 13.6.2, Revision 1 on Physical Security--Design Certification AGENCY: Nuclear... comment on NUREG-0800, ``Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants,'' on a proposed Revision 1 to Standard Review Plan (SRP), Section 13.6.2 on ``Physical Security...

Global standards and local knowledge building: Upgrading small producers in developing countries

PubMed Central

Perez-Aleman, Paola

2012-01-01

Local knowledge building is a crucial factor for upgrading small producers and improving their market competitiveness and livelihoods. The rise of global standards affecting food safety and environmental sustainability in agriculture sparks debates on the impact on smallholders in developing countries. This article presents a perspective on the links of international standards to knowledge and institution building for developing the capabilities of small producers. Interacting with global practices, indigenous private and public actors create local institutions to develop capabilities for product and process innovations that contribute to economic development and enhance food security. Local innovation depends on collective strategic efforts through increasing networks among small producers and other organizations, including firms, nongovernmental organizations, and government, that foster knowledge circulation and bring diverse resources and support to build local capabilities. PMID:21670309

Global standards and local knowledge building: upgrading small producers in developing countries.

PubMed

Perez-Aleman, Paola

2012-07-31

Local knowledge building is a crucial factor for upgrading small producers and improving their market competitiveness and livelihoods. The rise of global standards affecting food safety and environmental sustainability in agriculture sparks debates on the impact on smallholders in developing countries. This article presents a perspective on the links of international standards to knowledge and institution building for developing the capabilities of small producers. Interacting with global practices, indigenous private and public actors create local institutions to develop capabilities for product and process innovations that contribute to economic development and enhance food security. Local innovation depends on collective strategic efforts through increasing networks among small producers and other organizations, including firms, nongovernmental organizations, and government, that foster knowledge circulation and bring diverse resources and support to build local capabilities.

6 CFR 27.204 - Minimum concentration by security issue.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Minimum concentration by security issue. 27.204 Section 27.204 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.204 Minimum concentration by...

17 CFR 41.25 - Additional conditions for trading for security futures products.

Code of Federal Regulations, 2011 CFR

2011-04-01

... trading for security futures products. 41.25 Section 41.25 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SECURITY FUTURES PRODUCTS Requirements and Standards for Listing Security Futures Products § 41.25 Additional conditions for trading for security futures products. (a) Common...

17 CFR 41.25 - Additional conditions for trading for security futures products.

Code of Federal Regulations, 2012 CFR

2012-04-01

... trading for security futures products. 41.25 Section 41.25 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SECURITY FUTURES PRODUCTS Requirements and Standards for Listing Security Futures Products § 41.25 Additional conditions for trading for security futures products. (a) Common...

17 CFR 41.25 - Additional conditions for trading for security futures products.

Code of Federal Regulations, 2013 CFR

2013-04-01

... trading for security futures products. 41.25 Section 41.25 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION SECURITY FUTURES PRODUCTS Requirements and Standards for Listing Security Futures Products § 41.25 Additional conditions for trading for security futures products. (a) Common...

17 CFR 41.25 - Additional conditions for trading for security futures products.

Code of Federal Regulations, 2014 CFR

2014-04-01

... trading for security futures products. 41.25 Section 41.25 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION (CONTINUED) SECURITY FUTURES PRODUCTS Requirements and Standards for Listing Security Futures Products § 41.25 Additional conditions for trading for security futures products. (a...

45 CFR 303.30 - Securing medical support information.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 45 Public Welfare 2 2012-10-01 2012-10-01 false Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT... noncustodial parent; (4) Name and social security number of child(ren); (5) Home address of noncustodial parent...

International organizations to enable world-wide mobile satellite services

NASA Technical Reports Server (NTRS)

Anglin, Richard L., Jr.

1993-01-01

Numbers of systems exist or have been proposed to provide world-wide mobile satellite services (MSS). Developers of these systems have formulated institutional structures they consider most appropriate for profitable delivery of these services. MSS systems provide niche services and complement traditional telecommunications networks; they are not integrated into world-wide networks. To be successful, MSS system operators must be able to provide an integrated suite of services to support the increasing globalization, interconnectivity, and mobility of business. The critical issue to enabling 'universal roaming' is securing authority to provide MSS in all of the nations of the world. Such authority must be secured in the context of evolving trends in international telecommunications, and must specifically address issues of standardization, regulation and organization. Today, only one existing organization has such world-wide authority. The question is how proponents of new MSS systems and services can gain similar authority. Securing the appropriate authorizations requires that these new organizations reflect the objectives of the nations in which services are to be delivered.

Joint External Evaluation—Development and Scale-Up of Global Multisectoral Health Capacity Evaluation Process

PubMed Central

Bell, Elizabeth; Ijaz, Kashef; Bartee, Maureen; Fernandez, Jose; Burris, Hannah; Sliter, Karen; Nikkari, Simo; Chungong, Stella; Rodier, Guenael; Jafari, Hamid

2017-01-01

The Joint External Evaluation (JEE), a consolidation of the World Health Organization (WHO) International Health Regulations 2005 (IHR 2005) Monitoring and Evaluation Framework and the Global Health Security Agenda country assessment tool, is an objective, voluntary, independent peer-to-peer multisectoral assessment of a country’s health security preparedness and response capacity across 19 IHR technical areas. WHO approved the standardized JEE tool in February 2016. The JEE process is wholly transparent; countries request a JEE and are encouraged to make its findings public. Donors (e.g., member states, public and private partners, and other public health institutions) can support countries in addressing identified JEE gaps, and implementing country-led national action plans for health security. Through July 2017, 52 JEEs were completed, and 25 more countries were scheduled across WHO’s 6 regions. JEEs facilitate progress toward IHR 2005 implementation, thereby building trust and mutual accountability among countries to detect and respond to public health threats. PMID:29155678

78 FR 66318 - Securities Investor Protection Corporation

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-05

...] Securities Investor Protection Corporation AGENCY: Securities and Exchange Commission. ACTION: Proposed rule. SUMMARY: The Securities Investor Protection Corporation (``SIPC'') filed a proposed rule change with the... satisfaction of customer claims for standardized options under the Securities Investor Protection Act of 1970...

Support system, excavation arrangement, and process of supporting an object

DOE Office of Scientific and Technical Information (OSTI.GOV)

Arnold, Bill W.

2017-08-01

A support system, an excavation arrangement, and a process of supporting an object are disclosed. The support system includes a weight-bearing device and a camming mechanism positioned below the weight-bearing device. A downward force on the weight-bearing device at least partially secures the camming mechanism to opposing surfaces. The excavation arrangement includes a borehole, a support system positioned within and secured to the borehole, and an object positioned on and supported by the support system. The process includes positioning and securing the support system and positioning the object on the weight-bearing device.

An Evaluation Methodology for the Usability and Security of Cloud-based File Sharing Technologies

DTIC Science & Technology

2012-09-01

FISMA, ISO 27001 , FIPS 140-2, and ISO 270001) indicate a cloud-based service’s compliance with industry standard security controls, management and...Information Assurance IEEE Institute of Electrical and Electronics Engineers IT Information Technology ITS Insider Threat Study ISO International...effectively, efficiently and with satisfaction” (International Organization for Standardization [ ISO ], 1998). Alternately, information security

The policy of import substitution as the basis for economic security and well-being of society

NASA Astrophysics Data System (ADS)

Makasheva, Yu S.; Makasheva, N. P.; Gromova, A. S.; Andreeva, N. V.; Ishtunov, S. A.

2016-09-01

The study presents the analysis of import substitution opportunities on separate branches of economic activity, preceding the realization of import substitution policy with the aim to support national economic security, which is essential for the contemporary society welfare insurance. Currently, social well-being is considered to be the reflection of economic activity, the instrument of state influence on the society, as well as an indicator of the social security system. Due to the fact that Russia is integrated into the world economy, the foreign-economic policy currently is playing an important role in the development of national security and the state's interest to the spheres of economy considering external and internal threats. Decline in external economic conditions may result in serious consequences for the functioning and development of the country as well as for the trade and investment activities, which will further lead to the decline in export, withdrawal of capital, recession of industrial production, trade and investment sphere, fall of GDP and living standards. Thus, considering the current state of instability in the world economy and the growing political tension in relation to Russian Federation, the measures to increase economic security in the country should be taken. The policy of import substitution is considered to be one of the major solutions nowadays.

L-Band Digital Aeronautical Communications System Engineering - Initial Safety and Security Risk Assessment and Mitigation

NASA Technical Reports Server (NTRS)

Zelkin, Natalie; Henriksen, Stephen

2011-01-01

This document is being provided as part of ITT's NASA Glenn Research Center Aerospace Communication Systems Technical Support (ACSTS) contract NNC05CA85C, Task 7: "New ATM Requirements--Future Communications, C-Band and L-Band Communications Standard Development." ITT has completed a safety hazard analysis providing a preliminary safety assessment for the proposed L-band (960 to 1164 MHz) terrestrial en route communications system. The assessment was performed following the guidelines outlined in the Federal Aviation Administration Safety Risk Management Guidance for System Acquisitions document. The safety analysis did not identify any hazards with an unacceptable risk, though a number of hazards with a medium risk were documented. This effort represents a preliminary safety hazard analysis and notes the triggers for risk reassessment. A detailed safety hazards analysis is recommended as a follow-on activity to assess particular components of the L-band communication system after the technology is chosen and system rollout timing is determined. The security risk analysis resulted in identifying main security threats to the proposed system as well as noting additional threats recommended for a future security analysis conducted at a later stage in the system development process. The document discusses various security controls, including those suggested in the COCR Version 2.0.

45 CFR 307.13 - Security and confidentiality for computerized support enforcement systems in operation after...

Code of Federal Regulations, 2010 CFR

2010-10-01

... ENFORCEMENT SYSTEMS § 307.13 Security and confidentiality for computerized support enforcement systems in... systems in operation after October 1, 1997. (a) Information integrity and security. Have safeguards... 45 Public Welfare 2 2010-10-01 2010-10-01 false Security and confidentiality for computerized...

6 CFR 27.200 - Information regarding security risk for a chemical facility.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Information regarding security risk for a chemical facility. 27.200 Section 27.200 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.200 Information...

49 CFR 193.2911 - Security lighting.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Security lighting. 193.2911 Section 193.2911...: FEDERAL SAFETY STANDARDS Security § 193.2911 Security lighting. Where security warning systems are not provided for security monitoring under § 193.2913, the area around the facilities listed under § 193.2905(a...

49 CFR 193.2911 - Security lighting.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Security lighting. 193.2911 Section 193.2911...: FEDERAL SAFETY STANDARDS Security § 193.2911 Security lighting. Where security warning systems are not provided for security monitoring under § 193.2913, the area around the facilities listed under § 193.2905(a...

49 CFR 193.2911 - Security lighting.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Security lighting. 193.2911 Section 193.2911...: FEDERAL SAFETY STANDARDS Security § 193.2911 Security lighting. Where security warning systems are not provided for security monitoring under § 193.2913, the area around the facilities listed under § 193.2905(a...

17 CFR 229.801 - Securities Act industry guides.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false Securities Act industry guides. 229.801 Section 229.801 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry...

17 CFR 229.801 - Securities Act industry guides.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false Securities Act industry guides. 229.801 Section 229.801 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry...

17 CFR 229.801 - Securities Act industry guides.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false Securities Act industry guides. 229.801 Section 229.801 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry...

17 CFR 229.801 - Securities Act industry guides.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false Securities Act industry guides. 229.801 Section 229.801 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD... AND CONSERVATION ACT OF 1975-REGULATION S-K List of Industry Guides § 229.801 Securities Act industry...

United States Department of Energy National Nuclear Security Administration Sandia Field Office NESHAP Annual Report CY2014 for Sandia National Laboratories New Mexico

DOE Office of Scientific and Technical Information (OSTI.GOV)

evelo, stacie; Miller, Mark L.

2015-05-01

This report provides a summary of the radionuclide releases from the United States (U.S.) Department of Energy (DOE) National Nuclear Security Administration facilities at Sandia National Laboratories, New Mexico (SNL/NM) during Calendar Year (CY) 2014, including the data, calculations, and supporting documentation for demonstrating compliance with 40 Code of Federal Regulation (CFR) 61, Subpart H--NATIONAL EMISSION STANDARDS FOR EMISSIONS OF RADIONUCLIDES OTHER THAN RADON FROM DEPARTMENT OF ENERGY FACILITIES. A description is given of the sources and their contributions to the overall dose assessment. In addition, the maximally exposed individual (MEI) radiological dose calculation and the population dose to localmore » and regional residents are discussed.« less

75 FR 36126 - Office of New Reactors; Proposed Revision to Standard Review Plan Section 13.6.3, Revision 1 on...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-06-24

... Standard Review Plan Section 13.6.3, Revision 1 on Physical Security--Early Site Permit AGENCY: Nuclear... comment on NUREG-0800, ``Standard Review Plan for the Review of Safety Analysis Reports for Nuclear Power Plants,'' on a proposed Revision 1 to Standard Review Plan (SRP), Section 13.6.3 on ``Physical Security...

17 CFR 155.6 - Trading standards for the transaction of business on registered derivatives transaction execution...

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 1 2011-04-01 2011-04-01 false Trading standards for the transaction of business on registered derivatives transaction execution facilities. 155.6 Section 155.6 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.6 Trading...

17 CFR 155.6 - Trading standards for the transaction of business on registered derivatives transaction execution...

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 1 2010-04-01 2010-04-01 false Trading standards for the transaction of business on registered derivatives transaction execution facilities. 155.6 Section 155.6 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.6 Trading...

17 CFR 155.6 - Trading standards for the transaction of business on registered derivatives transaction execution...

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 1 2012-04-01 2012-04-01 false Trading standards for the transaction of business on registered derivatives transaction execution facilities. 155.6 Section 155.6 Commodity and Securities Exchanges COMMODITY FUTURES TRADING COMMISSION TRADING STANDARDS § 155.6 Trading...

Study and validation of tools interoperability in JPSEC

NASA Astrophysics Data System (ADS)

Conan, V.; Sadourny, Y.; Jean-Marie, K.; Chan, C.; Wee, S.; Apostolopoulos, J.

2005-08-01

Digital imagery is important in many applications today, and the security of digital imagery is important today and is likely to gain in importance in the near future. The emerging international standard ISO/IEC JPEG-2000 Security (JPSEC) is designed to provide security for digital imagery, and in particular digital imagery coded with the JPEG-2000 image coding standard. One of the primary goals of a standard is to ensure interoperability between creators and consumers produced by different manufacturers. The JPSEC standard, similar to the popular JPEG and MPEG family of standards, specifies only the bitstream syntax and the receiver's processing, and not how the bitstream is created or the details of how it is consumed. This paper examines the interoperability for the JPSEC standard, and presents an example JPSEC consumption process which can provide insights in the design of JPSEC consumers. Initial interoperability tests between different groups with independently created implementations of JPSEC creators and consumers have been successful in providing the JPSEC security services of confidentiality (via encryption) and authentication (via message authentication codes, or MACs). Further interoperability work is on-going.

49 CFR 193.2909 - Security communications.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Security communications. 193.2909 Section 193.2909...: FEDERAL SAFETY STANDARDS Security § 193.2909 Security communications. A means must be provided for: (a) Prompt communications between personnel having supervisory security duties and law enforcement officials...

49 CFR 193.2909 - Security communications.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Security communications. 193.2909 Section 193.2909...: FEDERAL SAFETY STANDARDS Security § 193.2909 Security communications. A means must be provided for: (a) Prompt communications between personnel having supervisory security duties and law enforcement officials...

49 CFR 193.2909 - Security communications.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Security communications. 193.2909 Section 193.2909...: FEDERAL SAFETY STANDARDS Security § 193.2909 Security communications. A means must be provided for: (a) Prompt communications between personnel having supervisory security duties and law enforcement officials...

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

DTIC Science & Technology

2007-09-01

the Systems Security Engineering Capability Maturity Model (SSE- CMM / ISO 21827) and its use in system software developments ...software development life cycle ( SDLC )? 6. In what ways should process improvement support security in the SDLC ? 1.2 10BPANEL RESOURCES For each... project management, and support practices through the use of the capability maturity models including the CMMI and the Systems Security

A cross-case comparative analysis of international security forces' impacts on health systems in conflict-affected and fragile states.

PubMed

Bourdeaux, Margaret; Kerry, Vanessa; Haggenmiller, Christian; Nickel, Karlheinz

2015-01-01

Destruction of health systems in fragile and conflict-affected states increases civilian mortality. Despite the size, scope, scale and political influence of international security forces intervening in fragile states, little attention has been paid to array of ways they may impact health systems beyond their effects on short-term humanitarian health aid delivery. Using case studies we published on international security forces' impacts on health systems in Haiti, Kosovo, Afghanistan and Libya, we conducted a comparative analysis that examined three questions: What aspects, or building blocks, of health systems did security forces impact across the cases and what was the nature of these impacts? What forums or mechanisms did international security forces use to interact with health system actors? What policies facilitated or hindered security forces from supporting health systems? We found international security forces impacted health system governance, information systems and indigenous health delivery organizations. Positive impacts included bolstering the authority, transparency and capability of health system leadership. Negative impacts included undermining the impartial nature of indigenous health institutions by using health projects to achieve security objectives. Interactions between security and health actors were primarily ad hoc, often to the detriment of health system support efforts. When international security forces were engaged in health system support activities, the most helpful communication and consultative mechanisms to manage their involvement were ones that could address a wide array of problems, were nimble enough to accommodate rapidly changing circumstances, leveraged the power of personal relationships, and were able to address the tensions that arose between security and health system supporting strategies. Policy barriers to international security organizations participating in health system support included lack of mandate, conflicts between security strategies and health system preservation, and lack of interoperability between security and indigenous health organizations with respect to logistics and sharing information. The cases demonstrate both the opportunities and risks of international security organizations involvement in health sector protection, recovery and reconstruction. We discuss two potential approaches to engaging these organizations in health system support that may increase the chances of realizing these opportunities while mitigating risks.

Development and Demonstration of a Security Core Component

DOE Office of Scientific and Technical Information (OSTI.GOV)

Turke, Andy

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more datamore » about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from “normal,” CSM can alert the operator in language that they understand that an incident may be occurring, provide actionable intelligence, and informing them what actions to take. These alarms may be viewed on CSM’s built-in user interface, sent to a SCADA alarm list, or communicated via email, phone, pager, or SMS message. In recognition of the fact that “real world” training for cyber security events is impractical, CSM has a built-in Operator Training Simulator capability. This can be used stand alone to create simulated event scenarios for training purposes. It may also be used in conjunction with the recipient’s SCADA/EMS/DMS Operator Training Simulator. In addition to providing cyber security situational awareness for electric utility operators, CSM also provides tools for analysts and support personnel; in fact, the majority of user interface displays are designed for use in analyzing current and past security events. CSM keeps security-related information in long-term storage, as well as writing any decisions it makes to a (syslog) log for use forensic or other post-event analysis.« less

The Army Did Not Effectively Monitor Contractor Performance for the Kuwait Base Operations and Security Support Services Contract

DTIC Science & Technology

2017-03-07

H 7 , 2 0 1 7 Report No. DODIG-2017-062 The Army Did Not Effectively Monitor Contractor Performance for the Kuwait Base Operations and Security...The Army Did Not Effectively Monitor Contractor Performance for the Kuwait Base Operations and Security Support Services Contract March 7, 2017... contractor performance for the Kuwait Base Operations and Security Support Services (KBOSSS) contract. The KBOSSS contract is a cost-plus-award-fee

Security Implications of OPC, OLE, DCOM, and RPC in Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2006-01-01

OPC is a collection of software programming standards and interfaces used in the process control industry. It is intended to provide open connectivity and vendor equipment interoperability. The use of OPC technology simplifies the development of control systems that integrate components from multiple vendors and support multiple control protocols. OPC-compliant products are available from most control system vendors, and are widely used in the process control industry. OPC was originally known as OLE for Process Control; the first standards for OPC were based on underlying services in the Microsoft Windows computing environment. These underlying services (OLE [Object Linking and Embedding],more » DCOM [Distributed Component Object Model], and RPC [Remote Procedure Call]) have been the source of many severe security vulnerabilities. It is not feasible to automatically apply vendor patches and service packs to mitigate these vulnerabilities in a control systems environment. Control systems using the original OPC data access technology can thus inherit the vulnerabilities associated with these services. Current OPC standardization efforts are moving away from the original focus on Microsoft protocols, with a distinct trend toward web-based protocols that are independent of any particular operating system. However, the installed base of OPC equipment consists mainly of legacy implementations of the OLE for Process Control protocols.« less

A Spatiotemporal-Chaos-Based Encryption Having Overall Properties Considerably Better than Advanced Encryption Standard

NASA Astrophysics Data System (ADS)

Wang, Shi-Hong; Ye, Wei-Ping; Lü, Hua-Ping; Kuang, Jin-Yu; Li, Jing-Hua; Luo, Yun-Lun; Hu, Gang

2003-07-01

Spatiotemporal chaos of a two-dimensional one-way coupled map lattice is used for chaotic cryptography. The chaotic outputs of many space units are used for encryption simultaneously. This system shows satisfactory cryptographic properties of high security, fast encryption (decryption) speed, and robustness against noise disturbances in communication channel. The overall features of this spatiotemporal-chaos-based cryptosystem are better than chaotic cryptosystems known so far, and also than currently used conventional cryptosystems, such as the Advanced Encryption Standard (AES). The project supported by National Natural Science Foundation of China under Grant No. 10175010 and the Special Funds for Major State Basic Research Projects under Grant No. G2000077304

How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

PubMed

Stites, Mark; Pianykh, Oleg S

2016-04-01

Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

Extra dimensions: 3D in PDF documentation

DOE PAGES

Graf, Norman A.

2011-01-11

Experimental science is replete with multi-dimensional information which is often poorly represented by the two dimensions of presentation slides and print media. Past efforts to disseminate such information to a wider audience have failed for a number of reasons, including a lack of standards which are easy to implement and have broad support. Adobe's Portable Document Format (PDF) has in recent years become the de facto standard for secure, dependable electronic information exchange. It has done so by creating an open format, providing support for multiple platforms and being reliable and extensible. By providing support for the ECMA standard Universalmore » 3D (U3D) file format in its free Adobe Reader software, Adobe has made it easy to distribute and interact with 3D content. By providing support for scripting and animation, temporal data can also be easily distributed to a wide, non-technical audience. We discuss how the field of radiation imaging could benefit from incorporating full 3D information about not only the detectors, but also the results of the experimental analyses, in its electronic publications. In this article, we present examples drawn from high-energy physics, mathematics and molecular biology which take advantage of this functionality. Furthermore, we demonstrate how 3D detector elements can be documented, using either CAD drawings or other sources such as GEANT visualizations as input.« less

Extra dimensions: 3D and time in PDF documentation

NASA Astrophysics Data System (ADS)

Graf, N. A.

2011-01-01

Experimental science is replete with multi-dimensional information which is often poorly represented by the two dimensions of presentation slides and print media. Past efforts to disseminate such information to a wider audience have failed for a number of reasons, including a lack of standards which are easy to implement and have broad support. Adobe's Portable Document Format (PDF) has in recent years become the de facto standard for secure, dependable electronic information exchange. It has done so by creating an open format, providing support for multiple platforms and being reliable and extensible. By providing support for the ECMA standard Universal 3D (U3D) file format in its free Adobe Reader software, Adobe has made it easy to distribute and interact with 3D content. By providing support for scripting and animation, temporal data can also be easily distributed to a wide, non-technical audience. We discuss how the field of radiation imaging could benefit from incorporating full 3D information about not only the detectors, but also the results of the experimental analyses, in its electronic publications. In this article, we present examples drawn from high-energy physics, mathematics and molecular biology which take advantage of this functionality. We demonstrate how 3D detector elements can be documented, using either CAD drawings or other sources such as GEANT visualizations as input.

Extra Dimensions: 3D and Time in PDF Documentation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Graf, N.A.; /SLAC

2012-04-11

Experimental science is replete with multi-dimensional information which is often poorly represented by the two dimensions of presentation slides and print media. Past efforts to disseminate such information to a wider audience have failed for a number of reasons, including a lack of standards which are easy to implement and have broad support. Adobe's Portable Document Format (PDF) has in recent years become the de facto standard for secure, dependable electronic information exchange. It has done so by creating an open format, providing support for multiple platforms and being reliable and extensible. By providing support for the ECMA standard Universalmore » 3D (U3D) file format in its free Adobe Reader software, Adobe has made it easy to distribute and interact with 3D content. By providing support for scripting and animation, temporal data can also be easily distributed to a wide, non-technical audience. We discuss how the field of radiation imaging could benefit from incorporating full 3D information about not only the detectors, but also the results of the experimental analyses, in its electronic publications. In this article, we present examples drawn from high-energy physics, mathematics and molecular biology which take advantage of this functionality. We demonstrate how 3D detector elements can be documented, using either CAD drawings or other sources such as GEANT visualizations as input.« less

75 FR 23755 - Combined Notice of Filings #1

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-04

... securities filings: Docket Numbers: ES10-35-000. Applicants: American Transmission Company LLC, ATC... Reliability Corporation for Approval of Interpretation to Reliability Standard CIP- 001--Cyber Security... Corporation for Approval of Interpretation to Reliability Standard [[Page 23756

High-Altitude Electromagnetic Pulse (HEMP) Testing

DTIC Science & Technology

2011-11-10

Security Classification Guide ( SCG ). b. The HEMP simulation facility shall have a measured map of the peak amplitude waveform of the...Quadripartite Standardization Agreement s, sec second SCG security classification guide SN serial number SOP Standard Operating Procedure

76 FR 78215 - Possession, Use, and Transfer of Select Agents and Toxins; Biennial Review; Proposed Rule

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-16

... agents and toxins list; whether minimum standards for personnel reliability, physical and cyber security... toxins list; (3) whether minimum standards for personnel reliability, physical and cyber security should...

32 CFR 2001.42 - Standards for security equipment.

Code of Federal Regulations, 2011 CFR

2011-07-01

... OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION... Administration (GSA) shall, in coordination with agency heads originating classified information, establish and publish uniform standards, specifications, qualified product lists or databases, and supply schedules for...

32 CFR 2001.42 - Standards for security equipment.

Code of Federal Regulations, 2012 CFR

2012-07-01

... OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION... Administration (GSA) shall, in coordination with agency heads originating classified information, establish and publish uniform standards, specifications, qualified product lists or databases, and supply schedules for...

32 CFR 2001.42 - Standards for security equipment.

Code of Federal Regulations, 2013 CFR

2013-07-01

... OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION... Administration (GSA) shall, in coordination with agency heads originating classified information, establish and publish uniform standards, specifications, qualified product lists or databases, and supply schedules for...

32 CFR 2001.42 - Standards for security equipment.

Code of Federal Regulations, 2014 CFR

2014-07-01

... OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION... Administration (GSA) shall, in coordination with agency heads originating classified information, establish and publish uniform standards, specifications, qualified product lists or databases, and supply schedules for...

Assessing Children's Emotional Security in the Interparental Relationship: The Security in the Interparental Subsystem Scales.

ERIC Educational Resources Information Center

Davies, Patrick T.; Forman, Evan M.; Rasi, Jennifer A.; Stevens, Kristopher I.

2002-01-01

Evaluated new self-report measure assessing children's strategies for preserving emotional security in context of interparental conflict. Factor analyses of the Security in the Interparental Subsystem (SIS) Scale supported a 7-factor solution. The SIS demonstrated satisfactory internal consistency and test-retest reliability. Support for test…

6 CFR 27.204 - Minimum concentration by security issue.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Section 27.204 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.204 Minimum concentration by security issue. (a) Release Chemicals—(1) Release-Toxic Chemicals. If a release-toxic chemical of interest...

Social security and mortality: The role of income support policies and population health in the United States

PubMed Central

Arno, Peter S.; House, James S.; Viola, Deborah; Schechter, Clyde

2011-01-01

Social Security is the most important and effective income support program ever introduced in the United States, alleviating the burden of poverty for millions of elderly Americans. We explored the possible role of Social Security in reducing mortality among the elderly. In support of this hypothesis, we found that declines in mortality among the elderly exceeded those among younger age groups following the initial implementation of Social Security in 1940, and also in the periods following marked improvements in Social Security benefits via legislation and indexing of benefits that occurred between the mid-1960s and the early 1970s. A better understanding of the link between Social Security and health status among the elderly would add a significant and missing dimension to the public discourse over the future of Social Security, and the potential role of income support programs in reducing health-related socioeconomic disparities and improving population health. PMID:21326333

6 CFR 27.245 - Review and approval of site security plans.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Review and approval of site security plans. 27.245 Section 27.245 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.245 Review and approval of site...

6 CFR 27.245 - Review and approval of site security plans.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Review and approval of site security plans. 27.245 Section 27.245 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.245 Review and approval of site...

6 CFR 27.245 - Review and approval of site security plans.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Review and approval of site security plans. 27.245 Section 27.245 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.245 Review and approval of site...

6 CFR 27.245 - Review and approval of site security plans.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Review and approval of site security plans. 27.245 Section 27.245 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.245 Review and approval of site...

6 CFR 27.245 - Review and approval of site security plans.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 6 Domestic Security 1 2013-01-01 2013-01-01 false Review and approval of site security plans. 27.245 Section 27.245 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.245 Review and approval of site...

Comprehensive Routing Security Development and Deployment for the Internet

DTIC Science & Technology

2015-02-01

feature enhancement and bug fixes. • MySQL : MySQL is a widely used and popular open source database package. It was chosen for database support in the...RPSTIR depends on several other open source packages. • MySQL : MySQL is used for the the local RPKI database cache. • OpenSSL: OpenSSL is used for...cryptographic libraries for X.509 certificates. • ODBC mySql Connector: ODBC (Open Database Connectivity) is a standard programming interface (API) for

Implementation of Medical Information Exchange System Based on EHR Standard

PubMed Central

Han, Soon Hwa; Kim, Sang Guk; Jeong, Jun Yong; Lee, Bi Na; Choi, Myeong Seon; Kim, Il Kon; Park, Woo Sung; Ha, Kyooseob; Cho, Eunyoung; Kim, Yoon; Bae, Jae Bong

2010-01-01

Objectives To develop effective ways of sharing patients' medical information, we developed a new medical information exchange system (MIES) based on a registry server, which enabled us to exchange different types of data generated by various systems. Methods To assure that patient's medical information can be effectively exchanged under different system environments, we adopted the standardized data transfer methods and terminologies suggested by the Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to guarantee interoperability. Regarding information security, MIES followed the security guidelines suggested by the CIEHR of Korea. This study aimed to develop essential security systems for the implementation of online services, such as encryption of communication, server security, database security, protection against hacking, contents, and network security. Results The registry server managed information exchange as well as the registration information of the clinical document architecture (CDA) documents, and the CDA Transfer Server was used to locate and transmit the proper CDA document from the relevant repository. The CDA viewer showed the CDA documents via connection with the information systems of related hospitals. Conclusions This research chooses transfer items and defines document standards that follow CDA standards, such that exchange of CDA documents between different systems became possible through ebXML. The proposed MIES was designed as an independent central registry server model in order to guarantee the essential security of patients' medical information. PMID:21818447

Implementation of Medical Information Exchange System Based on EHR Standard.

PubMed

Han, Soon Hwa; Lee, Min Ho; Kim, Sang Guk; Jeong, Jun Yong; Lee, Bi Na; Choi, Myeong Seon; Kim, Il Kon; Park, Woo Sung; Ha, Kyooseob; Cho, Eunyoung; Kim, Yoon; Bae, Jae Bong

2010-12-01

To develop effective ways of sharing patients' medical information, we developed a new medical information exchange system (MIES) based on a registry server, which enabled us to exchange different types of data generated by various systems. To assure that patient's medical information can be effectively exchanged under different system environments, we adopted the standardized data transfer methods and terminologies suggested by the Center for Interoperable Electronic Healthcare Record (CIEHR) of Korea in order to guarantee interoperability. Regarding information security, MIES followed the security guidelines suggested by the CIEHR of Korea. This study aimed to develop essential security systems for the implementation of online services, such as encryption of communication, server security, database security, protection against hacking, contents, and network security. The registry server managed information exchange as well as the registration information of the clinical document architecture (CDA) documents, and the CDA Transfer Server was used to locate and transmit the proper CDA document from the relevant repository. The CDA viewer showed the CDA documents via connection with the information systems of related hospitals. This research chooses transfer items and defines document standards that follow CDA standards, such that exchange of CDA documents between different systems became possible through ebXML. The proposed MIES was designed as an independent central registry server model in order to guarantee the essential security of patients' medical information.

45 CFR 164.304 - Definitions.

Code of Federal Regulations, 2013 CFR

2013-10-01

... SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... and procedures, to manage the selection, development, implementation, and maintenance of security...'s or business associate's workforce in relation to the protection of that information...

45 CFR 164.304 - Definitions.

Code of Federal Regulations, 2010 CFR

2010-10-01

... SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... and procedures, to manage the selection, development, implementation, and maintenance of security...'s workforce in relation to the protection of that information. Authentication means the...

45 CFR 164.304 - Definitions.

Code of Federal Regulations, 2012 CFR

2012-10-01

... SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... and procedures, to manage the selection, development, implementation, and maintenance of security...'s workforce in relation to the protection of that information. Authentication means the...

45 CFR 164.304 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... and procedures, to manage the selection, development, implementation, and maintenance of security...'s workforce in relation to the protection of that information. Authentication means the...

45 CFR 164.304 - Definitions.

Code of Federal Regulations, 2014 CFR

2014-10-01

... SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... and procedures, to manage the selection, development, implementation, and maintenance of security...'s or business associate's workforce in relation to the protection of that information...

Supporting multi-state collaboration on privacy and security to foster health IT and health information exchange.

PubMed

Banger, Alison K; Alakoye, Amoke O; Rizk, Stephanie C

2008-11-06

As part of the HHS funded contract, Health Information Security and Privacy Collaboration, 41 states and territories have proposed collaborative projects to address cross-state privacy and security challenges related to health IT and health information exchange. Multi-state collaboration on privacy and security issues remains complicated, and resources to support collaboration around these topics are essential to the success of such collaboration. The resources outlined here offer an example of how to support multi-stakeholder, multi-state projects.

75 FR 42270 - Adoption of Supplemental Standards of Ethical Conduct for Members and Employees of the Securities...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-20

... Supplemental Standards of Ethical Conduct for Members and Employees of the Securities and Exchange Commission and Revisions to the Commission's Ethics Rules; Final Rule #0;#0;Federal Register / Vol. 75, No. 138... CFR Part 4401 and 17 CFR Part 200 [Release No. 34-62501] Adoption of Supplemental Standards of Ethical...

75 FR 42269 - Adoption of Supplemental Standards of Ethical Conduct for Members and Employees of the Securities...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-20

... Supplemental Standards of Ethical Conduct for Members and Employees of the Securities and Exchange Commission and Revisions to the Commission's Ethics Rules; Final Rule #0;#0;Federal Register / Vol. 75, No. 138... CFR Part 4401 and 17 CFR Part 200 [Release No. 34-62501] Adoption of Supplemental Standards of Ethical...

CMMI(Registered) for Acquisition, Version 1.3. CMMI-ACQ, V1.3

DTIC Science & Technology

2010-11-01

and Software Engineering – System Life Cycle Processes [ ISO 2008b] ISO /IEC 27001 :2005 Information technology – Security techniques – Information...International Organization for Standardization and International Electrotechnical Commission. ISO /IEC 27001 Information Technology – Security Techniques...International Organization for Standardization/International Electrotechnical Commission ( ISO /IEC) body of standards. CMMs focus on improving processes

75 FR 29588 - Office of New Reactors: Proposed NUREG-0800; Standard Review Plan Section 13.6.6, Draft Revision...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-05-26

... NUCLEAR REGULATORY COMMISSION [NRC-2010-0184] Office of New Reactors: Proposed NUREG-0800; Standard Review Plan Section 13.6.6, Draft Revision 0 on Cyber Security Plan AGENCY: Nuclear Regulatory... Plants,'' on a proposed Standard Review Plan (SRP) Section 13.6.6 on ``Cyber Security Plan'' (Agencywide...

49 CFR 193.2913 - Security monitoring.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Security monitoring. 193.2913 Section 193.2913...: FEDERAL SAFETY STANDARDS Security § 193.2913 Security monitoring. Each protective enclosure and the area.... Monitoring must be by visual observation in accordance with the schedule in the security procedures under...

49 CFR 193.2903 - Security procedures.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Security procedures. 193.2903 Section 193.2903...: FEDERAL SAFETY STANDARDS Security § 193.2903 Security procedures. Each operator shall prepare and follow one or more manuals of written procedures to provide security for each LNG plant. The procedures must...

49 CFR 193.2903 - Security procedures.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Security procedures. 193.2903 Section 193.2903...: FEDERAL SAFETY STANDARDS Security § 193.2903 Security procedures. Each operator shall prepare and follow one or more manuals of written procedures to provide security for each LNG plant. The procedures must...

49 CFR 193.2913 - Security monitoring.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Security monitoring. 193.2913 Section 193.2913...: FEDERAL SAFETY STANDARDS Security § 193.2913 Security monitoring. Each protective enclosure and the area.... Monitoring must be by visual observation in accordance with the schedule in the security procedures under...

49 CFR 193.2903 - Security procedures.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Security procedures. 193.2903 Section 193.2903...: FEDERAL SAFETY STANDARDS Security § 193.2903 Security procedures. Each operator shall prepare and follow one or more manuals of written procedures to provide security for each LNG plant. The procedures must...

49 CFR 193.2913 - Security monitoring.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Security monitoring. 193.2913 Section 193.2913...: FEDERAL SAFETY STANDARDS Security § 193.2913 Security monitoring. Each protective enclosure and the area.... Monitoring must be by visual observation in accordance with the schedule in the security procedures under...

17 CFR 229.1122 - (Item 1122) Compliance with applicable servicing criteria.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 1122) Compliance with applicable servicing criteria. 229.1122 Section 229.1122 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES...

17 CFR 229.1122 - (Item 1122) Compliance with applicable servicing criteria.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 1122) Compliance with applicable servicing criteria. 229.1122 Section 229.1122 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES...

75 FR 57904 - Announcing a Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-23

... Office, --Update of NIST Computer Security Division, and --Information Security and Privacy Advisory... Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB) will meet...

45 CFR 164.302 - Applicability.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164..., implementation specifications, and requirements of this subpart with respect to electronic protected health...

45 CFR 164.302 - Applicability.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164... specifications, and requirements of this subpart with respect to electronic protected health information. ...

Identifying health facilities outside the enterprise: challenges and strategies for supporting health reform and meaningful use.

PubMed

Dixon, Brian E; Colvard, Cyril; Tierney, William M

2014-06-24

Objective: To support collation of data for disability determination, we sought to accurately identify facilities where care was delivered across multiple, independent hospitals and clinics. Methods: Data from various institutions' electronic health records were merged and delivered as continuity of care documents to the United States Social Security Administration (SSA). Results: Electronic records for nearly 8000 disability claimants were exchanged with SSA. Due to the lack of standard nomenclature for identifying the facilities in which patients received the care documented in the electronic records, SSA could not match the information received with information provided by disability claimants. Facility identifiers were generated arbitrarily by health care systems and therefore could not be mapped to the existing international standards. Discussion: We propose strategies for improving facility identification in electronic health records to support improved tracking of a patient's care between providers to better serve clinical care delivery, disability determination, health reform and meaningful use. Conclusion: Accurately identifying the facilities where health care is delivered to patients is important to a number of major health reform and improvement efforts underway in many nations. A standardized nomenclature for identifying health care facilities is needed to improve tracking of care and linking of electronic health records.

Nevada National Security Site Environmental Report 2016

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wills

This Nevada National Security Site Environmental Report (NNSSER) was prepared to satisfy DOE Order DOE O 231.1B, “Environment, Safety and Health Reporting.” Its purpose is to (1) report compliance status with environmental standards and requirements, (2) present results of environmental monitoring of radiological and nonradiological effluents, (3) report estimated radiological doses to the public from releases of radioactive material, (4) summarize environmental incidents of noncompliance and actions taken in response to them, (5) describe the National Nuclear Security Administration Nevada Field Office (NNSA/NFO) Environmental Management System and characterize its performance, and (6) highlight significant environmental programs and efforts. This NNSSERmore » summarizes data and compliance status for calendar year 2016 at the Nevada National Security Site (NNSS) and its two Nevada-based support facilities, the North Las Vegas Facility (NLVF) and the Remote Sensing Laboratory–Nellis (RSL-Nellis). It also addresses environmental restoration (ER) projects conducted at the Tonopah Test Range (TTR) and the Nevada Test and Training Range (NTTR). NNSA/NFO directs the management and operation of the NNSS and six sites across the nation. In addition to the NNSA itself, the six sites include two in Nevada (NLVF and RSL-Nellis) and four in other states (RSL-Andrews in Maryland, Livermore Operations in California, Los Alamos Operations in New Mexico, and Special Technologies Laboratory in California). Los Alamos, Lawrence Livermore, and Sandia National Laboratories are the principal organizations that sponsor and implement the nuclear weapons programs at the NNSS. National Security Technologies, LLC (NSTec), is the current Management and Operating contractor accountable for the successful execution of work and ensuring that work is performed in compliance with environmental regulations. The six sites all provide support to enhance the NNSS as a location for its multiple missions. The three major NNSS missions include National Security/Defense, Environmental Management, and Nondefense. The major programs that support these missions are Stockpile Stewardship and Management, Nonproliferation and Counterterrorism, Nuclear Emergency Response, Strategic Partnership Projects, Environmental Restoration, Waste Management, Conservation and Renewable Energy, Other Research and Development, and Infrastructure. The major facilities that support the programs include the U1a Facility, Big Explosives Experimental Facility (BEEF), Device Assembly Facility, Dense Plasma Focus Facility, Joint Actinide Shock Physics Experimental Research Facility, Radiological/Nuclear Countermeasures Test and Evaluation Complex, Nonproliferation Test and Evaluation Complex (NPTEC), Radiological/Nuclear Weapons of Mass Destruction Incident Exercise Site, the Area 5 Radioactive Waste Management Complex (RWMC), and the Area 3 Radioactive Waste Management Site (RWMS).« less

Common Methods for Security Risk Analysis

DTIC Science & Technology

2005-01-12

recognized in the others. In Canada, three firms have been accredited as IT Security Evaluation and Testing (ITSET) Facility, under ISO / IEC 17025 -1999...harmonized security standards such as the Common Criteria and ISO 17799 may further increase the applicability of TRA approach. 3.4.8 MOST AUTOMATION...create something more suitable, the Common Criteria with Mutual Recognition Agreement (MRA) signed in October 1998. The CC became an ISO standard

Supplemental Security Income: SSA Needs a Uniform Standard for Assessing Childhood Disability. Report to the Chairman, Subcommittee on Human Resources, Committee on Ways and Means, House of Representatives.

ERIC Educational Resources Information Center

General Accounting Office, Washington, DC. Health, Education, and Human Services Div.

This report presents the Government Accounting Office's recommendations regarding standards for determining eligibility for Supplemental Security Income (SSI) based on a childhood disability. The report is based on the Social Security Administration's (SSA) monitoring of 288,000 children whose eligibility was subject to review and of 370,000 new…

MYSEA: The Monterey Security Architecture

DTIC Science & Technology

2009-01-01

Security and Protection, Organization and Design General Terms: Design; Security Keywords: access controls, authentication, information flow controls...Applicable environments include: mil- itary coalitions, agencies and organizations responding to security emergencies, and mandated sharing in business ...network architecture affords users the abil- ity to securely access information across networks at dif- ferent classifications using standardized

17 CFR 229.1014 - (Item 1014) Fairness of the going-private transaction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 1014) Fairness of the going-private transaction. 229.1014 Section 229.1014 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES...

17 CFR 229.1004 - (Item 1004) Terms of the transaction.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false (Item 1004) Terms of the transaction. 229.1004 Section 229.1004 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND...

17 CFR 229.1004 - (Item 1004) Terms of the transaction.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 1004) Terms of the transaction. 229.1004 Section 229.1004 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND...

17 CFR 229.1004 - (Item 1004) Terms of the transaction.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 1004) Terms of the transaction. 229.1004 Section 229.1004 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND...

6 CFR 27.240 - Review and approval of security vulnerability assessments.

Code of Federal Regulations, 2014 CFR

2014-01-01

... CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.240 Review and approval of security vulnerability assessments. (a) Review and Approval. The Department will review and... 6 Domestic Security 1 2014-01-01 2014-01-01 false Review and approval of security vulnerability...

6 CFR 27.240 - Review and approval of security vulnerability assessments.

Code of Federal Regulations, 2011 CFR

2011-01-01

... CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.240 Review and approval of security vulnerability assessments. (a) Review and Approval. The Department will review and... 6 Domestic Security 1 2011-01-01 2011-01-01 false Review and approval of security vulnerability...

6 CFR 27.240 - Review and approval of security vulnerability assessments.

Code of Federal Regulations, 2013 CFR

2013-01-01

... CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.240 Review and approval of security vulnerability assessments. (a) Review and Approval. The Department will review and... 6 Domestic Security 1 2013-01-01 2013-01-01 false Review and approval of security vulnerability...

6 CFR 27.240 - Review and approval of security vulnerability assessments.

Code of Federal Regulations, 2012 CFR

2012-01-01

... CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.240 Review and approval of security vulnerability assessments. (a) Review and Approval. The Department will review and... 6 Domestic Security 1 2012-01-01 2012-01-01 false Review and approval of security vulnerability...

Judaism, justice, and access to health care.

PubMed

Mackler, A L

1991-06-01

This paper develops the traditional Jewish understanding of justice (tzedakah) and support for the needy, especially as related to the provision of medical care. After an examination of justice in the Hebrew Bible, the values and institutions of tzedakah in Rabbinic Judaism are explored, with a focus on legal codes and enforceable obligations. A standard of societal responsibility to provide for the basic needs of all, with a special obligation to save lives, emerges. A Jewish view of justice in access to health care is developed on the basis of this general standard, as well as explicit discussion in legal sources. Society is responsible for the securing of access to all health care needed by any individual. Elucidation of this standard of need and corresponding societal obligations, and the significance of the Jewish model for the contemporary United States, are considered.

6 CFR 27.205 - Determination that a chemical facility “presents a high level of security risk.”

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Determination that a chemical facility âpresents a high level of security risk.â 27.205 Section 27.205 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security...

Systems Security Engineering

DTIC Science & Technology

2010-08-22

Commission (IEC). “Information technology — Security techniques — Code of practice for information security management ( ISO /IEC 27002 ...Information technology — Security techniques — Information security management systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security...was a draft ISO standard on Systems and software engineering, Systems and software assurance [18]. Created by systems engineers for systems

6 CFR 27.203 - Calculating the screening threshold quantity by security issue.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Calculating the screening threshold quantity by security issue. 27.203 Section 27.203 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.203 Calculating the screening threshold quantity by...

6 CFR 27.203 - Calculating the screening threshold quantity by security issue.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Calculating the screening threshold quantity by security issue. 27.203 Section 27.203 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.203 Calculating the screening threshold quantity by...

6 CFR 27.203 - Calculating the screening threshold quantity by security issue.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 6 Domestic Security 1 2013-01-01 2013-01-01 false Calculating the screening threshold quantity by security issue. 27.203 Section 27.203 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.203 Calculating the screening threshold quantity by...

6 CFR 27.203 - Calculating the screening threshold quantity by security issue.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Calculating the screening threshold quantity by security issue. 27.203 Section 27.203 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.203 Calculating the screening threshold quantity by...

48 CFR 3003.101 - Standards of conduct.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 48 Federal Acquisition Regulations System 7 2010-10-01 2010-10-01 false Standards of conduct. 3003.101 Section 3003.101 Federal Acquisition Regulations System DEPARTMENT OF HOMELAND SECURITY, HOMELAND SECURITY ACQUISITION REGULATION (HSAR) GENERAL IMPROPER BUSINESS PRACTICES AND PERSONAL CONFLICTS OF...

Protecting water and wastewater infrastructure from cyber attacks

NASA Astrophysics Data System (ADS)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Creating NDA working standards through high-fidelity spent fuel modeling

DOE Office of Scientific and Technical Information (OSTI.GOV)

Skutnik, Steven E; Gauld, Ian C; Romano, Catherine E

2012-01-01

The Next Generation Safeguards Initiative (NGSI) is developing advanced non-destructive assay (NDA) techniques for spent nuclear fuel assemblies to advance the state-of-the-art in safeguards measurements. These measurements aim beyond the capabilities of existing methods to include the evaluation of plutonium and fissile material inventory, independent of operator declarations. Testing and evaluation of advanced NDA performance will require reference assemblies with well-characterized compositions to serve as working standards against which the NDA methods can be benchmarked and for uncertainty quantification. To support the development of standards for the NGSI spent fuel NDA project, high-fidelity modeling of irradiated fuel assemblies is beingmore » performed to characterize fuel compositions and radiation emission data. The assembly depletion simulations apply detailed operating history information and core simulation data as it is available to perform high fidelity axial and pin-by-pin fuel characterization for more than 1600 nuclides. The resulting pin-by-pin isotopic inventories are used to optimize the NDA measurements and provide information necessary to unfold and interpret the measurement data, e.g., passive gamma emitters, neutron emitters, neutron absorbers, and fissile content. A key requirement of this study is the analysis of uncertainties associated with the calculated compositions and signatures for the standard assemblies; uncertainties introduced by the calculation methods, nuclear data, and operating information. An integral part of this assessment involves the application of experimental data from destructive radiochemical assay to assess the uncertainty and bias in computed inventories, the impact of parameters such as assembly burnup gradients and burnable poisons, and the influence of neighboring assemblies on periphery rods. This paper will present the results of high fidelity assembly depletion modeling and uncertainty analysis from independent calculations performed using SCALE and MCNP. This work is supported by the Next Generation Safeguards Initiative, Office of Nuclear Safeguards and Security, National Nuclear Security Administration.« less

Diplomatic Security: State Department Should Better Manage Risks to Residences and Other Soft Targets Overseas

DTIC Science & Technology

2015-07-09

Page ii GAO-15-700 Diplomatic Security Figure 2: Time Frames for Updates to Overseas Security Policy Board Residential Security...Standards since 2005 14 Abbreviations ARB Accountability Review Board DS Bureau of Diplomatic Security DS/C DS Directorate...Overseas Buildings Operations OSPB Overseas Security Policy Board RSO Regional Security Officer State Department of State This is a work of

Programs That Support Safety and Security for the Transit Industry

DOT National Transportation Integrated Search

2001-03-01

FTA's Office of Safety and Security (Office) directly supports the U.S. Department of Transportation's safety goals through a series of programs designed to maintain continuous improvement in the safety and security of our nation's transit systems. T...

75 FR 68009 - Office of New Reactors; Notice of Availability of the Final Staff Guidance Standard Review Plan...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-04

... the Final Staff Guidance Standard Review Plan Section 13.6.3, Revision 1 on Physical Security--Early... NRC is issuing its Final Revision 1 to NUREG-0800, ``Standard Review Plan (SRP) for the Review of Safety Analysis Reports for Nuclear Power Plants,'' Section 13.6.3, Revision 1 on Physical Security...

75 FR 68009 - Office of New Reactors; Notice of Availability of the Final Staff Guidance Standard Review Plan...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-04

... the Final Staff Guidance Standard Review Plan Section 13.6.2, Revision 1 on Physical Security--Design... issuing its Final Revision 1 to NUREG-0800, ``Standard Review Plan (SRP) for the Review of Safety Analysis Reports for Nuclear Power Plants,'' Section 13.6.2, Revision 1 on Physical Security--Design Certification...

32 CFR 2001.70 - General.

Code of Federal Regulations, 2010 CFR

2010-07-01

... ARCHIVES AND RECORDS ADMINISTRATION CLASSIFIED NATIONAL SECURITY INFORMATION Security Education and Training § 2001.70 General. (a) Purpose. This subpart sets standards for agency security education and... uniformity in the conduct of agency security education and training programs; and (3) Reduce instances of...

Security Certification Challenges in a Cloud Computing Delivery Model

DTIC Science & Technology

2010-04-27

Relevant Security Standards, Certifications, and Guidance  NIST SP 800 series  ISO /IEC 27001 framework  Cloud Security Alliance  Statement of...CSA Domains / Cloud Features ISO 27001 Cloud Service Provider Responsibility Government Agency Responsibility Analyze Security gaps Compensating

45 CFR 164.302 - Applicability.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 45 Public Welfare 1 2010-10-01 2010-10-01 false Applicability. 164.302 Section 164.302 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164...

45 CFR 164.302 - Applicability.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 45 Public Welfare 1 2011-10-01 2011-10-01 false Applicability. 164.302 Section 164.302 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164...

45 CFR 164.312 - Technical safeguards.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Technical safeguards. 164.312 Section 164.312 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health...

45 CFR 164.302 - Applicability.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Applicability. 164.302 Section 164.302 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health Information § 164...

45 CFR 164.314 - Organizational requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Organizational requirements. 164.314 Section 164.314 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health...

45 CFR 164.314 - Organizational requirements.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 45 Public Welfare 1 2011-10-01 2011-10-01 false Organizational requirements. 164.314 Section 164.314 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health...

45 CFR 164.314 - Organizational requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 45 Public Welfare 1 2010-10-01 2010-10-01 false Organizational requirements. 164.314 Section 164.314 Public Welfare DEPARTMENT OF HEALTH AND HUMAN SERVICES ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of Electronic Protected Health...

A new data collaboration service based on cloud computing security

NASA Astrophysics Data System (ADS)

Ying, Ren; Li, Hua-Wei; Wang, Li na

2017-09-01

With the rapid development of cloud computing, the storage and usage of data have undergone revolutionary changes. Data owners can store data in the cloud. While bringing convenience, it also brings many new challenges to cloud data security. A key issue is how to support a secure data collaboration service that supports access and updates to cloud data. This paper proposes a secure, efficient and extensible data collaboration service, which prevents data leaks in cloud storage, supports one to many encryption mechanisms, and also enables cloud data writing and fine-grained access control.

DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

DOE Office of Scientific and Technical Information (OSTI.GOV)

Robert S. Anderson; Mark Schanfein; Trond Bjornard

2011-07-01

Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is tomore » provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.« less

Systems Security Engineering

DTIC Science & Technology

2010-08-22

practice for information security management ( ISO /IEC 27002 ),” “Information technology — Security techniques — Information security management...systems —Requirements ( ISO /IEC 27002 ),”, “Information technology — Security techniques — Information security risk management ( ISO /IEC 27005).” from...associated practice aids. Perhaps the most germane discovery from this effort was a draft ISO standard on Systems and software engineering, Systems and

Job Satisfaction: Insights from Home Support Care Workers in Three Canadian Jurisdictions.

PubMed

Panagiotoglou, Dimitra; Fancey, Pamela; Keefe, Janice; Martin-Matthews, Anne

2017-03-01

This mixed-methods study identified the personal and workplace characteristics that drive the job satisfaction of home support workers (HSWs) providing assistance to elderly clients. Data were based on a standardized measure of job satisfaction, along with in-depth qualitative interviews with 176 home support workers from three Canadian provincial jurisdictions (British Columbia, n = 108; Ontario, n = 28; Nova Scotia, n = 40). We anticipated that variability in demographic profiles between the three groups of workers and different job descriptions would be associated with differences in perceived job satisfaction. This was not the case. Results from the qualitative analysis highlight key areas that contributed to job satisfaction. These are job (scheduling, travel, and safety), economic (income security), and organizational (communication, support, and respect) factors. Given these findings, we recommend improvements to workplace communication, increased travel time allowance between clients, and wage parity with equivalent positions in long-term care facilities.

47 CFR 80.277 - Ship Security Alert System (SSAS).

Code of Federal Regulations, 2010 CFR

2010-10-01

... 47 Telecommunication 5 2010-10-01 2010-10-01 false Ship Security Alert System (SSAS). 80.277... Security Alert System (SSAS). (a) Vessels equipped with a Ship Security Alert System pursuant to the Safety..., “RTCM Standard 11020.0—Ship Security Alert Systems (SSAS) using the Cospas-Sarsat System,” Version 1.0...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

17 CFR 229.308 - (Item 308) Internal control over financial reporting.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 308) Internal control over financial reporting. 229.308 Section 229.308 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933, SECURITIES EXCHANGE ACT OF 1934 AND ENERGY POLICY AND...

6 CFR 27.225 - Site security plans.

Code of Federal Regulations, 2010 CFR

2010-01-01

... meet the following standards: (1) Address each vulnerability identified in the facility's Security Vulnerability Assessment, and identify and describe the security measures to address each such vulnerability; (2... updates, revises or otherwise alters its Security Vulnerability Assessment pursuant to § 27.215(d), the...

49 CFR 193.2709 - Security.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the training...

49 CFR 193.2709 - Security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the training...

49 CFR 193.2709 - Security.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 49 Transportation 3 2014-10-01 2014-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the training...

49 CFR 193.2709 - Security.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the training...

49 CFR 193.2709 - Security.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 49 Transportation 3 2013-10-01 2013-10-01 false Security. 193.2709 Section 193.2709 Transportation...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2709 Security. Personnel having security duties must be qualified to perform their assigned duties by successful completion of the training...

6 CFR 27.220 - Tiering.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Tiering. 27.220 Section 27.220 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical... Risk-Based Tiering. Following review of a covered facility's Security Vulnerability Assessment, the...

6 CFR 27.220 - Tiering.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 6 Domestic Security 1 2013-01-01 2013-01-01 false Tiering. 27.220 Section 27.220 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical... Risk-Based Tiering. Following review of a covered facility's Security Vulnerability Assessment, the...

6 CFR 27.220 - Tiering.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Tiering. 27.220 Section 27.220 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical... Risk-Based Tiering. Following review of a covered facility's Security Vulnerability Assessment, the...

6 CFR 27.220 - Tiering.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Tiering. 27.220 Section 27.220 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical... Risk-Based Tiering. Following review of a covered facility's Security Vulnerability Assessment, the...

77 FR 43039 - Federal Acquisition Regulation; Contractors Performing Private Security Functions Outside the...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-07-23

... Federal Acquisition Regulation; Contractors Performing Private Security Functions Outside the United.... 110-181, enacted January 28, 2008), section 862, entitled ``Contractors Performing Private Security... NDAA required standardization of rules for private security contractors that are performing in...

Development of national standards related to the integrated safety and security of high-rise buildings

NASA Astrophysics Data System (ADS)

Voskresenskaya, Elena; Vorona-Slivinskaya, Lubov

2018-03-01

The article considers the issues of developing national standards for high-rise construction. The system of standards should provide industrial, operational, economic and terrorist safety of high-rise buildings and facilities. Modern standards of high-rise construction should set the rules for designing engineering systems of high-rise buildings, which will ensure the integrated security of buildings, increase their energy efficiency and reduce the consumption of resources in construction and operation.

Risk Assessment Methodology Based on the NISTIR 7628 Guidelines

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T; Hauser, Katie R

2013-01-01

Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards and defined failure scenarios. We utilize the National Institute of Standards and Technology (NIST) Interagency or Internal Reports (NISTIR) 7628 as a basis to apply Cyberspace Security Econometrics system (CSES) for comparing design principles and courses of action in making security-related decisions.

The Role of Support Services in Promoting Social Inclusion for the Disadvantaged Urban-dwelling Elderly

PubMed Central

Nguyen, Vicky P.K.H.; Sarkari, Feroz; MacNeil, Kate; Cowan, Laura; Rankin, Joyce

2013-01-01

Background Disadvantaged older adults living in non-family situations in Toronto are more likely than older adults living in family situations to have less economic security, less social support, and less choice in housing. Older adults who live in poverty and are precariously housed are more likely to be chronically ill, to live with multiple illnesses, to have poor nutrition, high stress and loneliness, all of which are strongly associated with the determinant of health social exclusion. The aim of this study is to: 1) evaluate the level of social disadvantage and exclusion experienced by low-income older adults 65 years of age and older living alone or in non-family situations; 2) assess the level of dependency on government and community services (support services) to maintain a reasonable standard of living (minimize effects of social exclusion); and 3) identify consequences of social exclusion not addressed by current available services. Methods Fifteen male older adult members of the Good Neighbours’ Club in downtown Toronto were interviewed. Semi-structured questionnaires assessed barriers to, utility of, and perceived impact of support services available to disadvantaged older adults living in the central core of southeast Toronto. Results Support services for income, housing, food security, social support, and health care do mitigate the effects of social exclusion in the study participants. Data gathered from interviews identified factors that counter the efforts by support services to increase social inclusion in this population. Conclusions Support services reduce social isolation experienced by these older adults. Evidence of the detrimental impact of low financial literacy suggests a need to design and implement training programs to build the older adults’ capacity to manage their own finances effectively, and resist falling victim to financial fraud. PMID:24278093

The Role of Support Services in Promoting Social Inclusion for the Disadvantaged Urban-dwelling Elderly.

PubMed

Nguyen, Vicky P K H; Sarkari, Feroz; Macneil, Kate; Cowan, Laura; Rankin, Joyce

2013-01-01

Disadvantaged older adults living in non-family situations in Toronto are more likely than older adults living in family situations to have less economic security, less social support, and less choice in housing. Older adults who live in poverty and are precariously housed are more likely to be chronically ill, to live with multiple illnesses, to have poor nutrition, high stress and loneliness, all of which are strongly associated with the determinant of health social exclusion. The aim of this study is to: 1) evaluate the level of social disadvantage and exclusion experienced by low-income older adults 65 years of age and older living alone or in non-family situations; 2) assess the level of dependency on government and community services (support services) to maintain a reasonable standard of living (minimize effects of social exclusion); and 3) identify consequences of social exclusion not addressed by current available services. Fifteen male older adult members of the Good Neighbours' Club in downtown Toronto were interviewed. Semi-structured questionnaires assessed barriers to, utility of, and perceived impact of support services available to disadvantaged older adults living in the central core of southeast Toronto. Support services for income, housing, food security, social support, and health care do mitigate the effects of social exclusion in the study participants. Data gathered from interviews identified factors that counter the efforts by support services to increase social inclusion in this population. Support services reduce social isolation experienced by these older adults. Evidence of the detrimental impact of low financial literacy suggests a need to design and implement training programs to build the older adults' capacity to manage their own finances effectively, and resist falling victim to financial fraud.

The invisible hand: how British American Tobacco precluded competition in Uzbekistan

PubMed Central

Gilmore, Anna B; McKee, Martin; Collin, Jeff

2007-01-01

Background Tobacco industry documents provide a unique opportunity to explore the role transnational corporations (TNCs) played in shaping the poor outcomes of privatisation in the former Soviet Union (FSU). This paper examines British American Tobacco's (BAT's) business conduct in Uzbekistan where large‐scale smuggling of BAT's cigarettes, BAT's reversal of tobacco control legislation and its human rights abuses of tobacco farmers have been documented previously. This paper focuses, instead, on BAT's attitude to competition, compares BAT's conduct with international standards and assesses its influence on the privatisation process. Methods Analysis of BAT documents released through litigation. Results BAT secured sole negotiator status precluding the Uzbekistan government from initiating discussions with other parties. Recognising that a competitive tender would greatly increase the cost of investment, BAT went to great lengths to avoid one, ultimately securing President Karimov's support and negotiating a monopoly position in a closed deal. It simultaneously secured exclusion from the monopolies committee, ensuring freedom to set prices, on the basis of a spurious argument that competition would exist from imports. Other anticompetitive moves comprised including all three plants in the deal despite intending to close down two, exclusive dealing and implementing measures designed to prevent market entry by competitors. BAT also secured a large number of exemptions and privileges that further reduced the government's revenue both on a one‐off and ongoing basis. Conclusions BAT's corporate misbehaviour included a wide number of anticompetitive practices, contravened Organisation of Economic Cooperation and Development's and BAT's own business standards on competition and restricted revenue arising from privatisation. This suggests that TNCs have contributed to the failure of privatisation in the FSU. Conducting open tenders and using enforceable codes to regulate corporate conduct would help deal with some of the problems identified. PMID:17652239

Globus Identity, Access, and Data Management: Platform Services for Collaborative Science

NASA Astrophysics Data System (ADS)

Ananthakrishnan, R.; Foster, I.; Wagner, R.

2016-12-01

Globus is software-as-a-service for research data management, developed at, and operated by, the University of Chicago. Globus, accessible at www.globus.org, provides high speed, secure file transfer; file sharing directly from existing storage systems; and data publication to institutional repositories. 40,000 registered users have used Globus to transfer tens of billions of files totaling hundreds of petabytes between more than 10,000 storage systems within campuses and national laboratories in the US and internationally. Web, command line, and REST interfaces support both interactive use and integration into applications and infrastructures. An important component of the Globus system is its foundational identity and access management (IAM) platform service, Globus Auth. Both Globus research data management and other applications use Globus Auth for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and a range of clients, including web, mobile, and desktop applications, and other services. Compliant with important standards such as OAuth, OpenID, and SAML, Globus Auth provides mechanisms required for an extensible, integrated ecosystem of services and clients for the research and education community. It underpins projects such as the US National Science Foundation's XSEDE system, NCAR's Research Data Archive, and the DOE Systems Biology Knowledge Base. Current work is extending Globus services to be compliant with FEDRAMP standards for security assessment, authorization, and monitoring for cloud services. We will present Globus IAM solutions and give examples of Globus use in various projects for federated access to resources. We will also describe how Globus Auth and Globus research data management capabilities enable rapid development and low-cost operations of secure data sharing platforms that leverage Globus services and integrate them with local policy and security.

Security, safety, and related technology - the triangle of eHealth service provision.

PubMed

Savastano, Mario; Hovsto, Asbjorn; Pharow, Peter; Blobel, Bernd

2008-01-01

The developing of innovative solutions in the emerging eHealth market requires strong economic efforts which may be justified only in presence of particularly suitable boundary conditions. Among the factors retained of primary importance for the development of eHealth, a correct approach to id-management is unanimously considered fundamental. Three keywords in the id-management context appear particularly important: standardization, security and safety. Standardization may contribute to increase the size and duration of the eHealth market, while security and safety may encourage all the stakeholders to trust in a appropriate and safe management of all the very sensitive personal data involved in the eHealth applications. The aim of the present paper is analyzing some security and safety issues in eHealth from the particular prospective of the identity management and standardization. The paper highlights the mission of the EU funded "BioHealth" project whose mission is to increase the stakeholders' knowledge about existing and emerging standards in eHealth with particular reference to identity management.

ECLIPSE, an Emerging Standardized Modular, Secure and Affordable Software Toolset in Support of Product Assurance, Quality Assurance and Project Management for the Entire European Space Industry (from Innovative SMEs to Primes and Institutions)

NASA Astrophysics Data System (ADS)

Bennetti, Andrea; Ansari, Salim; Dewhirst, Tori; Catanese, Giuseppe

2010-08-01

The development of satellites and ground systems (and the technologies that support them) is complex and demands a great deal of rigor in the management of both the information it relies upon and the information it generates via the performance of well established processes. To this extent for the past fifteen years Sapienza Consulting has been supporting the European Space Agency (ESA) in the management of this information and provided ESA with ECSS (European Cooperation for Space Standardization) Standards based Project Management (PM), Product Assurance (PA) and Quality Assurance (QA) software applications. In 2009 Sapienza recognised the need to modernize, standardizing and integrate its core ECSS-based software tools into a single yet modularised suite of applications named ECLIPSE aimed at: • Fulfilling a wider range of historical and emerging requirements, • Providing a better experience for users, • Increasing the value of the information it collects and manages • Lowering the cost of ownership and operation • Increasing collaboration within and between space sector organizations • Aiding in the performance of several PM, PA, QA, and configuration management tasks in adherence to ECSS standards. In this paper, Sapienza will first present the toolset, and a rationale for its development, describing and justifying its architecture, and basic modules composition. Having defined the toolset architecture, this paper will address the current status of the individual applications. A compliance assessment will be presented for each module in the toolset with respect to the ECSS standard it addresses. Lastly experience from early industry and Institutional users will be presented.

17 CFR 275.222-2 - Definition of “client” for purposes of the national de minimis standard.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 3 2011-04-01 2011-04-01 false Definition of âclientâ for purposes of the national de minimis standard. 275.222-2 Section 275.222-2 Commodity and Securities... 1940 § 275.222-2 Definition of “client” for purposes of the national de minimis standard. For purposes...

Federal Security Laboratory Governance Panels: Observations and Recommendations

DTIC Science & Technology

2013-01-01

operates under a sole-source, cost-plus-fixed-fee contract administered by the U.S. Navy’s Naval Sea Systems Command. There are currently 14 UARCs, 13... system of research organizations that support science and technology for U.S. national security. Within this system , the Departments of Defense, Energy...and Homeland Security support about 80 laboratories that focus predominantly on national security matters. These laboratories have different

Homeland security in the USA: past, present, and future.

PubMed

Kemp, Roger L

2012-01-01

This paper examines the evolving and dynamic field of homeland security in the USA. Included in this analysis is the evolution of the creation of the Department of Homeland Security, an overview of the National Warning System, a summary of citizen support groups, and how the field of homeland security has had an impact on the location and architecture of public buildings and facilities. Also included are website directories of citizen support groups and federal agencies related to the field of homeland security.

Lawrence Livermore National Laboratory safeguards and security quarterly progress report to the US Department of Energy quarter ending September 30, 1994

DOE Office of Scientific and Technical Information (OSTI.GOV)

Davis, G.; Mansur, D.L.; Ruhter, W.D.

1994-10-01

This report presents the details of the Lawrence Livermore National Laboratory safeguards and securities program. This program is focused on developing new technology, such as x- and gamma-ray spectrometry, for measurement of special nuclear materials. This program supports the Office of Safeguards and Securities in the following five areas; safeguards technology, safeguards and decision support, computer security, automated physical security, and automated visitor access control systems.

Citizen Observatories: A Standards Based Architecture

NASA Astrophysics Data System (ADS)

Simonis, Ingo

2015-04-01

A number of large-scale research projects are currently under way exploring the various components of citizen observatories, e.g. CITI-SENSE (http://www.citi-sense.eu), Citclops (http://citclops.eu), COBWEB (http://cobwebproject.eu), OMNISCIENTIS (http://www.omniscientis.eu), and WeSenseIt (http://www.wesenseit.eu). Common to all projects is the motivation to develop a platform enabling effective participation by citizens in environmental projects, while considering important aspects such as security, privacy, long-term storage and availability, accessibility of raw and processed data and its proper integration into catalogues and international exchange and collaboration systems such as GEOSS or INSPIRE. This paper describes the software architecture implemented for setting up crowdsourcing campaigns using standardized components, interfaces, security features, and distribution capabilities. It illustrates the Citizen Observatory Toolkit, a software suite that allows defining crowdsourcing campaigns, to invite registered and unregistered participants to participate in crowdsourcing campaigns, and to analyze, process, and visualize raw and quality enhanced crowd sourcing data and derived products. The Citizen Observatory Toolkit is not a single software product. Instead, it is a framework of components that are built using internationally adopted standards wherever possible (e.g. OGC standards from Sensor Web Enablement, GeoPackage, and Web Mapping and Processing Services, as well as security and metadata/cataloguing standards), defines profiles of those standards where necessary (e.g. SWE O&M profile, SensorML profile), and implements design decisions based on the motivation to maximize interoperability and reusability of all components. The toolkit contains tools to set up, manage and maintain crowdsourcing campaigns, allows building on-demand apps optimized for the specific sampling focus, supports offline and online sampling modes using modern cell phones with built-in sensing technologies, automates the upload of the raw data, and handles conflation services to match quality requirements and analysis challenges. The strict implementation of all components using internationally adopted standards ensures maximal interoperability and reusability of all components. The Citizen Observatory Toolkit is currently developed as part of the COBWEB research project. COBWEB is partially funded by the European Programme FP7/2007-2013 under grant agreement n° 308513; part of the topic ENV.2012.6.5-1 "Developing community based environmental monitoring and information systems using innovative and novel earth observation applications.

45 CFR 303.30 - Securing medical support information.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 45 Public Welfare 2 2010-10-01 2010-10-01 false Securing medical support information. 303.30 Section 303.30 Public Welfare Regulations Relating to Public Welfare OFFICE OF CHILD SUPPORT ENFORCEMENT (CHILD SUPPORT ENFORCEMENT PROGRAM), ADMINISTRATION FOR CHILDREN AND FAMILIES, DEPARTMENT OF HEALTH AND...

49 CFR 1572.9 - Applicant information required for HME security threat assessment.

Code of Federal Regulations, 2011 CFR

2011-10-01

... threat assessment. 1572.9 Section 1572.9 Transportation Other Regulations Relating to Transportation... TRANSPORTATION SECURITY CREDENTIALING AND SECURITY THREAT ASSESSMENTS Procedures and General Standards § 1572.9 Applicant information required for HME security threat assessment. An applicant must supply the information...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 4 2011-10-01 2011-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

49 CFR 234.211 - Security of warning system apparatus.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 4 2010-10-01 2010-10-01 false Security of warning system apparatus. 234.211... Maintenance, Inspection, and Testing Maintenance Standards § 234.211 Security of warning system apparatus. Highway-rail grade crossing warning system apparatus shall be secured against unauthorized entry. ...

7 CFR 274.8 - Functional and technical EBT system requirements.

Code of Federal Regulations, 2012 CFR

2012-01-01

... card is deactivated; (C) Communications network security that utilizes the Data Encryption Standard... PIN and/or PIN offset, to ensure data security during electronic transmission. Any of the network... household data and providing benefit and data security; (x) Inventorying and securing accountable documents...

7 CFR 274.8 - Functional and technical EBT system requirements.

Code of Federal Regulations, 2011 CFR

2011-01-01

... card is deactivated; (C) Communications network security that utilizes the Data Encryption Standard... PIN and/or PIN offset, to ensure data security during electronic transmission. Any of the network... household data and providing benefit and data security; (x) Inventorying and securing accountable documents...

7 CFR 274.8 - Functional and technical EBT system requirements.

Code of Federal Regulations, 2014 CFR

2014-01-01

... card is deactivated; (C) Communications network security that utilizes the Data Encryption Standard... PIN and/or PIN offset, to ensure data security during electronic transmission. Any of the network... household data and providing benefit and data security; (x) Inventorying and securing accountable documents...

7 CFR 274.8 - Functional and technical EBT system requirements.

Code of Federal Regulations, 2013 CFR

2013-01-01

... card is deactivated; (C) Communications network security that utilizes the Data Encryption Standard... PIN and/or PIN offset, to ensure data security during electronic transmission. Any of the network... household data and providing benefit and data security; (x) Inventorying and securing accountable documents...

Innovative dressing and securement of tunneled central venous access devices in pediatrics: a pilot randomized controlled trial.

PubMed

Ullman, Amanda J; Kleidon, Tricia; Gibson, Victoria; McBride, Craig A; Mihala, Gabor; Cooke, Marie; Rickard, Claire M

2017-08-30

Central venous access device (CVAD) associated complications are a preventable source of patient harm, frequently resulting in morbidity and delays to vital treatment. Dressing and securement products are used to prevent infectious and mechanical complications, however current complication rates suggest customary practices are inadequate. The aim of this study was to evaluate the feasibility of launching a full-scale randomized controlled efficacy trial of innovative dressing and securement products for pediatric tunneled CVAD to prevent complication and failure. An external, pilot, four-group randomized controlled trial of standard care (bordered polyurethane dressing and suture), in comparison to integrated securement-dressing, suture-less securement device, and tissue adhesive was undertaken across two large, tertiary referral pediatric hospitals in Australia. Forty-eight pediatric participants with newly inserted tunneled CVADs were consecutively recruited. The primary outcome of study feasibility was established by elements of eligibility, recruitment, attrition, protocol adherence, missing data, parent and healthcare staff satisfaction and acceptability, and effect size estimates for CVAD failure (cessation of function prior to completion of treatment) and complication (associated bloodstream infection, thrombosis, breakage, dislodgement or occlusion). Dressing integrity, product costs and site complications were also examined. Protocol feasibility was established. CVAD failure was: 17% (2/12) integrated securement-dressing; 8% (1/13) suture-less securement device; 0% tissue adhesive (0/12); and, 0% standard care (0/11). CVAD complications were: 15% (2/13) suture-less securement device (CVAD associated bloodstream infection, and occlusion and partial dislodgement); 8% (1/12) integrated securement-dressing (partial dislodgement); 0% tissue adhesive (0/12); and, 0% standard care (0/11). One CVAD-associated bloodstream infection occurred, within the suture-less securement device group. Overall satisfaction was highest in the integrated securement-dressing (mean 8.5/10; standard deviation 1.2). Improved dressing integrity was evident in the intervention arms, with the integrated securement-dressing associated with prolonged time to first dressing change (mean days 3.5). Improving the security and dressing integrity of tunneled CVADs is likely to improve outcomes for pediatric patients. Further research is necessary to identify novel, effective CVAD securement to reduce complications, and provide reliable vascular access for children. ACTRN12614000280606 ; prospectively registered on 17/03/2014.

Implementation of an Enterprise Information Portal (EIP) in the Loyola University Health System

PubMed Central

Price, Ronald N.; Hernandez, Kim

2001-01-01

Loyola University Chicago Stritch School of Medicine and Loyola University Medical Center have long histories in the development of applications to support the institutions' missions of education, research and clinical care. In late 1998, the institutions' application development group undertook an ambitious program to re-architecture more than 10 years of legacy application development (30+ core applications) into a unified World Wide Web (WWW) environment. The primary project objectives were to construct an environment that would support the rapid development of n-tier, web-based applications while providing standard methods for user authentication/validation, security/access control and definition of a user's organizational context. The project's efforts resulted in Loyola's Enterprise Information Portal (EIP), which meets the aforementioned objectives. This environment: 1) allows access to other vertical Intranet portals (e.g., electronic medical record, patient satisfaction information and faculty effort); 2) supports end-user desktop customization; and 3) provides a means for standardized application “look and feel.” The portal was constructed utilizing readily available hardware and software. Server hardware consists of multiprocessor (Intel Pentium 500Mhz) Compaq 6500 servers with one gigabyte of random access memory and 75 gigabytes of hard disk storage. Microsoft SQL Server was selected to house the portal's internal or security data structures. Netscape Enterprise Server was selected for the web server component of the environment and Allaire's ColdFusion was chosen for access and application tiers. Total costs for the portal environment was less than $40,000. User data storage is accomplished through two Microsoft SQL Servers and an existing SUN Microsystems enterprise server with eight processors, 750 gigabytes of disk storage operating Sybase relational database manager. Total storage capacity for all system exceeds one terabyte. In the past 12 months, the EIP has supported development of more than 88 applications and is utilized by more than 2,200 users.

A multi-service data management platform for scientific oceanographic products

NASA Astrophysics Data System (ADS)

D'Anca, Alessandro; Conte, Laura; Nassisi, Paola; Palazzo, Cosimo; Lecci, Rita; Cretì, Sergio; Mancini, Marco; Nuzzo, Alessandra; Mirto, Maria; Mannarini, Gianandrea; Coppini, Giovanni; Fiore, Sandro; Aloisio, Giovanni

2017-02-01

An efficient, secure and interoperable data platform solution has been developed in the TESSA project to provide fast navigation and access to the data stored in the data archive, as well as a standard-based metadata management support. The platform mainly targets scientific users and the situational sea awareness high-level services such as the decision support systems (DSS). These datasets are accessible through the following three main components: the Data Access Service (DAS), the Metadata Service and the Complex Data Analysis Module (CDAM). The DAS allows access to data stored in the archive by providing interfaces for different protocols and services for downloading, variables selection, data subsetting or map generation. Metadata Service is the heart of the information system of the TESSA products and completes the overall infrastructure for data and metadata management. This component enables data search and discovery and addresses interoperability by exploiting widely adopted standards for geospatial data. Finally, the CDAM represents the back-end of the TESSA DSS by performing on-demand complex data analysis tasks.

Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) Project: KDP-A for Phase 2 Minimum Operational Performance Standards

NASA Technical Reports Server (NTRS)

Grindle, Laurie; Hackenberg, Davis L.

2016-01-01

UAS Integration in the NAS Project has: a) Developed Technical Challenges that are crucial to UAS integration, aligned with NASA's Strategic Plan and Thrusts, and support FAA standards development. b) Demonstrated rigorous project management processes through the execution of previous phases. c) Defined Partnership Plans. d) Established path to KDP-C. Request approval of Technical Challenges, execution of partnerships and plans, and execution of near-term FY17 activities. There is an increasing need to fly UAS in the NAS to perform missions of vital importance to National Security and Defense, Emergency Management, and Science. There is also an emerging need to enable commercial applications such as cargo transport (e.g. FedEx). Unencumbered NAS Access for Civil/Commercial UAS. Provide research findings, utilizing simulation and flight tests, to support the development and validation of DAA and C2 technologies necessary for integrating Unmanned Aircraft Systems into the National Airspace System.

Symmetric Key Services Markup Language (SKSML)

NASA Astrophysics Data System (ADS)

Noor, Arshad

Symmetric Key Services Markup Language (SKSML) is the eXtensible Markup Language (XML) being standardized by the OASIS Enterprise Key Management Infrastructure Technical Committee for requesting and receiving symmetric encryption cryptographic keys within a Symmetric Key Management System (SKMS). This protocol is designed to be used between clients and servers within an Enterprise Key Management Infrastructure (EKMI) to secure data, independent of the application and platform. Building on many security standards such as XML Signature, XML Encryption, Web Services Security and PKI, SKSML provides standards-based capability to allow any application to use symmetric encryption keys, while maintaining centralized control. This article describes the SKSML protocol and its capabilities.

The contribution of attachment security and social support to depressive symptoms in patients with metastatic cancer.

PubMed

Rodin, Gary; Walsh, Andrew; Zimmermann, Camilla; Gagliese, Lucia; Jones, Jennifer; Shepherd, Frances A; Moore, Malcolm; Braun, Michal; Donner, Allan; Mikulincer, Mario

2007-12-01

The present study examines the association between disease-related factors, perceived social support, attachment security (i.e. attachment anxiety and avoidance), and the occurrence of depressive symptoms in a sample of patients with metastatic gastrointestinal or lung cancer. Results from a sample of 326 cancer outpatients with advanced disease indicate that disease-related factors are significantly associated with the occurrence of depressive symptoms, and the latter are inversely related to the degree of attachment anxiety and avoidance, and perceived social support. Attachment security (on the dimension of anxious attachment) significantly buffered the effect of disease-related factors on depressive symptoms, and perceived social support mediated the relationship between attachment security and depressive symptoms. The buffering effect of attachment security on depressive symptoms and its partial mediation through social support suggest that the interaction of individual, social, and disease-related factors contribute to the emergence of depressive symptoms in patients with metastatic cancer.

6 CFR 25.1 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Purpose. 25.1 Section 25.1 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY REGULATIONS TO SUPPORT ANTI-TERRORISM BY FOSTERING EFFECTIVE TECHNOLOGIES § 25.1 Purpose. This part implements the Support Anti-terrorism by Fostering...

45 CFR 164.316 - Policies and procedures and documentation requirements.

Code of Federal Regulations, 2014 CFR

2014-10-01

... 45 Public Welfare 1 2014-10-01 2014-10-01 false Policies and procedures and documentation requirements. 164.316 Section 164.316 Public Welfare Department of Health and Human Services ADMINISTRATIVE DATA STANDARDS AND RELATED REQUIREMENTS SECURITY AND PRIVACY Security Standards for the Protection of...

Securing a web-based teleradiology platform according to German law and "best practices".

PubMed

Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

2009-01-01

The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data.

49 CFR 172.704 - Training requirements.

Code of Federal Regulations, 2010 CFR

2010-10-01

... PROVISIONS, HAZARDOUS MATERIALS COMMUNICATIONS, EMERGENCY RESPONSE INFORMATION, TRAINING REQUIREMENTS, AND... communication standards of this subchapter. (2) Function-specific training. (i) Each hazmat employee must be... must include company security objectives, organizational security structure, specific security...

17 CFR 240.19c-5 - Governing the multiple listing of options on national securities exchanges.

Code of Federal Regulations, 2010 CFR

2010-04-01

... of options on national securities exchanges. 240.19c-5 Section 240.19c-5 Commodity and Securities... of Exchange Members § 240.19c-5 Governing the multiple listing of options on national securities exchanges. (a) The rules of each national securities exchange that provides a trading market in standardized...

76 FR 81477 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-28

... sessions will be open to the public. The ISPAB was established by the Computer Security Act of 1987 (Pub. L... Secure Mobile Devices, --Panel Discussion on cyber R&D Strategy, and --Update of NIST Computer Security... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and...

Information security requirements in patient-centred healthcare support systems.

PubMed

Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

2013-01-01

Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

29 CFR 2590.609-2 - National Medical Support Notice.

Code of Federal Regulations, 2010 CFR

2010-07-01

... Retirement Income Security Act (ERISA), the Notice is deemed to be a qualified medical child support order....609-2 Labor Regulations Relating to Labor (Continued) EMPLOYEE BENEFITS SECURITY ADMINISTRATION..., Qualified Medical Child Support Orders, Coverage for Adopted Children § 2590.609-2 National Medical Support...

Attachment Security Balances Perspectives: Effects of Security Priming on Highly Optimistic and Pessimistic Explanatory Styles.

PubMed

Deng, Yanhe; Yan, Mengge; Chen, Henry; Sun, Xin; Zhang, Peng; Zeng, Xianglong; Liu, Xiangping; Lye, Yue

2016-01-01

Highly optimistic explanatory style (HOES) and highly pessimistic explanatory style (HPES) are two maladaptive ways to explain the world and may have roots in attachment insecurity. The current study aims to explore the effects of security priming - activating supportive representations of attachment security - on ameliorating these maladaptive explanatory styles. 57 participants with HOES and 57 participants with HPES were randomized into security priming and control conditions. Their scores of overall optimistic attribution were measured before and after priming. Security priming had a moderating effect: the security primed HOES group exhibited lower optimistic attribution, while the security primed HPES group evinced higher scores of optimistic attribution. Furthermore, the security primed HOES group attributed positive outcomes more externally, while the security primed HPES group attributed successful results more internally. The results support the application of security priming interventions on maladaptive explanatory styles. Its potential mechanism and directions for future study are also discussed.

6 CFR 27.220 - Tiering.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Tiering. 27.220 Section 27.220 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.220 Tiering. (a) Preliminary Determination of Risk-Based Tiering. Based on...

17 CFR 229.1119 - (Item 1119) Affiliations and certain relationships and related transactions.

Code of Federal Regulations, 2010 CFR

2010-04-01

... certain relationships and related transactions. 229.1119 Section 229.1119 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF... Asset-Backed Securities (Regulation AB) § 229.1119 (Item 1119) Affiliations and certain relationships...

17 CFR 229.1119 - (Item 1119) Affiliations and certain relationships and related transactions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... certain relationships and related transactions. 229.1119 Section 229.1119 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF... Asset-Backed Securities (Regulation AB) § 229.1119 (Item 1119) Affiliations and certain relationships...

17 CFR 229.1119 - (Item 1119) Affiliations and certain relationships and related transactions.

Code of Federal Regulations, 2012 CFR

2012-04-01

... certain relationships and related transactions. 229.1119 Section 229.1119 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF... Asset-Backed Securities (Regulation AB) § 229.1119 (Item 1119) Affiliations and certain relationships...

17 CFR 229.1119 - (Item 1119) Affiliations and certain relationships and related transactions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... certain relationships and related transactions. 229.1119 Section 229.1119 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF... Asset-Backed Securities (Regulation AB) § 229.1119 (Item 1119) Affiliations and certain relationships...

17 CFR 229.1119 - (Item 1119) Affiliations and certain relationships and related transactions.

Code of Federal Regulations, 2011 CFR

2011-04-01

... certain relationships and related transactions. 229.1119 Section 229.1119 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF... Asset-Backed Securities (Regulation AB) § 229.1119 (Item 1119) Affiliations and certain relationships...

49 CFR 193.2715 - Training: security.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 3 2010-10-01 2010-10-01 false Training: security. 193.2715 Section 193.2715...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2715 Training: security. (a) Personnel responsible for security at an LNG plant must be trained in accordance with a written plan of...

40 CFR 264.14 - Security.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 40 Protection of Environment 26 2011-07-01 2011-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

40 CFR 265.14 - Security.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 40 Protection of Environment 26 2011-07-01 2011-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

40 CFR 264.14 - Security.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 40 Protection of Environment 27 2012-07-01 2012-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

40 CFR 264.14 - Security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 40 Protection of Environment 27 2013-07-01 2013-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

40 CFR 265.14 - Security.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 40 Protection of Environment 27 2012-07-01 2012-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

49 CFR 193.2715 - Training: security.

Code of Federal Regulations, 2012 CFR

2012-10-01

... 49 Transportation 3 2012-10-01 2012-10-01 false Training: security. 193.2715 Section 193.2715...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2715 Training: security. (a) Personnel responsible for security at an LNG plant must be trained in accordance with a written plan of...

40 CFR 265.14 - Security.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 40 Protection of Environment 27 2013-07-01 2013-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

40 CFR 265.14 - Security.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 40 Protection of Environment 26 2014-07-01 2014-07-01 false Security. 265.14 Section 265.14... Facility Standards § 265.14 Security. (a) The owner or operator must prevent the unknowing entry, and...) for discussion of security requirements at disposal facilities during the post-closure care period...

49 CFR 193.2715 - Training: security.

Code of Federal Regulations, 2011 CFR

2011-10-01

... 49 Transportation 3 2011-10-01 2011-10-01 false Training: security. 193.2715 Section 193.2715...: FEDERAL SAFETY STANDARDS Personnel Qualifications and Training § 193.2715 Training: security. (a) Personnel responsible for security at an LNG plant must be trained in accordance with a written plan of...

40 CFR 264.14 - Security.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 40 Protection of Environment 26 2014-07-01 2014-07-01 false Security. 264.14 Section 264.14... Standards § 264.14 Security. (a) The owner or operator must prevent the unknowing entry, and minimize the...) for discussion of security requirements at disposal facilities during the post-closure care period...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 10 Energy 1 2014-01-01 2014-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 10 Energy 1 2010-01-01 2010-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 10 Energy 1 2011-01-01 2011-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 10 Energy 1 2012-01-01 2012-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

10 CFR 20.1801 - Security of stored material.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 10 Energy 1 2013-01-01 2013-01-01 false Security of stored material. 20.1801 Section 20.1801 Energy NUCLEAR REGULATORY COMMISSION STANDARDS FOR PROTECTION AGAINST RADIATION Storage and Control of Licensed Material § 20.1801 Security of stored material. The licensee shall secure from unauthorized...

Extra dimensions: 3d and time in pdf documentation

NASA Astrophysics Data System (ADS)

Graf, N. A.

2008-07-01

High energy physics is replete with multi-dimensional information which is often poorly represented by the two dimensions of presentation slides and print media. Past efforts to disseminate such information to a wider audience have failed for a number of reasons, including a lack of standards which are easy to implement and have broad support. Adobe's Portable Document Format (PDF) has in recent years become the de facto standard for secure, dependable electronic information exchange. It has done so by creating an open format, providing support for multiple platforms and being reliable and extensible. By providing support for the ECMA standard Universal 3D (U3D) file format in its free Adobe Reader software, Adobe has made it easy to distribute and interact with 3D content. By providing support for scripting and animation, temporal data can also be easily distributed to a wide audience. In this talk, we present examples of HEP applications which take advantage of this functionality. We demonstrate how 3D detector elements can be documented, using either CAD drawings or other sources such as GEANT visualizations as input. Using this technique, higher dimensional data, such as LEGO plots or time-dependent information can be included in PDF files. In principle, a complete event display, with full interactivity, can be incorporated into a PDF file. This would allow the end user not only to customize the view and representation of the data, but to access the underlying data itself.

European union standards for tuberculosis care.

PubMed

Migliori, G B; Zellweger, J P; Abubakar, I; Ibraim, E; Caminero, J A; De Vries, G; D'Ambrosio, L; Centis, R; Sotgiu, G; Menegale, O; Kliiman, K; Aksamit, T; Cirillo, D M; Danilovits, M; Dara, M; Dheda, K; Dinh-Xuan, A T; Kluge, H; Lange, C; Leimane, V; Loddenkemper, R; Nicod, L P; Raviglione, M C; Spanevello, A; Thomsen, V Ø; Villar, M; Wanlin, M; Wedzicha, J A; Zumla, A; Blasi, F; Huitric, E; Sandgren, A; Manissero, D

2012-04-01

The European Centre for Disease Prevention and Control (ECDC) and the European Respiratory Society (ERS) jointly developed European Union Standards for Tuberculosis Care (ESTC) aimed at providing European Union (EU)-tailored standards for the diagnosis, treatment and prevention of tuberculosis (TB). The International Standards for TB Care (ISTC) were developed in the global context and are not always adapted to the EU setting and practices. The majority of EU countries have the resources and capacity to implement higher standards to further secure quality TB diagnosis, treatment and prevention. On this basis, the ESTC were developed as standards specifically tailored to the EU setting. A panel of 30 international experts, led by a writing group and the ERS and ECDC, identified and developed the 21 ESTC in the areas of diagnosis, treatment, HIV and comorbid conditions, and public health and prevention. The ISTCs formed the basis for the 21 standards, upon which additional EU adaptations and supplements were developed. These patient-centred standards are targeted to clinicians and public health workers, providing an easy-to-use resource, guiding through all required activities to ensure optimal diagnosis, treatment and prevention of TB. These will support EU health programmes to identify and develop optimal procedures for TB care, control and elimination.

IEC 61850: Technology Standards and Cyber-Security Threats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Youssef, Tarek A; El Hariri, mohamed; Bugay, Nicole

Substations constitute a fundamental part in providing reliable electricity to consumers. For a substation to maintain electricity reliability and its own real-time operability, communication between its components is inevitable. Before the emergence of IEC 61850, inter-substation communication was established via expensive copper wires with limited capabilities. IEC 61850 is the standard set by the International Electrotechnical Commission (IEC) Technical Committee Number 57 Working Group 10 and IEEE for Ethernet (IEEE 802.3)-based communication in electrical substations. Like many power grid systems standards, IEC 61850 was set without extensive consideration for critical security measures. This paper discusses IEC 61850 technology standards andmore » applications thoroughly and points out major security vulnerabilities it introduces in the context of current cyber-physical smart grid systems.« less

A global trend: privatization and reform of social security pension plans.

PubMed

Poortvliet, W G; Laine, T P

1995-01-01

Ten years ago Chile successfully privatized its social security system, beginning a worldwide trend to solve the problem of an increasing burden on government-supported social security programs. Contributing factors include an aging population, fewer workers to support retirees, government budget deficits and the influence of politics.

49 CFR 1542.215 - Law enforcement support.

Code of Federal Regulations, 2010 CFR

2010-10-01

... 49 Transportation 9 2010-10-01 2010-10-01 false Law enforcement support. 1542.215 Section 1542.215..., DEPARTMENT OF HOMELAND SECURITY CIVIL AVIATION SECURITY AIRPORT SECURITY Operations § 1542.215 Law... program under § 1542.103(a) or (b) must provide: (1) Law enforcement personnel in the number and manner...

Simple algorithm for improved security in the FDDI protocol

NASA Astrophysics Data System (ADS)

Lundy, G. M.; Jones, Benjamin

1993-02-01

We propose a modification to the Fiber Distributed Data Interface (FDDI) protocol based on a simple algorithm which will improve confidential communication capability. This proposed modification provides a simple and reliable system which exploits some of the inherent security properties in a fiber optic ring network. This method differs from conventional methods in that end to end encryption can be facilitated at the media access control sublayer of the data link layer in the OSI network model. Our method is based on a variation of the bit stream cipher method. The transmitting station takes the intended confidential message and uses a simple modulo two addition operation against an initialization vector. The encrypted message is virtually unbreakable without the initialization vector. None of the stations on the ring will have access to both the encrypted message and the initialization vector except the transmitting and receiving stations. The generation of the initialization vector is unique for each confidential transmission and thus provides a unique approach to the key distribution problem. The FDDI protocol is of particular interest to the military in terms of LAN/MAN implementations. Both the Army and the Navy are considering the standard as the basis for future network systems. A simple and reliable security mechanism with the potential to support realtime communications is a necessary consideration in the implementation of these systems. The proposed method offers several advantages over traditional methods in terms of speed, reliability, and standardization.

Federation for a Secure Enterprise

DTIC Science & Technology

2016-09-10

12 October 2005 e. RFC Internet X.509 Public Key Infrastructure: Certification Path Building, 2005 f. Public Key Cryptography Standard, PKCS #1...v2.2: RSA Cryptography Standard, RSA Laboratories, October 27, 2012 g. PKCS#12 format PKCS #12 v1.0: Personal Information Exchange Syntax Standard, RSA...ClientHello padding extension, 2015-02-17 f. Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier

Effectiveness of the Department of Defense Information Assurance Accreditation Process

DTIC Science & Technology

2013-03-01

meeting the requirements of ISO 27001, Information Security Management System. ISO 27002 provides “security techniques” or best practices that can be...efforts to the next level and implement a recognized standard such as the International Organization for Standards ( ISO ) 27000 Series of standards...implemented by an organization as part of their certification effort.15 Most likely, the main motivation a company would have for achieving an ISO

77 FR 70865 - Self-Regulatory Organizations; National Securities Clearing Corporation; Notice of Filing and...

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-27

... industry standard for processing and settling mutual fund transactions. Through automated, standardized... trend in the mutual fund industry toward omnibus processing, a practice where distribution firms bundle... to Fund/SERV[supreg] Fees November 20, 2012. Pursuant to Section 19(b)(1) of the Securities Exchange...

Job security and fear: Do these drive our radiation guidelines

DOE Office of Scientific and Technical Information (OSTI.GOV)

Thomas, R.G.

1994-01-01

This commentary asks why scientists want radiation standard setting at a level well below that at which any health related problem has been observed in a human being. The idea that job security and fear actually may drive radiation standards is presented as a possibility. 3 refs.

Computer-Aided Sensor Development Focused on Security Issues.

PubMed

Bialas, Andrzej

2016-05-26

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

Computer-Aided Sensor Development Focused on Security Issues

PubMed Central

Bialas, Andrzej

2016-01-01

The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

6 CFR 27.100 - Purpose.

Code of Federal Regulations, 2012 CFR

2012-01-01

... 6 Domestic Security 1 2012-01-01 2012-01-01 false Purpose. 27.100 Section 27.100 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS General § 27.100 Purpose. The purpose of this part is to enhance the security of our Nation by furthering the...

6 CFR 27.250 - Inspections and audits.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Inspections and audits. 27.250 Section 27.250 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.250 Inspections and audits. (a) Authority. In order to...

6 CFR 27.100 - Purpose.

Code of Federal Regulations, 2014 CFR

2014-01-01

... 6 Domestic Security 1 2014-01-01 2014-01-01 false Purpose. 27.100 Section 27.100 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS General § 27.100 Purpose. The purpose of this part is to enhance the security of our Nation by furthering the...

6 CFR 27.100 - Purpose.

Code of Federal Regulations, 2013 CFR

2013-01-01

... 6 Domestic Security 1 2013-01-01 2013-01-01 false Purpose. 27.100 Section 27.100 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS General § 27.100 Purpose. The purpose of this part is to enhance the security of our Nation by furthering the...

6 CFR 27.100 - Purpose.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Purpose. 27.100 Section 27.100 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS General § 27.100 Purpose. The purpose of this part is to enhance the security of our Nation by furthering the...

6 CFR 27.100 - Purpose.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Purpose. 27.100 Section 27.100 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS General § 27.100 Purpose. The purpose of this Part is to enhance the security of our Nation by furthering the...

6 CFR 7.2 - Scope.

Code of Federal Regulations, 2011 CFR

2011-01-01

... 6 Domestic Security 1 2011-01-01 2011-01-01 false Scope. 7.2 Section 7.2 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION § 7.2 Scope... Branch who are granted access to classified information by the DHS, in accordance with the standards in...

17 CFR 229.1009 - (Item 1009) Persons/assets, retained, employed, compensated or used.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 17 Commodity and Securities Exchanges 2 2011-04-01 2011-04-01 false (Item 1009) Persons/assets, retained, employed, compensated or used. 229.1009 Section 229.1009 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933...

17 CFR 229.1009 - (Item 1009) Persons/assets, retained, employed, compensated or used.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 17 Commodity and Securities Exchanges 2 2010-04-01 2010-04-01 false (Item 1009) Persons/assets, retained, employed, compensated or used. 229.1009 Section 229.1009 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933...

17 CFR 229.1009 - (Item 1009) Persons/assets, retained, employed, compensated or used.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 17 Commodity and Securities Exchanges 3 2014-04-01 2014-04-01 false (Item 1009) Persons/assets, retained, employed, compensated or used. 229.1009 Section 229.1009 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933...

17 CFR 229.1009 - (Item 1009) Persons/assets, retained, employed, compensated or used.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 17 Commodity and Securities Exchanges 2 2013-04-01 2013-04-01 false (Item 1009) Persons/assets, retained, employed, compensated or used. 229.1009 Section 229.1009 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933...

17 CFR 229.1009 - (Item 1009) Persons/assets, retained, employed, compensated or used.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 17 Commodity and Securities Exchanges 2 2012-04-01 2012-04-01 false (Item 1009) Persons/assets, retained, employed, compensated or used. 229.1009 Section 229.1009 Commodity and Securities Exchanges SECURITIES AND EXCHANGE COMMISSION STANDARD INSTRUCTIONS FOR FILING FORMS UNDER SECURITIES ACT OF 1933...

6 CFR 7.2 - Scope.

Code of Federal Regulations, 2010 CFR

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Scope. 7.2 Section 7.2 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CLASSIFIED NATIONAL SECURITY INFORMATION § 7.2 Scope... Branch who are granted access to classified information by the DHS, in accordance with the standards in...

45 CFR 155.260 - Privacy and security of personally identifiable information.

Code of Federal Regulations, 2013 CFR

2013-10-01

... 45 Public Welfare 1 2013-10-01 2013-10-01 false Privacy and security of personally identifiable... AFFORDABLE CARE ACT General Functions of an Exchange § 155.260 Privacy and security of personally... must establish and implement privacy and security standards that are consistent with the following...

22 CFR 1101.5 - Security, confidentiality and protection of records.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Bureau of Standard's booklet “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May... 22 Foreign Relations 2 2011-04-01 2009-04-01 true Security, confidentiality and protection of... STATES AND MEXICO, UNITED STATES SECTION PRIVACY ACT OF 1974 § 1101.5 Security, confidentiality and...

22 CFR 1101.5 - Security, confidentiality and protection of records.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Bureau of Standard's booklet “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May... 22 Foreign Relations 2 2014-04-01 2014-04-01 false Security, confidentiality and protection of... STATES AND MEXICO, UNITED STATES SECTION PRIVACY ACT OF 1974 § 1101.5 Security, confidentiality and...

22 CFR 1101.5 - Security, confidentiality and protection of records.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Bureau of Standard's booklet “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May... 22 Foreign Relations 2 2013-04-01 2009-04-01 true Security, confidentiality and protection of... STATES AND MEXICO, UNITED STATES SECTION PRIVACY ACT OF 1974 § 1101.5 Security, confidentiality and...

22 CFR 1101.5 - Security, confidentiality and protection of records.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Bureau of Standard's booklet “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May... 22 Foreign Relations 2 2012-04-01 2009-04-01 true Security, confidentiality and protection of... STATES AND MEXICO, UNITED STATES SECTION PRIVACY ACT OF 1974 § 1101.5 Security, confidentiality and...

77 FR 25686 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2012-05-01

... NIST Computer Security Division. Note that agenda items may change without notice because of possible... of the Information Security and Privacy Advisory Board AGENCY: National Institute of Standards and Technology, Commerce. ACTION: Notice. SUMMARY: The Information Security and Privacy Advisory Board (ISPAB...

22 CFR 1101.5 - Security, confidentiality and protection of records.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Bureau of Standard's booklet “Computer Security Guidelines for Implementing the Privacy Act of 1974” (May... 22 Foreign Relations 2 2010-04-01 2010-04-01 true Security, confidentiality and protection of... STATES AND MEXICO, UNITED STATES SECTION PRIVACY ACT OF 1974 § 1101.5 Security, confidentiality and...

6 CFR 27.250 - Inspections and audits.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.250 Inspections and audits. (a) Authority. In order to... directed by § 27.245(b) in “Review and Approval of Site Security Plans.” (c) Time and Manner. Authorized...

6 CFR 27.250 - Inspections and audits.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY CHEMICAL FACILITY ANTI-TERRORISM STANDARDS Chemical Facility Security Program § 27.250 Inspections and audits. (a) Authority. In order to... directed by § 27.245(b) in “Review and Approval of Site Security Plans.” (c) Time and Manner. Authorized...

CCSDS - Advancing Spaceflight Technology for International Collaboration

NASA Technical Reports Server (NTRS)

Kearney, Mike; Kiely, Aaron; Yeh, Penshu; Gerner, Jean-Luc; Calzolari, Gian-Paolo; Gifford, Kevin; Merri, Mario; Weiss, Howard

2010-01-01

The Consultative Committee for Space Data Systems (CCSDS) has been developing data and communications standards since 1982, with the objective of providing interoperability for enabling international collaboration for spaceflight missions. As data and communications technology has advanced, CCSDS has progressed to capitalize on existing products when available and suitable for spaceflight, and to develop innovative new approaches when available products fail. The current scope of the CCSDS architecture spans the end-to-end data architecture of a spaceflight mission, with ongoing efforts to develop and standardize cutting-edge technology. This manuscript describes the overall architecture, the position of CCSDS in the standards and international mission community, and some CCSDS processes. It then highlights in detail several of the most interesting and critical technical areas in work right now, and how they support collaborative missions. Special topics include: Delay/Disruption Tolerant Networking (DTN), Asynchronous Message Service (AMS), Multispectral/Hyperspectral Data Compression (MHDC), Coding and Synchronization, Onboard Wireless, Spacecraft Monitor and Control, Navigation, Security, and Time Synchronization/Correlation. Broad international participation in development of CCSDS standards is encouraged.

A secure communication using cascade chaotic computing systems on clinical decision support.

PubMed

Koksal, Ahmet Sertol; Er, Orhan; Evirgen, Hayrettin; Yumusak, Nejat

2016-06-01

Clinical decision support systems (C-DSS) provide supportive tools to the expert for the determination of the disease. Today, many of the support systems, which have been developed for a better and more accurate diagnosis, have reached a dynamic structure due to artificial intelligence techniques. However, in cases when important diagnosis studies should be performed in secret, a secure communication system is required. In this study, secure communication of a DSS is examined through a developed double layer chaotic communication system. The developed communication system consists of four main parts: random number generator, cascade chaotic calculation layer, PCM, and logical mixer layers. Thanks to this system, important patient data created by DSS will be conveyed to the center through a secure communication line.

Data security.

PubMed

2016-09-01

A government-commissioned review of data security across health and care has led to the proposal of new standards for security and options for a consent/opt-out model. Standards include that all staff complete appropriate annual data security training and pass a mandatory test provided through the revised Information Governance Toolkit, that personal confidential data is only accessible to staff who need it for their current role, and that access is removed as soon as it is no longer required. The consent/opt-out model is outlined under 8 statements, and includes certain circumstances where it will not apply, for example, where there is an overriding public interest, or mandatory legal requirement.