WorldWideScience

Sample records for access control transportation

  1. Physical Access Control Database

    Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

  2. Android Access Control Extension

    Anton Baláž

    2015-12-01

    Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

  3. Android Access Control Extension

    Anton Baláž; Branislav Madoš; Michal Ambróz

    2015-01-01

    The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by pr...

  4. Advanced access control system

    A prototype voice verification system has been installed which provides the required positive identification at the main site access control point. This system compares an individual's file voice print with a sample voice print obtained from the individual when an attempt is made to enter the site. The voice system transmits the individual's identify to a central processor. The system installed at the Barnwell Nuclear Fuel Plant is described

  5. Analysing Access Control Specifications

    Probst, Christian W.; Hansen, René Rydhof

    2009-01-01

    common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

  6. Advanced access control system

    A prototype voice verification system has been installed which provides the required positive identification at the main site access control point. This system compares an individual's file voice print with a sample voice print obtained from the individual when an attempt is made to enter the site. The voice system transmits the individual's identity to a central processor. The central processor associates that individual's authorization file with a card-key obtained at the access point. The system generates a record of personnel movement, provides a personnel inventory on a real-time basis, and it can retrieve a record of all prior events. The system installed at the Barnwell Nuclear Fuel Plant is described

  7. Anonymous Biometric Access Control

    Shuiming Ye

    2009-01-01

    Full Text Available Access control systems using the latest biometric technologies can offer a higher level of security than conventional password-based systems. Their widespread deployments, however, can severely undermine individuals' rights of privacy. Biometric signals are immutable and can be exploited to associate individuals' identities to sensitive personal records across disparate databases. In this paper, we propose the Anonymous Biometric Access Control (ABAC system to protect user anonymity. The ABAC system uses novel Homomorphic Encryption (HE based protocols to verify membership of a user without knowing his/her true identity. To make HE-based protocols scalable to large biometric databases, we propose the k-Anonymous Quantization (kAQ framework that provides an effective and secure tradeoff of privacy and complexity. kAQ limits server's knowledge of the user to k maximally dissimilar candidates in the database, where k controls the amount of complexity-privacy tradeoff. kAQ is realized by a constant-time table lookup to identity the k candidates followed by a HE-based matching protocol applied only on these candidates. The maximal dissimilarity protects privacy by destroying any similarity patterns among the returned candidates. Experimental results on iris biometrics demonstrate the validity of our framework and illustrate a practical implementation of an anonymous biometric system.

  8. Accessibility in cities: transport and urban form

    Rode, Philipp; Floater, Graham; Thomopoulos, Nikolas; Docherty, James; Schwinger, Peter; Mahendra, Anjali; Fang, Wanli

    2014-01-01

    This paper focusses on one central aspect of urban development: transport and urban form and how the two shape the provision of access to people, goods and services, and information in cities. The more efficient this access, the greater the economic benefits through economies of scale, agglomeration effects and networking advantages. This paper discusses how different urban accessibility pathways impact directly on other measures of human development and environmental sustainability. It also ...

  9. RFID access control

    Luzar, Boštjan

    2012-01-01

    The goal of the thesis was to learn about the procedure of developing applications based on microcontrollers using the Arduino development platform and the IDE environment. Through practical development in the Arduino environment we realized a logic which is capable to authorize access to specific locations and areas based on 125 kHz RFID tags. Although many solutions exist, most of them require a lot of hardware and software because of their modular design and communication types, the so...

  10. HSUPA Transport Network Congestion Control

    Szilveszter Nádas

    2009-01-01

    Full Text Available The introduction of High Speed Uplink Packet Access (HSUPA greatly improves achievable uplink bitrate but it presents new challenges to be solved in the WCDMA radio access network. In the transport network, bandwidth reservation for HSUPA is not efficient and TCP cannot efficiently resolve congestion because of lower layer retransmissions. This paper proposes an HSUPA transport network flow control algorithm that handles congestion situations efficiently and supports Quality of Service differentiation. In the Radio Network Controller (RNC, transport network congestion is detected. Relying on the standardized control frame, the RNC notifies the Node B about transport network congestion. In case of transport network congestion, the Node B part of the HSUPA flow control instructs the air interface scheduler to reduce the bitrate of the flow to eliminate congestion. The performance analysis concentrates on transport network limited scenarios. It is shown that TCP cannot provide efficient congestion control. The proposed algorithm can achieve high end-user perceived throughput, while maintaining low delay, loss, and good fairness in the transport network.

  11. Seaport-Surface Transportation Access and Air Quality

    Shaw, Peter L.

    1993-01-01

    Seaports are dependent upon the supporting surface transportation network. Where port cargo volume is growing in already air-polluted urban areas, increased highway and rail traffic is perceived as exacerbating air quality conditions. In some seaport locations, stringent air quality control measures may impact operations and access, thereby possibly causing serious negative impacts on the economy. In still other areas, inadequate air quality controls may inadvertently foster more air pollution.

  12. Towards Trusted Network Access Control

    Bente, Ingo; von Helden, Josef

    Network Access Control (NAC) solutions promise to significantly increase the security level of modern networks. In short, they allow to measure the integrity state of an endpoint that tries to get access to the network. Based upon the measurement results, which are compared to a defined NAC policy, access to the network can be allowed or denied. One problem of all currently available NAC solutions is referred to as the “lying endpoint” problem. Normally, special software components are responsible for gathering the relevant integrity information on the endpoint. If an attacker modifies those software components, an endpoint can lie about its current integrity state. Therefore, endpoints which are not compliant to the defined NAC policy can get access to the network. Those endpoints must be considered as potential threat. This paper summarizes a possible solution for the lying endpoint problem based upon the specifications of the Trusted Computing Group (TCG) and the results of the two research projects TNC@ FHH and Turaya. The goal is to develop an open source, TNC compatible NAC solution with full TPM support within a new research project: tNAC.

  13. Controlling Access to Suicide Means

    Miriam Iosue

    2011-12-01

    Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

  14. Access Request Trustworthiness in Weighted Access Control Framework

    WANG Lun-wei; LIAO Xiang-ke; WANG Huai-min

    2005-01-01

    Weighted factor is given to access control policies to express the importance of policy and its effect on access control decision. According to this weighted access control framework, a trustworthiness model for access request is also given. In this model, we give the measure of trustworthiness factor to access request, by using some idea of uncertainty reasoning of expert system, present and prove the parallel propagation formula of request trustworthiness factor among multiple policies, and get the final trustworthiness factor to decide whether authorizing. In this model, authorization decision is given according to the calculation of request trustworthiness factor, which is more understandable, more suitable for real requirement and more powerful for security enhancement than traditional methods. Meanwhile the finer access control granularity is another advantage.

  15. A Linux Implementation of Temporal Access Controls

    Chiang, Ken; Nguyen, Thuy D.; Irvine, Cynthia E.

    2007-01-01

    Control of access to information based upon temporal attributes can add another dimension to access control. To demonstrate the feasibility of operating system level support for temporal access controls, the Time Interval File Protection System (TIFPS), a prototype of the Time Interval Access Control (TIAC) model, has been implemented by modifying Linux extended attributes to include temporal metadata associated both with files and users. The Linux Security Module was used to provide hooks fo...

  16. An Access Control Framework for Reflective Middleware

    Gang Huang; Lian-Shan Sun

    2008-01-01

    Reflective middleware opens up the implementation details of middleware platform and applications at runtime for improving the adaptability of middleware-based systems. However, such openness brings new challenges to access control of the middleware-based systems.Some users can access the system via reflective entities, which sometimes cannot be protected by access control mechanisms of traditional middleware. To deliver high adaptability securely, reflective middleware should be equipped with proper access control mechanisms for potential access control holes induced by reflection. One reason of integrating these mechanisms in reflective middleware is that one goal of reflective middleware is to equip applications with reflection capabilities as transparent as possible. This paper studies how to design a reflective J2EE middlewarePKUAS with access control in mind. At first, a computation model of reflective system is built to identify all possible access control points induced by reflection. Then a set of access control mechanisms, including the wrapper of MBeans and a hierarchy of Java class loaders, are equipped for controlling the identified access control points. These mechanisms together with J2EE access control mechanism form the access control framework for PKUAS. The paper evaluates the security and the performance overheads of the framework in quality and quantity.

  17. The concept of and factors affecting transport accessibility of seaports

    Janusz Dąbrowski

    2012-03-01

    Full Text Available Transport accessibility of seaports is a frequently studied area in economic research. In practice, port operators and authorities use it to promote their services and compete in the market. Up to this day, theoretical basis of seaports transport accessibility has not been properly described. The article attempts to systematize and expend the knowledge in this field. New definitions of transport availability from wider and narrower perspectives were suggested; different types of accessibility and their mutual relations were explained. These ideas were complemented by introducing classification of factors affecting transport accessibility of seaports.

  18. Random Access Game and Medium Access Control Design

    Chen, Lijun; Low, Steven H.; Doyle, John C.

    2010-01-01

    Motivated partially by a control-theoretic viewpoint, we propose a game-theoretic model, called random access game, for contention control. We characterize Nash equilibria of random access games, study their dynamics, and propose distributed algorithms (strategy evolutions) to achieve Nash equilibria. This provides a general analytical framework that is capable of modeling a large class of system-wide quality-of-service (QoS) models via the specification of per-node util...

  19. Reinforcement Learning Technique in Multiple Motorway Access Control Strategy Design

    Veljanovska, Kostandina; M. Bombol, Kristi; Maher, Tomaž

    2010-01-01

    An appropriately designed motorway access control can decrease the total travel time spent in the system up to 30% and consequently increase the merging operations safety. To date, implemented traffic responsive motorway access control systems have been of local or regulatory type and not truly adaptive in the real sense of the meaning. Hence, traffic flow can be influenced positively by numerous intelligent transportation system (ITS) techniques. In this paper a contemporary approach is pres...

  20. An electronically controlled automatic security access gate

    Jonathan A. Enokela; Michael N. TYOWUAH

    2014-01-01

    The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF) transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is ...

  1. Efficient Access Control for Wireless Sensor Data

    Sorniotti, Alessandro; Molva, Refik; GOMEZ, Laurent; Trefois, Christophe; Laube, Annett; Scaglioso, Piervito

    2009-01-01

    Abstract Although very developed in many sectors (databases, filesystems), access control schemes are still somewhat elusive when it comes to wireless sensor net- works. However, it is clear that many WSN systems—such as healthcare and automotive ones—need a controlled access to data that sensor nodes produce, given its high sensitivity. Enforcing access control in wireless sensor networks is a particularly difficult task due to the limited computational capacity of wireless sensor nodes. In ...

  2. Evaluation of file access control implementations

    Madar, Fatima Ali

    2005-01-01

    This thesis discusses two implementations of file access controls: the UNIX Permissions (UP) and the Access Control List (ACL). We will evaluate advantages and weaknesses in these two implementations. The criteria of evaluation are usefulness, security and manageability. The level of usefulness of systems was measured by evaluating user-surveys. The level of security was measured by comparing the implementations against well-established file access control models concerning privacy, inte...

  3. Access control system for ISABELLE

    An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

  4. Access control and service-oriented architectures

    Leune, C.J.

    2007-01-01

    Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

  5. 47 CFR 95.645 - Control accessibility.

    2010-10-01

    ... 47 Telecommunication 5 2010-10-01 2010-10-01 false Control accessibility. 95.645 Section 95.645 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED) SAFETY AND SPECIAL RADIO SERVICES PERSONAL RADIO SERVICES Technical Regulations Certification Requirements § 95.645 Control accessibility. (a) No...

  6. Proximity Displays for Access Control

    Vaniea, Kami

    2012-01-01

    Managing access to shared digital information, such as photographs and documents. is difficult for end users who are accumulating an increasingly large and diverse collection of data that they want to share with others. Current policy-management solutions require a user to proactively seek out and open a separate policy-management interface when…

  7. 78 FR 51810 - Twenty-Fourth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-08-21

    ... Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control... RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held...

  8. 77 FR 25525 - Thirteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems.

    2012-04-30

    ... Access Control Systems. AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held May 30, 2012, from...

  9. Accessibility as indicator in sustainable transport planning

    Jensen, Anders Vestergaard; Leleur, Steen

    Currently efforts are made in many countries to develop transport planning in a more sustainable direction. In the international research project SUSTAIN national sustainable transport planning is developed in a research programme over four years from 2012 to 206. One of the important indicators...

  10. Disk access controller for Multi 8 computer

    After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

  11. Modelling Access Control For Healthcare Information Systems

    Ferreira, Ana; Chadwick, David W; Antunes, Luis

    2007-01-01

    The widening use of Information Systems, which allow the collection, extraction, storage, management and search of information, is increasing the need for information security. After a user is successfully identified and authenticated to a system, he needs to be authorised to access the resources he/she requested. Access control is part of this last process that checks if a user can access those resources. This is particularly important in the healthcare environment where there is the need to...

  12. Access control and personal identification systems

    Bowers, Dan M

    1988-01-01

    Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

  13. Private Transport Access Among Older People: Identifying The Disadvantaged

    Nerina Vecchio

    2003-01-01

    Private transport is important in enabling older people living in the community to maintain their independence and social networks. Access to this resource remains a major concern for older people. This study examines the demographic risk factors that restrict older people's access to private transport. The findings lead to policy recommendations directed towards self-reliance. Analysis, based on the study's household survey consisting of a sample of noninstitutionalised older Gold Coast peop...

  14. GIS model to evaluate the accessibility to major transport ways

    Antonio Tache; Oana Popescu

    2015-01-01

    In order to ensure a balanced accessibility to major transport ways, supporting spatial development and economic growth, a GIS model to assess accessibility it was proposed. The model is measuring the average cost of travel (by car, usually) from a point to a predetermined number of destinations measured in units of time (minutes). Using the ARCGIS Spatial Analyst module, accessibility territorial indicators were calculated and presented as cartograms and maps that are outlining the accessibi...

  15. Access control, security, and trust a logical approach

    Chin, Shiu-Kai

    2010-01-01

    Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

  16. Access control issues in social networks

    Carreras Coch, Anna; Rodríguez Luna, Eva; Delgado Mercè, Jaime; Maroñas Borras, Xavier

    2010-01-01

    Social Networks, as the main axis of Web 2.0, are creating a number of interesting challenges to the research and standardisation communities. In this paper, we analyse the current and future use of access control policies in Social Networks. Subsequently, two main issues are addressed: the interoperability amongst systems using different policy languages and the lack of elements in the existing policy languages when trying to express Social Networks’ access control. In part...

  17. Traveling Towards Disease: Transportation Barriers to Health Care Access

    Syed, Samina T.; Gerber, Ben S.; Sharp, Lisa K.

    2013-01-01

    Transportation barriers are often cited as barriers to healthcare access. Transportation barriers lead to rescheduled or missed appointments, delayed care, and missed or delayed medication use. These consequences may lead to poorer management of chronic illness and thus poorer health outcomes. However, the significance of these barriers is uncertain based on existing literature due to wide variability in both study populations and transportation barrier measures. The authors sought to synthes...

  18. Access Control Management for SCADA Systems

    Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

    The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

  19. An Access Definition and Query Language : Towards a Unified Access Control Model

    Sonnenbichler, Andreas

    2013-01-01

    In this work we suggest a meta access control model emulating established access control models by configuration and offering enhanced features like the delegation of rights, ego-centered roles, and decentralized administration. The suggested meta access control model is named \\'\\'Access Definition and Query Language\\'\\' (ADQL). ADQL is represented by a formal, context-free grammar allowing to express the targeted access control model, policies, facts, and access queries as a formal language.

  20. Performance estimates for personnel access control systems

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

  1. Performance estimates for personnel access control systems

    Bradley, R. G.

    1980-10-01

    Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems.

  2. Access Control in Data Management Systems

    Ferrari, Elena

    2010-01-01

    Access control is one of the fundamental services that any Data Management System should provide. Its main goal is to protect data from unauthorized read and write operations. This is particularly crucial in today's open and interconnected world, where each kind of information can be easily made available to a huge user population, and where a damage or misuse of data may have unpredictable consequences that go beyond the boundaries where data reside or have been generated. This book provides an overview of the various developments in access control for data management systems. Discretionary,

  3. Nanoengineered membranes for controlled transport

    Doktycz, Mitchel J [Oak Ridge, TN; Simpson, Michael L [Knoxville, TN; McKnight, Timothy E [Greenback, TN; Melechko, Anatoli V [Oak Ridge, TN; Lowndes, Douglas H [Knoxville, TN; Guillorn, Michael A [Knoxville, TN; Merkulov, Vladimir I [Oak Ridge, TN

    2010-01-05

    A nanoengineered membrane for controlling material transport (e.g., molecular transport) is disclosed. The membrane includes a substrate, a cover definining a material transport channel between the substrate and the cover, and a plurality of fibers positioned in the channel and connected to an extending away from a surface of the substrate. The fibers are aligned perpendicular to the surface of the substrate, and have a width of 100 nanometers or less. The diffusion limits for material transport are controlled by the separation of the fibers. In one embodiment, chemical derivitization of carbon fibers may be undertaken to further affect the diffusion limits or affect selective permeability or facilitated transport. For example, a coating can be applied to at least a portion of the fibers. In another embodiment, individually addressable carbon nanofibers can be integrated with the membrane to provide an electrical driving force for material transport.

  4. An electronically controlled automatic security access gate

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  5. Network Access Control List Situation Awareness

    Reifers, Andrew

    2010-01-01

    Network security is a large and complex problem being addressed by multiple communities. Nevertheless, current theories in networking security appear to overestimate network administrators' ability to understand network access control lists (NACLs), providing few context specific user analyses. Consequently, the current research generally seems to…

  6. LANSCE personnel access control system (PACS)

    The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

  7. VHDL IMPLEMENTATION OF TEST ACCESS PORT CONTROLLER

    MANPREET KAUR

    2012-06-01

    Full Text Available In this paper, an implementation of IEEE 1149.7 standard is used for designing Test Access Port (TAP Controller and testing of interconnects is done using boundary scan. By c-JTAG the pin count gets reduced which increases the performance and simplifies the connection between devices. TAP Controller is a synchronous Moore type finite state machine that is changed when the TMS and TCK signals of the test access port gets change. This controls the sequence operation of the circuitry conveyed by JTAG and c-JTAG. JTAGmainly used four pins with TAP and fifth pin is for optional use in Boundary scan. But c-JTAG uses only two pins with TAP. In this approach TDI and TDO gets multiplexed by using class T4 and T5 of c-JTAG. Various instructions are used for testing interconnects using IEEE 1149.7 standard (std.

  8. Speed control system for an access gate

    Bzorgi, Fariborz M.

    2012-03-20

    An access control apparatus for an access gate. The access gate typically has a rotator that is configured to rotate around a rotator axis at a first variable speed in a forward direction. The access control apparatus may include a transmission that typically has an input element that is operatively connected to the rotator. The input element is generally configured to rotate at an input speed that is proportional to the first variable speed. The transmission typically also has an output element that has an output speed that is higher than the input speed. The input element and the output element may rotate around a common transmission axis. A retardation mechanism may be employed. The retardation mechanism is typically configured to rotate around a retardation mechanism axis. Generally the retardation mechanism is operatively connected to the output element of the transmission and is configured to retard motion of the access gate in the forward direction when the first variable speed is above a control-limit speed. In many embodiments the transmission axis and the retardation mechanism axis are substantially co-axial. Some embodiments include a freewheel/catch mechanism that has an input connection that is operatively connected to the rotator. The input connection may be configured to engage an output connection when the rotator is rotated at the first variable speed in a forward direction and configured for substantially unrestricted rotation when the rotator is rotated in a reverse direction opposite the forward direction. The input element of the transmission is typically operatively connected to the output connection of the freewheel/catch mechanism.

  9. Understanding the tariff. Access to the public power transportation network

    Since the European directive of December 19, 1996 about the common rules of the European power market, the eligible companies can chose their power supplier anywhere in Europe. The manager of the French power transportation network (RTE) supplies a network access to these companies according to a tariff fixed by the decree no. 2002-1014 from July 19, 2002. The aim of this document is to explain this tariff: tariffing principles ('mail-stamp' principle, voltage domain, subscribed output power tariffs, input power tariffs), tariffing elements (access to the grid, elements of output tariffs (subscribed power, overload, emergency tariffs, modifications etc..)), invoicing modalities, output tariffs, definitions. (J.S.)

  10. Establishing mandatory access control on Android OS

    Bugiel, Sven

    2015-01-01

    Common characteristic of all mobile operating systems for smart devices is an extensive middleware that provides a feature-rich API for the onboard sensors and user’s data (e.g., contacts). To effectively protect the device’s integrity, the user’s privacy, and to ensure non-interference between mutually distrusting apps, it is imperative that the middleware enforces rigid security and privacy policies. This thesis presents a line of work that integrates mandatory access control (MAC) mecha...

  11. Studying Media Access andControl Protocols

    Mohammed, Alalelddin Fuad Yousif

    2010-01-01

    This thesis project’s goal is to enable undergraduate students to gain insight into media access and control protocols based upon carrying out laboratory experiments. The educational goal is to de-mystifying radio and other link and physical layer communication technologies as the students can follow packets from the higher layers down through the physical layer and back up again. The thesis fills the gap between the existing documentation for the Universal Software Radio Peripheral (USRP) re...

  12. Predictive access control for distributed computation

    Yang, Fan; Hankin, Chris; Nielson, Flemming;

    2013-01-01

    We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

  13. External access to ALICE controls conditions data

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  14. External access to ALICE controls conditions data

    Jadlovský, J.; Jadlovská, A.; Sarnovský, J.; Jajčišin, Š.; Čopík, M.; Jadlovská, S.; Papcun, P.; Bielek, R.; Čerkala, J.; Kopčík, M.; Chochula, P.; Augustinus, A.

    2014-06-01

    ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead - users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data - an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

  15. Distributed medium access control in wireless networks

    Wang, Ping

    2013-01-01

    This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

  16. Integrating Attributes into Role-Based Access Control

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    Role-based access control (RBAC) and attribute-based access control (ABAC) are currently the most prominent access control models. However, they both suffer from limitations and have features complimentary to each other. Due to this fact, integration of RBAC and ABAC has become a hot area of...... research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

  17. Accessibility of a Destination-Based Transportation System: A Large Airport Study

    SHI Jing; YING Xiwen

    2008-01-01

    The accessibility of a destination-based transportation system is defined to quantify the perform-ance of transportation systems which access a distinct destination. The access cost is used to reflect the utility of the transportation system including the fatigue and inconvenience in the total cost. The cost is quan-tified by two coefficients which represent the different characteristics of various people. The average cost and the income-relative accessibility are used to describe various aspects of the accessibility and to evaluate the accessibility of a destination-based system. A case study uses data from the Kunming transpor-tation system to evaluate the accessibility of the present city airport. The calibrated coefficients are then used to evaluate the transportation system to the new Kunming international airport. The results show that this transportation accessibility evaluation can be combined with transportation planning to study transporta-tion sub-systems.

  18. Cardea: Dynamic Access Control in Distributed Systems

    Lepro, Rebekah

    2004-01-01

    Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

  19. Research of user access control for networked manufacturing system

    ZHENG Xiao-lin; LEI Yu; CHEN De-ren

    2006-01-01

    An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

  20. Analysis and Comparison of Access Control Policies Validation Mechanisms

    Muhammad Aqib; Riaz Ahmed Shaikh

    2014-01-01

    Validation and verification of security policies is a critical and important task to ensure that access control policies are error free. The two most common problems present in access control policies are: inconsistencies and incompleteness. In order to detect such problems, various access control policy validation mechanisms are proposed by the researchers. However, comprehensive analysis and evaluation of the existing access control policy validation techniques is missing in the literature....

  1. The alternating access mechanism of transport as observed in the sodium-hydantoin transporter Mhp1

    Crystal structures of a membrane protein transporter in three different conformational states provide insights into the transport mechanism. Secondary active transporters move molecules across cell membranes by coupling this process to the energetically favourable downhill movement of ions or protons along an electrochemical gradient. They function by the alternating access model of transport in which, through conformational changes, the substrate binding site alternately faces either side of the membrane. Owing to the difficulties in obtaining the crystal structure of a single transporter in different conformational states, relatively little structural information is known to explain how this process occurs. Here, the structure of the sodium-benzylhydantoin transporter, Mhp1, from Microbacterium liquefaciens, has been determined in three conformational states; from this a mechanism is proposed for switching from the outward-facing open conformation through an occluded structure to the inward-facing open state

  2. Controlling molecular transport through nanopores

    Keyser, Ulrich F.

    2011-01-01

    Nanopores are emerging as powerful tools for the detection and identification of macromolecules in aqueous solution. In this review, we discuss the recent development of active and passive controls over molecular transport through nanopores with emphasis on biosensing applications. We give an overview of the solutions developed to enhance the sensitivity and specificity of the resistive-pulse technique based on biological and solid-state nanopores.

  3. [Access to birth control: a world estimate].

    Blanco, C

    1988-04-01

    The populations of the developed countries have easy access to contraception, but adequate family planning services are lacking in 80 of 93 recently studied Third World countries. 58% of the population of the developing world lives in these 80 countries. 43% or 372 million of the world's reproductive aged couples use modern and safe contraception. Of these, 102 million live in industrialized countries, about 146 million in the People's Republic of China, and 124 million in other developing countries. Only 27% of couples in developing countries apart from China use modern contraception. Abortion continues to be the most used method of fertility control. About 33 million legal abortions and 27 million illegal abortions are performed annually. Some 250 million women in developing countries who do not desire pregnancy are without family planning information or services. 1 year of protection costs about US $20 per couple in a developing country. Governments of developed countries spend about US $1.5 billion on family planning programs, of which about $500 million is slated for external aid to population programs. An additional investment of $5 billion is needed to provide family planning services to the 250 million women needing them. The 15 most populated industrialized countries which account for 91% of the population of the developed world mostly have good or excellent access to family planning services and information, although some comparatively minor problems may persist. Access to contraception in the countries of Eastern Europe is considered only good because of governmental restrictions on sterilization. Access is hampered in Japan by unavailability of some types of IUDs and pills and severe restrictions on sterilization. Family planning services are only average in the USSR because of poor quality and irregular supplies of modern contraceptives, especially in rural areas. Abortion, although not always easy to arrange because of bureaucratic delays, remains the

  4. Break-glass handling exceptional situations in access control

    Petritsch, Helmut

    2014-01-01

    Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

  5. Delegation in Role Based Access Control Model for Workflow Systems

    Prasanna H Bammigatti

    2008-03-01

    Full Text Available Role -based access control (RBAC has been introduced in the last few years, and offers a powerful means of specifying access control decisions. The model of RBAC usually assumes that, if there is a role hierarchy then access rights are inherited upwards through the hierarchy. In organization workflow the main threat is of access control. The Role based access control is one of the best suitable access control model one can think of. It is not only the role hierarchies but also other control factors that affect the access control in the workflow. The paper discusses the control factors and role hierarchies in workflow and brings a new model of RBAC. This paper also over comes the conflicts and proves that the system is safe by applying the new model to the workflow

  6. Context-Based E-Health System Access Control Mechanism

    Al-Neyadi, Fahed; Abawajy, Jemal H.

    E-Health systems logically demand a sufficiently fine-grained authorization policy for access control. The access to medical information should not be just role-based but should also include the contextual condition of the role to access data. In this paper, we present a mechanism to extend the standard role-based access control to incorporate contextual information for making access control decisions in e-health application. We present an architecture consisting of authorisation and context infrastructure that work cooperatively to grant access rights based on context-aware authorization policies and context information.

  7. Attributes Enhanced Role-Based Access Control Model

    Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

    2015-01-01

    Attribute-based access control (ABAC) and role-based access control (RBAC) are currently the two most popular access control models. Yet, they both have known limitations and offer features com- plimentary to each other. Due to this fact, integration of RBAC and ABAC has recently emerged as an...... important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

  8. Perceived Accessibility of Public Transport as a Potential Indicator of Social Inclusion

    Katrin Lättman; Margareta Friman; Olsson, Lars E.

    2016-01-01

    Perceived accessibility has been acknowledged as an important aspect of transport policy since the 70s. Nevertheless, very few empirical studies have been conducted in this field. When aiming to improve social inclusion, by making sustainable transport modes accessible to all, it is important to understand the factors driving perceived accessibility. Unlike conventional accessibility measures, perceived accessibility focuses on the perceived possibilities and ease of engaging in preferred act...

  9. Laminar flow control for transport aircraft applications

    Wagner, R. D.

    1986-01-01

    The incorporation of laminar flow control into transport aircraft is discussed. Design concepts for the wing surface panel of laminar flow control transport aircraft are described. The development of small amounts of laminar flow on small commercial transports with natural or hybrid flow control is examined. Techniques for eliminating the insect contamination problem in the leading-edge region are proposed.

  10. Verifying Resource Access Control on Mobile Interactive Devices

    Besson, Frédéric; Dufay, Guillaume; Jensen, Thomas; Pichardie, David

    2010-01-01

    A model of resource access control is presented in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by and improves on the Java security architecture used in Java-enabled mobile telephones. We extend the Java model to include access control permissions with multiplicities in order to allow to use a permission a certain number of times. We define a program model based on control flow graphs together with its operation...

  11. How Does Car Parking Availability and Public Transport Accessibility Influence Work-Related Travel Behaviors?

    Grant M. Schofield

    2010-02-01

    Full Text Available This study investigated the relationships between car parking, public transport, travel behaviors, and health outcomes for adults (n = 1,188 traveling to a worksite. Public transport was used for 12.1% of the work-related commute. Those who had higher levels of walking, no worksite car park access, lived proximal to a public transport stop, had limited automobile availability, traveled to the main business district, perceived public transport as accessible, or did not have company car access were more likely to use public transportation. Accordingly, proximal residential transit stops and restrictions for company car accessibility and parking at the worksite are needed.

  12. 47 CFR 69.123 - Density pricing zones for special access and switched transport.

    2010-10-01

    ... switched transport. 69.123 Section 69.123 Telecommunication FEDERAL COMMUNICATIONS COMMISSION (CONTINUED... for special access and switched transport. (a)(1) Incumbent local exchange carriers not subject to... at least 15 percent of that carrier's special access and transport revenues within that study...

  13. Accessible Tourism : A Study of accessibility in Hotel Chains,Public Transport and Ferry Companies in Helsinki

    Khatri, Kumar; Shrestha, Rajkumar; Mahat, Ujjwal

    2012-01-01

    This Bachelor’s thesis was prepared for the fulfillment of the educational standard of Laurea University of Applied Sciences. This thesis is aimed to achieve a main goal which is to explore accessible service and product with its environment into hotel chains, public transportation and ferry companies in Helsinki. In addition, this thesis describes the current accessibility situation of hotel chains, public transportation and two ferry companies in Helsinki. The empirical study material ...

  14. A Formal Model of Access Control for Mobile Interactive Devices

    Besson, Frédéric; Dufay, Guillaume; Jensen, Thomas

    2006-01-01

    This paper presents an access control model for programming applications in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by and improves on the Java security architecture used in Javaenabled mobile telephones. We consider access control permissions with multiplicities in order to allow to use a permission a certain number of times. An operational semantics of the model and a formal definition of what it means for...

  15. ACADA: Access Control-driven Architecture with Dynamic Adaptation

    Pereira, Óscar Narciso Mortágua; Rui L. Aguiar; Santos, Maribel Yasmina

    2012-01-01

    Programmers of relational database applications use software solutions (Hibernate, JDBC, LINQ, ADO.NET) to ease the development process of business tiers. These software solutions were not devised to address access control policies, much less for evolving access control policies, in spite of their unavoidable relevance. Currently, access control policies, whenever implemented, are enforced by independent components leading to a separation between policies and their enf...

  16. Performance analysis of multichannel medium access control algorithms for opportunistic spectrum access

    Pawelczak, P.; Pollin, S.; So, H.-S.W.; Bahai, A.R.S.; Prasad, R.V.; Hekmat, R.

    2009-01-01

    In this paper, different control channel (CC) implementations for multichannel medium access control (MAC) algorithms are compared and analyzed in the context of opportunistic spectrum access (OSA) as a function of spectrum-sensing performance and licensed user activity. The analysis is based on a d

  17. CONTEXT BASED ACCESS CONTROL MODEL FOR PROTECTING PERVASIVE ENVIRONMENT

    V. Nirmalrani

    2014-04-01

    Full Text Available -In Pervasive Computing, access control is a critical issue which gives many opportunities for users to access and share the resources anytime and anywhere in a more easiest way. Pervasive Computing Environments are heterogeneous and dynamic sensor-rich environments characterized by frequent and unpredictable changes on users, resources, and environment situations. These environments call the access control solutions that allow dynamic adjustments of access permissions based on information describing the conditions of these entities (context, such as location and time. Some existing models attempt to identify context information which is used as an optional attribute for limiting the scope of access control permissions. However, these approaches normally exploit identities and roles dynamically assigned to the users in order to grant access permissions, which is an inappropriate solution for open and dynamic environments. Those environments cannot assume the existence of predefined roles and user-role associations. Hence the access permissions are claimed and assigned to the users only based on context information, which characterizing the three most important entities of any access control framework: owners, requestors, and resources. Thus, this paper proposes a generalized context-based access control model for making access control decisions completely based on context information, offering seven types of context-based access control policies. The proposed model also takes into account the privacy requirements when enforcing access control policies, such as the support to purposes and obligations. In addition this paper proposes the integration of mechanism to detect / resolve dynamic and static conflict on context-based access control policies.

  18. Campus Access Control System RFID Based

    Mr. SANTHOSH S

    2012-06-01

    Full Text Available Radio frequency identification (RFID technology has helped many organizations to reduce cost. Nevertheless, there are challenges and issues associated with RFID adoption. The most common internal challenge for many organizations is justifying the investment and modification of processes. The focus of this project is to show the business value of RFID technology and its applications. The important issue is the security level of the whole campus because it needs to be carefully differentiated. Dormitories and special research laboratories should benefit from higher levels of security than any other campuses. The key to the problem is represented by the new Radio Frequency Identification (RFID which can support contactless cards with memory. The most important feature of the proposed system is the updating of access permission level at any time for the user based on the availability of that user. The data transfer from the reader to the database was done using wireless communication (RF communication. To achieve this here RF transmitter and the RF receiver is used. The data which is read by the reader is sent to the microcontroller. Then from the controller we can transfer the data to the database by using the UART module (serial communication which is inbuilt in the microcontroller through RF transmitter. RF receiver of the same frequency at the receiver end receives and then stores the data in the database. RF transmitter and Receiver – frequency for transmitting and receiving the data depends on the user as per the requirement for the application and it is based on the range of distance. For the data encoding and decoding process HCS-101 protocol is used.

  19. Open versus Controlled-Access Data | Office of Cancer Genomics

    OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

  20. Access Control in Decentralised Publish/Subscribe Systems

    Lauri I.W. Pesonen

    2007-04-01

    Full Text Available Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. Large scale publish/subscribe systems are likely to employ components of the event transport network owned by cooperating, but independent organisations. As the number of participants in the network increases, security becomes an increasing concern. So far most of the research on publish/subscribe has focused on efficient event routing, event filtering, and composite event detection. Very little research has been published regarding securing publish/subscribe systems. This paper extends our previous work to present and evaluate a secure multi-domain publish/subscribe infrastructure that supports and enforces fine-grained access control over the individual attributes of event types.

  1. Accessibility of islands: towards a new geography based on transportation modes and choices

    Sofia Karampela

    2014-11-01

    Full Text Available Accessibility is a multifaceted concept that expresses the case of access between two points in space. For islands, accessibility is a key quality, since isolation and small size considered as inherent characteristics of “islandness”. In this paper, we discuss differences between geographical distance and accessibility potential in the Greek Aegean, combining different transportation modal choice (ferries and airplanes with the use of an accessibility index that incorporates modes and frequency of connection and data of actual usage. The findings indicate that geographical distance is not determining accessibility and new geographies emerge based more on the availability of transport modal choices.

  2. Law-Aware Access Control and its Information Model

    Stieghahn, Michael

    2010-01-01

    Cross-border access to a variety of data such as market information, strategic information, or customer-related information defines the daily business of many global companies, including financial institutions. These companies are obliged by law to keep a data processing legal for all offered services. They need to fulfill different security objectives specified by the legislation. Therefore, they control access to prevent unauthorized users from using data. Those security objectives, for example confidentiality or secrecy, are often defined in the eXtensible Access Control Markup Language that promotes interoperability between different systems. In this paper, we show the necessity of incorporating the requirements of legislation into access control. Based on the work flow in a banking scenario we describe a variety of available contextual information and their interrelations. Different from other access control systems our main focus is on law-compliant cross-border data access. By including legislation dir...

  3. Distributed Role-based Access Control for Coaliagion Application

    HONG Fan; ZHU Xian; XING Guanglin

    2005-01-01

    Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

  4. Dynamic User Role Assignment in Remote Access Control

    Saffarian, Mohsen; Tang, Qiang; Jonker, Willem; Hartel, Pieter

    2009-01-01

    The Role-Based Access Control (RBAC) model has been widely applied to a single domain in which users are known to the administrative unit of that domain, beforehand. However, the application of the conventional RBAC model for remote access control scenarios is not straightforward. In such scenarios,

  5. Analysis of Access Control Policies in Operating Systems

    Chen, Hong

    2009-01-01

    Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

  6. Analysis and Comparison of Access Control Policies Validation Mechanisms

    Muhammad Aqib

    2014-12-01

    Full Text Available Validation and verification of security policies is a critical and important task to ensure that access control policies are error free. The two most common problems present in access control policies are: inconsistencies and incompleteness. In order to detect such problems, various access control policy validation mechanisms are proposed by the researchers. However, comprehensive analysis and evaluation of the existing access control policy validation techniques is missing in the literature. In this paper, we have provided a first detailed survey of this domain and presented the taxonomy of the access control policy validation mechanisms. Furthermore, we have provided a qualitative comparison and trend analysis of the existing schemes. From this survey, we found that only few validation mechanisms exist that can handle both inconsistency and incompleteness problem. Also, most of the policy validation techniques are inefficient in handling continuous values and Boolean expressions.

  7. A Model of Workflow-oriented Attributed Based Access Control

    Guoping Zhang

    2011-02-01

    Full Text Available the emergence of “Internet of Things” breaks previous traditional thinking, which integrates physical infrastructure and network infrastructure into unified infrastructure. There will be a lot of resources or information in IoT, so computing and processing of information is the core supporting of IoT. In this paper, we introduce “Service-Oriented Computing” to solve the problem where each device can offer its functionality as standard services. Here we mainly discuss the access control issue of service-oriented computing in Internet of Things. This paper puts forward a model of Workflow-oriented Attributed Based Access Control (WABAC, and design an access control framework based on WABAC model. The model grants permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.

  8. Media Access Control for Wireless Sensor and Actuator Networks

    Nabi, Muaz Un

    2012-01-01

    In a wireless network, the medium is a shared resource. The nodes in the network negotiate access of the shared resource using the Medium Access Control (MAC) protocol. The design of a MAC protocol for a sensor node is not the same as that for a wireless transceiver. Due to the transceiver characteristics, the MAC protocol design is limited in terms of medium access methods. However, in most cases, the protocols rely on simple access methods i.e. Time Division Multiple Access (TDMA) or Carrie...

  9. Transport radiation control and assessments

    The IAEA Transport Regulations are adopted worldwide and have helped to achieve a high standard of safety in the transport of radioactive materials. The Regulations are periodically reviewed and revised to take account of both operational experience and technical advances. Radiation protection considerations are an important element of such reviews. A number of transport studies have been performed in recent years that provide data for current radiation protection considerations and some of these are covered in this paper. (author)

  10. Distributed Access Control Policies for Spectrum Sharing

    Baldini, Gianmarco; NAI-FOVINO Igor; Trombetta, Alberto; Braghin, Stefano

    2012-01-01

    Cognitive Radio (CR) is a novel wireless communication technology that allows for adaptive configuration of the reception parameters of a terminal, based on the information collected from the environment. Cognitive radio (CR) technology can be used in innovative spectrum management approaches like spectrum sharing, where radio frequency spectral bands can be shared among various users through a dynamic exclusive-use spectrum access model. Spectrum sharing can be applied to various...

  11. Individual public transportation accessibility is positively associated with self-reported active commuting

    Sune eDjurhuus

    2014-11-01

    Full Text Available Background: Active commuters have lower risk of chronic disease. Understanding which of the, to some extent, modifiable characteristics of public transportation that facilitate its use is thus important in a public health perspective. The aim of the study was to examine the association between individual public transportation accessibility and self-reported active commuting, and whether the associations varied with commute distance, age and gender. Methods: 28,928 commuters in the Capital Region of Denmark reported self-reported time spent either walking or cycling to work or study each day and the distance to work or study. Data were obtained from the Danish National Health Survey collected in February to April 2010. Individual accessibility by public transportation was calculated using a multimodal network in a GIS. Multilevel logistic regression was used to analyze the association between accessibility, expressed as access area, and being an active commuter.Results: Public transport accessibility area based on all stops within walking and cycling distance was positively associated with being an active commuter. Distance to work, age and gender modified the associations. Residing within 10 km commuting distance and in areas of high accessibility was associated with being an active commuter and meeting the recommendations of physical activity. For the respondents above 29 years, Individual public transportation accessibility was positively associated with being an active commuter. Women having high accessibility had significantly higher odds of being an active commuter compared to having a low accessibility. For men the associations were insignificant.Conclusions: This study extends the knowledge about the driving forces of using public transportation for commuting by examining the individual public transportation accessibility. Findings suggest that transportation accessibility supports active commuting and planning of improved public transit

  12. Providing access to a Public Transport Schedule system for Smart Phone Clients

    Hameseder, Katrin

    2010-01-01

    This master thesis was conducted during an internship at HBT GmbH with the purpose of providing access to an existing public transport schedule system in Hamburg (Germany) for smart phone clients. A state-of-the-art literature review and an evaluation of an existing SOAP (Simple Object Access Protocol) based web service to access public transport schedule information were conducted to identify the drawbacks of the existing interface with respect to the limitations and characteristics of smart...

  13. Controlled trial of an open-access physiotherapy service

    Gentle, P. H.; Herlihy, P. J.; Roxburgh, I. O.

    1984-01-01

    A randomized controlled trial of outpatient open-access physiotherapy was carried out at West Cornwall Hospital during 1979/80. The referral rate to consultant outpatient clinics for those patients offered open-access physiotherapy was considerably lower than for the control group (17 per cent and 56 per cent respectively). Patients using the service received physiotherapy promptly although this did not result in shorter treatments. Those of the control group who eventually received physiothe...

  14. Robust access control framework for mobile cloud computing network

    Li, F; Rahulamathavan, Y.; Conti, M.; Rajarajan, M.

    2015-01-01

    Unified communications has enabled seamless data sharing between multiple devices running on various platforms. Traditionally, organizations use local servers to store data and employees access the data using desktops with predefined security policies. In the era of unified communications, employees exploit the advantages of smart devices and 4G wireless technology to access the data from anywhere and anytime. Security protocols such as access control designed for traditional setup are not su...

  15. A new access control system by fingerprint for radioisotope facilities

    Kawamura, Hiroko; Hirata, Yasuki [Kyushu Univ., Fukuoka (Japan). Radioisotope Center; Kondo, Takahiro; Takatsuki, Katsuhiro

    1998-04-01

    We applied a new fingerprint checker for complete access control to the radiation controlled area and to the radioisotope storage room, and prepared softwares for the best use of this checker. This system consists of a personal computer, access controllers, a fingerprint register, fingerprint checkers, a tenkey and mat sensors, permits ten thousand users to register their fingerprints and its hard disk to keep more than a million records of user`s access. Only 1% of users could not register their fingerprints worn-out, registered four numbers for a fingerprint. The softwares automatically provide varieties of reports, caused a large reduction in manual works. (author)

  16. An Extended Role Based Access Control Method for XML Documents

    MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

    2004-01-01

    As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

  17. Social exclusion and the role of transport intervention in accessing economic opportunity

    Whittle, Christine A.

    2008-01-01

    Social Exclusion and the Role of Transport Intervention in Accessing Economic Opportunity This dissertation is concerned with social exclusion, transport and access to economic opportunities. Its main focus is on transport 'intervention' and whether this provision is able to enhance social inclusion, particularly in terms of tackling worklessness. The leading principle of this research is to capture the "authentic voices" of those people who are the intended beneficiaries of...

  18. Role Based Access Control system in the ATLAS experiment

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  19. Role Based Access Control system in the ATLAS experiment

    Valsan, M. L.; Dobson, M.; Lehmann Miotto, G.; Scannicchio, D. A.; Schlenker, S.; Filimonov, V.; Khomoutnikov, V.; Dumitru, I.; Zaytsev, A. S.; Korol, A. A.; Bogdantchikov, A.; Avolio, G.; Caramarcu, C.; Ballestrero, S.; Darlea, G. L.; Twomey, M.; Bujor, F.

    2011-12-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (~3000), roles (~320), groups (~80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

  20. Geospacial information utilized under the access control strategy

    TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

    2007-01-01

    This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

  1. The Time Between: Continuously-defined accessibility functions for schedule-based transportation systems

    Paul Anderson; Andrew Owen; David Levinson

    2012-01-01

    Accessibility is traditionally considered to be a property of a point or region in space, and to be invariant over time (or at least over some computationally convenient time interval). How- ever, a locations accessibility can vary over time on a wide range of scales. This temporal variation is especially significant for schedule-based transportation systems. Current measures of accessibility generally reflect the accessibility only at points in time corresponding to the departures of one or ...

  2. Modeling Access Control Policy of a Social Network

    Chaimaa Belbergui

    2016-06-01

    Full Text Available Social networks bring together users in a virtual platform and offer them the ability to share -within the Community- personal and professional information’s, photos, etc. which are sometimes sensitive. Although, the majority of these networks provide access control mechanisms to their users (to manage who accesses to which information, privacy settings are limited and do not respond to all users' needs. Hence, the published information remain all vulnerable to illegal access. In this paper, the access control policy of the social network "Facebook" is analyzed in a profound way by starting with its modeling with "Organization Role Based Access Control" model, and moving to the simulation of the policy with an appropriate simulator to test the coherence aspect, and ending with a discussion of analysis results which shows the gap between access control management options offered by Facebook and the real requirements of users in the same context. Extracted conclusions prove the need of developing a new access control model that meets most of these requirements, which will be the subject of a forthcoming work.

  3. Access Control of Web- and Java-Based Applications

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  4. Effects of Job Accessibility Improved by Public Transport System: Natural Experimental Evidence from the Copenhagen Metro

    Pons Rotger, Gabriel Angel; Nielsen, Thomas Alexander Sick

    2015-01-01

    This study examines the effect of accessibility to urban jobs via a public transport system on individual earnings and commuting behaviour. The effect of improved public transport based accessibility on these outcomes is determined by exploiting the exogenous variation in access to a public rail...... and Metro system resulting from the construction of a new terminal Metro station connecting southern townships to Copenhagen city centre. The results show that public transport based job accessibility has a positive and permanent effect on individual earnings. The increase in earnings is associated...... with a change in commuting patterns as the improved access to public transport facilitates a shift from employment within the township to better paid jobs in the city centre, as well as in other suburbs of the Copenhagen Metropolitan area...

  5. Personnel Access Control System Evaluation for National Ignition Facility Operations

    Altenbach, T; Brereton, S.; Hermes, G.; Singh, M.

    2001-06-01

    The purpose of this document is to analyze the baseline Access Control System for the National Ignition Facility (NIF), and to assess its effectiveness at controlling access to hazardous locations during full NIF operations. It reviews the various hazards present during a NIF shot sequence, and evaluates the effectiveness of the applicable set of controls at preventing access while the hazards are present. It considers only those hazards that could potentially be lethal. In addition, various types of technologies that might be applicable at NIF are reviewed, as are systems currently in use at other facilities requiring access control for safety reasons. Recommendations on how this system might be modified to reduce risk are made.

  6. Auxin transporters controlling plant development

    Petrášek, Jan; Malínská, Kateřina; Zažímalová, Eva

    Heidelberg: Springer Verlag, 2010 - (Geisler, M.; Venema, K.), s. 255-290 ISBN 978-3-642-14368-7 R&D Projects: GA MŠk(CZ) LC06034 Institutional research plan: CEZ:AV0Z50380511 Keywords : Auxin * polar auxin transport * auxin carriers Subject RIV: ED - Physiology

  7. Mining Attribute-Based Access Control Policies from Logs

    Xu, Zhongyuan; Stoller, Scott,

    2014-01-01

    Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially automating the development of an ABAC policy from information about the existing access-control policy and attribute data. This paper presents an algorithm for mining ABAC policies from operation logs and attribute data. To the best of our knowledge, it is the ...

  8. A United Access Control Model for Systems in Collaborative Commerce

    Ruo-Fei Han; Hou-Xiang Wang; Qian Xiao; Xiao-Pei Jing; Hui Li

    2009-01-01

    The latest researches on access control model are dramatically different from conventional ones. Nowadays, most attention is paid to accessing across organizational boundaries. So, how to identify the applicant and determine authorization with limited information; how to express and exchange control rules expediently; how to protect confidential information and enhance collaboration simultaneously, are the most concerned problems. However, for large commercial organizations, a fine management...

  9. Dynamically Authorized Role-Based Access Control for Grid Applications

    YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

    2006-01-01

    Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

  10. Access Control in Cloud Computing Environment

    Soorat Hussain

    2014-01-01

    Full Text Available Cloud Computing is a new technology which is directly connected with the internet which provide on demand self service internet infrastructure where a customer can pay and use only what is needed. Cloud Computing all services are managed by third party cloud service provider. Nowadays majority using static password to login into the system or access the online accounts in cloud but never change the password which is not secure . Since Cloud computing is a quite new subject, most of the cloud providers have not yet tighten up their security and still use insecure or complicated login method. Static password thoroughly investigated and found out that it is not completing the cloud computing security requirement. Proposed solution is One Time Password and One Day Password, OTP will get expire after two minutes, if user again login will request and receive new password via email and ODP will get expire after 24 hours and on request receive new password via email for new login session. OTP/ODP used with AES encryption. This paper focuses the authentication and transmission encryption in cloud computing services.

  11. Hopping control channel MAC protocol for opportunistic spectrum access networks

    FU Jing-tuan; JI Hong; MAO Xu

    2010-01-01

    Opportunistic spectrum access (OSA) is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access (CHMA) protocol,we introduce a hopping control channel medium access control (MAC) protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users' occupancy of the channel,we use a primary user (PU) detection model to calculate the channel availability for unlicensed users' access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

  12. A United Access Control Model for Systems in Collaborative Commerce

    Ruo-Fei Han

    2009-06-01

    Full Text Available The latest researches on access control model are dramatically different from conventional ones. Nowadays, most attention is paid to accessing across organizational boundaries. So, how to identify the applicant and determine authorization with limited information; how to express and exchange control rules expediently; how to protect confidential information and enhance collaboration simultaneously, are the most concerned problems. However, for large commercial organizations, a fine management of internal functions is of the same importance as external service management. It is very troublesome to control authorizations merely with attributes and composition of policies introduced from attribute-based access control (ABAC. So, we introduce a united access control model for systems in collaborative commerce, combining the advantages of conventional role-based access control (RBAC, task-based authentication control (TBAC and that of recent ABAC and automated trust negotiation (ATN. Innovational ideas in the model are analyzed, and the implement architecture is discussed. The paper concludes with a summary of the united model’s benefits and future work.

  13. SPS access control system a new user interface

    Riesco, T

    1999-01-01

    This document describes the project to implement at CERN new trends in industrial control systems and integrate new requirements and functions requested by users. This project will be the testing ground for the specification of procedures in the Access Control and Machine Interlock of LHC. The last modification in the Access Control System to the primary beam areas was made in 1995, and this new project is to improve the fields of personal security, access security and the introduction of modern communication networks used in the industrial control systems. Inside the cycle model of project life, it is at the present time in the test phase in terms of security and exploitation inside the Accelerator Decelerator (AD) project. The presence of Authorization Management System (AMS) to guarantee the automatic information distribution of authorizations to controlled areas is in line with this project.

  14. Face recognition in controlled access points

    Mur Escartín, Olga

    2009-01-01

    The thesis consist in the study and evaluation of different methods for face recognition. The final objective is to select the most suitable techniques for face detection and recognition. Some of these techniques will be intergrated in a real time demontrator which will be a preliminary prototype that will have to work in controlled conditions (for ilumination and pose) and with reduced databases. The demonstrator will be done in Matlab and the main image acquisition rotines and face detectio...

  15. ITER shape controller and transport simulations

    Casper, T.A. [Lawrence Livermore National Laboratory, University of California, Livermore, CA 94550 (United States)], E-mail: casper1@llnl.gov; Meyer, W.H.; Pearlstein, L.D. [Lawrence Livermore National Laboratory, University of California, Livermore, CA 94550 (United States); Portone, A. [EFDA0CSU Barcelona, C/Josep Pla 2, B3, 08-10 Barcelona (Spain)

    2008-04-15

    We currently use the CORSICA integrated modeling code for scenario studies for both the DIII-D and ITER experiments. In these simulations, free- or fixed-boundary equilibria are simultaneously converged with thermal evolution determined from transport models providing temperature and current density profiles. Using a combination of fixed boundary evolution followed by free-boundary calculation, we determine the separatrix and coil currents. We use free-boundary evolution with a state-space controller representation and transport simulation to provide feedback modeling of shape, vertical stability and profile control. In addition to a tightly coupled calculation with simulator and controller imbedded inside CORSICA, we also use a remote procedure call interface to couple the CORSICA non-linear plasma simulations to the controller environments developed within the Mathworks Matlab/Simulink environment. We present transport simulations using full shape and vertical stability control with evolution of the temperature profiles to provide simulations of the ITER controller and plasma response.

  16. ITER shape controller and transport simulations

    We currently use the CORSICA integrated modeling code for scenario studies for both the DIII-D and ITER experiments. In these simulations, free- or fixed-boundary equilibria are simultaneously converged with thermal evolution determined from transport models providing temperature and current density profiles. Using a combination of fixed boundary evolution followed by free-boundary calculation, we determine the separatrix and coil currents. We use free-boundary evolution with a state-space controller representation and transport simulation to provide feedback modeling of shape, vertical stability and profile control. In addition to a tightly coupled calculation with simulator and controller imbedded inside CORSICA, we also use a remote procedure call interface to couple the CORSICA non-linear plasma simulations to the controller environments developed within the Mathworks Matlab/Simulink environment. We present transport simulations using full shape and vertical stability control with evolution of the temperature profiles to provide simulations of the ITER controller and plasma response

  17. Controlling high speed automated transport network operations

    de Feijter, R.

    2006-01-01

    This thesis presents a framework for the control of automated guided vehicles (AGVs). The framework implements the transport system as a community of cooperating agents. Besides the architecture and elements of the framework a wide range of infrastructure scene templates is described. These scene templates, ranging from terminal infrastructure to freeways, can be used as building blocks to create a control system for an automated transport network.

  18. Individual public transportation accessibility is positively associated with self-reported active commuting

    Djurhuus, Sune; Hansen, Henning Sten; Aadahl, Mette;

    2014-01-01

    individual public transportation accessibility and self-reported active commuting, and whether the associations varied with commute distance, age, and gender. METHODS: Twenty-eight thousand nine hundred twenty-eight commuters in The Capital Region of Denmark reported self-reported time spent either walking...... or cycling to work or study each day and the distance to work or study. Data were obtained from the Danish National Health Survey collected in February to April 2010. Individual accessibility by public transportation was calculated using a multi-modal network in a GIS. Multilevel logistic regression...... was used to analyze the association between accessibility, expressed as access area, and being an active commuter. RESULTS: Public transport accessibility area based on all stops within walking and cycling distance was positively associated with being an active commuter. Distance to work, age, and...

  19. Role Based Access Control system in the ATLAS experiment

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

    2011-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  20. Role Based Access Control System in the ATLAS Experiment

    Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

    2010-01-01

    The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

  1. A Survey of Access Control Models in Wireless Sensor Networks

    Htoo Aung Maw

    2014-06-01

    Full Text Available Wireless sensor networks (WSNs have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.

  2. Control with a random access protocol and packet dropouts

    Wang, Liyuan; Guo, Ge

    2016-08-01

    This paper investigates networked control systems whose actuators communicate with the controller via a limited number of unreliable channels. The access to the channels is decided by a so-called group random access protocol, which is modelled as a binary Markov sequence. Data packet dropouts in the channels are modelled as independent Bernoulli processes. For such systems, a systematic characterisation for controller synthesis is established and stated in terms of the transition probabilities of the Markov protocol and the packet dropout probabilities. The results are illustrated via a numerical example.

  3. Efficient medium access control protocol for geostationary satellite systems

    王丽娜; 顾学迈

    2004-01-01

    This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

  4. Public information: control, secret and right of access

    Carmem Lúcia Batista

    2012-01-01

    Recently, in November 2011, it was published the law on access to public information, legal and historic mark in the struggle for human rights in Brazil. This achievement is the result of a process marked by denial of access to public archives, as it was the case of the Araguaia Guerrilla, valuing the culture of secrecy, abuse of power and relations between public and private in Brazil. Thus, the aim of this paper is to present a brief history about the control of access to public information...

  5. Transport Strategy to Improve Accessibility in Developing Countries

    Roberts, Peter; Babinard, Julie

    2004-01-01

    In developing countries disabled people and the elderly are more likely to be among the poor. Moreover, exclusion increases the costs associated with disability to constrain disabled people from breaking out of poverty. Improved access and mobility are important factors in reducing poverty and can facilitate the participation of people with disabilities in economic, social, and political p...

  6. Law-Aware Access Control and its Information Model

    Stieghahn, Michael; Engel, Thomas

    2010-01-01

    Cross-border access to a variety of data such as market information, strategic information, or customer-related information defines the daily business of many global companies, including financial institutions. These companies are obliged by law to keep a data processing legal for all offered services. They need to fulfill different security objectives specified by the legislation. Therefore, they control access to prevent unauthorized users from using data. Those security objectives, for exa...

  7. Open Platform Strategies and Innovation: Granting Access vs. Devolving Control

    Kevin Boudreau

    2010-01-01

    This paper studies two fundamentally distinct approaches to opening a technology platform and their different impacts on innovation. One approach is to grant access to a platform and thereby open up markets for complementary components around the platform. Another approach is to give up control over the platform itself. Using data on 21 handheld computing systems (1990-2004), I find that granting greater levels of access to independent hardware developer firms produces up to a fivefold accele...

  8. User Behavior Trust Based Cloud Computing Access Control Model

    Jiangcheng, Qin

    2016-01-01

    Context. With the development of computer software, hardware, and communication technologies, a new type of human-centered computing model, called Cloud Computing (CC) has been established as a commercial computer network service. However, the openness of CC brings huge security challenge to the identity-based access control system, as it not able to effectively prevent malicious users accessing; information security problems, system stability problems, and also the trust issues between cloud...

  9. The Association between Access to Public Transportation and Self-Reported Active Commuting

    Sune Djurhuus

    2014-12-01

    Full Text Available Active commuting provides routine-based regular physical activity which can reduce the risk of chronic diseases. Using public transportation involves some walking or cycling to a transit stop, transfers and a walk to the end location and users of public transportation have been found to accumulate more moderate physical activity than non-users. Understanding how public transportation characteristics are associated with active transportation is thus important from a public health perspective. This study examines the associations between objective measures of access to public transportation and self-reported active commuting. Self-reported time spent either walking or cycling commuting each day and the distance to workplace were obtained for adults aged 16 to 65 in the Danish National Health Survey 2010 (n = 28,928. Access to public transportation measures were computed by combining GIS-based road network distances from home address to public transit stops an integrating their service level. Multilevel logistic regression was used to examine the association between access to public transportation measures and active commuting. Distance to bus stop, density of bus stops, and number of transport modes were all positively associated with being an active commuter and with meeting recommendations of physical activity. No significant association was found between bus services at the nearest stop and active commuting. The results highlight the importance of including detailed measurements of access to public transit in order to identify the characteristics that facilitate the use of public transportation and active commuting.

  10. Task-role-based Access Control Model in Smart Health-care System

    Wang Peng; Jiang Lingyun

    2015-01-01

    As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

  11. Accessibility of Urban Transport for People with Disabilities and Limited Mobility : Lessons from East Asia and the Pacific

    Babinard, Julie; Wang, Wei; Bennett, Christopher R.; Mehndiratta, Shomik

    2012-01-01

    Accessibility of transport is not always a priority in transport planning and implementation. There can be barriers in the physical environment and delivery of services that render transport inaccessible. The principle of the UN Convention on the Rights of Persons with Disabilities (CPRD) brings new momentum to ensuring accessibility in the delivery of transport infrastructure and services...

  12. Reported Design Processes for Accessibility in Rail Transport

    Herriott, Richard; Cook, Sharon

    2014-01-01

    ). The research found that the role of users in the design process of manufacturers was limited and that compliance with industry standards was the dominant means to achieving accessibility goals. Design consultancies were willing to apply more user-centred design if the client requested it. Where operators were...... these methods deviate from user-centred and ID norms. Semi-structured interviews were conducted with nine rolling stock producers, operators and design consultancies. The purpose was to determine if ID design methods are used explicitly and the extent to which the processes used conformed to ID (if at all...... in charge of the design process, accessibility was addressed more comprehensively, with mixed results. The work suggests that the more the design process is divided among actors and geographic space, the harder it is to integrate users....

  13. Control And Transport Of Intense Electron Beams

    Li, H

    2004-01-01

    The transport of intense beams for advanced accelerator applications with high-intensity beams such as heavy-ion inertial fusion, spallation neutron sources, and intense light sources requires tight control of beam characteristics over long distances. The University of Maryland Electron Ring (UMER), which uses low energy, high current electron beams to model the transport physics of intense space-charge-dominated beams, employs real-time beam characterization and control in order to optimize beam quality throughout the strong focusing lattice. We describe in this dissertation the main beam control techniques used in UMER, which include optimal beam steering by quadrupole scans, beam rotation correction using a skew corrector, rms envelope matching and optimization, empirical envelope matching, beam injection, and phase space reconstruction using a tomographic method. Using these control techniques, we achieved the design goals for UMER. The procedure is not only indispensable for optimum beam transport over l...

  14. A Service Access Security Control Model in Cyberspace

    Qianmu, Li; Jie, Yin; Jun, Hou; Jian, Xu; Hong, Zhang; Yong, Qi

    A service access control model in cyberspace is proposed, which provides a generalized and effective mechanism of security management with some items constraint specifications. These constraint specifications are organized to form a construction, and an enact process is proposed to make it scalable and flexible to meet the need of diversified service application systems in cyberspace. The model of this paper erases the downward information flow by extended rules of read/write, which is the breakthrough of the limitations when applying the standard role-based access control in cyberspace.

  15. Access to Health Care and Control of ABCs of Diabetes

    Zhang, Xuanping; Bullard, Kai McKeever; Gregg, Edward W.; Beckles, Gloria L.; Williams, Desmond E.; Barker, Lawrence E; Albright, Ann L.; Imperatore, Giuseppina

    2012-01-01

    OBJECTIVE To examine the relationship between access to health care and diabetes control. RESEARCH DESIGN AND METHODS Using data from the National Health and Nutrition Examination Survey, 1999–2008, we identified 1,221 U.S. adults (age 18–64 years) with self-reported diabetes. Access was measured by current health insurance coverage, number of times health care was received over the past year, and routine place to go for health care. Diabetes control measures included the proportion of people...

  16. Privacy Preservation in Role-based Access Control Model

    Zuo Chen

    2011-08-01

    Full Text Available Privacy preservation is a crucial problem in resource sharing and collaborating among multi-domains. Based on this problem, we propose a role-based access control model for privacy preservation. This scheme avoided the privacy leakage of resources while implementing access control, and it has the advantage of lower communication overhead. We demonstrate this scheme meets the IND-CCA2 semantic security by using random oracle. The simulation result shows this scheme has better execution efficiency and application effects.

  17. Optical label-controlled transparent metro-access network interface

    Osadchiy, Alexey Vladimirovich

    control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique for......This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges are...... arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

  18. Controlling user access to electronic resources without password

    Smith, Fred Hewitt

    2015-06-16

    Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

  19. Controlling molecular transport in minimal emulsions

    Gruner, Philipp; Riechers, Birte; Semin, Benoît; Lim, Jiseok; Johnston, Abigail; Short, Kathleen, et al; Baret, Jean-Christophe

    2016-01-01

    Emulsions are metastable dispersions in which molecular transport is a major mechanism driving the system towards its state of minimal energy. Determining the underlying mechanisms of molecular transport between droplets is challenging due to the complexity of a typical emulsion system. Here we introduce the concept of 'minimal emulsions', which are controlled emulsions produced using microfluidic tools, simplifying an emulsion down to its minimal set of relevant parameters. We use these mini...

  20. Regulatory Accessibility and Social Influences on State Self-Control

    vanDellen, Michelle R.; Hoyle, Rick H.

    2009-01-01

    The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

  1. Review of Access Control Models for Cloud Computing

    Natarajan Meghanathan

    2013-05-01

    Full Text Available The relationship between users and resources is dyn amic in the cloud, and service providers and users are typically not in the same security do main. Identity-based security (e.g., discretionary or mandatory access control models c annot be used in an open cloud computing environment, where each resource node may not be fa miliar, or even do not know each other. Users are normally identified by their attributes o r characteristics and not by predefined identities. There is often a need for a dynamic acc ess control mechanism to achieve cross- domain authentication. In this paper, we will focus on the following three broad categories of access control models for cloud computing: (1 Role -based models; (2 Attribute-based encryption models and (3 Multi-tenancy models. We will review the existing literature on each of the above access control models and their varian ts (technical approaches, characteristics, applicability, pros and cons, and identify future research directions for developing access control models for cloud computing environments .

  2. 49 CFR 176.89 - Control of transport vehicles.

    2010-10-01

    ... 49 Transportation 2 2010-10-01 2010-10-01 false Control of transport vehicles. 176.89 Section 176... Special Requirements for Transport Vehicles Loaded With Hazardous Materials and Transported on Board Ferry Vessels § 176.89 Control of transport vehicles. (a) A transport vehicle containing hazardous materials...

  3. Access Control of Web and Java Based Applications

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  4. Electronic Wallet and Access Control Solution Based on RFID MiFare Cards

    Stefan Victor Lefter

    2013-03-01

    Full Text Available With the advent of Radio Frequency Identification technologies or RFID for short, different types of products and security-relevant applications have been developed for use in fields and businesses like: inventory management, product tracking, access control, passports or transport fare collection. Even though RFID has been around for quite some time, there are some types of businesses like theme parks, water parks or music festivals that haven’t yet tested the benefits that this technology brings. This paper focuses on presenting advantages and disadvantages of using an unified access control and electronic wallet system based on RFID cards like MiFare tags as an alternative to existing ticket/currency access and payment systems employed by the majority of the businesses mentioned above.

  5. Space Transportation Systems Life Cycle Cost Assessment and Control

    Robinson, John W.; Rhodes, Russell E.; Zapata, Edgar; Levack, Daniel J. H.; Donahue, Benjaamin B.; Knuth, William

    2008-01-01

    Civil and military applications of space transportation have been pursued for just over 50 years and there has been, and still is, a need for safe, dependable, affordable, and sustainable space transportation systems. Fully expendable and partially reusable space transportation systems have been developed and put in operation that have not adequately achieved this need. Access to space is technically achievable, but presently very expensive and will remain so until there is a breakthrough in the way we do business. Since 1991 the national Space Propulsion Synergy Team (SPST) has reviewed and assessed the lessons learned from the major U.S. space programs of the past decades focusing on what has been learned from the assessment and control of Life Cycle Cost (LCC) from these systems. This paper presents the results of a selected number of studies and analyses that have been conducted by the SPST addressing the need, as well as the solutions, for improvement in LCC. The major emphasis of the SPST processes is on developing the space transportation system requirements first (up front). These requirements must include both the usual system flight performance requirements and also the system functional requirements, including the infrastructure on Earth's surface, in-space and on the Moon and Mars surfaces to determine LCC. This paper describes the development of specific innovative engineering and management approaches and processes. This includes a focus on flight hardware maturity for reliability, ground operations approaches, and business processes between contractor and government organizations. A major change in program/project cost control is being proposed by the SPST to achieve a sustainable space transportation system LCC - controlling cost as a program metric in addition to the existing practice of controlling performance and weight. Without a firm requirement and methodically structured cost control, it is unlikely that an affordable and sustainable space

  6. Hybrid Predictive Control for Dynamic Transport Problems

    Núñez, Alfredo A; Cortés, Cristián E

    2013-01-01

    Hybrid Predictive Control for Dynamic Transport Problems develops methods for the design of predictive control strategies for nonlinear-dynamic hybrid discrete-/continuous-variable systems. The methodology is designed for real-time applications, particularly the study of dynamic transport systems. Operational and service policies are considered, as well as cost reduction. The control structure is based on a sound definition of the key variables and their evolution. A flexible objective function able to capture the predictive behaviour of the system variables is described. Coupled with efficient algorithms, mainly drawn from the area of computational intelligence, this is shown to optimize performance indices for real-time applications. The framework of the proposed predictive control methodology is generic and, being able to solve nonlinear mixed-integer optimization problems dynamically, is readily extendable to other industrial processes. The main topics of this book are: ●hybrid predictive control (HPC) ...

  7. Research on a dynamic workflow access control model

    Liu, Yiliang; Deng, Jinxia

    2007-12-01

    In recent years, the access control technology has been researched widely in workflow system, two typical technologies of that are RBAC (Role-Based Access Control) and TBAC (Task-Based Access Control) model, which has been successfully used in the role authorizing and assigning in a certain extent. However, during the process of complicating a system's structure, these two types of technology can not be used in minimizing privileges and separating duties, and they are inapplicable when users have a request of frequently changing on the workflow's process. In order to avoid having these weakness during the applying, a variable flow dynamic role_task_view (briefly as DRTVBAC) of fine-grained access control model is constructed on the basis existed model. During the process of this model applying, an algorithm is constructed to solve users' requirements of application and security needs on fine-grained principle of privileges minimum and principle of dynamic separation of duties. The DRTVBAC model is implemented in the actual system, the figure shows that the task associated with the dynamic management of role and the role assignment is more flexible on authority and recovery, it can be met the principle of least privilege on the role implement of a specific task permission activated; separated the authority from the process of the duties completing in the workflow; prevented sensitive information discovering from concise and dynamic view interface; satisfied with the requirement of the variable task-flow frequently.

  8. Object oriented programming techniques applied to device access and control

    In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

  9. Fine-Grained Access Control for Electronic Health Record Systems

    Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

    There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

  10. Audit-Based Access Control for Electronic Health Records

    Dekker, M.A.C.; Etalle, S.; Gadducci, F.

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori acce

  11. Audit-Based Access Control for Electronic Health Records

    Dekker, M.A.C.; Etalle, S.

    2006-01-01

    Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can not be made on the fly. For these settings we developed a language and a framework for a-posteriori acc

  12. Secure Dynamic access control scheme of PHR in cloud computing.

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  13. Access control issues and solutions for large sites

    The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

  14. Adaptive Medium Access Control Protocol for Wireless Body Area Networks

    Javaid, N.; Ahmad, A.; A. Rahim; Z.A. Khan; M. Ishfaq; Qasim, U.

    2014-01-01

    Wireless Body Area Networks (WBANs) are widely used for applications such as modern health-care systems, where wireless sensors (nodes) monitor the parameter(s) of interest. Nodes are provided with limited battery power and battery power is dependent on radio activity. MAC protocols play a key role in controlling the radio activity. Therefore, we present Adaptive Medium Access Control (A-MAC) protocol for WBANs supported by linear programming models for the minimization of energy consumption ...

  15. Access control and interlock system at the Advanced Photon Source

    Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D. [Argonne National Lab., IL (United States). Advanced Photon Source

    1997-08-01

    The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS`s design philosophy, configuration, hardware, functionality, validation requirements, and operational experience.

  16. Comparable Measures of Accessibility to Public Transport Using the General Transit Feed Specification

    Jinjoo Bok

    2016-03-01

    Full Text Available Public transport plays a critical role in the sustainability of urban settings. The mass mobility and quality of urban lives can be improved by establishing public transport networks that are accessible to pedestrians within a reasonable walking distance. Accessibility to public transport is characterized by the ease with which inhabitants can reach means of transportation such as buses or metros. By measuring the degree of accessibility to public transport networks using a common data format, a comparative study can be conducted between different cities or metropolitan areas with different public transit systems. The General Transit Feed Specification (GTFS by Google Developers allows this by offering a common format based on text files and sharing the data set voluntarily produced and contributed by the public transit agencies of many participating cities around the world. This paper suggests a method to assess and compare public transit accessibility in different urban areas using the GTFS feed and demographic data. To demonstrate the value of the new method, six examples of metropolitan areas and their public transit accessibility are presented and compared.

  17. Control of chaotic transport in Hamiltonian systems

    It is shown that a relevant control of Hamiltonian chaos is possible through suitable small perturbations whose form can be explicitly computed. In particular, it is possible to control (reduce) the chaotic diffusion in the phase space of a Hamiltonian system with 1.5 degrees of freedom which models the diffusion of charged test particles in a 'turbulent' electric field across the confining magnetic field in controlled thermonuclear fusion devices. Though still far from practical applications, this result suggests that some strategy to control turbulent transport in magnetized plasmas, in particular tokamaks, is conceivable. (author)

  18. Controlling molecular transport in minimal emulsions

    Gruner, Philipp; Riechers, Birte; Semin, Benoît; Lim, Jiseok; Johnston, Abigail; Short, Kathleen; Baret, Jean-Christophe

    2016-01-01

    Emulsions are metastable dispersions in which molecular transport is a major mechanism driving the system towards its state of minimal energy. Determining the underlying mechanisms of molecular transport between droplets is challenging due to the complexity of a typical emulsion system. Here we introduce the concept of `minimal emulsions', which are controlled emulsions produced using microfluidic tools, simplifying an emulsion down to its minimal set of relevant parameters. We use these minimal emulsions to unravel the fundamentals of transport of small organic molecules in water-in-fluorinated-oil emulsions, a system of great interest for biotechnological applications. Our results are of practical relevance to guarantee a sustainable compartmentalization of compounds in droplet microreactors and to design new strategies for the dynamic control of droplet compositions.

  19. Ubiquitous access control and policy management in personal networks

    Kyriazanos, Dimitris M.; Stassinopoulos, George I.; Prasad, Neeli R.

    2006-01-01

    In this paper the authors present the challenges for enabling Security Policies Management and subsequent Ubiquitous Access Control on the Personal Network (PN) environment. A solution based on Security Profiles is proposed, supporting both partially distributed architectures-having in this case...... distributed master devices acting as access points- and also pure peer-to-peer interactions inside the PN. Taking benefit from the modularity and scalability of the design, this solution can be extended into supporting coalitions of different security domains, deriving from the creation of PNs federations....

  20. A User Profile Based Access Control Model and Architecture

    Meriem Zerkouk

    2013-02-01

    Full Text Available Personalization and adaptation to the user profile capability are the hottest issues to ensure ambientassisted living and context awareness in nowadays environments. With the growing healthcare andwellbeing context aware applications, modeling security policies becomes an important issue in thedesign of future access control models. This requires rich semantics using ontology modeling for themanagement of services provided to dependant people. However, current access control models remainunsuitable due to lack of personalization, adaptability and smartness to the handicap situation.In this paper, we propose a novel adaptable access control model and its related architecture in whichthe security policy is based on the handicap situation analyzed from the monitoring of user’s behavior inorder to grant a service using any assistive device within intelligent environment. The design of ourmodel is an ontology-learning and evolving security policy for predicting the future actions of dependentpeople. This is reached by reasoning about historical data, contextual data and user behavior accordingto the access rules that are used in the inference engine to provide the right service according to theuser’s needs.

  1. The Association between Access to Public Transportation and Self-Reported Active Commuting

    Djurhuus, Sune; Hansen, Henning S; Aadahl, Mette;

    2014-01-01

    self-reported active commuting. Self-reported time spent either walking or cycling commuting each day and the distance to workplace were obtained for adults aged 16 to 65 in the Danish National Health Survey 2010 (n = 28,928). Access to public transportation measures were computed by combining GIS......-based road network distances from home address to public transit stops an integrating their service level. Multilevel logistic regression was used to examine the association between access to public transportation measures and active commuting. Distance to bus stop, density of bus stops, and number of...

  2. A formal model for access control with supporting spatial context

    ZHANG Hong; HE YePing; SHI ZhiGuo

    2007-01-01

    There is an emerging recognition of the importance of utilizing contextual information in authorization decisions. Controlling access to resources in the field of wireless and mobile networking require the definition of a formal model for access control with supporting spatial context. However, traditional RBAC model does not specify these spatial requirements. In this paper, we extend the existing RBAC model and propose the SC-RBAC model that utilizes spatial and location-based information in security policy definitions. The concept of spatial role is presented,and the role is assigned a logical location domain to specify the spatial boundary.Roles are activated based on the current physical position of the user which obtained from a specific mobile terminal. We then extend SC-RBAC to deal with hierarchies, modeling permission, user and activation inheritance, and prove that the hierarchical spatial roles are capable of constructing a lattice which is a means for articulate multi-level security policy and more suitable to control the information flow security for safety-critical location-aware information systems. Next, constrained SC-RBAC allows express various spatial separations of duty constraints,location-based cardinality and temporal constraints for specify fine-grained spatial semantics that are typical in location-aware systems. Finally, we introduce 9 invariants for the constrained SC-RBAC and its basic security theorem is proven. The constrained SC-RBAC provides the foundation for applications in need of the constrained spatial context aware access control.

  3. Type-Based Access Control in Data-Centric Systems

    Caires, Luís; Pérez, Jorge A.; Seco, João Costa; Vieira, Hugo Torres; Ferrão, Lúcio

    Data-centric multi-user systems, such as web applications, require flexible yet fine-grained data security mechanisms. Such mechanisms are usually enforced by a specially crafted security layer, which adds extra complexity and often leads to error prone coding, easily causing severe security breaches. In this paper, we introduce a programming language approach for enforcing access control policies to data in data-centric programs by static typing. Our development is based on the general concept of refinement type, but extended so as to address realistic and challenging scenarios of permission-based data security, in which policies dynamically depend on the database state, and flexible combinations of column- and row-level protection of data are necessary. We state and prove soundness and safety of our type system, stating that well-typed programs never break the declared data access control policies.

  4. Access Control with RFID in the Internet of Things

    Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

    2013-01-01

    , to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

  5. An Access Control Model of Virtual Machine Security

    QIN Zhong-yuan; Chen, Qi; Lv, You; Qiang, Yong; GUO Ai-wen; SHEN Ri-sheng; Zhang Qunfang

    2013-01-01

    Virtualization technology becomes a hot IT technolo gy with the popu-larity of Cloud Computing. However, new security issues arise with it. Specifically, the resources sharing and data communication in virtual machines are most con cerned. In this paper an access control model is proposed which combines the Chinese Wall a nd BLP model. BLP multi-level security model is introduced with corresponding improve...

  6. Integrating CERN e-groups into TWiki access control.

    Jones, PL; Hoymr, N; CERN. Geneva. IT Department

    2010-01-01

    Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

  7. Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

    Fafoutis, Xenofon; Dragoni, Nicola

    2012-01-01

    ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever...... three key properties of EH-WSNs: adaptability of energy consumption, distributed energy-aware load balancing and support for different application-specific requirements....

  8. Achieving Fine-grained Access Control in Virtual Organisations

    Zhang, Nien Fan; Yao, L.; Nenadic, A.; Chin, J.; Goble, C.; Rector, A.; Chadwick, David W; Otenko, Sassa; Shi, Q.

    2007-01-01

    In a virtual organization environment, where services and data are provided and shared amongorganizations from different administrative domains and protected with dissimilar security policies and measures, there is a need for a flexible authentication framework that supports the use of various authentication methods and tokens. The authentication strengths derived from the authentication methods and tokens should be incorporated into an access-control decision-making process, so that more sen...

  9. Access and control of resources: Lessons from the SANREM CRSP

    Flora, Cornelia B.

    2001-01-01

    Metadata only record Developing sustainability in an agricultural ecosystem requires that attention be given to inequities within communities. The experiences of SANREM CRSP revealed that gender inequality was a significant factor in the access and control of resources that were critical for the projects reaching their goals. Among the resources of financial, manufactured, human, environmental, and social capital, enhancing social capital among women was a crucial component of plans for in...

  10. THE ADMINISTRATOR OBJECT PATTERN FOR ROLE-BASED ACCESS CONTROL

    S. R. KODITUWAKKU

    2010-01-01

    The Object-Oriented paradigm approaches the software development by representing real world entities into classes of software objects. Object oriented design patterns facilitate small scale and large scale design reuse. This paper presents an object oriented design pattern, Administrator Object, to address the User-Role assignment problem in Role Based Access Control (RBAC). Two alternative solutions are proposed. The pattern is presented according to the Gang of Four template.

  11. THE ADMINISTRATOR OBJECT PATTERN FOR ROLE-BASED ACCESS CONTROL

    S. R. KODITUWAKKU

    2010-12-01

    Full Text Available The Object-Oriented paradigm approaches the software development by representing real world entities into classes of software objects. Object oriented design patterns facilitate small scale and large scale design reuse. This paper presents an object oriented design pattern, Administrator Object, to address the User-Role assignment problem in Role Based Access Control (RBAC. Two alternative solutions are proposed. The pattern is presented according to the Gang of Four template.

  12. A Model of Workflow-oriented Attributed Based Access Control

    Guoping Zhang; Jing Liu

    2011-01-01

    the emergence of “Internet of Things” breaks previous traditional thinking, which integrates physical infrastructure and network infrastructure into unified infrastructure. There will be a lot of resources or information in IoT, so computing and processing of information is the core supporting of IoT. In this paper, we introduce “Service-Oriented Computing” to solve the problem where each device can offer its functionality as standard services. Here we mainly discuss the access control issue ...

  13. Authorisation and access control for electronic health record systems.

    Blobel, Bernd

    2004-03-31

    Enabling the shared care paradigm, centralised or even decentralised electronic health record (EHR) systems increasingly become core applications in hospital information systems and health networks. For realising multipurpose use and reuse as well as inter-operability at knowledge level, EHR have to meet special architectural requirements. The component-oriented and model-based architecture should meet international standards. Especially in extended health networks realising inter-organisational communication and co-operation, authorisation cannot be organised at user level anymore. Therefore, models, methods and tools must be established to allow formal and structured policy definition, policy agreements, role definition, authorisation and access control. Based on the author's international engagement in EHR architecture and security standards referring to the revision of CEN ENV 13606, the GEHR/open EHR approach, HL7 and CORBA, models for health-specific and EHR-related roles, for authorisation management and access control have been developed. The basic concept is the separation of structural roles defining organisational entity-to-entity relationships and enabling specific acts on the one hand, and functional roles bound to specific activities and realising rights and duties on the other hand. Aggregation of organisational, functional, informational and technological components follows specific rules. Using UML and XML, the principles as well as some examples for analysis, design, implementation and maintenance of policy and authorisation management as well as access control have been practically implemented. PMID:15066555

  14. Material control and surveillance for high frequency access vaults project

    The 'Material Control and Surveillance for High Frequency Access Vaults' project sponsored by United States Department of Energy's Office of Security Policy, Policy Integration and Technical Support Program (SO-20.3) focuses on enhancing nuclear materials control and surveillance in vaults that are frequently accessed. The focus of this effort is to improve materials control and accountability (MC and A) while decreasing the operational impact of these activities. Los Alamos and Y-12 have developed a testbed at the Los Alamos National Laboratory for evaluating and demonstrating integrated technologies for use in enhancing materials control and accountability in active nuclear material storage vaults. An update will be provided on the new systems demonstrated in the test-bed including a 'confirmatory cart' for expediting the performance of inventory and radio-frequency actuated video that demonstrates the concept of automated data entry for materials moving between MBA's. The United States Department of Energy's Office of Security Policy, Policy Integration and Technical Support Program (SO-20.3) has sponsored a project where nuclear material inventory, control and surveillance systems are evaluated, developed, and demonstrated in an effort to provide technologies that reduce risk, increase material assurance, and provide cost-efficient alternatives to manpower-intensive physical inventory and surveillance approaches for working (high-frequency-access) vaults. This Fiscal Year has been largely focused on evaluating and developing components of two sub-systems that could be used either separately in nuclear material vaults or as part of a larger integrated system for nuclear materials accountability, control and surveillance.

  15. ARCPAS - Automatic radiation control point access system an automated data collection terminal for radiation dose and access control

    Nuclear facilities such as nuclear power plants or fuel processing facilities are required to maintain accurate records of personnel access, exposure and work performed. Most facilities today have some sort of computerized data collection system for radiation dose and access control. The great majority rely on handwritten records, i.e., dose card or sign-in sheet which in turn are transferred to a computerized records management system manually. The ARCPAS terminal provides a method for automating personnel exposure data collection and processing. The terminal is a user interactive device which contains a unit for automatically reading and zeroing pocket dosemeters, a security badge reader for personnel identification, a 16 digit key pad for RWP information entry, a high resolution color CRT for interactive communication and a high speed tape printer providing an entry chit. The chit provides the individual worker with a record of the transaction including an individual identifying number, remaining dose for the quarter or period and RWP under which the worker entered the controlled area. The purpose of automating the access control is to provide fast, accurate, realtime data to the records management system. A secondary purpose is to relieve trained health physics technicians of control point duties so that their training and skills can be utilized more effectively in a facility's health physics program

  16. State control, access to capital and firm performance

    Oliver Zhen Li; Xijia Su; Zhifeng Yang

    2012-01-01

    We study the effect of state control on capital allocation and investment in China, where the government screens prospective stock issuers. We find that state firms are more likely to obtain government approval to conduct seasoned equity offerings than non-state firms. Further, non-state firms exhibit greater sensitivities of subsequent investment and stock performance to regulatory decisions on stock issuances than state firms. Our work suggests that state control of capital access distorts resource allocation and impedes the growth of non-state firms. We also provide robust evidence that financial constraints cause underinvestment.

  17. Controllable spin transport in ferromagnetic graphene junctions

    Yokoyama, Takehito

    2008-01-01

    We study spin transport in normal/ferromagnetic/normal graphene junctions where a gate electrode is attached to the ferromagnetic graphene. We find that due to the exchange field of the ferromagnetic graphene, spin current through the junctions has an oscillatory behavior with respect to the chemical potential in the ferromagnetic graphene, which can be tuned by the gate voltage. Especially, we obtain a controllable spin current reversal by the gate voltage. Our prediction of high controllabi...

  18. OJADEAC: An Ontology Based Access Control Model for JADE Platform

    Ban Sharief Mustafa

    2014-06-01

    Full Text Available Java Agent Development Framework (JADE is a software framework to make easy the development of Multi-Agent applications in compliance with the Foundation for Intelligent Physical Agents (FIPA specifications. JADE propose new infrastructure solutions to support the development of useful and convenient distributed applications. Security is one of the most important issues in implementing and deploying such applications. JADE-S security add-ons are one of the most popular security solutions in JADE platform. It provides several security services including authentication, authorization, signature and encryption services. Authorization service will give authorities to perform an action based on a set of permission objects attached to every authenticated user. This service has several drawbacks when implemented in a scalable distributed context aware applications. In this paper, an ontology-based access control model called (OJADEAC is proposed to be applied in JADE platform by combining Semantic Web technologies with context-aware policy mechanism to overcome the shortcoming of this service. The access control model is represented by a semantic ontology, and a set of two level semantic rules representing platform and application specific policy rules. OJADEAC model is distributed, intelligent, dynamic, context-aware and use reasoning engine to infer access decisions based on ontology knowledge.

  19. Multihop Medium Access Control for WSNs: An Energy Analysis Model

    Haapola Jussi

    2005-01-01

    Full Text Available We present an energy analysis technique applicable to medium access control (MAC and multihop communications. Furthermore, the technique's application gives insight on using multihop forwarding instead of single-hop communications. Using the technique, we perform an energy analysis of carrier-sense-multiple-access (CSMA- based MAC protocols with sleeping schemes. Power constraints set by battery operation raise energy efficiency as the prime factor for wireless sensor networks. A detailed energy expenditure analysis of the physical, the link, and the network layers together can provide a basis for developing new energy-efficient wireless sensor networks. The presented technique provides a set of analytical tools for accomplishing this. With those tools, the energy impact of radio, MAC, and topology parameters on the network can be investigated. From the analysis, we extract key parameters of selected MAC protocols and show that some traditional mechanisms, such as binary exponential backoff, have inherent problems.

  20. A model to reduce complexity and maintain coherence between Access Control and Transmission Control policies

    Bertrand, Yoann; Blay-Fornarino, Mireille; Boudaoud, Karima; Riveill, Michel

    2016-01-01

    In order to protect resources from unauthorized access and data leakage in companies, security experts and administrators can use mechanisms such as Access Control (AC) and Transmission Control (TC). Both AC and TC are based on policies that are defined, modified and revoked by these experts. However, policy management can be a time-consuming and tiresome task, especially when both mechanisms are used on large sets of users and resources. Moreover, contradictions between AC and TC policies ca...

  1. SAFETY AND QUALITY CONTROL OF TRANSPORT SERVICES ON RAILWAY TRANSPORT

    I. P. Sadlovska

    2010-10-01

    Full Text Available The article presents the provisions to improve procedure of licensing of passenger and freight transportation, technical specifications for services related to the passenger and freight transportations.

  2. Admission Control and Interference Management in Dynamic Spectrum Access Networks

    Jorge Martinez-Bauset

    2010-01-01

    Full Text Available We study two important aspects to make dynamic spectrum access work in practice: the admission policy of secondary users (SUs to achieve a certain degree of quality of service and the management of the interference caused by SUs to primary users (PUs. In order to limit the forced termination probability of SUs, we evaluate the Fractional Guard Channel reservation scheme to give priority to spectrum handovers over new arrivals. We show that, contrary to what has been proposed, the throughput of SUs cannot be maximized by configuring the reservation parameter. We also study the interference caused by SUs to PUs. We propose and evaluate different mechanisms to reduce the interference, which are based on simple spectrum access algorithms for both PUs and SUs and channel repacking algorithms for SUs. Numerical results show that the reduction can be of one order of magnitude or more with respect to the random access case. Finally, we propose an adaptive admission control scheme that is able to limit simultaneously the forced termination probability of SUs and what we define as the probability of interference. Our scheme does not require any configuration parameters beyond the probability objectives. Besides, it is simple to implement and it can operate with any arrival process and distribution of the session duration.

  3. An Access Control Model of Virtual Machine Security

    QIN Zhong-yuan

    2013-07-01

    Full Text Available Virtualization technology becomes a hot IT technolo gy with the popu-larity of Cloud Computing. However, new security issues arise with it. Specifically, the resources sharing and data communication in virtual machines are most con cerned. In this paper an access control model is proposed which combines the Chinese Wall a nd BLP model. BLP multi-level security model is introduced with corresponding improvement based on PCW (Prioritized Chinese Wall security model. This model can be used to safely co ntrol the resources and event behaviors in virtual machines. Experimental results show its eff ectiveness and safety.

  4. Privacy and Access Control for IHE-Based Systems

    Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

    Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

  5. Advent of Biometric Sensors in Field of Access Control

    Ali Anas

    2015-09-01

    Full Text Available Biometrics is the science of measuring and analyzing biological data. It is used to uniquely identify individuals by their physical characteristics or personal behavior traits.The results from scrutiny of various themes including unimodal, multimodal, physiological, behavioural bio-metrics. Bio-metrics, Physiological and behavioural are compared in the review. The article addresses a particular aspect of utilizing biometrics for authentication, identification and access control. The use of systems like fingerprint, face recognition, hand geometry, Palm print, DNA analysis, iris recognition, retina and odour/scent will be dealt with herewith. This study deals with various applications of this technology, like surveillance, employee identification, device access etc with mentions respective of hardware used. The influence of such features is yet to be documented properly, but it is safe to say that it has been a huge step towards better information security and identification control.Over the course of this text, we will try to bring to light our analysis of the subject and provide an in-depth examination of contemporary and futuristic technologies pertaining to this field.

  6. THE USAGE OF HRU SEGMENT MATRIX ACCESS IN THE ANALYSIS OF INFORMATION SECURITY SYSTEMS WHICH MAKE MANDATORY ACCESS CONTROL

    Korolev I. D.

    2014-09-01

    Full Text Available In this article we consider the usage of HRU access matrix changing system allowing for information security system which makes mandatory access control in case of information security analysis by using an automatic classification of formalized documents in the system of electronic document management

  7. 77 FR 2343 - Eleventh Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2012-01-17

    ...). ACTION: Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY: The FAA..., Airport Security Access Control Systems. DATES: The meeting will be held February 9, 2012, from 10 a.m.-4..., Airport Security Access Control Systems. The agenda will include the following: February 9, 2012...

  8. A Cycle of Dependence: Automobiles, Accessibility, and the Evolution of the Transportation and Retail Hierarchies

    Handy, Susan

    1993-01-01

    This paper explores how the automobile has indirectly led to dramatic changes in patterns of accessibility to retail and service activity within metropolitan regions. The automo­ bile instigated a greater articulation of the hierarchy of transportation facilities, as reflected in a greater differentia­ tion between the local and the regional systems. At the same time, the automobile instigated a collapse in the retail hierarchy, by encouraging the growth of community and regional centers at t...

  9. Smartphone-based system to improve transportation access for the cognitively impaired.

    Anderson, Shane M; Riehle, Timothy H; Lichter, Patrick A; Brown, Allen W; Panescu, Dorin

    2015-08-01

    This project developed and evaluated a smartphone-based system to improve mobility and transportation access for the cognitively impaired. The proposed system is intended to allow the cognitively impaired to use public transportation systems, community transportation and dedicated transportation services for the disabled with greater ease and safety. Individuals with cognitive disabilities are often unable to operate an automobile, or may require a prolonged recovery period before resuming driving. Public transportation systems represent a significant means to allow these individuals to maintain independence. Yet public transportation systems can pose significant challenges to individuals with cognitive impairment. The goal of this project is to develop a system to reduce these barriers via a technological solution consisting of components developed both for the cognitively impaired user and their caregiver or family member. The first component consists of a cognitive prosthetic device featuring traditional memory cueing and reminders as well as custom location-based transportation specific functions. This cognitive mobility assistant will leverage the computing power and GPS location determination capabilities of inexpensive, powerful smart phones. The second component consists of a management application which offers caregivers the ability to configure and program the reminder and transit functions remotely via the Internet. Following completion of the prototype system a pilot human test was performed with cognitively disabled individuals and family members or caregivers to assess the usability and acceptability of both system components. PMID:26738091

  10. Accessible Transportation, Geographic Elevation, and Masticatory Ability Among Elderly Residents of a Rural Area

    Tsuyoshi Hamano

    2015-06-01

    Full Text Available Given that public transportation networks are often worse in rural areas than in urban areas, rural residents who do not drive can find it difficult to access health-promoting goods, services, and resources related to masticatory ability. Moreover, geographical location, assessed by elevation, could modify this association. The aim of this study was to test whether the association between access to transportation and masticatory ability varied by elevation. Data were collected from a cross-sectional study conducted in Mizuho and Iwami counties, Japan. Objective masticatory ability was evaluated using a test gummy jelly and elevation was estimated by the geographic information systems according to the participant’s address. After excluding subjects with missing data, 672 subjects (Mizuho = 401 and Iwami = 271 were analyzed. After adjustment for potential confounders, being a driver was not significantly associated with masticatory ability among elderly people living at low elevation (≤313 m in Mizuho county. However, after the same adjustment, being a driver remained significantly associated with increased masticatory ability among elderly at high elevations. Similar findings were observed in Iwami county. Accessible transportation was significantly associated with increased mastication ability in elderly people living at high elevations, but not in those living at low elevations.

  11. Trust-based Access Control in Virtual Learning Community

    Wang, Shujuan; Liu, Qingtang

    The virtual learning community is an important application pattern of E-Learning. It emphasizes the cooperation of the members in the community, the members would like to share their learning resources, to exchange their experience and complete the study task together. This instructional mode has already been proved as an effective way to improve the quality and efficiency of instruction. At the present time, the virtual learning communities are mostly designed using static access control policy by which the access permission rights are authorized by the super administrator, the super administrator assigns different rights to different roles, but the virtual and social characteristics of virtual learning community make information sharing and collaboration a complex problem, the community realizes its instructional goal only if the members in it believe that others will offer the knowledge they owned and believe the knowledge others offered is well-meaning and worthy. This paper tries to constitute an effective trust mechanism, which could promise favorable interaction and lasting knowledge sharing.

  12. A Semantic Context-Based Model for MobileWeb Services Access Control

    Haibo Shen; Yu Cheng

    2011-01-01

    As mobile web services becomes more pervasive, applications based on mobile web services will need flexible access control mechanisms. Unlike traditional approaches based on the identity or role for access control, access decisions for these applications will depend on the combination of the required attributes of users and the contextual information. This paper proposes a semantic context-based access control model (called SCBAC) to be applied in mobile web services environment by combining ...

  13. Database Security System for Applying Sophisticated Access Control via Database Firewall Server

    Eun-Ae Cho; Chang-Joo Moon; Dae-Ha Park; Kang-Bin Yim

    2014-01-01

    Database security, privacy, access control, database firewall, data break masking Recently, information leakage incidents have occurred due to database security vulnerabilities. The administrators in the traditional database access control methods grant simple permissions to users for accessing database objects. Even though they tried to apply more strict permissions in recent database systems, it was difficult to properly adopt sophisticated access control policies to commercial databases...

  14. BWR startup and shutdown activity transport control

    This paper summarizes BWR industry experience on good practices for controlling the transport of corrosion product activity during shutdowns, particularly refueling outages, and for startup chemistry control to minimize IGSCC (intergranular stress corrosion cracking). For shutdown, overall goals are to minimize adverse impacts of crud bursts and the time required to remove activated corrosion products from the reactor coolant during the shutdown process prior to refueling, and to assist plants in predicting and controlling radiation exposure during outages. For startup, the overall goals are to highlight conditions during early heatup and startup when sources of reactor coolant oxidants are high, when there is a greater likelihood for chemical excursions associated with refueling outage work activities, and when hydrogen injection is not available to mitigate IGSCC due to system design limitations. BWR water chemistry has changed significantly in recent years with the adoption of hydrogen water chemistry, zinc addition and noble metal chemical applications. These processes have, in some instances, resulted in significant activity increases during shutdown evolutions, which together with reduced time for cleanup because of shorter outages, has consequently increased outage radiation exposure. A review several recent outages shows that adverse effects from these conditions can be minimized, leading to the set of good practice recommendations for shutdown chemistry control. Most plants lose the majority of their hydrogen availability hours during early startup because feedwater hydrogen injection systems were not originally designed to inject hydrogen below 20% power. Hydrogen availability has improved through modifications to inject hydrogen at lower power levels, some near 5%. However, data indicate that IGSCC is accelerated during early startup, when dissolved oxygen and hydrogen peroxide levels are high and reactor coolant temperatures are in the 300 to 400 oF (

  15. Safety systems and access control in the National Ignition Facility.

    Reed, Robert K; Bell, Jayce C

    2013-06-01

    The National Ignition Facility (NIF) is the world's largest and most energetic laser system. The facility has the potential to generate ionizing radiation due to the interaction between the laser beams and target material, with neutrons and gamma rays being produced during deuterium-tritium fusion reactions. To perform these experiments, several types of hazards must be mitigated and controlled to ensure personnel safety. NIF uses a real-time safety system to monitor and mitigate the hazards presented by the facility. The NIF facility Safety Interlock System (SIS) monitors for oxygen deficiency and controls access to the facility preventing exposure to laser light and radiation from the Radiation Generating Devices. It also interfaces to radiation monitoring and other radiological monitoring and alarm systems. The SIS controls permissives to the hazard-generating equipment and annunciates hazard levels in the facility. To do this reliably and safely, the SIS has been designed as a fail-safe system with a proven performance record now spanning over 10 y. This paper discusses the SIS, its design, implementation, operator interfaces, validation/verification, and the hazard mitigation approaches employed in the NIF. A brief discussion of the Failure Modes and Effect Analysis supporting the SIS will also be presented. The paper ends with a general discussion of SIS do's and don'ts and common design flaws that should be avoided in SIS design. PMID:23629061

  16. Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

    Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel;

    2009-01-01

    Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not...... complex access control decisions based on spatio-temporal relationships among subjects and objects. Furthermore, such relationships change frequently in dynamic environments, requiring efficient mechanisms to monitor and re-evaluate access control decisions. In this position paper, we present a healthcare...... emergency response scenario which highlights the novel challenges that arise when enforcing access control in an environment with moving subjects and objects. To address a realistic application scenario, we consider movement on road networks, and we identify complex access control decisions relevant to such...

  17. New perspective on the accessibility of railway transport for the vulnerable traveller

    Vulnerable travellers experience various problems in the transport environment. These may reduce public travel confidence and consequently lead to decreased mobility. A goal of our research is to find out how to improve the accessibility to railway travelling, especially, for persons with functional limitations. By reducing barriers, the ability of travelling would be improved, and consequently allow for more flexible travel behaviors. In order to develop a model and a method of measurement for accessibility, we (a) constructed a reference group of representative 'typical older persons' (65–85 years) from questionnaire data, and (b) developed an accessibility measure for persons with functional limitations. In this measure barriers have different weights for the different persons depending on their functional ability and travel behavior. This gives the probability of facing a certain barrier when travelling to a certain destination; that is, a measure of accessibility for the individual. The more weight placed on a certain barrier, the less probable it is that the particular journey will take place. These weights will be obtained in forthcoming research on the perception of a set of various travel scenarios representing barriers

  18. A Trusted Host's Authentication Access and Control Model Faced on User Action

    ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

    2006-01-01

    The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

  19. Cross-layer rate control, medium access control and routing design in cooperative VANET

    Zhou, Liang; Zheng, Baoyu; Geller, Benoit; Wei, Anne; Xu, Shan; Li, Yajun

    2008-01-01

    In this paper, we address the rate control, the Medium Access Control (MAC) and the routing problem for cooperative Vehicular Ad-Hoc Network (VANET) in the framework of cross-layer design. At first, we introduce the cooperative communication conception to VANET, and propose an opportunistic cooperation strategy to improve the system performance. And then, we develop a cross-layer solution which consists of the link capacity detection with adjusting persistence probability at the MAC Layer, th...

  20. Structural basis of the alternating-access mechanism in a bile acid transporter

    Zhou, Xiaoming; Levin, Elena J.; Pan, Yaping; McCoy, Jason G.; Sharma, Ruchika; Kloss, Brian; Bruni, Renato; Quick, Matthias; Zhou, Ming

    2014-01-01

    Bile acids are synthesized from cholesterol in hepatocytes and secreted through the biliary tract into the small intestine, where they aid in absorption of lipids and fat-soluble vitamins. Through a process known as enterohepatic recirculation, more than 90% of secreted bile acids are then retrieved from the intestine and returned to the liver for resecretion. In humans, there are two Na+-dependent bile acid transporters involved in enterohepatic recirculation, the Na+-taurocholate co-transporting polypeptide (NTCP; also known as SLC10A1) expressed in hepatocytes, and the apical sodium-dependent bile acid transporter (ASBT; also known as SLC10A2) expressed on enterocytes in the terminal ileum. In recent years, ASBT has attracted much interest as a potential drug target for treatment of hypercholesterolaemia, because inhibition of ASBT reduces reabsorption of bile acids, thus increasing bile acid synthesis and consequently cholesterol consumption. However, a lack of three-dimensional structures of bile acid transporters hampers our ability to understand the molecular mechanisms of substrate selectivity and transport, and to interpret the wealth of existing functional data. The crystal structure of an ASBT homologue from Neisseria meningitidis (ASBTNM) in detergent was reported recently, showing the protein in an inward-open conformation bound to two Na+ and a taurocholic acid. However, the structural changes that bring bile acid and Na+ across the membrane are difficult to infer from a single structure. To understand the structural changes associated with the coupled transport of Na+ and bile acids, here we solved two structures of an ASBT homologue from Yersinia frederiksenii (ASBTYf) in a lipid environment, which reveal that a large rigid-body rotation of a substrate-binding domain gives the conserved `crossover' region, where two discontinuous helices cross each other, alternating accessibility from either side of the cell membrane. This result has implications

  1. On the implementation of accessible transport system in urban villages: a case study of Shenzhen Futian district

    Liu, Q.; Lu, X; Wang, J

    2010-01-01

    Urban village is a type of living space in rapid urbanized area within P. R. China, the main spatial features of which are highly the assembling buildings and the principal dwelling space for transient population and poor foreigners. Considering the fact that these urban villages may stay for long time, the implementation of accessible transportation may help reduce social exclusion issues. The major difficulties to implement the Accessible Transport System (ATS) there lie in the exceedingly ...

  2. Intelligent urban public transportation for accessibility dedicated to people with disabilities.

    Zhou, Haiying; Hou, Kun-Mean; Zuo, Decheng; Li, Jian

    2012-01-01

    The traditional urban public transport system generally cannot provide an effective access service for people with disabilities, especially for disabled, wheelchair and blind (DWB) passengers. In this paper, based on advanced information & communication technologies (ICT) and green technologies (GT) concepts, a dedicated public urban transportation service access system named Mobi+ has been introduced, which facilitates the mobility of DWB passengers. The Mobi+ project consists of three subsystems: a wireless communication subsystem, which provides the data exchange and network connection services between buses and stations in the complex urban environments; the bus subsystem, which provides the DWB class detection & bus arrival notification services; and the station subsystem, which implements the urban environmental surveillance & bus auxiliary access services. The Mobi+ card that supports multi-microcontroller multi-transceiver adopts the fault-tolerant component-based hardware architecture, in which the dedicated embedded system software, i.e., operating system micro-kernel and wireless protocol, has been integrated. The dedicated Mobi+ embedded system provides the fault-tolerant resource awareness communication and scheduling mechanism to ensure the reliability in data exchange and service provision. At present, the Mobi+ system has been implemented on the buses and stations of line '2' in the city of Clermont-Ferrand (France). The experiential results show that, on one hand the Mobi+ prototype system reaches the design expectations and provides an effective urban bus access service for people with disabilities; on the other hand the Mobi+ system is easily to deploy in the buses and at bus stations thanks to its low energy consumption and small form factor. PMID:23112622

  3. Intelligent Urban Public Transportation for Accessibility Dedicated to People with Disabilities

    Jian Li

    2012-08-01

    Full Text Available The traditional urban public transport system generally cannot provide an effective access service for people with disabilities, especially for disabled, wheelchair and blind (DWB passengers. In this paper, based on advanced information & communication technologies (ICT and green technologies (GT concepts, a dedicated public urban transportation service access system named Mobi+ has been introduced, which facilitates the mobility of DWB passengers. The Mobi+ project consists of three subsystems: a wireless communication subsystem, which provides the data exchange and network connection services between buses and stations in the complex urban environments; the bus subsystem, which provides the DWB class detection & bus arrival notification services; and the station subsystem, which implements the urban environmental surveillance & bus auxiliary access services. The Mobi+ card that supports multi-microcontroller multi-transceiver adopts the fault-tolerant component-based hardware architecture, in which the dedicated embedded system software, i.e., operating system micro-kernel and wireless protocol, has been integrated. The dedicated Mobi+ embedded system provides the fault-tolerant resource awareness communication and scheduling mechanism to ensure the reliability in data exchange and service provision. At present, the Mobi+ system has been implemented on the buses and stations of line ‘2’ in the city of Clermont-Ferrand (France. The experiential results show that, on one hand the Mobi+ prototype system reaches the design expectations and provides an effective urban bus access service for people with disabilities; on the other hand the Mobi+ system is easily to deploy in the buses and at bus stations thanks to its low energy consumption and small form factor.

  4. Access Control Mechanisms for Semantic Web services-A Discussion on Requirements & Future Directions

    Gondara, Mandeep Kaur

    2011-01-01

    Semantic Web is an open, distributed, and dynamic environment where access to resources cannot be controlled in a safe manner unless the access decision takes into account during discovery of web services. Security becomes the crucial factor for the adoption of the semantic based web services. An access control means that the users must fulfill certain conditions in order to gain access over web services. Access control is important in both perspectives i.e. legal and security point of view. This paper discusses important requirements for effective access control in semantic web services which have been extracted from the literature surveyed. I have also discussed open research issues in this context, focusing on access control policies and models in this paper.

  5. The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

    Maximilien Brice

    2006-01-01

    The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

  6. Optimal Control Theory for Time-Dependent Quantum Transport

    Zhang, Yu

    2015-01-01

    Optical techniques have been employed to coherently control the quantum transport through nanojunctions. Conventional works on optical control of quantum transport usually applied a tailored electrical pulses to perform specific tasks. In this work, an opposite way is employed and a time-dependent driving field is searched to force the system behave in desired pattern. In order to achieve the goal, an optimal control theory for time-dependent quantum transport is developed. The theory provide...

  7. Accessibility appraisal of land-use/transport policy strategies: More than just adding up travel-time savings

    Geurs, Karst; Zondag, Barry; Jong, de Gerard; Bok, de Michiel

    2010-01-01

    We examine the accessibility benefits associated with some land-use policy strategies for the Netherlands that anticipate on expected climate change. A disaggregate logsum accessibility measure using the Dutch national land-use/transport interaction model TIGRIS XL is used to compute changes in cons

  8. Towards convergence of wireless and wireline signal transport in broadband access networks

    Yu, Xianbin; Prince, Kamau; Tafur Monroy, Idelfonso

    2010-01-01

    Hybrid optical wireless access networks are to play an important role in the realization of the vision of delivery of broadband services to the end-user any time, anywhere and at affordable costs. We present results of experiments conducted over a field deployed optical fibre links we successfull...... demonstrated converged wireless and wireline signal transport over a common fibre infrastructure. The type of signal used in this field deployed experiments cover WiMax, Impulse-radio ultra-wideband (UWB) and coherent transmission of baseband QPSK and radio-over-fibre signals....

  9. Collaboration Policies: Access Control Management in Decentralized Heterogeneous Workflows

    Mine Altunay

    2006-07-01

    Full Text Available Service-oriented computing promotes collaboration by defining the standards layer that allows compatibility between disparate domains. Workflows, by taking advantage of the service oriented framework, provide the necessary tools to harness services in order to tackle complicated problems. As a result, a service is no longer exposed to a small pre-determined homogeneous pool of users; instead it has a large, undefined, and heterogeneous pool of users. This paradigm shift in computing results in increased service exposure. The interactions among the services of a workflow must be carefully evaluated against the security risks associated with them. Classical security problems, such as delegation of rights, conflict of interest, and access control in general, become more complicated due to multiple autonomous security domains and the absence of pre- established trust relationships among the domains. Our work tackles these problems in two aspects: it provides a service owner with the necessary means to express and evaluate its trust requirements from a workflow (collaboration policies, and it incorporates these trust requirements into the workflow-planning framework (workflow authorization framework. Our policy-based framework allows bilateral peer-level trust evaluations that are based on each peer’s collaboration policies, and incorporates the outcome of these evaluations into the workflow planning logic. As a result, our work provides the necessary tools for promoting multi-party ad-hoc collaborations, and aims to reduce the reluctance and hesitation towards these collaborations by attacking the security risks associated with them.

  10. Concurrency control and recovery on lightweight directory access protocol

    Potnis, Rohit R.; Sathaye, Archana S.

    2003-04-01

    In this paper we provide a concurrency control and recovery (CCR) mechanism over cached LDAP objects. An LDAP server can be directly queried using system calls to retrieve data. Existing LDAP implementations do not provide CCR mechanisms. In such cases, it is up to the application to verify that accesses remain serialized. Our mechanism provides an independent layer over an existing LDAP server (Sun One Directory Server), which handles all user requests, serializes them based on 2 Phase Locking and Timestamp Ordering mechanisms and provides XML-based logging for recovery management. Furthermore, while current LDAP servers only provide object-level locking, our scheme serializes transactions on individual attributes of LDAP objects (attribute-level locking). We have developed a Directory Enabled Network (DEN) Simulator that operates on a subset of directory objects on an existing LDAP server to test the proposed mechanism. We perform experiments to show that our mechanism can gracefully address concurrency and recovery related issues over and LDAP server.

  11. Enhanced Role Based Access Control Mechanism for Electronic Examination System

    Adebukola Onashoga

    2014-02-01

    Full Text Available Over the years, e-learning and e-examination has become standard in many institutions of higher learning. It has been observed that examination questions and results can be easily intercepted by invalid users, thus the security of resources shared among valid users is not guaranteed. In order to solve these problems as it relates to access control, a Role based Examination System (RBES was designed, developed and evaluated. RBES attempted to solve the security issue by the combination of two authentication techniques: text-based authentication and graphical password authentication. The Text-based authentication utilizes two text-based parameters namely the username and password. The graphical password authentication makes use of a finite set of controls (RBES chooses radio buttons which are identified by numbers. These numbers constitute the password used for graphical authentication. To improve on resource sharing among users in the examination system, RBES proposes role management (role creation, role update, role removal and user management (user creation, user update and user removal. The developed system made use of asp.net, C#, IIS server, WAMP server, Mysql and other tools for its development. RBES was tested by some legitimate and illegitimate users and the performance of the system was found to be satisfactory, hence RBES shows an efficient and reliable scheme that can be deployed in any examination or e-learning system. Finally the potential threats to the system were modeled and the use of weak passwords was found to be the most likely threat the system could be vulnerable to.

  12. Development of the planning and control segment, CRWMS Transportation System

    This paper discusses the current plans for the development of the Planning and Control segment of the CRWMS Transportation System. Each of the four Planning and Control subsystems are described. It is assumed that the CRWMS will be managed by a single management structure reporting directly to the OCRWM. The Transportation System will operate under this management, with each segment of the Transportation System reporting to a Transportation System Manager. Also described are the support activities essential for the Transportation System, the requirements for and the use of the planning documentation, their interactions, and the steps necessary to prepare for shipping campaigns, and the role of Traffic Management

  13. Report of the experts group on the taxation of the access to gas transport and distribution network

    In the framework of a new french gas industry organization (directive of the 22 june 1998), a concerting mission has been realized on prices taxation for the transport and distribution facilities. The following topics have been debated: the integration and competition of the european gas market, the gas market liberalization consistency and the taxation of transport and distribution network access. (A.L.B.)

  14. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

  15. A 4D-Role Based Access Control Model for Multitenancy Cloud Platform

    Jiangfeng Li; Zhenyu Liao; Chenxi Zhang; Yang Shi

    2016-01-01

    Since more and more applications and services have been transferred from servers in the B/S architecture to cloud, user access control has become a significant part in a multitenancy cloud platform. Role based access control model makes users participate in an enterprise system as particular identities. However, in a multitenancy cloud environment, it has a high probability that the information of tenants has been leaked by using existing role based access control (RBAC) model. Moreover, mana...

  16. The use of modern information technology in research on transport accessibility

    Bartosz BARTOSIEWICZ

    2015-09-01

    Full Text Available Transport accessibility can be analyzed using a number of different methods. The problem with each of them is the difficulty of obtaining data to measure this phenomenon The focus of this article and its main goal are to present methods and tools for gathering data on road traffic; thanks to modern information technology, it is possible to collect real data without the need for large-scale and highly capital-intensive measurements. The application of modern information technology (IT presented in the article, such as computer programs and applications like Google Maps Traffic Overlay and TomTom Live Traffic, enable research to be conducted on a scale that has thus far been unattainable, and allows information to be collected on such criteria as traffic volume, flow, average traffic speed, and actual journey time. Such innovative means of gathering data on automobile traffic open up new perspectives for assessing transport accessibility in terms of automobile traffic by providing high-quality data that meet the requirements for use in primary research.

  17. The Effect of Transport Accessibility on the Social Inclusion of Wheelchair Users: A Mixed Method Analysis

    Raquel Velho

    2016-06-01

    Full Text Available In recent years the accessibility of London buses has improved with the introduction of ramps and wheelchair priority areas. These advances are meant to remove physical barriers to entering the bus, but new conflicts have arisen particularly over the physical space aboard. We aimed to research the barriers faced by wheelchair users in public transport using a mixed methods approach to establish the breadth of issues faced by wheelchair users. To this end we quantified the push-force used alight a bus and a study to understand the coping mechanisms used by people to propel up a ramp. This quantitative approach found push forces which resulted in a load of 2 to 3 times body weight being transferred through people’s shoulders, forces which can be directly linked to shoulder injury. This could disable the user further, preventing them from being able to push their wheelchair. Alongside the quantitative study, we conducted qualitative research comprising of a number of in-depth interviews with wheelchair users about the barriers they face in public transport. Our main claim, highlighted through this interdisciplinary collaboration, is that proposed ‘solutions’ to accessibility, such as ramps, often generate problems of their own. These barriers can affect the life of wheelchair users, impacting on their confidence and causing social isolation. These can be long-term in nature or immediate.

  18. Implementing portable channel access server software in the KEKB accelerator control system

    KEKB (KEK B-factory) accelerators are under construction and the control computer system for them is also in the last phase of installation. KEKB accelerators are composed of two storage rings, namely, HER (High Energy Ring for electrons of 8 GeV) and LER (Low Energy Ring for positrons of 3.5 GeV). These rings are placed in the underground tunnel in which former TRISTAN electron-positron colliding accelerator was. We have been constructing control system for KEKB from the scratch based on EPICS (Experimental Physics and Industrial Control Systems). But, for the injector linac, its control computer system was rejuvenated just a few years ago and it is not an EPICS based system but an original one. To operate KEKB accelerators, tuning of the linac as the injector for the KEKB rings is thought to be very essential. Ideally, KEKB control system can control both KEKB rings and linac. And both operators at linac control room and at KEKB control room should be able to monitor and adjust equipment of the other accelerators. For that purpose, we have to develop suitable method in between two systems to communicate with each other. In the EPICS collaborations, there is a Portable CA (Channel Access) Server for EPICS developed at Los Alamos National Laboratory for SUN workstations. We decided to modify it for our purposes and have been implementing it to KEKB control system step by step. And now, we can monitor and set magnetic field of Q-magnets in the linac, control beam transport magnets in the linac beam line, control klystrons, and measure beam positions by strip-line monitors through EPICS. In the near future, other equipment of the linac will be added to the CA server before the commissioning of the KEKB rings. (author)

  19. Broadband passive optical network media access control protocols

    Quayle, Alan

    1996-11-01

    Most telecommunication operators are currently deciding on how to respond to customers' needs stimulated by the synergy between compression coding of multimedia and the emergence of broadband digital networks. This paper describes a range of broadband access architectures under consideration in the full services access network initiative. All architectures have a common requirement for a broadband ATM PON. A common broadband PON applicable to many operators increases the world-wide market for the product. With greater production volumes manufacturers' costs reduce because of the experience curve effect making broadband access systems economic.

  20. Role-based access control through on-demand classification of electronic health record.

    Tiwari, Basant; Kumar, Abhay

    2015-01-01

    Electronic health records (EHR) provides convenient method to exchange medical information of patients between different healthcare providers. Access control mechanism in healthcare services characterises authorising users to access EHR records. Role Based Access Control helps to restrict EHRs to users in a certain role. Significant works have been carried out for access control since last one decade but little emphasis has been given to on-demand role based access control. Presented work achieved access control through physical data isolation which is more robust and secure. We propose an algorithm in which selective combination of policies for each user of the EHR database has been defined. We extend well known data mining technique 'classification' to group EHRs with respect to the given role. Algorithm works by taking various roles as class and defined their features as a vector. Here, features are used as a Feature Vector for classification to describe user authority. PMID:26559071

  1. REDUCTION IN PROBABILITY OF TRAFFIC CONGESTION ON HIGH-CLASS ROAD USING RAMP ACCESS CONTROL

    R. Yu. Lagerev

    2016-02-01

    Full Text Available Мerging traffic junctions on high-class roads are considered as bottlenecks in the network and quality of their operation determines a probability for formation of traffic congestions. Investigations on congestion situations in the merging zones of ramp and freeway traffic flows have demonstrated that queuing ramp traffic flow leads to formation of so called “turbulence” effect due to re-arrangement of transport facilities and reduction in their speed on main road direction. Having high queuing traffic flow on main road the “turbulence” component can result in formation of an impact blow in the main traffic flow. It has been proved that an impact of the ramp traffic flow on congestion probability is higher in comparison with main road traffic flow. The paper makes it possible to establish that some transport facilities moving along a high-way simul taneously occupy two lanes in the merging traffic zones and they reduce capacity of the used road section. It is necessary to take into account this specific feature and it is necessary to pay attention to it in the zones of “turbulence” effect formation. The paper presents main approaches, methodology, principles and stages required for access control of high-class roads which are directed on higher quality of their operation including improvement of road traffic safety. The paper proposes a methodоlogy that allows to evaluate and optimize ramp control in the context of a transport queue length minimization at adjoining ramps for the purposes of probability reduction in transport congestion.

  2. Designing a Secure E-commerce with Credential Purpose-based Access Control

    Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

    2014-01-01

    The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

  3. Task-and-role-based access-control model for computational grid

    LONG Tao; HONG Fan; WU Chi; SUN Ling-li

    2007-01-01

    Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

  4. Wi-Fi Networks Security and Accessing Control

    Tarek S. Sobh

    2013-06-01

    Full Text Available As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi AP under attack specially rogue AP and/or ad-hoc client. It provides a solution for detecting and preventing this attack. In addition, it provides the required user permissions to allow/block access of the files on the user of ad-hoc client. The experiments include the rogue AP attack are maintained and the effectiveness of the proposed solution are tested.

  5. An access control architecture for metropolitan area wireless networks

    Friday, Adrian; Wu, Maomao; Schmid, Stefan; Finney, Joseph; Cheverst, Keith; Davies, Nigel

    2001-01-01

    This paper presents a novel wireless access point architecture designed to support the development of next generation mobile context-aware applications over metropolitan scale areas. In addition, once deployed, this network will allow ordinary citizens secure, accountable and convenient access to the Internet from their local city and campus environments. The proposed architecture is based on an approach utilising a modified Mobile IPv6 protocol stack that uses packet marking and network leve...

  6. A Generic Role Based Access Control Model for Wind Power Systems

    Nagarajan, Anand; Jensen, Christian D.

    2010-01-01

    infrastructure in a software domain in a manufacturer independent manner as well as establishing secure communication and authenticating the other parties in electrical power infrastructures, but they do not address the problem of access control. We therefore propose a generic model for access control in wind...... power systems, which is based on the widely used role-based access control model. The proposed model is tested using a prototype designed in conformance with the standards that are in use in modern wind power infrastructure and the results are presented to determine the overhead in communication caused...... while adhering to the proposed access model....

  7. An effective access control approach to support mobility in IPv6 networks

    Peng, Xue-hai; Lin, Chuang

    2005-11-01

    Access control is an important method to improve network security and prevent protected resources from being used by some nodes without authority. Moreover, mobility is an important trend of internet. In this paper, based on the architecture of hierarchical mobile IPv6, we proposed an effective access control approach to support mobility in IPv6 networks, which can ensure the operation of access control when a mobile node roams in these domains with different polices, with decreased delay of access negotiation and cost of delivering messages.

  8. On the Decidability of the Safety Problem for Access Control Policies

    Kleiner, Eldar; Newcomb, Tom

    2006-01-01

    An access control system regulates the rights of users to gain access to resources in accordance with a specified policy. The rules in this policy may interact in a way that is not obvious via human inspection; there is, therefore, a need for automated verification techniques that can check whether a policy does indeed implement some desired security requirement. Thirty years ago, a formalisation of access control presented a model and a safety specification for which satisfaction is undecida...

  9. Impurity transport and control in ASDEX Upgrade

    Impurity transport parameters of Si and Ne have been determined for H-mode and improved H-mode plasmas with and without central wave heating. The diffusion coefficient D is always anomalous in the edge region and about neoclassical in the centre, when central heating powers are low. Sufficient central wave heating increases the central D and leads also to a flattening of the central density profile. Accumulation of W has been studied in improved H-mode discharges. It strongly depends on the density peaking, and can become severe for purely NBI heated discharges with peaked density profiles, while for flat density profiles, which are achieved with sufficient central wave heating, the W concentrations are flat. Extrapolations of the found impurity behaviour were used to guide a case study of particle transport for the ITER-FEAT inductive operation reference scenario. It suggests sufficient anomalous transport and thus negligible impurity accumulation in the inner plasma region. (author)

  10. Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

    Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

    2015-01-01

    In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class...... Barring solution. We then provide a brief overview of the Load Control solutions provided by the Enhanced Packet Core (EPC) Network and how they intertwine with the Extended Access Barring at the Enhanced Universal Terrestrial Radio Access Network (E-UTRAN). We also provide an outlook on the current 3GPP...... efforts in regards to MTC related load control issues....

  11. H-RBAC: A Hierarchical Access Control Model for SaaS Systems

    Dancheng Li

    2011-08-01

    Full Text Available SaaS is a new way to deploy software as a hosted service and accessed over the Internet which means the customers don’t need to maintain the software code and data on their own servers. So it’s more important for SaaS systems to take security issues into account. Access control is a security mechanism that enables an authority to access to certain restricted areas and resources according to the permissions assigned to a user. Several access models have been proposed to realize the access control of single instance systems. However, most of the existing models couldn’t address the following SaaS system problems: (1 role name conflicts (2 cross-level management (3 the isomerism of tenants' access control (4 temporal delegation constraints. This paper describes a hierarchical RBAC model called H-RBAC solves all the four problems of SaaS systems mentioned above. This model addresses the SaaS system access control in both system level and tenant level. It combines the advantages of RBDM and ARBAC97 model and introduces temporal constraints to SaaS access control model. In addition, a practical approach to implement the access control module for SaaS systems based on H-RBAC model is also proposed in this paper.

  12. 77 FR 71474 - Seventeenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2012-11-30

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held December 13, 2012... Federal Aviation Administration Seventeenth Meeting: RTCA Special Committee 224, Airport Security...

  13. 78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-07-22

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held on June 20, 2013... Federal Aviation Administration Twenty-Third Meeting: RTCA Special Committee 224, Airport Security...

  14. 77 FR 64838 - Sixteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2012-10-23

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held November 15, 2012... Federal Aviation Administration Sixteenth Meeting: RTCA Special Committee 224, Airport Security...

  15. 78 FR 16757 - Twentieth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-03-18

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 4, 2013 from 9... Federal Aviation Administration Twentieth Meeting: RTCA Special Committee 224, Airport Security...

  16. 78 FR 31627 - Twenty-Second Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-05-24

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held on June 20, 2013... Federal Aviation Administration Twenty-Second Meeting: RTCA Special Committee 224, Airport Security...

  17. 78 FR 7850 - Nineteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-02-04

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held February 21, 2013... Federal Aviation Administration Nineteenth Meeting: RTCA Special Committee 224, Airport Security...

  18. 77 FR 55894 - Fifteenth Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2012-09-11

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems DATES: The meeting will be held September 27-28, 2012... Federal Aviation Administration Fifteenth Meeting: RTCA Special Committee 224, Airport Security...

  19. Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

    Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

    2007-01-01

    This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an a

  20. 78 FR 22025 - Twenty First Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

    2013-04-12

    ...). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security Access Control Systems. SUMMARY... Committee 224, Airport Security Access Control Systems. DATES: The meeting will be held April 9-10, 2013... Federal Aviation Administration Twenty First Meeting: RTCA Special Committee 224, Airport Security...

  1. 75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

    2010-01-26

    ... COMMISSION 17 CFR Part 240 RIN 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access... market access to customers or other persons, to implement risk management controls and supervisory.... 40354 (August 24, 1998), 63 FR 46264 (August 31, 1998) (NASD NTM-98-66). Certain market participants...

  2. 76 FR 60398 - Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control...

    2011-09-29

    ... Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies, 68 FR 62011... Circumvention of Copyright Protection Systems for Access Control Technologies, 71 FR 68472, 68480, published in... Rulemaking Proceeding The Digital Millennium Copyright Act, Public Law 105-304 (1998), amended title 17...

  3. Sociospatial distribution of access to facilities for moderate and vigorous intensity physical activity in Scotland by different modes of transport

    Lamb Karen E

    2012-07-01

    Full Text Available Abstract Background People living in neighbourhoods of lower socioeconomic status have been shown to have higher rates of obesity and a lower likelihood of meeting physical activity recommendations than their more affluent counterparts. This study examines the sociospatial distribution of access to facilities for moderate or vigorous intensity physical activity in Scotland and whether such access differs by the mode of transport available and by Urban Rural Classification. Methods A database of all fixed physical activity facilities was obtained from the national agency for sport in Scotland. Facilities were categorised into light, moderate and vigorous intensity activity groupings before being mapped. Transport networks were created to assess the number of each type of facility accessible from the population weighted centroid of each small area in Scotland on foot, by bicycle, by car and by bus. Multilevel modelling was used to investigate the distribution of the number of accessible facilities by small area deprivation within urban, small town and rural areas separately, adjusting for population size and local authority. Results Prior to adjustment for Urban Rural Classification and local authority, the median number of accessible facilities for moderate or vigorous intensity activity increased with increasing deprivation from the most affluent or second most affluent quintile to the most deprived for all modes of transport. However, after adjustment, the modelling results suggest that those in more affluent areas have significantly higher access to moderate and vigorous intensity facilities by car than those living in more deprived areas. Conclusions The sociospatial distributions of access to facilities for both moderate intensity and vigorous intensity physical activity were similar. However, the results suggest that those living in the most affluent neighbourhoods have poorer access to facilities of either type that can be reached on foot

  4. A dynamic access control method based on QoS requirement

    Li, Chunquan; Wang, Yanwei; Yang, Baoye; Hu, Chunyang

    2013-03-01

    A dynamic access control method is put forward to ensure the security of the sharing service in Cloud Manufacturing, according to the application characteristics of cloud manufacturing collaborative task. The role-based access control (RBAC) model is extended according to the characteristics of cloud manufacturing in this method. The constraints are considered, which are from QoS requirement of the task context to access control, based on the traditional static authorization. The fuzzy policy rules are established about the weighted interval value of permissions. The access control authorities of executable service by users are dynamically adjusted through the fuzzy reasoning based on the QoS requirement of task. The main elements of the model are described. The fuzzy reasoning algorithm of weighted interval value based QoS requirement is studied. An effective method is provided to resolve the access control of cloud manufacturing.

  5. The Study of Access Control for Service-Oriented Computing in Internet of Things

    Guoping Zhang

    2012-06-01

    Full Text Available In Internet of Things, computing and processing of information is the core supporting. In this paper, we introduce “Service-Oriented Computing” to solve the computing and processing of information in IoT. However, a key challenge in service-oriented environment is the design of effective access control schemas.We put forward a model of Workflow -oriented Attributed Based Access Control (WABAC, and an access control framework based on WABAC model. WABAC model grants and adapts permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.

  6. A Brief Survey of Media Access Control, Data Link Layer, and Protocol Technologies for Lunar Surface Communications

    Wallett, Thomas M.

    2009-01-01

    This paper surveys and describes some of the existing media access control and data link layer technologies for possible application in lunar surface communications and the advanced wideband Direct Sequence Code Division Multiple Access (DSCDMA) conceptual systems utilizing phased-array technology that will evolve in the next decade. Time Domain Multiple Access (TDMA) and Code Division Multiple Access (CDMA) are standard Media Access Control (MAC) techniques that can be incorporated into lunar surface communications architectures. Another novel hybrid technique that is recently being developed for use with smart antenna technology combines the advantages of CDMA with those of TDMA. The relatively new and sundry wireless LAN data link layer protocols that are continually under development offer distinct advantages for lunar surface applications over the legacy protocols which are not wireless. Also several communication transport and routing protocols can be chosen with characteristics commensurate with smart antenna systems to provide spacecraft communications for links exhibiting high capacity on the surface of the Moon. The proper choices depend on the specific communication requirements.

  7. On the performance of shared access control strategy for femtocells

    Magableh, Amer M.

    2013-02-18

    Femtocells can be employed in cellular systems to enhance the indoor coverage, especially in the areas with high capacity growing demands and high traffic rates. In this paper, we propose an efficient resource utilization protocol, named as shared access protocol (SAP), to enable the unauthorized macrocell user equipment to communicate with partially closed-access femtocell base station to improve and enhance the system performance. The system model considers a femtocell that is equipped with a total of N separated antennas or channels to multiplex independent traffic. Then, a set of N1 channels is used for closed access only by the authorized users, and the remaining set of channel resources can be used for open access by either authorized or unauthorized users upon their demands and spatial locations. For this system model, we obtain the signal-to-interference ratio characteristics, such as the distribution and the moment generating function, in closed forms for two fading models of indoor and outdoor environments. The signal-tointerference ratio statistics are then used to derive some important performance measures of the proposed SAP in closed form, such as the average bit error rate, outage probability, and average channel capacity for the two fading models under consideration. Numerical results for the obtained expressions are provided and supported by Monte Carlo simulations to validate the analytical development and study the effectiveness of the proposed SAP under different conditions. Copyright © 2012 John Wiley and Sons, Ltd.

  8. Controlling Quantum Transport with a Programmable Nanophotonic Processor

    Harris, Nicholas; Steinbrecher, Gregory; Mower, Jacob; Lihini, Yoav; Prabhu, Mihika; Baehr-Jones, Tom; Hochberg, Michael; Lloyd, Seth; Englund, Dirk

    Recent experimental and theoretical work has revealed emergent, counter-intuitive quantum transport effects in a range of physical medial including solid-state and biological systems. Photonic integrated circuits are promising platforms for studying such effects. A central goal in for photonic quantum transport simulators has been the ability to rapidly control all parameters of the transport problem. Here, we present a large-scale programmable nanophotonic processor composed of 56 Mach-Zehnder interferometers that enables control over modal couplings and differential phases between modes--enabling observations of Anderson localization, environment-assisted quantum transport, ballistic transport, and a number of intermediate quantum transport regimes. Rapid programmability enables tens of thousands of realizations of disordered and noisy systems. In addition, low loss makes this nanophotonic processor a promising platform for many-boson quantum simulation experiments.

  9. Supporting a Design Driven Approach to Social Inclusion and Accessibility in Transport

    Russell Marshall

    2016-06-01

    Full Text Available This paper presents research into the area of public transport and accessibility, addressing the support of practitioners in achieving socially inclusive solutions to the mobility issues of diverse populations. For decades, social policy has been underpinned by a stereotyping of populations into simplified sub groups: old, young, disabled, etc. and thus solutions often fail to properly address the richness of human variability. These shortcomings are often ‘managed’ through the ability for people to adapt, however, this is not a sustainable way in which to build a socially inclusive transport infrastructure. A software design tool called HADRIAN is presented. This tool provides a means to evaluate designs for their physical inclusiveness through the use of a virtual user group. This virtual user group is the embodiment of over 100 people that can be used to assess an existing or proposed design and to gain an understanding of what may be done to improve its accommodation. A case study exploring the use of the tool is described together with work in exploring the correlation of the individuals within the HADRIAN system with data on the UK population as a whole and how the inclusion or exclusion of individuals with specific characteristics can be used to inform a more representative view of the inclusiveness of a design.

  10. Public Transport Priority for Multimodal Urban Traffic Control

    BHOURI, Neila; MAYORANO, Fernando J; LOTITO, Pablo A; Haj Salem, Habib; LEBACQUE, Jean Patrick

    2015-01-01

    In order to improve the travel time of surface public transport vehicles (bus, tramway, etc.), several cities use Urban Traffic Control (UTC) systems enabling to give priority to public transport. This paper reviews these systems. Further on after a debate on their insufficiencies in the global regulation of the urban traffic on a whole network, the paper proposes intermodal regulation strategies, operating on intersection traffic lights to regulate the traffic, favouring the public transport...

  11. Role mining in business taming role-based access control administration

    Colantonio, Alessandro; Ocello, Alberto

    2012-01-01

    With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) - a policy-neutral access control model that serves as a bridge between academia and industry - is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC's cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of a

  12. Characterization of accessibility for affine connection control systems at some points with nonzero velocity

    Barbero-Liñán, María

    2011-01-01

    Affine connection control systems are mechanical control systems that model a wide range of real systems such as robotic legs, hovercrafts, planar rigid bodies, rolling pennies, snakeboards and so on. In 1997 the accessibility and a particular notion of controllability was intrinsically described by A. D. Lewis and R. Murray at points of zero velocity. Here, we present a novel generalization of the description of accessibility algebra for those systems at some points with nonzero velocity as long as the affine connection restricts to the distribution given by the symmetric closure. The results are used to describe the accessibility algebra of different mechanical control systems.

  13. Control of chaotic transport in Hamiltonian systems

    Ciraolo, Guido; Chandre, Cristel; Lima, Ricardo; Vittot, Michel; Pettini, Marco; Figarella, Charles; Ghendrih, Philippe

    2003-01-01

    It is shown that a relevant control of Hamiltonian chaos is possible through suitable small perturbations whose form can be explicitly computed. In particular, it is possible to control (reduce) the chaotic diffusion in the phase space of a Hamiltonian system with 1.5 degrees of freedom which models the diffusion of charged test particles in a ``turbulent'' electric field across the confining magnetic field in controlled thermonuclear fusion devices. Though still far from practical applicatio...

  14. A Fault-Tolerant Emergency-Aware Access Control Scheme for Cyber-Physical Systems

    Wu, Guowei; Xia, Feng; Yao, Lin

    2012-01-01

    Access control is an issue of paramount importance in cyber-physical systems (CPS). In this paper, an access control scheme, namely FEAC, is presented for CPS. FEAC can not only provide the ability to control access to data in normal situations, but also adaptively assign emergency-role and permissions to specific subjects and inform subjects without explicit access requests to handle emergency situations in a proactive manner. In FEAC, emergency-group and emergency-dependency are introduced. Emergencies are processed in sequence within the group and in parallel among groups. A priority and dependency model called PD-AGM is used to select optimal response-action execution path aiming to eliminate all emergencies that occurred within the system. Fault-tolerant access control polices are used to address failure in emergency management. A case study of the hospital medical care application shows the effectiveness of FEAC.

  15. A General Attribute and Rule Based Role-Based Access Control Model

    2007-01-01

    Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

  16. Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

    Mahmood Rajpoot, Qasim

    Use of video surveillance has significantly increased in the last few decades. Modern video surveillance systems are equipped with techniques that automatically extract information about the objects and events from the video streams and allow traversal of data in an effective and efficient manner...... that is suitable for video surveillance systems as well as other domains sharing similar requirements. As the currently dominant access control models – the role-based access control (RBAC) and the attribute-based access control (ABAC) – suffer from limitations while offering features complementary to each other......, their integration has become an important area of research. Our access control model combines the two models in a novel way in order to unify their benefits while avoiding their limitations. Our approach provides a mechanism that not only takes information about the current circumstances into account during access...

  17. Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.;

    2012-01-01

    Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

  18. Secure Remote Access Issues in a Control Center Environment

    Pitts, Lee; McNair, Ann R. (Technical Monitor)

    2002-01-01

    The ISS finally reached an operational state and exists for local and remote users. Onboard payload systems are managed by the Huntsville Operations Support Center (HOSC). Users access HOSC systems by internet protocols in support of daily operations, preflight simulation, and test. In support of this diverse user community, a modem security architecture has been implemented. The architecture has evolved over time from an isolated but open system to a system which supports local and remote access to the ISS over broad geographic regions. This has been accomplished through the use of an evolved security strategy, PKI, and custom design. Through this paper, descriptions of the migration process and the lessons learned are presented. This will include product decision criteria, rationale, and the use of commodity products in the end architecture. This paper will also stress the need for interoperability of various products and the effects of seemingly insignificant details.

  19. Thermal Control System Development to Support the Crew Exploration Vehicle and Lunar Surface Access Module

    Anderson, Molly; Westheimer, David

    2006-01-01

    All space vehicles or habitats require thermal management to maintain a safe and operational environment for both crew and hardware. Active Thermal Control Systems (ATCS) perform the functions of acquiring heat from both crew and hardware within a vehicle, transporting that heat throughout the vehicle, and finally rejecting that energy into space. Almost all of the energy used in a space vehicle eventually turns into heat, which must be rejected in order to maintain an energy balance and temperature control of the vehicle. For crewed vehicles, Active Thermal Control Systems are pumped fluid loops that are made up of components designed to perform these functions. NASA has recently evaluated all of the agency s technology development work and identified key areas that must be addressed to aid in the successful development of a Crew Exploration Vehicle (CEV) and a Lunar Surface Access Module (LSAM). The technologies that have been selected and are currently under development include: fluids that enable single loop ATCS architectures, a gravity insensitive vapor compression cycle heat pump, a sublimator with reduced sensitivity to feedwater contamination, an evaporative heat sink that can operate in multiple ambient pressure environments, a compact spray evaporator, and lightweight radiators that take advantage of carbon composites and advanced optical coatings.

  20. An entity access control model for network services management

    Dias, Bruno

    2005-01-01

    The Network Services Management Framework tries to overcome the most important limitations of present network management frameworks, namely the most widely supported framework – the Internet Network Management Framework – by defining a management framework using a network services management distributed architecture that provides services management functions with any desired level of functionality. This document introduces one of the most important parts of this framework, the Entity Access ...

  1. Workflow management systems, their security and access control mechanisms

    Chehrazi, Golriz

    2007-01-01

    This paper gives an overview of workflow management systems (WfMSs) and their security requirements with focus on access mechanisms. It is a descriptive paper in which we examine the state of the art of workflow systems, describe what security risks affect WfMSs in particular, and how these can be diminiuished. WfMSs manage, illustrate and support business processes. They contribute to the performance, automation and optimization of processes, which is important in the global economy today. ...

  2. A View-Based Access Control Model for SPARQL

    Gabillon, Alban; Letouzey, Léo

    2010-01-01

    Existing security models for RDF use RDF patterns for defining the security policy. This approach leads to a number of security rules which rapidly tends to be unmanageable. In this paper we define a new security model which follows the traditional approach of creating security views, which has long been used by SQL database administrators. Our model first logically distributes RDF data into SPARQL views and then it defines security rules regulating SPARQL access to views. Moreover our model ...

  3. Proximity-based access control for context-sensitive information provision in SOA-based systems

    Rajappan, Gowri; Wang, Xiaofei; Grant, Robert; Paulini, Matthew

    2014-06-01

    Service Oriented Architecture (SOA) has enabled open-architecture integration of applications within an enterprise. For net-centric Command and Control (C2), this elucidates information sharing between applications and users, a critical requirement for mission success. The Information Technology (IT) access control schemes, which arbitrate who gets access to what information, do not yet have the contextual knowledge to dynamically allow this information sharing to happen dynamically. The access control might prevent legitimate users from accessing information relevant to the current mission context, since this context may be very different from the context for which the access privileges were configured. We evaluate a pair of data relevance measures - proximity and risk - and use these as the basis of dynamic access control. Proximity is a measure of the strength of connection between the user and the resource. However, proximity is not sufficient, since some data might have a negative impact, if leaked, which far outweighs importance to the subject's mission. For this, we use a risk measure to quantify the downside of data compromise. Given these contextual measures of proximity and risk, we investigate extending Attribute-Based Access Control (ABAC), which is used by the Department of Defense, and Role-Based Access Control (RBAC), which is widely used in the civilian market, so that these standards-based access control models are given contextual knowledge to enable dynamic information sharing. Furthermore, we consider the use of such a contextual access control scheme in a SOA-based environment, in particular for net-centric C2.

  4. Assessment of current practices in creating and using passwords as a control mechanism for information access

    P. L. Wessels

    2007-11-01

    Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

  5. Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.;

    2012-01-01

    Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

  6. A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

    Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

    2014-01-01

    new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

  7. A Semantic Context-Based Model for MobileWeb Services Access Control

    Haibo Shen

    2011-02-01

    Full Text Available As mobile web services becomes more pervasive, applications based on mobile web services will need flexible access control mechanisms. Unlike traditional approaches based on the identity or role for access control, access decisions for these applications will depend on the combination of the required attributes of users and the contextual information. This paper proposes a semantic context-based access control model (called SCBAC to be applied in mobile web services environment by combining semantic web technologies with context-based access control mechanism. The proposed model is a context-centric access control solutions, context is the first-class principle that explicitly guides both policy specification and enforcement process. In order to handle context information in the model, this paper proposes a context ontology to represent contextual information and employ it in the inference engine. As well as, this paper specifies access control policies as rules over ontologies representing the concepts introduced in the SCBAC model, and uses semantic web rule language (SWRL to form policy rule and infer those rules by JESS inference engine. The proposed model can also be applied to context-aware applications.

  8. Optimal traffic control in highway transportation networks using linear programming

    Li, Yanning

    2014-06-01

    This article presents a framework for the optimal control of boundary flows on transportation networks. The state of the system is modeled by a first order scalar conservation law (Lighthill-Whitham-Richards PDE). Based on an equivalent formulation of the Hamilton-Jacobi PDE, the problem of controlling the state of the system on a network link in a finite horizon can be posed as a Linear Program. Assuming all intersections in the network are controllable, we show that the optimization approach can be extended to an arbitrary transportation network, preserving linear constraints. Unlike previously investigated transportation network control schemes, this framework leverages the intrinsic properties of the Halmilton-Jacobi equation, and does not require any discretization or boolean variables on the link. Hence this framework is very computational efficient and provides the globally optimal solution. The feasibility of this framework is illustrated by an on-ramp metering control example.

  9. WWW--Wealth, Weariness or Waste. Controlled Vocabulary and Thesauri in Support of Online Information Access.

    Batty, David

    1998-01-01

    Discusses the problems of access to information in a machine-sensible environment, and the potential of modern library techniques to help in solving them. Explains how authors and publishers can make information more accessible by providing indexing information that uses controlled vocabulary, terms from a thesaurus, or other linguistic assistance…

  10. The Smart Card concept applied to access control

    Passwords tend to be handled carelessly, and so are easily lost or stolen. Because they are intangible, their loss or theft generally goes unnoticed. Because they are constant, they may be used by anyone for as long as they remain in active use by a legitimate user. A step up in password security is offered by a new range of products which generate a new code each time the device is used. Devices are being produced in packages as small as a standard plastic credit card, including internal battery power, integral keyboard and LCD display. Security features of the Smart Card are reviewed, and several random access code generators currently available in the commercial marketplace are described

  11. Purpose engineering for Contextual Role-Based Access Control (C-RBAC

    Muhammad Nabeel Tahir

    2008-09-01

    Full Text Available Distributed and ubiquitous computing environments have brought enormous efficiency to the collection, manipulation and distribution of information and services. Although this efficiency has revolutionized countless organizations but it has also increased the threats to individual’s privacy because the information stored within the collection of heterogeneous distributed components is sensitive and requires some form of access control. The way to protect privacy in this age of information technology requires such access control system that can accommodate organization requirements to protect privacy of individuals with ease in management and administration of resources. Among those requirements, purpose inference is one of the major problems as the total access control decision mainly relies on the user intentions/purposed. This work in this paper is an attempt to provide purpose engineering semantics that we use for the proposed contextual role-based access control model (C-RBAC in order to comply with HIPAA.

  12. Human engineering considerations in designing a computerized controlled access security system

    This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

  13. Modelling and Analysing Access Control Policies in XACML 3.0

    Ramli, Carroline Dewi Puspa Kencana

    XACML (eXtensible Access Control Markup Language) is a prominent access control language that is widely adopted both in industry and academia. XACML is an international standard in the field of information security. The problem with XACML is that its specification is described in natural language...... (c.f. GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0. The...... main focus of this thesis is modelling and analysing access control policies in XACML 3.0. There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard...

  14. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.;

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  15. The RFID smart card management application for the hotel access control

    Kreslin, Robert

    2011-01-01

    In this thesis we wanted to present the project that was made for a smaller hotel in Nova Gorica. The goal was to create an application for managing access control according to customer's wishes as well as to introduce the system into the existent infrastructure. The first step was to define what access control actually means. In broad terms it is divided into RFID – radio-frequency identification and biometric identification. Both have their strengths and their weaknesses. Next step was choo...

  16. ConXsense - Automated Context Classification for Context-Aware Access Control

    Miettinen, Markus; Heuser, Stephan; Kronz, Wiebke; Sadeghi, Ahmad-Reza; Asokan, N.

    2013-01-01

    We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context se...

  17. Finding Security Bugs in Web Applications using a Catalog of Access Control Patterns

    Near, Joseph Paul; Jackson, Daniel

    2016-01-01

    We propose a specification-free technique for finding missing security checks in web applications using a catalog of access control patterns in which each pattern models a common access control use case. Our implementation, Space, checks that every data exposure allowed by an application's code matches an allowed exposure from a security pattern in our catalog. The only user-provided input is a mapping from application types to the types of the catalog; the rest of the process is entirely au...

  18. Grid-based access control for Unix environments, Filesystems and Web Sites

    McNab, A.

    2003-01-01

    The EU DataGrid has deployed a grid testbed at approximately 20 sites across Europe, with several hundred registered users. This paper describes authorisation systems produced by GridPP and currently used on the EU DataGrid Testbed, including local Unix pool accounts and fine-grained access control with Access Control Lists and Grid-aware filesystems, fileservers and web developement environments.

  19. A New Access Control Scheme for Facebook-style Social Networks

    Pang, Jun; Zhang, Yang

    2013-01-01

    The popularity of online social networks (OSNs) makes the protection of users' private information an important but scientifically challenging problem. In the literature, relationship-based access control schemes have been proposed to address this problem. However, with the dynamic developments of OSNs, we identify new access control requirements which cannot be fully captured by the current schemes. In this paper, we focus on public information in OSNs and treat it as a new dimension which u...

  20. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  1. The access control and radiation monitoring system for the Austin Hospital PET Centre

    A Positron Emission Tomography Centre is being established at the Austin Hospital, Melbourne. The cyclotron vault and hotcell laboratories have been categorized according to the National Council on Radiation Protection and Measurements guidelines for access control to radiation areas. An access control system incorporating visual alarm systems, signs, barriers and interlocks has been designed for the safe operation of the Centre. These features are briefly described. 6 refs., 1 fig

  2. An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare

    Xuan Hung Le; Murad Khalid; Ravi Sankar; Sungyoung Lee

    2011-01-01

    Wireless sensor networks (WSNs) will play an active role in the 21th Century Healthcare IT to reduce the healthcare cost and improve the quality of care. The protection of data confidentiality and patient privacy are the most critical requirements for the ubiquitous use of WSNs in healthcare environments. This requires a secure and lightweight user authentication and access control. Symmetric key - based access control is not suitable for WSNs in healthcare due to dynamic network topology, mo...

  3. Control of exciton transport using quantum interference

    Lusk, Mark T.; Stafford, Charles A.; Zimmerman, Jeramy D.; Carr, Lincoln D.

    2015-12-01

    It is shown that quantum interference can be employed to create an exciton transistor. An applied potential gates the quasiparticle motion and also discriminates between quasiparticles of differing binding energy. When implemented within nanoscale assemblies, such control elements could mediate the flow of energy and information. Quantum interference can also be used to dissociate excitons as an alternative to using heterojunctions. A finite molecular setting is employed to exhibit the underlying discrete, two-particle, mesoscopic analog to Fano antiresonance. Selected entanglement measures are shown to distinguish regimes of behavior which cannot be resolved from population dynamics alone.

  4. Competent authority regulatory control of the transport of radioactive material

    The purpose of this guide is to assist competent authorities in regulating the transport of radioactive materials and to assist users of transport regulations in their interactions with competent authorities. The guide should assist specifically those countries which are establishing their regulatory framework and further assist countries with established procedures to harmonize their application and implementation of the IAEA Regulations. This guide specifically covers various aspects of the competent authority implementation of the IAEA Regulations for the Safe Transport of Radioactive Material. In addition, physical protection and safeguards control of the transport of nuclear materials as well as third party liability aspects are briefly discussed. This is because they have to be taken into account in overall transport regulatory activities, especially when establishing the regulatory framework

  5. On the Impact of information access delays on remote control of a wind turbine

    Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova;

    2015-01-01

    on a wind farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies...... useable by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

  6. Database application research in real-time data access of accelerator control system

    The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

  7. Quantum transport of energy in controlled synthetic quantum magnets

    Bermudez, Alejandro; Schaetz, Tobias

    2016-08-01

    We introduce a theoretical scheme that exploits laser cooling and phonon-mediated spin–spin interactions in crystals of trapped atomic ions to explore the transport of energy through a quantum magnet. We show how to implement an effective transport window to control the flow of energy through the magnet even in the absence of fermionic statistics for the carriers. This is achieved by shaping the density of states of the effective thermal reservoirs that arise from the interaction with the external bath of the modes of the electromagnetic field, and can be experimentally controlled by tuning the laser frequencies and intensities appropriately. The interplay of this transport window with the spin–spin interactions is exploited to build an analogue of the Coulomb-blockade effect in nano-scale electronic devices, and opens new possibilities to study quantum effects in energy transport.

  8. Enhancing coherent transport in a photonic network using controllable decoherence.

    Biggerstaff, Devon N; Heilmann, René; Zecevik, Aidan A; Gräfe, Markus; Broome, Matthew A; Fedrizzi, Alessandro; Nolte, Stefan; Szameit, Alexander; White, Andrew G; Kassal, Ivan

    2016-01-01

    Transport phenomena on a quantum scale appear in a variety of systems, ranging from photosynthetic complexes to engineered quantum devices. It has been predicted that the efficiency of coherent transport can be enhanced through dynamic interaction between the system and a noisy environment. We report an experimental simulation of environment-assisted coherent transport, using an engineered network of laser-written waveguides, with relative energies and inter-waveguide couplings tailored to yield the desired Hamiltonian. Controllable-strength decoherence is simulated by broadening the bandwidth of the input illumination, yielding a significant increase in transport efficiency relative to the narrowband case. We show integrated optics to be suitable for simulating specific target Hamiltonians as well as open quantum systems with controllable loss and decoherence. PMID:27080915

  9. Enhancing coherent transport in a photonic network using controllable decoherence

    Biggerstaff, Devon N.; Heilmann, René; Zecevik, Aidan A.; Gräfe, Markus; Broome, Matthew A.; Fedrizzi, Alessandro; Nolte, Stefan; Szameit, Alexander; White, Andrew G.; Kassal, Ivan

    2016-04-01

    Transport phenomena on a quantum scale appear in a variety of systems, ranging from photosynthetic complexes to engineered quantum devices. It has been predicted that the efficiency of coherent transport can be enhanced through dynamic interaction between the system and a noisy environment. We report an experimental simulation of environment-assisted coherent transport, using an engineered network of laser-written waveguides, with relative energies and inter-waveguide couplings tailored to yield the desired Hamiltonian. Controllable-strength decoherence is simulated by broadening the bandwidth of the input illumination, yielding a significant increase in transport efficiency relative to the narrowband case. We show integrated optics to be suitable for simulating specific target Hamiltonians as well as open quantum systems with controllable loss and decoherence.

  10. Access Control in the ATLAS TDAQ Online Cluster

    Leahu, Marius Constantin; Stoichescu, D A; Lehmann Miotto, G

    ATLAS (A Toroidal LHC Apparatus) is a general-purpose detector for studying high-energy particle interactions: it is the largest particle detector experiment at CERN and it is built around one of the interaction points of the proton beams accelerated by the Large Hadron Collider (LHC). The detector generates an impressive amount of raw data: 64 TB per second as a result of 40 MHz proton-proton collision rate with 1.6 MB data for each such event. The handling of such data rate is managed by a three levels Trigger and Data Acquisition (TDAQ) system, which filters out the events not relevant from physics research point of view and selects in the end in the order of 1000 events per second to be stored for offline analyses. This system comprises a significant number of hardware devices, software applications and human personnel to supervise the experiment operation. Their protection against damages as a result of misuse and their optimized exploitation by avoiding the conflicting accesses to resources are key requ...

  11. Distributed Medium Access Control with SDMA Support for WLANs

    Zhou, Sheng; Niu, Zhisheng

    With simultaneous multi-user transmissions, spatial division multiple access (SDMA) provides substantial throughput gain over the single user transmission. However, its implementation in WLANs with contention-based IEEE 802.11 MAC remains challenging. Problems such as coordinating and synchronizing the multiple users need to be solved in a distributed way. In this paper, we propose a distributed MAC protocol for WLANs with SDMA support. A dual-mode CTS responding mechanism is designed to accomplish the channel estimation and user synchronization required for SDMA. We analytically study the throughput performance of the proposed MAC, and dynamic parameter adjustment is designed to enhance the protocol efficiency. In addition, the proposed MAC protocol does not rely on specific physical layer realizations, and can work on legacy IEEE 802.11 equipment with slight software updates. Simulation results show that the proposed MAC outperforms IEEE 802.11 significantly, and that the dynamic parameter adjustment can effectively track the load variation in the network.

  12. A Security Architecture for Data Aggregation and Access Control in Smart Grids

    Ruj, Sushmita; Stojmenovic, Ivan

    2011-01-01

    We propose an integrated architecture for smart grids, that supports data aggregation and access control. Data can be aggregated by home area network, building area network and neighboring area network in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The consumer data that is collected is sent to the substations where it is monitored by remote terminal units (RTU). The proposed access control mechanism gives selective access to consumer data stored in data repositories and used by different smart grid users. Users can be maintenance units, utility centers, pricing estimator units or analyzing and prediction groups. We solve this problem of access control using cryptographic technique of attribute-based encryption. RTUs and users have attributes and cryptographic keys distributed by several key distribution centers (KDC). RTUs send data encrypted under a set of attributes. Users can decrypt information provided they have valid attributes. The ac...

  13. ACCESS METHODS CONCERNING THE CONSTITUTIONAL CONTROL OF THE CONSTITUTIONAL COURT

    Gabriela NEMTOI

    2009-01-01

    The study concerning the laws’ constitutionality represents the reason of constitutional warranty on judicial standards, which governs a democratic state. The supremacy of constitution is only a principle, which has to be doubled by establishing a mechanism creating consistency to it. In order to assure the supremacy of constitution, the doctrine and constitutional practice have created efficient judicial institutions, the control of laws’ constitutionality by the competency of Constitutional...

  14. Technical enforcement of european privacy legislation: an access control approach

    Bekara, Kheira; Laurent, Maryline; Nguyen, Than Ha

    2012-01-01

    Until today, the protection of personal data is mainly left to the legislation by means of guidelines. This paper aims to increase the perceived control by users over their data by helping the user's agent to check the service requests conformity to the legislation. To do so, it discusses the main concepts involved in the legislative privacy principles, and deduces a privacy semantic information model. The proposed model focuses on the main concepts involved in legislative privacy principles....

  15. 78 FR 17781 - Transportation Worker Identification Credential (TWIC)-Reader Requirements

    2013-03-22

    ... to work with the Transportation Worker Identification Credential (TWIC) as an access control measure... access control requirements and other measures designed to enhance maritime security. This rulemaking... Physical Access Control System PIN Personal Identification Number QTL Qualified Technology List...

  16. Control Reallocation Strategies for Damage Adaptation in Transport Class Aircraft

    Gundy-Burlet, Karen; Krishnakumar, K.; Limes, Greg; Bryant, Don

    2003-01-01

    This paper examines the feasibility, potential benefits and implementation issues associated with retrofitting a neural-adaptive flight control system (NFCS) to existing transport aircraft, including both cable/hydraulic and fly-by-wire configurations. NFCS uses a neural network based direct adaptive control approach for applying alternate sources of control authority in the presence of damage or failures in order to achieve desired flight control performance. Neural networks are used to provide consistent handling qualities across flight conditions, adapt to changes in aircraft dynamics and to make the controller easy to apply when implemented on different aircraft. Full-motion piloted simulation studies were performed on two different transport models: the Boeing 747-400 and the Boeing C-17. Subjects included NASA, Air Force and commercial airline pilots. Results demonstrate the potential for improving handing qualities and significantly increased survivability rates under various simulated failure conditions.

  17. TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

    刘武; 段海新; 张洪; 任萍; 吴建平

    2011-01-01

    访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

  18. A Group-oriented Access Control Scheme for P2P Networks

    Wang Xiaoming; Cheng Fan

    2011-01-01

    A group-oriented access control scheme is proposed for P2P (peer to peer) networks. In the proposed scheme, authentication control, admission control and revocation control are used in order to provide security services for P2P networks. Moreover, the proposed scheme can simply and efficient establish share key between two members without interactions, therefore it can perform secure communications with them. The analysis of security and performance shows that the proposed scheme not only can...

  19. Medium Access Control in Energy Harvesting - Wireless Sensor Networks

    Fafoutis, Xenofon

    Control (MAC) protocols that are following the receiver-initiated paradigm of asynchronous communication. According to the receiver-initiated paradigm the communication is initiated by the receiver that states its availability to receive data through beacons. The sender is passively listening...... to the channel until it receives the beacon of interest. In this context, the dissertation begins with an in-depth survey of all the receiverinitiated MAC protocols and presents their unique optimization features, which deal with several challenges of the link layer such as mitigation of the energy consumption......-efficient features that aim to adapt the consumed energy to match the harvested energy, distribute the load with respect to the harvested energy, decrease the overhead of the communication, address the requirements for collision avoidance, prioritize urgent traffic and secure the system against beacon replay attacks...

  20. Integrated transportation and energy sector CO2 emission control strategies

    Lund, Henrik; Münster, Ebbe

    2006-01-01

    This paper analyses the mutual benefits of integrating strategies for future energy and transport CO2 emissions control. The paper illustrates and quantifies the mutual benefits of integrating the transport and the energy sector in the case of Denmark. Today this issue is very relevant in Denmark...... power production (CHP), while the transport sector can assist the energy system in integrating a higher degree of intermittent energy and CHP. Two scenarios for partial conversion of the transport fleet have been considered. One is battery cars combined with hydrogen fuel cell cars, while the other is...... the use of biofuel (ethanol) and synthetic fuel (methanol) for internal combustion cars. An increase in the fraction of electricity delivered by fluctuating sources like wind power will lead to excess electricity production and the two aforementioned scenarios have a substantial effect on the decrease...

  1. The new control system of HLS linac and transport line

    LIU Gong-Fa; LI Wei-Min; LI Jing-Yi; LI Chuan; CHEN Li-Ping; BAO Xun; WANG Ji-Gang; XUAN Ke

    2005-01-01

    The new linac and transport line control system of Hefei Light Source (HLS) is a distributed control system based on EPICS (Experimental Physics and Industrial Control System). Industrial PC (IPC) is widely used as not only Input/Output Controller (IOC) but also device controller. Besides industrial PC, PLC and microcontroller are also used as device controllers. The software for industrial PC based device controller is developed based on VxWorks real-time operating system. The software for PLC and microcontroller are written with ladder software package and assemble language, respectively. PC with Linux and SUN workstation with Solaris are used as operator interfaces (OPI). High level control is made up of some EPICS tools and Tcl/Tk scripts.

  2. An adaptive robust controller for time delay maglev transportation systems

    Milani, Reza Hamidi; Zarabadipour, Hassan; Shahnazi, Reza

    2012-12-01

    For engineering systems, uncertainties and time delays are two important issues that must be considered in control design. Uncertainties are often encountered in various dynamical systems due to modeling errors, measurement noises, linearization and approximations. Time delays have always been among the most difficult problems encountered in process control. In practical applications of feedback control, time delay arises frequently and can severely degrade closed-loop system performance and in some cases, drives the system to instability. Therefore, stability analysis and controller synthesis for uncertain nonlinear time-delay systems are important both in theory and in practice and many analytical techniques have been developed using delay-dependent Lyapunov function. In the past decade the magnetic and levitation (maglev) transportation system as a new system with high functionality has been the focus of numerous studies. However, maglev transportation systems are highly nonlinear and thus designing controller for those are challenging. The main topic of this paper is to design an adaptive robust controller for maglev transportation systems with time-delay, parametric uncertainties and external disturbances. In this paper, an adaptive robust control (ARC) is designed for this purpose. It should be noted that the adaptive gain is derived from Lyapunov-Krasovskii synthesis method, therefore asymptotic stability is guaranteed.

  3. Capability-based Access Control Delegation Model on the Federated IoT Network

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.;

    2012-01-01

    no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...... the identity-based capability-based access control approach as well as contextual information and secure federated IoT, this proposed model provides scalability and flexibility as well as secure authority delegation for highly distributed system....

  4. A novel decentralized hierarchical access control scheme for the medical scenario

    Eskeland, Sigurd; Prasad, Neeli R.

    Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the...... property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the...... hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  5. A novel decentralized hierarchical access control scheme for the medical scenario

    Eskeland, Sigurd; Prasad, Neeli R.

    2006-01-01

    property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover, the......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered to be the...... hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

  6. Steganography-based access control to medical data hidden in electrocardiogram.

    Mai, Vu; Khalil, Ibrahim; Ibaida, Ayman

    2013-01-01

    Steganographic techniques allow secret data to be embedded inside another host data such as an image or a text file without significant changes to the quality of the host data. In this research, we demonstrate how steganography can be used as the main mechanism to build an access control model that gives data owners complete control to their sensitive cardiac health information hidden in their own Electrocardiograms. Our access control model is able to protect the privacy of users, the confidentiality of medical data, reduce storage space and make it more efficient to upload and download large amount of data. PMID:24109934

  7. Plasma transport control and self-sustaining fusion reactor

    The possibility of a high performance/low cost fusion reactor concept which can simultaneously satisfy (1) high beta, (2) high bootstrap fraction (self-sustaining), and (3) high confinement is discussed. In CDX-U, a tokamak configuration was created and sustained solely by internally generated bootstrap currents, in which a seed current is created through a non-classical current diffusion process. Recent theoretical studies of MHD stability limits in spherical torus .g., the National Spherical Torus Experiment (NSTX) reduced a promising regime with stable beta of 45% and bootstrap current fraction of ≥99%. Since the bootstrap current is generated by the pressure gradient, to satisfy the needed current profile for MHD stable high beta regimes, it is essential to develop a means to control the pressure profile. It is suggested that the most efficient approach for pressure profile control is through a creation of transport barriers (localized regions of low plasma transport) in the plasma. As a tool for creating the core transport barrier, poloidal-sheared-flow generation by ion Bernstein waves (IBW) near the wave absorption region appears to be promising. In PBX-M, application of IBW power produced a high-quality internal transport barrier where the ion energy and particle transport became neoclassical in the barrier region. The observation is consistent with the IBW-induced-poloidal-sheared-flow model. An experiment is planned on TFTR to demonstrate this concept with D-T reactor-grade plasmas. For edge transport control, a method based on electron ripple injection (ERI), driven by electron cyclotron heating (ECH), is being developed on CDX-U. It is estimated that both the IBW and ERI methods can create a transport barrier in reactor-grade plasmas (e.g., ITER) with a relatively small amount of power (∼10 MW much-lt Pfusion)

  8. Analysis of Decision Factors for the Application of Information Access Controls within the Organization

    Foerster, Carl A.

    2013-01-01

    The application of access controls on internal information necessarily impacts the availability of that information for sharing inside the enterprise. The decisions establishing the degree of control are a crucial first step to balance the requirements to protect and share. This research develops a set of basic decision factors and examines other…

  9. Socio-economic status influences blood pressure control despite equal access to care

    Paulsen, M S; Andersen, M; Munck, A P;

    2012-01-01

    OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general...... Statistics Denmark. The outcome measure was BP control defined as BP...

  10. 75 FR 69791 - Risk Management Controls for Brokers or Dealers With Market Access

    2010-11-15

    ... Exchange Commission 17 CFR Part 240 Risk Management Controls for Brokers or Dealers With Market Access... Regulations#0;#0; ] SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 RIN 3235-AK53 Risk Management Controls... person other than a broker or dealer, to establish, document, and maintain a system of risk...

  11. A hybrid medium access control for convergence of broadband wireless and wireline ATM networks

    Liu, Hong; Gliese, Ulrik Bo; Dittmann, Lars

    2000-01-01

    In this paper, we propose a hybrid medium access control protocol for supporting broadband integrated services in the wireless ATM networks. The integrated services include CBR, VBR and ABR traffic varying from low bit-rate to very high bit-rate. The proposed protocol is an excellent compromise of...... contention, reservation and polling access techniques based on the dynamic TDMA system. Extensive simulation results using realistic data traffic sources, show that the proposed medium access scheme may provide QoS guarantees to different ATM traffic including the realistic MPEG video traces with low cell...

  12. Controlled Spin Transport in Planar Systems Through Topological Exciton

    Abhinav, Kumar

    2015-01-01

    It is shown that a charge-neutral spin-1 exciton, possibly realizable only in planar systems like graphene and topological insulators, can be effectively used for controlled spin transport in such media. The effect of quantum and thermal fluctuations yield a parametric excitation threshold for its realization. This planar exciton differs from the conventional ones, as it owes its existence to the topological Chern-Simons (CS) term. The parity and time-reversal violating CS term can arise from quantum effects in systems with parity-breaking mass-gap. The spinning exciton naturally couples to magnetic field, leading to the possibility of controlled spin transport. Being neutral, it is immune to a host of effect, which afflicts spin transport through charged fermions.

  13. SparkXS: efficient access control for intelligent and large-scale streaming data applications

    Preuveneers, Davy; Joosen, Wouter

    2015-01-01

    The exponential data growth in intelligent environments fueled by the Internet of Things is not only a major push behind distributed programming frameworks for big data, it also magnifies security and privacy concerns about unauthorized access to data. The huge diversity and the streaming nature of data raises the demand for new enabling technologies for scalable access control that can deal with the growing velocity, volume and variety of volatile data. This paper presents SparkXS, ...

  14. A survey of medium access control protocols for wireless ad hoc networks

    Elvio João Leonardo; Ailton Akira Shinoda

    2004-01-01

    A number of issues distinguishes Medium Access Control (MAC) protocols for wireless networks from those used in wireline systems. In addition, for ad-hoc networks, the characteristics of the radio channel, the diverse physical-layer technologies available and the range of services envisioned make it a difficult task to design an algorithm to discipline the access to the shared medium that results efficient, fair, power consumption sensitive and delay bound. This article presents the current “...

  15. A Model-driven Role-based Access Control for SQL Databases

    Raimundas Matulevičius; Henri Lakk

    2015-01-01

    Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC), which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering app...

  16. Effect of density control and impurity transport on internal transport barrier formation in tokamak plasma

    In future fusion reactors, density control, such as fueling by pellet injection, is an effective method to control the formation of the internal transport barrier (ITB) in reversed magnetic shear plasma, which can improve plasma performance. On the other hand, an operation with ITB can cause accumulation of impurities inside the core ITB region. We studied the relation between pellet injection and ITB formation and the effect of impurity transport on the core of ITB for tokamak plasmas by using the toroidal transport analysis linkage. For ITB formation, we showed that the pellet has to be injected beyond the position where the safety factor q takes the minimum value. We confirmed that the accumulation of impurities causes the attenuation of ITB owing to radiation loss inside the ITB region. Moreover, in terms of the divertor heat flux reduction by impurity gas, the line radiation loss is high for high-Z noble gas impurities, such as Kr, whereas factor Q decreases slightly. (author)

  17. A novel technique to extract events from access control system and locate persons

    Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

  18. Cognitive radio networks medium access control for coexistence of wireless systems

    Bian, Kaigui; Gao, Bo

    2014-01-01

    This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

  19. A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

    ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

    2006-01-01

    PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

  20. Sistemas de Control en el Transporte de productos Perecederos

    Ruiz García, Luis; Barreiro Elorza, Pilar; Ruiz-Altisent, Margarita

    2009-01-01

    Los productos alimentarios perecederos tales como hortalizas, frutas, carne o pescado requieren transporte refrigerado. El control de la calidad y supervisión de los productos durante su transporte y distribución es de gran importancia, siendo el mayor reto asegurar una cadena de frio continua desde el productor hasta el consumidor. Entre las diferentes tecnologías que se pueden utilizar para monitorizar, destacan las tecnologías de sensórica inalámbrica que pueden ser de dos tipos: RFID...

  1. Advanced Transport Operating System (ATOPS) control display unit software description

    Slominski, Christopher J.; Parks, Mark A.; Debure, Kelly R.; Heaphy, William J.

    1992-01-01

    The software created for the Control Display Units (CDUs), used for the Advanced Transport Operating Systems (ATOPS) project, on the Transport Systems Research Vehicle (TSRV) is described. Module descriptions are presented in a standardized format which contains module purpose, calling sequence, a detailed description, and global references. The global reference section includes subroutines, functions, and common variables referenced by a particular module. The CDUs, one for the pilot and one for the copilot, are used for flight management purposes. Operations performed with the CDU affects the aircraft's guidance, navigation, and display software.

  2. An advanced control system for a next generation transport aircraft

    Rising, J. J.; Davis, W. J; Grantham, W. D.

    1983-01-01

    The use of modern control theory to develop a high-authority stability and control system for the next generation transport aircraft is described with examples taken from work performed on an advanced pitch active control system (PACS). The PACS was configured to have short-period and phugoid modes frequency and damping characteristics within the shaded S-plane areas, column force gradients with set bounds and with constant slope, and a blended normal-acceleration/pitch rate time history response to a step command. Details of the control law, feedback loop, and modal control syntheses are explored, as are compensation for the feedback gain, the deletion of the velocity signal, and the feed-forward compensation. Scheduling of the primary and secondary gains are discussed, together with control law mechanization, flying qualities analyses, and application on the L-1011 aircraft.

  3. Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

    Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

    2013-01-01

    This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

  4. Virus spreading in wireless sensor networks with a medium access control mechanism

    In this paper, an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks. Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks, which has been ignored in previous studies. It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes. The theoretical results are confirmed by numerical simulations. (general)

  5. Consistency maintenance for constraint in role-based access control model

    韩伟力; 陈刚; 尹建伟; 董金祥

    2002-01-01

    Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

  6. Joint Random Access and Power Control Game in Ad Hoc Networks with Noncooperative Users

    Long, Chengnian; Guan, Xinping

    We consider a distributed joint random access and power control scheme for interference management in wireless ad hoc networks. To derive decentralized solutions that do not require any cooperation among the users, we formulate this problem as non-cooperative joint random access and power control game, in which each user minimizes its average transmission cost with a given rate constraint. Using supermodular game theory, the existence and uniqueness of Nash equilibrium are established. Furthermore, we present an asynchronous distributed algorithm to compute the solution of the game based on myopic best response updates, which converges to Nash equilibrium globally.

  7. Heterogeneity of Socail Classes and Job Accessibility: Implications of Transports Policies in Bogota

    Olarte Bacares, Carlos Augusto

    2011-01-01

    Transport in Bogotá (Colombia) has been the subject of several papers, but no one has treated the impact of the transport network on the disposition of employment in the city. Improvement of a public transport system such as the Transmilenio is supposed to be beneficial to everyone in the city. However, it might be that only a portion of the inhabitants benefit from this improvement. The aim of this paper is to demonstrate that improvements in public transport are not necessarily synonymou...

  8. Subsurface Access, Characterization, Acquisition, Transport, Storage and Delivery in Microgravity Project

    National Aeronautics and Space Administration — This project will develop geotechnical measurements, sample extraction and transport equipment for subsurface regolith on NEOs, asteroids, moons and planets,...

  9. Automated biometric access control system for two-man-rule enforcement

    This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

  10. Transport

    Transport is one of the major causes of environmental damage in Austria. Energy consumption, pollutants emissions, noise emissions, use of surfaces, sealing of surfaces, dissection of ecosystems and impact on landscape are the most significant environmental impacts caused by it. An overview of the transport development of passengers and freight in Austria is presented. Especially the energy consumption growth, carbon dioxide and nitrogen oxide emissions by type of transport, and the emissions development (HC, particle and carbon monoxide) of goods and passengers transport are analyzed covering the years 1980 - 1999. The health cost resulting from transport-related air pollution in Austria is given and measures to be taken for an effective control of the transport sector are mentioned. Figs. 8, Table 1. (nevyjel)

  11. Performance Evaluation of Virtualization Techniques for Control and Access of Storage Systems in Data Center Applications

    Ahmadi, Mohammad Reza

    2013-09-01

    Virtualization is a new technology that creates virtual environments based on the existing physical resources. This article evaluates effect of virtualization techniques on control servers and access method in storage systems [1, 2]. In control server virtualization, we have presented a tile based evaluation based on heterogeneous workloads to compare several key parameters and demonstrate effectiveness of virtualization techniques. Moreover, we have evaluated the virtualized model using VMotion techniques and maximum consolidation. In access method, we have prepared three different scenarios using direct, semi-virtual, and virtual attachment models. We have evaluated the proposed models with several workloads including OLTP database, data streaming, file server, web server, etc. Results of evaluation for different criteria confirm that server virtualization technique has high throughput and CPU usage as well as good performance with noticeable agility. Also virtual technique is a successful alternative for accessing to the storage systems especially in large capacity systems. This technique can therefore be an effective solution for expansion of storage area and reduction of access time. Results of different evaluation and measurements demonstrate that the virtualization in control server and full virtual access provide better performance and more agility as well as more utilization in the systems and improve business continuity plan.

  12. Control of protein trafficking by reversible masking of transport signals.

    Abraham, Omer; Gotliv, Karnit; Parnis, Anna; Boncompain, Gaelle; Perez, Franck; Cassel, Dan

    2016-04-15

    Systems that allow the control of protein traffic between subcellular compartments have been valuable in elucidating trafficking mechanisms. Most current approaches rely on ligand or light-controlled dimerization, which results in either retardation or enhancement of the transport of a reporter. We developed an alternative approach for trafficking regulation that we term "controlled unmasking of targeting elements" (CUTE). Regulated trafficking is achieved by reversible masking of the signal that directs the reporter to its target organelle, relying on the streptavidin-biotin system. The targeting signal is generated within or immediately after a 38-amino acid streptavidin-binding peptide (SBP) that is appended to the reporter. The binding of coexpressed streptavidin to SBP causes signal masking, whereas addition of biotin causes complex dissociation and triggers protein transport to the target organelle. We demonstrate the application of this approach to the control of nuclear and peroxisomal protein import and the generation of biotin-dependent trafficking through the endocytic and COPI systems. By simultaneous masking of COPI and endocytic signals, we were able to generate a synthetic pathway for efficient transport of a reporter from the plasma membrane to the endoplasmic reticulum. PMID:26941332

  13. Traffic improvement and transportation pollution control in Xiamen

    Dongxing Yuan; Zilin, Wu

    1996-12-31

    in this paper, the urban traffic improvement and transportation control in Xiamen are highlighted. Xiamen is a port city and an economical special zone of China. As the economy grows, the transportation is developing dramatically and becoming the key for further economic development. The air quality is threatened by the rapid growth of the vehicles in the city. The most urgent task in improving urban traffic is to establish a sound traffic system. The municipal government takes great effort to improve the traffic condition, as well as to reduce green house gases and protect air environment. Some management and technical measures are carried out. Those management measures are mainly as follows: (1) systematic planning of the city arrangement and city functional division, and integrated planning of the urban roads system, (2) putting great emphasis on tail gas monitoring and management, and (3) establishing optimized utilization of motor vehicles. Those included in the main technical measures are (1) making the roads clear, (2) enlarging traffic capacity, and (3) developing the public transport. The most urgent task in improving urban traffic is to establish a sound traffic system. The city municipal government and Transportation Management Bureau plan to make a series of reforms to improve the urban traffic condition, such as building high quality road around the city, reducing the number of one way roads and replacing gasoline buses with electric buses. An optimized traffic system of Xiamen, taking public transport as the main means, is the key to meet the needs of both traffic improvement and urban transportation pollution control.

  14. Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

    Mesay Hailu Dangisso

    2015-11-01

    Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

  15. Elevated expression of metal transporter genes in three accessions of the metal hyperaccumulator Thlaspi caerulescens

    Gonçalves Leite de Assunção, A.; Da Costa Martins, P.; Folter, de S.; Vooijs, R.; Aarts, M.G.M.

    2001-01-01

    Heavy metal hyperaccumulation in plants is an intriguing and poorly understood phenomenon. Transmembrane metal transporters are assumed to play a key role in this process. We describe the cloning and isolation of three zinc transporter cDNAs from the Zn hyperaccumulator Thlaspi caerulescens. The ZTP

  16. 1-Methylpyridinium-4-(4-phenylmethanethiosulfonate) iodide, MTS-MPP+, a novel scanning cysteine accessibility method (SCAM) reagent for monoamine transporter studies

    Gallardo-Godoy, Alejandra; Torres-Altoro, Melissa I.; White, Kellie J.; Barker, Eric L.; Nichols, David E.

    2006-01-01

    A novel substituted cysteine accessibility method (SCAM) reagent was developed for monoamine uptake transporters. The new reagent, MTS-MPP+, was a derivative of the neurotoxin and transporter substrate MPP+. MTS-MPP+ labeled cysteine residues introduced into the serotonin transporter protein. Although it did not prove to be a substrate, as is MPP+, it appears to label cysteine residues lining the permeation pore of the transporter more readily than currently-available nonspecific SCAM reagents.

  17. Access to the Birth Control Pill and the Career Plans of Young Men and Women

    Steingrimsdottir, Herdis

    The paper explores the effect of unrestricted access to the birth control pill on young people’s career plans, using annual surveys of college freshmen from 1968 to 1980. In particular it addresses the question of who was affected by the introduction of the birth control pill by looking at career...... plans of both men and women, and by separating the effect by level of academic ability, race and family income. The results show that unrestricted access to the pill caused high ability women to move towards occupations with higher wages, higher occupational prestige scores and higher male ratios. The...... estimated effects for women with low grades and from low selectivity colleges are in the opposite direction. Men were also affected by unrestricted access to the pill, as their aspirations shifted towards traditionally male dominated occupations, across all ability groups. The biggest effect of unrestricted...

  18. A Study on Automated Context-aware Access Control Model Using Ontology

    Jang, Bokman; Jang, Hyokyung; Choi, Euiin

    Applications in context-aware computing environment will be connected wireless network and various devices. According to, recklessness access of information resource can make trouble of system. So, access authority management is very important issue both information resource and adapt to system through founding security policy of needed system. But, existing security model is easy of approach to resource through simply user ID and password. This model has a problem that is not concerned about user's environment information. In this paper, propose model of automated context-aware access control using ontology that can more efficiently control about resource through inference and judgment of context information that collect user's information and user's environment context information in order to ontology modeling.

  19. Pace: Privacy-Protection for Access Control Enforcement in P2P Networks

    Sánchez-Artigas, Marc; García-López, Pedro

    In open environments such as peer-to-peer (P2P) systems, the decision to collaborate with multiple users — e.g., by granting access to a resource — is hard to achieve in practice due to extreme decentralization and the lack of trusted third parties. The literature contains a plethora of applications in which a scalable solution for distributed access control is crucial. This fact motivates us to propose a protocol to enforce access control, applicable to networks consisting entirely of untrusted nodes. The main feature of our protocol is that it protects both sensitive permissions and sensitive policies, and does not rely on any centralized authority. We analyze the efficiency (computational effort and communication overhead) as well as the security of our protocol.

  20. The open access and the natural gas ducts: transport and distribution; O livre acesso e os dutos de gas natural: transporte e distribuicao

    Siqueira, Mariana de; Xavier, Yanko Marcius de Alencar [Universidade Federal do Rio Grande do Norte (UFRN), Natal, RN (Brazil)

    2008-07-01

    The present research, attempting for the economic relevance of the natural gas sector, for the lack of a law that disciplines it and, still, for the structural question of the natural gas ducts activities; it analyzes, in a comparative way, the monopoly of the natural gas ducts activities and the mechanisms of competition chosen to brighten up it: the open access and the by pas. The transport and the distribution of the natural gas are really similar, but the ways to insert the competition in its areas are not. (author)

  1. Engineering Heteromaterials to Control Lithium Ion Transport Pathways

    Liu, Yang; Vishniakou, Siarhei; Yoo, Jinkyoung; Dayeh, Shadi A.

    2015-12-01

    Safe and efficient operation of lithium ion batteries requires precisely directed flow of lithium ions and electrons to control the first directional volume changes in anode and cathode materials. Understanding and controlling the lithium ion transport in battery electrodes becomes crucial to the design of high performance and durable batteries. Recent work revealed that the chemical potential barriers encountered at the surfaces of heteromaterials play an important role in directing lithium ion transport at nanoscale. Here, we utilize in situ transmission electron microscopy to demonstrate that we can switch lithiation pathways from radial to axial to grain-by-grain lithiation through the systematic creation of heteromaterial combinations in the Si-Ge nanowire system. Our systematic studies show that engineered materials at nanoscale can overcome the intrinsic orientation-dependent lithiation, and open new pathways to aid in the development of compact, safe, and efficient batteries.

  2. Photonic transport control by spin-optical disordered metasurface

    Veksler, Dekel; Maguid, Elhanan; Ozeri, Dror; Shitrit, Nir; Kleiner, Vladimir; Hasman, Erez

    2014-01-01

    Photonic metasurfaces are ultrathin electromagnetic wave-molding metamaterials providing the missing link for the integration of nanophotonic chips with nanoelectronic circuits. An extra twist in this field originates from spin-optical metasurfaces providing the photon spin (polarization helicity) as an additional degree of freedom in light-matter interactions at the nanoscale. Here we report on a generic concept to control the photonic transport by disordered (random) metasurfaces with a cus...

  3. Molecular assemblies that control rhodopsin transport to the cilia

    Deretic, Dusanka; Jing WANG

    2012-01-01

    This review will focus on the conserved molecular mechanisms for the specific targeting of rhodopsin and rhodopsin-like sensory receptors to the primary cilia. We will discuss the molecular assemblies that control the movement of rhodopsin from the central sorting station of the cell, the trans-Golgi network (TGN), into membrane-enclosed rhodopsin transport carriers (RTCs), and their delivery to the primary cilia and the cilia-derived sensory organelles, the rod outer segments (ROS). Recent s...

  4. Steering microtubule shuttle transport with dynamically controlled magnetic fields

    Mahajan, K. D.; Ruan, G.; Dorcéna, C. J.; Vieira, G.; Nabar, G.; Bouxsein, N. F.; Chalmers, J. J.; Bachand, G. D.; Sooryakumar, R.; Winter, J. O.

    2016-04-01

    Nanoscale control of matter is critical to the design of integrated nanosystems. Here, we describe a method to dynamically control directionality of microtubule (MT) motion using programmable magnetic fields. MTs are combined with magnetic quantum dots (i.e., MagDots) that are manipulated by external magnetic fields provided by magnetic nanowires. MT shuttles thus undergo both ATP-driven and externally-directed motion with a fluorescence component that permits simultaneous visualization of shuttle motion. This technology is used to alter the trajectory of MTs in motion and to pin MT motion. Such an approach could be used to evaluate the MT-kinesin transport system and could serve as the basis for improved lab-on-a-chip technologies based on MT transport.Nanoscale control of matter is critical to the design of integrated nanosystems. Here, we describe a method to dynamically control directionality of microtubule (MT) motion using programmable magnetic fields. MTs are combined with magnetic quantum dots (i.e., MagDots) that are manipulated by external magnetic fields provided by magnetic nanowires. MT shuttles thus undergo both ATP-driven and externally-directed motion with a fluorescence component that permits simultaneous visualization of shuttle motion. This technology is used to alter the trajectory of MTs in motion and to pin MT motion. Such an approach could be used to evaluate the MT-kinesin transport system and could serve as the basis for improved lab-on-a-chip technologies based on MT transport. Electronic supplementary information (ESI) available. See DOI: 10.1039/c5nr08529b

  5. Active flow control systems architectures for civil transport aircraft

    Jabbal, M; Liddle, SC; Crowther, WJ

    2010-01-01

    Copyright @ 2010 American Institute of Aeronautics and Astronautics This paper considers the effect of choice of actuator technology and associated power systems architecture on the mass cost and power consumption of implementing active flow control systems on civil transport aircraft. The research method is based on the use of a mass model that includes a mass due to systems hardware and a mass due to the system energy usage. An Airbus A320 aircraft wing is used as a case-study applicatio...

  6. Control of intracellular heme levels: Heme transporters and Heme oxygenases

    Khan, Anwar A.; Quigley, John G.

    2011-01-01

    Heme serves as a co-factor in proteins involved in fundamental biological processes including oxidative metabolism, oxygen storage and transport, signal transduction and drug metabolism. In addition, heme is important for systemic iron homeostasis in mammals. Heme has important regulatory roles in cell biology, yet excessive levels of intracellular heme are toxic; thus, mechanisms have evolved to control the acquisition, synthesis, catabolism and expulsion of cellular heme. Recently, a number...

  7. High Confidence Networked Control for Next Generation Air Transportation Systems

    Park, Pangun; Khadilkar, Harshad Dilip; Balakrishnan, Hamsa; Tomlin, Claire J.

    2013-01-01

    This paper addresses the design of a secure and fault-tolerant air transportation system in the presence of attempts to disrupt the system through the satellite-based navigation system. Adversarial aircraft are assumed to transmit incorrect position and intent information, potentially leading to violations of separation requirements among aircraft. We propose a framework for the identification of adversaries and malicious aircraft, and then for air traffic control in the presence of such deli...

  8. FreeBSD Mandatory Access Control Usage for Implementing Enterprise Security Policies

    Bolshakov, Kirill; Reshetova, Elena

    2007-01-01

    FreeBSD was one of the first widely deployed free operating systems to provide mandatory access control. It supports a number of classic MAC models. This tutorial paper addresses exploiting this implementation to enforce typical enterprise security policies of varying complexities.

  9. Access and control of agro-biotechnology : Bt cotton, ecological change and risk in China

    Ho, Peter; Zhao, Jennifer H.; Xue, Dayuan

    2009-01-01

    This article argues that if the introduction of genetically modified crops (GM crops) in developing countries is to be successful, we can and should not evade questions of access and control of technology. It implies probing into the experiences, perceptions and understanding of GM crops by the prim

  10. Mining Roles and Access Control for Relational Data under Privacy and Accuracy Constraints

    Pervaiz, Zahid

    2013-01-01

    Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized insider can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization to anonymize and…

  11. A METHOD OF AND A SYSTEM FOR CONTROLLING ACCESS TO A SHARED RESOURCE

    2006-01-01

    A method and a system of controlling access of data items to a shared resource, wherein the data items each is assigned to one of a plurality of priorities, and wherein, when a predetermined number of data items of a priority have been transmitted to the shared resource, that priority will be...

  12. Multi-level access control in the data pipeline of the international supply chain system

    Pruksasri, P.; Berg, J. van den; Hofman, W.; Daskapan, S.

    2013-01-01

    The Seamless Integrated Data Pipeline system was proposed to the European Union in order to overcome the information quality shortcomings of the current international supply chain information exchange systems. Next to identification and authorization of stakeholders, secure access control needs to b

  13. A Random-Walk Based Privacy-Preserving Access Control for Online Social Networks

    You-sheng Zhou

    2016-02-01

    Full Text Available Online social networks are popularized with people to connect friends, share resources etc. Meanwhile, the online social networks always suffer the problem of privacy exposure. The existing methods to prevent exposure are to enforce access control provided by the social network providers or social network users. However, those enforcements are impractical since one of essential goal of social network application is to share updates freely and instantly. To better the security and availability in social network applications, a novel random walking based access control of social network is proposed in this paper. Unlike using explicit attribute based match in the existing schemes, the results from random walking are employed to securely compute L1 distance between two social network users in the presented scheme, which not only avoids the leakage of private attributes, but also enables each social network user to define access control policy independently. The experimental results show that the proposed scheme can facilitate the access control for online social network.

  14. Policy Based Access Control in Dynamic Grid-based Collaborative Environment

    Y. Demchenko; L. Gommans; A. Tokmakoff; R. van Buuren

    2006-01-01

    This paper describes the design and development of a flexible, customer-driven, security infrastructure for Gridbased Collaborative Environments. The paper proposes further development of the access control model built around a service or resource provisioning agreement (e.g., an experiment or proje

  15. 30 CFR 816.66 - Use of explosives: Blasting signs, warnings, and access control.

    2010-07-01

    ... 30 Mineral Resources 3 2010-07-01 2010-07-01 false Use of explosives: Blasting signs, warnings... STANDARDS-SURFACE MINING ACTIVITIES § 816.66 Use of explosives: Blasting signs, warnings, and access control. (a) Blasting signs. Blasting signs shall meet the specifications of § 816.11. The operator shall—...

  16. 30 CFR 817.66 - Use of explosives: Blasting signs, warnings, and access control.

    2010-07-01

    ... 30 Mineral Resources 3 2010-07-01 2010-07-01 false Use of explosives: Blasting signs, warnings... STANDARDS-UNDERGROUND MINING ACTIVITIES § 817.66 Use of explosives: Blasting signs, warnings, and access control. (a) Blasting signs. Blasting signs shall meet the specifications of § 817.11. The operator...

  17. Control of Access to Memory: The Use of Task Interference as a Behavioral Probe

    Loft, Shayne; Humphreys, Michael S.; Whitney, Susannah J.

    2008-01-01

    Directed forgetting and prospective memory methods were combined to examine differences in the control of memory access. Between studying two lists of target words, participants were either instructed to forget the first list, or to continue remembering the first list. After study participants performed a lexical decision task with an additional…

  18. Hierarchies in Contextual Role- Based Access Control Model (C-RBAC

    Muhammad Nabeel Tahir

    2008-11-01

    Full Text Available Hierarchical representation is a natural way of organizing roles in role-based access control systems. Besides its advantages of providing a way of establishing parent-child relationships among different roles, it also provides a facility to design and organize context dependant application roles that users may activate depending on their current context (spatial, temporal conditions. In this paper, we show that if spatial roles are organized in hierarchical relationships, it can cause the problem of disambiguation in making access control decisions especially when the user moves from one location to another location frequently in a single transaction and a single session. We extend our work of Contextual Role-Based Access Control (C-RBAC by introducing hierarchical relationship among subject, location and purpose roles and solve the disambiguation problem in hierarchy by considering user motion direction and his/her context roles (spatial and spatial purpose in order to make more fine grained and better access control decisions.

  19. Dominion- An Introductory Concept of Access Control Between Valuable Assets and Mobile Device

    Neha Dubey

    2013-11-01

    Full Text Available At present methods for providing conditional access to restricted resources and applications for permitting personnel, such as military members, government agencies, or first-responders are not available. The conditional access is provided if the user is an authentic user in one of the authorized geographic location and is connected to specific base transceiver stations or base station controllers. In this work we introduce dominions for mobile security, which are designed to provide this conditional access, are adjustable and congenial with mobile cellular systems, and can run even without being connected to a devoted back-end network. The aim of the architecture is to provide users who satisfy specific pre-conditions access to restricted resources and applications to which they otherwise normally would not be granted access. These mobile security dominions not only provide strict security by authenticating the user and the geographic location of the device, but also prevent access to networks or resources outside of authorized areas and restrict unauthorized users.

  20. Toward an Open-Access Global Database for Mapping, Control, and Surveillance of Neglected Tropical Diseases

    Hürlimann, Eveline; Schur, Nadine; Boutsika, Konstantina; Stensgaard, Anna-Sofie; de Himpsl, Maiti Laserna; Ziegelbauer, Kathrin; Laizer, Nassor; Camenzind, Lukas; Pasquale, Aurelio Di; Ekpo, Uwem F.; Simoonga, Christopher; Mushinge, Gabriel; Saarnak, Christopher Florian Larsen; Utzinger, Jürg; Kristensen, Thomas K

    2011-01-01

    Background After many years of general neglect, interest has grown and efforts came under way for the mapping, control, surveillance, and eventual elimination of neglected tropical diseases (NTDs). Disease risk estimates are a key feature to target control interventions, and serve as a benchmark for monitoring and evaluation. What is currently missing is a georeferenced global database for NTDs providing open-access to the available survey data that is constantly updated and can be utilized b...

  1. The Ground Test Accelerator control system database: Configuration, run-time operation, and access

    A database is used to implement the interface between the control system and the accelerator and to provide flexibility in configuring the I/O. This flexibility is necessary to allow the control system to keep pace with the changing requirements that are inherent in an experimental environmental environment. This is not achieved without cost. Problems often associated with using databases are painful data entry, poor performance, and embedded knowledge of the database structure in code throughout the control system. This report describes how the database configuration, access, conversion, and execution in the Ground Test Accelerator (GTA) Control System overcome these problems. 2 figs

  2. Control of serotonin transporter phosphorylation by conformational state.

    Zhang, Yuan-Wei; Turk, Benjamin E; Rudnick, Gary

    2016-05-17

    Serotonin transporter (SERT) is responsible for reuptake and recycling of 5-hydroxytryptamine (5-HT; serotonin) after its exocytotic release during neurotransmission. Mutations in human SERT are associated with psychiatric disorders and autism. Some of these mutations affect the regulation of SERT activity by cGMP-dependent phosphorylation. Here we provide direct evidence that this phosphorylation occurs at Thr276, predicted to lie near the cytoplasmic end of transmembrane helix 5 (TM5). Using membranes from HeLa cells expressing SERT and intact rat basophilic leukemia cells, we show that agents such as Na(+) and cocaine that stabilize outward-open conformations of SERT decreased phosphorylation and agents that stabilize inward-open conformations (e.g., 5-HT, ibogaine) increased phosphorylation. The opposing effects of the inhibitors cocaine and ibogaine were each reversed by an excess of the other inhibitor. Inhibition of phosphorylation by Na(+) and stimulation by ibogaine occurred at concentrations that induced outward opening and inward opening, respectively, as measured by the accessibility of cysteine residues in the extracellular and cytoplasmic permeation pathways, respectively. The results are consistent with a mechanism of SERT regulation that is activated by the transport of 5-HT, which increases the level of inward-open SERT and may lead to unwinding of the TM5 helix to allow phosphorylation. PMID:27140629

  3. Method for Controlling Space Transportation System Life Cycle Costs

    McCleskey, Carey M.; Bartine, David E.

    2006-01-01

    A structured, disciplined methodology is required to control major cost-influencing metrics of space transportation systems during design and continuing through the test and operations phases. This paper proposes controlling key space system design metrics that specifically influence life cycle costs. These are inclusive of flight and ground operations, test, and manufacturing and infrastructure. The proposed technique builds on today's configuration and mass properties control techniques and takes on all the characteristics of a classical control system. While the paper does not lay out a complete math model, key elements of the proposed methodology are explored and explained with both historical and contemporary examples. Finally, the paper encourages modular design approaches and technology investments compatible with the proposed method.

  4. Converged wireline and wireless signal transport over optical fibre access links

    Tafur Monroy, Idelfonso; Prince, Kamau; Osadchiy, Alexey Vladimirovich;

    2009-01-01

    This article reviews emerging trends in converged optical-wireless communication systems and outline the role that photonic technologies are playing in making the vision of a wireline-wireless converged signal transport network a reality.......This article reviews emerging trends in converged optical-wireless communication systems and outline the role that photonic technologies are playing in making the vision of a wireline-wireless converged signal transport network a reality....

  5. A platform for analyzing access-friendly transportations for elderly people using GIS on agent-based model

    Daito, Masatora; Tanida, Noriyuki

    2014-01-01

    In this research, we construct a platform for analyzing access-friendly transportation for elderly people using GIS on agent-based model. Our interest is related to an aging world population and well-being of elderly people. We use GIS data of Ibaraki city Japan and study the outing rate of elderly people. We defined the number of times of outing per seven days as outing rate. The simulation is performed 63 times. It is comparable to 63days (nine weeks). As the results of simulation showed th...

  6. The importance of co-location and culture in determining destinations for transport planning: a case study of access to a suburban healthy food basket

    Scholes, S.; Vaughan, L; Dhanani, A.; BONIFACE, S.; Mindell, J

    2014-01-01

    Background: Access to healthy food is a basic prerequisite for health. Access depends on availability (retailers’ location, food options sold, prices) and people’s ability to travel there and back. This research investigates the role of spatial setting and social context in providing access to healthy food. The important influence of other destinations and of cultural preferences can be overlooked when defining likely destinations for transport planning. Method: The multi-disciplinary project...

  7. A survey of medium access control protocols for wireless ad hoc networks

    Elvio João Leonardo

    2004-01-01

    Full Text Available A number of issues distinguishes Medium Access Control (MAC protocols for wireless networks from those used in wireline systems. In addition, for ad-hoc networks, the characteristics of the radio channel, the diverse physical-layer technologies available and the range of services envisioned make it a difficult task to design an algorithm to discipline the access to the shared medium that results efficient, fair, power consumption sensitive and delay bound. This article presents the current “state-of-art” in this area, including solutions already commercially available as well as those still in study.

  8. Distributed SIR-Aware Opportunistic Access Control for D2D Underlaid Cellular Networks

    Chen, Zheng; Kountouris, Marios

    2014-01-01

    In this paper, we propose a distributed interference and channel-aware opportunistic access control technique for D2D underlaid cellular networks, in which each potential D2D link is active whenever its estimated signal-to-interference ratio (SIR) is above a predetermined threshold so as to maximize the D2D area spectral efficiency. The objective of our SIR-aware opportunistic access scheme is to provide sufficient coverage probability and to increase the aggregate rate of D2D links by harnes...

  9. Access Scheme for Controlling Mobile Agents and its Application to Share Medical Information.

    Liao, Yu-Ting; Chen, Tzer-Shyong; Chen, Tzer-Long; Chung, Yu-Fang; Chen, Yu- Xin; Hwang, Jen-Hung; Wang, Huihui; Wei, Wei

    2016-05-01

    This study is showing the advantage of mobile agents to conquer heterogeneous system environments and contribute to a virtual integrated sharing system. Mobile agents will collect medical information from each medical institution as a method to achieve the medical purpose of data sharing. Besides, this research also provides an access control and key management mechanism by adopting Public key cryptography and Lagrange interpolation. The safety analysis of the system is based on a network attacker's perspective. The achievement of this study tries to improve the medical quality, prevent wasting medical resources and make medical resources access to appropriate configuration. PMID:27010391

  10. Single-Walled Carbon Nanotubes Acting as Controllable Transport Channels

    HUANG Bo-Da; XIA Yue-Yuan; ZHAO Ming-Wen; LI Feng; LIU Xiang-Dong; JI Yan-Ju; SONG Chen; TAN Zhen-Yu; LIU Hui

    2004-01-01

    @@ The motion and equilibrium distribution of water molecules adsorbed inside neutral and negatively charged singlewalled carbon nanotubes (SWNTs) have been studied using molecular dynamics simulations (MDSs) at room temperature based on CHARMM (Chemistry at HARvard Molecular Mechanics) potential parameters. We find that water molecules have a conspicuous electropism phenomenon and regular tubule patterns inside and outside the charged tube wall. The analyses of the motion behaviour of water molecules in the radial and axial directions show that by charging the SWNT, the adsorption efficiency is greatly enhanced, and the electric field produced by the charged SWNTs prevents water molecules from flowing out of the nanotube. However, water molecules can travel through the neutral SWNT in a fluctuating manner. This indicates that by electrically charging and uncharging the SWNTs, one can control the adsorption and transport behaviour of polar molecules in SWNTs for using as a stable storage medium or long transport channels. The transport velocity can be tailored by changing the charge on the SWNTs, which may have a further application as modulatable transport channels.

  11. [Ongoing problems of road signs in transportation control].

    Kokavec, M; Dobrotka, G

    1994-02-01

    The diagnosis and evaluation of causes of traffic accidents frequently calls for effective mutual collaboration of forensic medical officers and transport psychologists. Both scientific disciplines participate in prevention of traffic injuries as regards theoretical arguments and practical provisions. The Bratislava Institute of Forensic Medicine, based on many years of professional and practical experience, participates in the elaboration of principles of risk-free transport of urban and non-urban traffic as well as in preventive provisions and suggestions for conditions of traffic the field. Due to social and economic changes they will be faced in future with more complicated traffic problems/safety of pedestrians--children, old people. In transport man adapts, due to biological laws, with greater difficulties to technical signs of controlled traffic which assumes rapid, immediate and inevitable reactions. Transport safety cannot be resolved unless within prevention a radical solution will be found for the risk of alcoholism, toxicomania, ever increasing speed of vehicles and greater traffic density. PMID:8184339

  12. An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare

    Xuan Hung Le

    2011-03-01

    Full Text Available Wireless sensor networks (WSNs will play an active role in the 21th Century Healthcare IT to reduce the healthcare cost and improve the quality of care. The protection of data confidentiality and patient privacy are the most critical requirements for the ubiquitous use of WSNs in healthcare environments. This requires a secure and lightweight user authentication and access control. Symmetric key - based access control is not suitable for WSNs in healthcare due to dynamic network topology, mobility, and stringent resource constraints. In this paper, we propose a secure, lightweight public key - based security scheme, Mutual Authentication and Access Control based on Elliptic curve cryptography (MAACE. MAACE is a mutual authentication protocol where a healthcare professional can authenticate to an accessed node (a PDA or medical sensor and vice versa. This is to ensure that medical data is not exposed to an unauthorized person. On the other hand, it ensures that medical data sent to healthcare professionals did not originate from a malicious node. MAACE is more scalable and requires less memory compared to symmetric key-based schemes. Furthermore, it is much more lightweight than other public key-based schemes. Security analysis and performance evaluation results are presented and compared to existing schemes to show advantages of the proposed scheme.

  13. DOE's nation-wide system for access control can solve problems for the federal government

    The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

  14. A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

    YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

    2005-01-01

    Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%~80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

  15. Extending AAA operational model for profile-based access control in ethernet-based Neutral Access Networks

    J. Matias; E. Jacob; Y. Demchenko; C. de Laat; L. Gommans

    2010-01-01

    Neutral Access Networks (NAN) have appeared as a new model to overcome some restrictions and lack of flexibility that are present currently in broadband access networks. NAN brings new business opportunities by opening this market to new stakeholders. Although the NAN model is accepted, there are so

  16. Fault tolerant computer control for a Maglev transportation system

    Lala, Jaynarayan H.; Nagle, Gail A.; Anagnostopoulos, George

    1994-05-01

    Magnetically levitated (Maglev) vehicles operating on dedicated guideways at speeds of 500 km/hr are an emerging transportation alternative to short-haul air and high-speed rail. They have the potential to offer a service significantly more dependable than air and with less operating cost than both air and high-speed rail. Maglev transportation derives these benefits by using magnetic forces to suspend a vehicle 8 to 200 mm above the guideway. Magnetic forces are also used for propulsion and guidance. The combination of high speed, short headways, stringent ride quality requirements, and a distributed offboard propulsion system necessitates high levels of automation for the Maglev control and operation. Very high levels of safety and availability will be required for the Maglev control system. This paper describes the mission scenario, functional requirements, and dependability and performance requirements of the Maglev command, control, and communications system. A distributed hierarchical architecture consisting of vehicle on-board computers, wayside zone computers, a central computer facility, and communication links between these entities was synthesized to meet the functional and dependability requirements on the maglev. Two variations of the basic architecture are described: the Smart Vehicle Architecture (SVA) and the Zone Control Architecture (ZCA). Preliminary dependability modeling results are also presented.

  17. Light-controlled intracellular transport in Caenorhabditis elegans.

    Harterink, Martin; van Bergeijk, Petra; Allier, Calixte; de Haan, Bart; van den Heuvel, Sander; Hoogenraad, Casper C; Kapitein, Lukas C

    2016-02-22

    To establish and maintain their complex morphology and function, neurons and other polarized cells exploit cytoskeletal motor proteins to distribute cargoes to specific compartments [1]. Recent studies in cultured cells have used inducible motor protein recruitment to explore how different motors contribute to polarized transport and to control the subcellular positioning of organelles [2,3]. Such approaches also seem promising avenues for studying motor activity and organelle positioning within more complex cellular assemblies, but their applicability to multicellular in vivo systems has so far remained unexplored. Here, we report the development of an optogenetic organelle transport strategy in the in vivo model system Caenorhabditis elegans. We demonstrate that movement and pausing of various organelles can be achieved by recruiting the proper cytoskeletal motor protein with light. In neurons, we find that kinesin and dynein exclusively target the axon and dendrite, respectively, revealing the basic principles for polarized transport. In vivo control of motor attachment and organelle distributions will be widely useful in exploring the mechanisms that govern the dynamic morphogenesis of cells and tissues, within the context of a developing animal. PMID:26906482

  18. Optimal Medium Access Control in Cognitive Radios: A Sequential Design Approach

    Lai, Lifeng; Jiang, Hai; Poor, H Vincent

    2008-01-01

    The design of medium access control protocols for a cognitive user wishing to opportunistically exploit frequency bands within parts of the radio spectrum having multiple bands is considered. In the scenario under consideration, the availability probability of each channel is unknown a priori to the cognitive user. Hence efficient medium access strategies must strike a balance between exploring the availability of channels and exploiting the opportunities identified thus far. Using a sequential design approach, an optimal medium access strategy is derived. To avoid the prohibitive computational complexity of this optimal strategy, a low complexity asymptotically optimal strategy is also developed. The proposed strategy does not require any prior statistical knowledge about the traffic pattern on the different channels.

  19. Real-time control of internal transport barriers in JET

    We present the results of recent experiments related to real-time control of internal transport barriers (ITBs) in JET. Using a simple criterion to characterize the ITB existence, location and strength, we have successfully controlled for the first time the radial electron temperature profile within the ITB. The dimensionless variable used in the real-time algorithm - ratio of the ion gyro-radius to the local gradient scale length of the electron temperature - is a measure of the normalized electron temperature gradient and characterizes satisfactorily the main ITB features with a relatively low computational cost. We show several examples of control of this variable in various experimental conditions of toroidal field and plasma current, using different heating systems as control actuators. We also present a double-loop feedback scheme where both the global neutron rate from D-D reactions and the ITB strength are controlled simultaneously. In this case the ITB is sustained in a fully non-inductive current drive regime during several seconds. With the proposed control method, disruptions are avoided by holding the plasma performance at a prescribed target and this opens the route towards stationary operation of tokamak plasmas with ITBs. Initial results suggest that the additional control of the current profile is an important issue for achieving steady-state operation, in particular in the triggering and the sustainment of the ITB. (author)

  20. Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

    Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.;

    2013-01-01

    Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... information and secure federated IoT, this proposed model provides scalability, flexibility, and secure authority delegation for highly distributed system. The protocol evaluation results show that the capability creation and access mechanism of CCAAC is secure against a rigorous man-in-the-middle attack, e...

  1. Development of an OPC and PLC Based Remote-Access Laboratory: A Synchronous Motor Control Experiment

    VADI, Seyfettin

    2015-01-01

    In this study, OPC and PLC based remote-access laboratory has been developed for synchronous motor control experiment. The monitoring and control of the parameters of synchronous motor has been realized using GPRS and Profi-Lab OPC Server through the visual programming language. In addition, S7-1200 CPU 1214 DC/DC/DC series PLC was used for control of the system. The motor parameters monitored in real-time by the user to visually is shown the effect of any change in the parameters of the moto...

  2. Combating logical back doors into physically protected areas. The role of computer security in modern access control systems

    As long as nuclear fission has been used for energy production, substantial efforts have been made to protect the critical process and nuclear materials from unauthorized access. Electronic systems have been designed to assist security staff in access control and have become increasingly sophisticated as technology has advanced. With the latest access control systems being fully computerized, new questions of computer security have arisen. The paper outlines the latest trends in computer based access control systems, demonstrates where these systems are vulnerable to hacking attacks, and provides guidance on what can be done to avoid the introduction of new computer technologies creating back doors to bypass physical plant and material protection. (author)

  3. Housing and Transport: Access Issues for Disabled International Students in British Universities

    Soorenian, Armineh

    2013-01-01

    This article explores two disabled people's "Seven Needs" to independent living, those of "housing" and "transport" issues, in relation to disabled international students in British universities. Firstly, students' living arrangements, including issues related to the suitability of university accommodation…

  4. Modelling Public Transport Route Choice, with Multiple Access and Egress Modes

    Brands, T.; De Romph, E.; Veitch, T.; Cook, J.

    2014-01-01

    Public transport (PT) is important, because the current traffic system faces well known problems like congestion, environmental impact and use of public space. To be able to assess the effects of policy measures properly, it is necessary to model the behavior of the (PT) traveler in a realistic way.

  5. Access management in Safer Transportation Network Planning : safety principles, planning framework, and library information.

    Hummel, T.

    2001-01-01

    This report is one in a series of publications, used in the development of the network planning tool ‘Safer Transportation Network Planning’ (Safer-TNP). The publications were used to guide the development of planning structures, diagnostic tools, planning recommendations, and research information i

  6. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

    Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

    Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

  7. State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

    Neetesh Saxena

    2015-10-01

    Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

  8. Validation of Islet Transport From a Geographically Distant Isolation Center Enabling Equitable Access and National Health Service Funding of a Clinical Islet Transplant Program for England

    Aldibbiat, Ali; Huang, Guo Cai; Zhao, Min; Holliman, Graham N.; Ferguson, Linda; Hughes, Stephen; Brigham, Ken; Wardle, Julie; Williams, Rob; Dickinson, Anne; White, Steven A; Johnson, Paul R. V; Manas, Derek; Amiel, Stephanie A.; Shaw, James A. M.

    2011-01-01

    Islet transplantation has become established as a successful treatment for type 1 diabetes complicated by recurrent severe hypoglycemia. In the UK access has been limited to a few centrally located units. Our goal was to validate a quality-assured system for safe/effective transport of human islets in the UK and to successfully undertake the first transplants with transported islets. Pancreases were retrieved from deceased donors in the north of England and transported to King’s College Londo...

  9. An Internet of Things Example: Classrooms Access Control over Near Field Communication

    Daniel Palma

    2014-04-01

    Full Text Available The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks.

  10. A MATHEMATICAL MODEL OF ACCESS CONTROL IN BIG DATA USING CONFIDENCE INTERVAL AND DIGITAL SIGNATURE

    Amine RAHMANI

    2015-11-01

    Full Text Available Nowadays, the concept of big data grows incessantly; recent researches proved that 90% of the whole data existed on the web had been created in last two years. However, this growing bumped by many critical challenges resides generally in security level; the users care about how could providers protect their privacy on their data. Access control, cryptography, and deidentification are the main search areas grouped under a specific domain known as Privacy Preserving Data Publishing. In this paper, we bring in suggestion a new model for access control over big data using digital signature and confidence interval; we first introduce our work by presenting some general concepts used to build our approach then presenting the idea of this report and finally we evaluate our system by conducting several experiments and showing and discussing the results that we got.

  11. A distributed Synchronous reservation multiple access control protocol for mobile Ad hoc networks

    ZHANG Yanling; SUN Xianpu; LI Jiandong

    2007-01-01

    This study proposes a new multiple access control protocol named distributed synchronous reservation multiple access control protocol.in which the hidden and exposed terminal problems are solved,and the quality of service(QoS)requirements for real-time traffic are guaranteed.The protocol is founded on time division multiplex address and a different type of traffic is assigned to difierent priority,according to which a node should compete for and reserve the free slots in a different method.Moreover,there is a reservation acknowledgement process before data transmit in each reserved slot,so that the intruded terminal problem is solved.The throughput and average packets drop probability of this protocol are analyzed and simulated in a fully connected network.the results of which indicate that this protocol is efficient enough to support the real-time traffic.and it is more suitable to MANETs.

  12. An internet of things example: classrooms access control over near field communication.

    Palma, Daniel; Agudo, Juan Enrique; Sánchez, Héctor; Macías, Miguel Macías

    2014-01-01

    The Internet of Things is one of the ideas that has become increasingly relevant in recent years. It involves connecting things to the Internet in order to retrieve information from them at any time and from anywhere. In the Internet of Things, sensor networks that exchange information wirelessly via Wi-Fi, Bluetooth, Zigbee or RF are common. In this sense, our paper presents a way in which each classroom control is accessed through Near Field Communication (NFC) and the information is shared via radio frequency. These data are published on the Web and could easily be used for building applications from the data collected. As a result, our application collects information from the classroom to create a control classroom tool that displays access to and the status of all the classrooms graphically and also connects this data with social networks. PMID:24755520

  13. Dramatic reduction of read disturb through pulse width control in spin torque random access memory

    Wang, Zihui; Wang, Xiaobin; Gan, Huadong; Jung, Dongha; Satoh, Kimihiro; Lin, Tsann; Zhou, Yuchen; Zhang, Jing; Huai, Yiming; Chang, Yao-Jen; Wu, Te-ho

    2013-09-01

    Magnetizations dynamic effect in low current read disturb region is studied both experimentally and theoretically. Dramatic read error rate reduction through read pulse width control is theoretically predicted and experimentally observed. The strong dependence of read error rate upon pulse width contrasts conventional energy barrier approach and can only be obtained considering detailed magnetization dynamics at long time thermal magnetization reversal region. Our study provides a design possibility for ultra-fast low current spin torque random access memory.

  14. A MATHEMATICAL MODEL OF ACCESS CONTROL IN BIG DATA USING CONFIDENCE INTERVAL AND DIGITAL SIGNATURE

    Amine RAHMANI; Amine, Abdelmalek; Mohamed Reda HAMOU

    2015-01-01

    Nowadays, the concept of big data grows incessantly; recent researches proved that 90% of the whole data existed on the web had been created in last two years. However, this growing bumped by many critical challenges resides generally in security level; the users care about how could providers protect their privacy on their data. Access control, cryptography, and deidentification are the main search areas grouped under a specific domain known as Privacy Preserving Data Publishi...

  15. Quality Test Template toward Multi-user Access Control of Internet-Based System

    Nan Nie

    2011-06-01

    Full Text Available Aiming at three kinds of Internet-based system quality problems, which is performance, liability and security, the paper proposes a kind of test template during multi-user login and resource access control, which includes test requirement, login script, role-resource correlating and mutation test technique. Some Internet-based systems are tested and diagnosed by automation test technique of test template. At last, system quality can be verified and improved through the realization mechanism of test template.

  16. Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption

    Asim, Muhammad; Ignatenko, Tanya; Petkovic, Milan; Trivellato, Daniel; Zannone, Nicola

    2012-01-01

    Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed system, but none of them addresses the dynamicity characterizing virtual organizations. In this paper we propose a dynamic hierarchical attribute-based encryption (D-HABE) scheme that allows the insti...

  17. Context Driven Access Control to SNMP MIB objects in multi-homed environments

    State, Radu; Festor, Olivier; Chrisment, Isabelle

    2003-01-01

    The advent of multi-technologies networks offering the service continuum over multiple network infrastructures implies new challenges to integrated management. One of this challenge is the auto-configuration of the management plane needed to allow dynamic relationships among several managers and one management agent. This paper proposes the use of provisional policies in order to dynamically auto-configure the access control plane of a management agent. This allows simple management based on ...

  18. A Combined Solution for Routing and Medium Access Control Layer Attacks in Mobile Ad Hoc Networks

    R. Murugan; Shanmugam, A.

    2010-01-01

    Problem statement: In Mobile Ad hoc Network (MANET), both the routing layer and the Medium Access Control (MAC) layer are vulnerable to several attacks. There are very few techniques to detect and isolate the attacks of both these layers simultaneously. In this study, we developed a combined solution for routing and MAC layer attacks. Approach: Our approach, makes use of three techniques simultaneously which consists of a cumulative frequency based detection technique for&...

  19. A Study of Medium Access Control Protocols for Wireless Body Area Networks

    Ullah, Sana; Shen, Bin; Islam, S.M. Riazul; Khan, Pervez; Saleem, Shahnaz; Kwak, Kyung Sup

    2010-01-01

    The seamless integration of low-power, miniaturised, invasive/non-invasive lightweight sensor nodes have contributed to the development of a proactive and unobtrusive Wireless Body Area Network (WBAN). A WBAN provides long-term health monitoring of a patient without any constraint on his/her normal dailylife activities. This monitoring requires low-power operation of invasive/non-invasive sensor nodes. In other words, a power-efficient Medium Access Control (MAC) protocol is required to satis...

  20. Implementing Role Based Access Controls using X.509 Privilege Management - the PERMIS Authorisation Infrastructure

    Chadwick, David W; Otenko, Alexander

    2004-01-01

    This paper describes the PERMIS role based access control infrastructure that uses X.509 attribute certificates (ACs) to store the users roles. Users roles can be assigned by multiple widely distributed management authorities (called Attribute Authorities in X.509), thereby easing the burden of management. All the ACs can be stored in one or more LDAP directories, thus making them widely available. The PERMIS distribution includes a Privilege Allocator GUI tool, and a bulk loader tool, that a...

  1. Design of an Integrated Role-Based Access Control Infrastructure for Adaptive Workflow Systems

    C Narendra, Nanjangud

    2003-01-01

    With increasing numbers of organizations automating their business processes by using workflow systems, security aspects of workflow systems has become a heavily researched area. Also, most workflow processes nowadays need to be adaptive, i.e., constantly changing, to meet changing business conditions. However, little attention has been paid to integrating Security and Adaptive Workflow. In this paper, we investigate this important research topic, with emphasis on Role Based Access Control (R...

  2. Enhancing Access-Control with Risk-Metrics for Collaboration on Social Cloud-Platforms

    Bouchami, Ahmed; Goettelmann, Elio; Perrin, Olivier; Godart, Claude

    2015-01-01

    Cloud computing promotes the exchange of information , resources and tasks between different organizations by facilitating the deployment and adoption of centralized collaboration platforms: Professional Social Networking (PSN). However, issues concerning security management are preventing their widespread use, as organizations still need to protect some of their sensitive data. Traditional access control policies, defined over the triplet (User, Action, Resource) are difficult to put in plac...

  3. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Olusegun Folorunso; Olusegun Afeez Mustapha

    2015-01-01

    Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC) strategy and fuzzy-expert systems was used to enhance the qu...

  4. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Abdul Razaque; Elleithy, Khaled M.

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols,...

  5. Collision-free prioritized medium access control in wireless networks with hidden nodes

    Andersson, Björn; Pereira, Nuno; Tovar, Eduardo

    2006-01-01

    We propose a collision-free medium access control (MAC) protocol, which implements static-priority scheduling and works in the presence of hidden nodes. The MAC protocol allows multiple masters and is fully distributed; it is an adaptation to a wireless channel of the dominance protocol used in the CAN bus. But unlike that protocol, our protocol does not require a node having the ability to sense the channel while transmitting to the channel. Our protocol is collision-free even in...

  6. Modelling public transport route choice, with multiple access and egress modes

    Brands, T.; De Romph, E.; Veitch, T; Cook, J

    2014-01-01

    Public transport (PT) is important, because the current traffic system faces well known problems like congestion, environmental impact and use of public space. To be able to assess the effects of policy measures properly, it is necessary to model the behavior of the (PT) traveler in a realistic way. An aspect that lacks realism in a lot of current models is the rigid separation between modes: within the model a traveler cannot choose to switch between modes, so multimodal trips that combine a...

  7. Access for Performance of Transportation Planning and Operations: Case Study in Beijing Metropolitan Region

    Y. G. Wang

    2012-08-01

    Full Text Available Considering the importance of maintaining effective performance at desired levels, the Transportation AdaptabilityPerformance Index, as a weighted multi-criteria combination approach, is proposed to continuously identifying theperformance of degradable transportation networks and making effective supplement, contrapuntal revision and intimeadjustment of the program implementation process, in response to new requirements of the urban system. Forthe design of strategic and quantitative methodology, 50 variables belonging to 8 domains in 2 components arechosen as the original input inherently reflecting the various interests of involved stakeholders. Specifically, the pairedcomparison matrix of the domain is constructed by the analytic hierarchy process to weight the importance of eachsingle variable. If the consistency of the matrix is acceptable, the domain weight in two components is determineddirectly through the singular value decomposition approach and while the consistency level is unacceptable, thesignificant element in the matrix is identified and revised until the consistency satisfies the constraint. Themethodology is then applied to evaluate the performance of transportation networks in Beijing metropolitan regionusing the derived 2000~2010 data and the findings indicate that the hidden and potential problems could bequantitatively identified by this approach that can be used as a user-friendly tool for metropolitan planningorganizations in assessing the effectiveness and efficiency of in-service infrastructures, updating plans, settingpriorities and optimizing resource allocation for next step.

  8. Dynamic Cognitive Self-Organized TDMA for Medium Access Control in Real-Time Vehicle to Vehicle Communications

    Mario Manzano

    2013-01-01

    Full Text Available The emergence of intelligent transport systems has brought out a new set of requirements on wireless communication. To cope with these requirements, several proposals are currently under discussion. In this highly mobile environment, the design of a prompt, efficient, flexible, and reliable medium access control, able to cover the specific constraints of the named real-time communications applications, is still unsolved. This paper presents the original proposal integrating Non-Cooperative Cognitive Time Division Multiple Access (NCC-TDMA based on Cognitive Radio (CR techniques to obtain a mechanism which complies with the requirements of real-time communications. Though the proposed MAC uses a slotted channel, it can be adapted to operate on the physical layer of different standards. The authors’ analysis considers the IEEE WAVE and 802.11p as the standards of reference. The mechanism also offers other advantages, such as avoiding signalling and the adaptation capacity to channel conditions and interferences. The solution is applied to the problem of units merging a convoy. Comparison results between NCC-TDMA and Slotted-Aloha are included.

  9. Design of Novel Online Access and Control Interface for Remote Experiment on DC Drives

    Jagadeesh Chandra A.P

    2009-05-01

    Full Text Available Internet has revolutionized the way in which the information is delivered. Laboratory based courses play an important role in technical education. Automation is changing the nature of these laboratories and the system designer’s focus on Internet accessed experiments owing to the availability of several tools to integrate electronic and mechanical hardware with the World Wide Web. Stand-alone approaches in remote learning have grown tremendously in the recent years. One of the important components in remote experimentation is the integration of Virtual Instruments to perform real hardware tasks in near real-time. The paper describes a web interface to the electrical hardware and integration of LabVIEW Virtual Instruments to the remote access and control of DC Drives. Customized electrical hardware serves as the web interface, supporting various features to remotely control and measure the parameters of the electrical machine. Novel techniques have been used to interface a low power data acquisition system with the DC machine driven by the AC power supply. The system uses the client-server architecture to access the web page of the Virtual Instruments through web browser. The developed system imitates the real control of experiment hardware, but being operated remotely through Internet.

  10. A 4D-Role Based Access Control Model for Multitenancy Cloud Platform

    Jiangfeng Li

    2016-01-01

    Full Text Available Since more and more applications and services have been transferred from servers in the B/S architecture to cloud, user access control has become a significant part in a multitenancy cloud platform. Role based access control model makes users participate in an enterprise system as particular identities. However, in a multitenancy cloud environment, it has a high probability that the information of tenants has been leaked by using existing role based access control (RBAC model. Moreover, management problems may emerge in the multitenancy platform with the increment of the number of tenants. In this paper, a novel concept of 4D-role is presented. With a detailed definition on the concept of 4D-role, a 4D-role based multitenancy model is proposed for running various applications and services in the multitenancy cloud platform. A theoretical analysis indicates that the model has the characters of tenant isolation, role hierarchy, and administration independence. The three characters are also verified by experimental evaluation. Moreover, the evaluation results indicate that the model has a good performance in using cloud resources when large-scale users are operating in the cloud platform simultaneously.

  11. Photonic transport control by spin-optical disordered metasurface

    Veksler, Dekel; Ozeri, Dror; Shitrit, Nir; Kleiner, Vladimir; Hasman, Erez

    2014-01-01

    Photonic metasurfaces are ultrathin electromagnetic wave-molding metamaterials providing the missing link for the integration of nanophotonic chips with nanoelectronic circuits. An extra twist in this field originates from spin-optical metasurfaces providing the photon spin (polarization helicity) as an additional degree of freedom in light-matter interactions at the nanoscale. Here we report on a generic concept to control the photonic transport by disordered (random) metasurfaces with a custom-tailored geometric phase. This approach combines the peculiarity of random patterns to support extraordinary information capacity within the intrinsic limit of speckle noise, and the optical spin control in the geometric phase mechanism, simply implemented in two-dimensional structured matter. By manipulating the local orientations of anisotropic optical nanoantennas, we observe spin-dependent near-field and free-space open channels, generating state-of-the-art multiplexing and interconnects. Spin-optical disordered m...

  12. Environmental control of microtubule-based bidirectional cargo-transport

    Klein, Sarah; Santen, Ludger

    2014-01-01

    Inside cells, various cargos are transported by teams of molecular motors. Intriguingly, the motors involved generally have opposite pulling directions, and the resulting cargo dynamics is a biased stochastic motion. It is an open question how the cell can control this bias. Here we develop a model which takes explicitly into account the elastic coupling of the cargo with each motor. We show that bias can be simply controlled or even reversed in a counterintuitive manner via a change in the external force exerted on the cargo or a variation of the ATP binding rate to motors. Furthermore, the superdiffusive behavior found at short time scales indicates the emergence of motor cooperation induced by cargo-mediated coupling.

  13. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  14. Access to healthy foods: Part I. Barriers to accessing healthy foods: Differentials by gender, social class, income and mode of transport

    Caraher, M.; P. Dixon; Lang, T; Carr-Hill, R.

    1998-01-01

    This paper examines the issues of access to food and the influences people face when shopping for a healthy food basket. It uses data from the Health Edu cation Authority's 1993 Health and Lifestyles Survey to examine the barriers people face in accessing a healthy diet. The main findings are that access to food is primarily determined by income, and this is in turn closely related to physical resources available to access healthy food. There is an associated class bias over access to sources...

  15. An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow.

    Le, Xuan Hung; Doll, Terry; Barbosu, Monica; Luque, Amneris; Wang, Dongwen

    2012-12-01

    Although information access control models have been developed and applied to various applications, few of the previous works have addressed the issue of managing information access in the combined context of team collaboration and workflow. To facilitate this requirement, we have enhanced the Role-Based Access Control (RBAC) model through formulating universal constraints, defining bridging entities and contributing attributes, extending access permissions to include workflow contexts, synthesizing a role-based access delegation model to target on specific objects, and developing domain ontologies as instantiations of the general model to particular applications. We have successfully applied this model to the New York State HIV Clinical Education Initiative (CEI) project to address the specific needs of information management in collaborative processes. An initial evaluation has shown this model achieved a high level of agreement with an existing system when applied to 4576 cases (kappa=0.801). Comparing to a reference standard, the sensitivity and specificity of the enhanced RBAC model were at the level of 97-100%. These results indicate that the enhanced RBAC model can be effectively used for information access management in context of team collaboration and workflow to coordinate clinical education programs. Future research is required to incrementally develop additional types of universal constraints, to further investigate how the workflow context and access delegation can be enriched to support the various needs on information access management in collaborative processes, and to examine the generalizability of the enhanced RBAC model for other applications in clinical education, biomedical research, and patient care. PMID:22732236

  16. Development of the exposure and access control dosimeter system for nuclear facilities

    Chang, Si Young; Lee, B. J.; Kim, B. H.; Kim, J. S.; Lee, K. C.; Kang, B. H.; Kim, C. K.; Ham, C. S.; Kwon, K. C.; Park, W. M.; Kim, C. H.; Kim, J. T.; Koo, C. H.; Park, S. J.; Kim, T. W

    1999-12-01

    In this paper an electronic personal dosimeter(EPD) adopt in a PIN type silicon semiconductor as a radiation detector has been developed, designed and a prototype dosimeter has been manufactured. A series of performance test of this EPD on reference radiation field has been carried out. A dosimeter reader which reads the radiation dose from EPD and make a real time access control in connection with the entrance door to radiation controlled area has been developed, designed and manufactured. S/W program supporting hangul (Korean language) has been developed to operate the EPD and reader system with a personal computer. (author)

  17. Development of the exposure and access control dosimeter system for nuclear facilities

    In this paper an electronic personal dosimeter(EPD) adopt in a PIN type silicon semiconductor as a radiation detector has been developed, designed and a prototype dosimeter has been manufactured. A series of performance test of this EPD on reference radiation field has been carried out. A dosimeter reader which reads the radiation dose from EPD and make a real time access control in connection with the entrance door to radiation controlled area has been developed, designed and manufactured. S/W program supporting hangul (Korean language) has been developed to operate the EPD and reader system with a personal computer. (author)

  18. Cater: an Opportunistic Medium Access Control Protocol for Wireless Local Area Networks

    Mullins, Barry E.

    1997-01-01

    An adaptive MAC protocol is developed and analyzed that offers a "best case" scenario by allowing the MAC to control medium parameters thereby fully exploiting the channel of an ad hoc wireless LAN. This new, opportunistic medium access control protocol is called CATER (Code Adapts To Enhance Reliability) and is based on the proposed MAC standard for wireless local area networks (WLAN)-IEEE 802.11 [IEE96]. As currently proposed, IEEE 802.11 uses a fixed pseudo-noise (PN) code for spreading ...

  19. The development of access control system in Fukushima No.2 nuclear power station

    Ookubo, S.; Nakai, Y.; Oohira, N.; Kishishita, S. [Tokyo Electric power Co., Tokyo (Japan); Kobayashi, H.; Sano, F. [Fuji Electric Co., Tokyo (Japan); Masuda, M.; Tajima, T.; Oohira, K. [Toshiba Corporation, Tokyo (Japan)

    2002-07-01

    A new radiation work control system has been developed for controlling the entrance and exit of workers from the radiation controlled area in a nuclear power station and has been run in the Fukushima No. 2 Nuclear Power Station of Tokyo Electric Power Co., Inc. since October, 1999. The system is designed to reduce workers burden by simplifying the operation of each equipment that controls access to radiation controlled areas, and to minimize radiation exposure by automatically acquiring dose data during each access and each task. The new system adopted electronic personal dosimeters (gamma radiation EPD) which permit data collection by radio communication, thus improving the conventional alarm-equipped personal dosimeter (EPD) and increasing reliability as primary dosimeters. Furthermore, additional electronic personal dosimeters capable of measuring beta radiation (gamma and beta radiations EPD) were also utilized in specific tasks in October 2001. After a six-month test run of these EPDs, the film badges were discontinued in April 2002 and replaced solely with the EPDs. EPDs are now used as the primary dosimetry for radiation workers.

  20. A Group-oriented Access Control Scheme for P2P Networks

    Wang Xiaoming

    2011-02-01

    Full Text Available A group-oriented access control scheme is proposed for P2P (peer to peer networks. In the proposed scheme, authentication control, admission control and revocation control are used in order to provide security services for P2P networks. Moreover, the proposed scheme can simply and efficient establish share key between two members without interactions, therefore it can perform secure communications with them. The analysis of security and performance shows that the proposed scheme not only can realize authentication and secure communication, but also can easily and efficiently add new group members and revoke malicious group members. Therefore, it is more efficient, and more practical protocol for P2P networks.

  1. Control protocol: the proposed new CERN standard access procedure to accelerator equipment

    Control protocol provides a normalized access procedure for equipment of the same kind from a control system. Modelisation and the subsequent identification of functionalities with their parameters, variables and attributes have now been carried out at CERN for representative families of devices. ISO specifications, such as the ASN.1 metalanguage for data structure representation and MMS definitions and services have, to some extent, been introduced in the design for generality and compatibility with external world. The final product of this design is totally independent of the control systems and permits object oriented implementations in any controls frame. The present paper describes the different phases of the project with a short overview of the various implementations under development at CERN. (author)

  2. Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

    Jungho Kang

    2015-08-01

    Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

  3. Can “Feature” be used to Model the Changing Access Control Policies?

    K.Shantha Kumari

    2012-11-01

    Full Text Available Access control policies [ACPs] regulate the access to data and resources in information systems. These ACPs are framed from the functional requirements and the Organizational security & privacy policies. It was found to be beneficial, when the ACPs are included in the early phases of the software development leading to secure development of information systems. Many approaches are available for including the ACPs in requirements and design phase. They relied on UML artifacts, Aspects and also Feature for this purpose. But the earlier modeling approaches are limited in expressing the evolving ACPs due to organizational policy changes and business process modifications. In this paper, we analyze, whether “Feature”- defined as an increment in program functionality can be used as a modeling entity to represent the Evolving Access control requirements. We discuss the two prominent approaches that use Feature in modeling ACPs. Also we have a comparative analysis to find the suitability of Features in the context of changing ACPs. We conclude with our findings and provide directions for further research.

  4. A Network Access Control Framework for 6LoWPAN Networks

    Amaro F. de Sousa

    2013-01-01

    Full Text Available Low power over wireless personal area networks (LoWPAN, in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes.

  5. An interaction-based access control model (IBAC) for collaborative services

    Altunay, Mine; /Fermilab; Byrd, Gregory T.; Brown, Doug E.; Dean, Ralph A.; /North Carolina State U.

    2008-04-01

    A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another--e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.

  6. The equipment access software for a distributed UNIX-based accelerator control system

    This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

  7. Interface of the transport systems research vehicle monochrome display system to the digital autonomous terminal access communication data bus

    Easley, W. C.; Tanguy, J. S.

    1986-01-01

    An upgrade of the transport systems research vehicle (TSRV) experimental flight system retained the original monochrome display system. The original host computer was replaced with a Norden 11/70, a new digital autonomous terminal access communication (DATAC) data bus was installed for data transfer between display system and host, while a new data interface method was required. The new display data interface uses four split phase bipolar (SPBP) serial busses. The DATAC bus uses a shared interface ram (SIR) for intermediate storage of its data transfer. A display interface unit (DIU) was designed and configured to read from and write to the SIR to properly convert the data from parallel to SPBP serial and vice versa. It is found that separation of data for use by each SPBP bus and synchronization of data tranfer throughout the entire experimental flight system are major problems which require solution in DIU design. The techniques used to accomplish these new data interface requirements are described.

  8. AN IDENTITY PRESERVATION SCHEME (IDPS FOR ACCESS CONTROL OF HETEROGENEOUS RESOURCES

    GULSHAN AHUJA,

    2011-01-01

    Full Text Available The Service Oriented Architecture (SOA is swiftly enabling inter-organizational processes. Web services are the key elements of modern SOA and are composed of self-describing components that can be used by service requestors across the web in a platform independent manner. Dynamic web services environment includes operations between entities from different domains which typically require uthentication and authorization of service requests. However the assumption that all domains may share a global services registry introduces a variety of challenges like how to establish trust relations among unknown service types, controlling and securing access to resources etc. In this paper, authors have proposed an identity preservation scheme (IDPS which will eliminate the need of validating the identity certificates of a service requestor after a level of trust has been established and verified. The proposed scheme will greatly reduce the amount of authorization work required for accessing a across varied domains.

  9. Gain transient control for wavelength division multiplexed access networks using semiconductor optical amplifiers

    Gibbon, Timothy Braidwood; Osadchiy, Alexey Vladimirovich; Kjær, Rasmus;

    2009-01-01

    Gain transients can severely hamper the upstream network performance in wavelength division multiplexed (WDM) access networks featuring erbium doped fiber amplifiers (EDFAs) or Raman amplification. We experimentally demonstrate for the first time using 10 Gb/s fiber transmission bit error rate...... measurements how a near-saturated semiconductor optical amplifier (SOA) can be used to control these gain transients. An SOA is shown to reduce the penalty of transients originating in an EDFA from 2.3 dB to 0.2 dB for 10 Gb/s transmission over standard single mode fiber using a 231-1 PRBS pattern. The results...... suggest that a single SOA integrated within a WDM receiver at the metro node could offer a convenient all-optical solution for upstream transient controlin WDM access networks....

  10. Reduce Threats in Competitive Intelligence System: A Generic Information Fusion Access Control Model

    Anass El haddadi

    2011-03-01

    Full Text Available Information fusion is a cornerstone of competitive intelligence activity that aims at supporting decisionmaking by collecting, analyzing and disseminating information. This information comes fromheterogeneous data sources. In this paper we present an approach of access control. This approach isfocused both on the information that must be bring to decision-makers and the privacy of individuals whosedata is used to extract this information. This model is based on the standard “Role Based Access Control”(RBAC and is implemented within the entire life cycle of Xplor Every Where (Web service of Tetralogie,it follows methodologies tailored to design privacy-aware systems to be compliant with data protectionregulations.

  11. Design of a control system for self-shielded irradiators with remote access capability

    With self-shielded irradiators like Gamma chambers, and Blood irradiators are being sold by BRIT to customers both within and outside the country, it has become necessary to improve the quality of service without increasing the overheads. The recent advances in the field of communications and information technology can be exploited for improving the quality of service to the customers. A state of the art control system with remote accessibility has been designed for these irradiators enhancing their performance. This will provide an easy access to these units wherever they might be located, through the Internet. With this technology it will now be possible to attend to the needs of the customers, as regards fault rectification, error debugging, system software update, performance testing, data acquisition etc. This will not only reduce the downtime of these irradiators but also reduce the overheads. (author)

  12. Centralized Role-Based Access Control for Federated Multi-Domain Environments

    YU Guangcan; LU Zhengding; LI Ruixuan; MUDAR Sarem

    2006-01-01

    The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.

  13. Design and Analysis of an Attack Resilient and Adaptive Medium access Control Protocol for Computer Networks

    Shukla, Piyush Kumar; Bhadoria, Dr Sarita Singh

    2009-01-01

    The challenge of designing an efficient Medium Access Control (MAC) protocol and analyzing it has been an important research topic for over 30 years. This paper focuses on the performance analysis (through simulation) and modification of a well known MAC protocol CSMA/CD. The existing protocol does not consider the wastage of bandwidth due to unutilized periods of the channel. By considering this fact, performance of MAC protocol can be enhanced. The purpose of this work is to modify the existing protocol by enabling it to adapt according to state of the network. The modified protocol takes appropriate action whenever unutilized periods detected. In this way, to increase the effective bandwidth utilization and determine how it behaves under increasing load, and varying packet sizes. It will also include effects of attacks i.e. Denial of service attacks, Replay Attack, Continuous Channel Access or Exhaustion attack, Flooding attack, Jamming (Radio interference) attack, Selective forwarding attack which degrade...

  14. A fuzzy expert system to Trust-Based Access Control in crowdsourcing environments

    Olusegun Folorunso

    2015-07-01

    Full Text Available Crowdsourcing has been widely accepted across a broad range of application areas. In crowdsourcing environments, the possibility of performing human computation is characterized with risks due to the openness of their web-based platforms where each crowd worker joins and participates in the process at any time, causing serious effect on the quality of its computation. In this paper, a combination of Trust-Based Access Control (TBAC strategy and fuzzy-expert systems was used to enhance the quality of human computation in crowdsourcing environment. A TBAC-fuzzy algorithm was developed and implemented using MATLAB 7.6.0 to compute trust value (Tvalue, priority value as evaluated by fuzzy inference system (FIS and finally generate access decision to each crowd-worker. In conclusion, the use of TBAC is feasible in improving quality of human computation in crowdsourcing environments.

  15. In-home Power Line Communication Media Access Control Protocol Based on Collision Resolution

    WANG Bo; HUANG Pei-wei; ZHONG You-ping; QI Ying-hao

    2009-01-01

    Most existing media access control (MAC) protocols in power line communication (PLC) networks just discard the colliding data packets when collision occurs. The collision deteriorates throughput and delay performance of system under high traffic conditions. This article presents a novel media access scheme with fast collision resolution for in-home power line networks. It works by first recognizing the colliding stations through detecting the inserted unique ID sequence ahead of data packets, then the source nodes retransmitting their packets immediately after the collision slot. The proposed protocol maintains the benefits of ALOHA systems. It needs no scheduling overhead and is suitable for bursty sources, such as multimedia data packets. Computer simulations have demonstrated that this approach can achieve high throughput due to its ability of resolving collisions.

  16. Towards scalable parellelism in Monte Carlo particle transport codes using remote memory access

    Romano, Paul K [Los Alamos National Laboratory; Brown, Forrest B [Los Alamos National Laboratory; Forget, Benoit [MIT

    2010-01-01

    One forthcoming challenge in the area of high-performance computing is having the ability to run large-scale problems while coping with less memory per compute node. In this work, they investigate a novel data decomposition method that would allow Monte Carlo transport calculations to be performed on systems with limited memory per compute node. In this method, each compute node remotely retrieves a small set of geometry and cross-section data as needed and remotely accumulates local tallies when crossing the boundary of the local spatial domain. initial results demonstrate that while the method does allow large problems to be run in a memory-limited environment, achieving scalability may be difficult due to inefficiencies in the current implementation of RMA operations.

  17. 78 FR 41993 - Transport Handling Specialists, Inc.-Continuance in Control Exemption-RSL Railroad, LLC

    2013-07-12

    ... From the Federal Register Online via the Government Publishing Office DEPARTMENT OF TRANSPORTATION Surface Transportation Board Transport Handling Specialists, Inc.--Continuance in Control Exemption--RSL Railroad, LLC Transport Handling Specialists, Inc. (THS), has filed a verified notice of exemption...

  18. The role of transportation control measures in California's air pollution control strategy

    In California, significant progress has been made to control emissions from industrial sources as well as from motor vehicles. Nonetheless, policy analysts still debate over whether it makes sense to control motor vehicle emissions through legislated reductions in vehicle use, especially when new vehicle emission standards are becoming even more stringent in California. In this paper, the emission reduction benefits of California's new low-emission vehicles and clean fuels program are reviewed. The air quality management plans of three major metropolitan areas in California are examined, to identify emission reductions needed to meet federal and state air quality standards. For each of these three areas, emission reductions expected from transportation control measure implementation are presented. Then, the extent to which the reductions are open-quotes significantclose quotes and relied upon in each of the local attainment efforts is analyzed. The emission reductions expected from the stringent exhaust emission standards of California's new low-emission vehicles and clean fuels program will not be sufficient to meet mandated clean air standards in the study areas. Based upon our review, transportation control measures appear to be necessary components of the air quality management plans in California's major metropolitan areas. The paper concludes that cost-effective transportation control measures (TCMs) will be needed as a complementary strategy to California's stringent tail-pipe standards in moderate to extreme nonattainment areas

  19. Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

    陈卓; 骆婷; 石磊; 洪帆

    2004-01-01

    Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

  20. Dose control in road transport of radioactive material

    The radiation doses to workers in the transport of radioactive material should be as low as reasonably achievable. The average doses of drivers and loaders, sampled in this thesis should be decreased. The demonstration of doses control in a road vehicle with radioactive material required by the current Brazilian regulation, CNEN NE 5.01 should be written in its own printed form with exposure values obtained in normally occupied positions from workers and members of the public, even when the consignment does not need 'exclusive use' (⅀IT ≤50). Through bibliographic research, modeling and field research, this research work shows that this demonstration of the control should be done by writing the registration accumulation of load, limited (⅀IT ≤50), also in the own printed form. It is for a better control method, in order to avoid the use of measuring equipment, to build standardization with foreign regulations, to the current occupational doses of radioprotection technicians, the costs and time, (important for consignment with radiopharmaceuticals short half-life) would be all smaller. Exposure values of the parameters used with this method are smaller than regulatory limits. The segregation distances between loads and the cabins of vehicles shall be showed by Brazilian regulation updated to contribute to these aims. (author)

  1. Transport networks’ accessibility and jobs’ accessibility: the significance of this correlation on the configuration of labor market and their consequences on social configuration in the city Bogotá

    Bacares, Carlos Augusto Olarte

    2011-01-01

    Several researches have been done about transport in Bogotá (Colombia) but no one has treated the impact of the transport network on the configuration of employment in the city. This research has two different aims which are directly interrelated. The definition of the effective size of labor market in the city is necessary to sheds light on the relation of transport accessibility and type of jobs or social classes within different zones in Bogotá. We support the first part of our study on th...

  2. Control of photon transport properties in nanocomposite nanowires

    Moffa, M.; Fasano, V.; Camposeo, A.; Persano, L.; Pisignano, D.

    2016-02-01

    Active nanowires and nanofibers can be realized by the electric-field induced stretching of polymer solutions with sufficient molecular entanglements. The resulting nanomaterials are attracting an increasing attention in view of their application in a wide variety of fields, including optoelectronics, photonics, energy harvesting, nanoelectronics, and microelectromechanical systems. Realizing nanocomposite nanofibers is especially interesting in this respect. In particular, methods suitable for embedding inorganic nanocrystals in electrified jets and then in active fiber systems allow for controlling light-scattering and refractive index properties in the realized fibrous materials. We here report on the design, realization, and morphological and spectroscopic characterization of new species of active, composite nanowires and nanofibers for nanophotonics. We focus on the properties of light-confinement and photon transport along the nanowire longitudinal axis, and on how these depend on nanoparticle incorporation. Optical losses mechanisms and their influence on device design and performances are also presented and discussed.

  3. Control of electronic transport in graphene by electromagnetic dressing.

    Kristinsson, K; Kibis, O V; Morina, S; Shelykh, I A

    2016-01-01

    We demonstrated theoretically that the renormalization of the electron energy spectrum near the Dirac point of graphene by a strong high-frequency electromagnetic field (dressing field) drastically depends on polarization of the field. Namely, linear polarization results in an anisotropic gapless energy spectrum, whereas circular polarization leads to an isotropic gapped one. As a consequence, the stationary (dc) electronic transport in graphene strongly depends on parameters of the dressing field: A circularly polarized field monotonically decreases the isotropic conductivity of graphene, whereas a linearly polarized one results in both giant anisotropy of conductivity (which can reach thousands of percents) and the oscillating behavior of the conductivity as a function of the field intensity. Since the predicted phenomena can be observed in a graphene layer irradiated by a monochromatic electromagnetic wave, the elaborated theory opens a substantially new way to control electronic properties of graphene with light. PMID:26838371

  4. Using GIS modelling to assess accessibility improvements and its potential indirect effects on the environment due to transport infrastructure plans development

    Ortega Pérez, Emilio; Mancebo Quintana, Santiago; Sánchez Vicente, Alfredo; López Suárez, Elena

    2005-01-01

    The Strategic Environmental Assessment Directive (2001/42/EU) establishes that the Environmental Report must include the identification and evaluation of the likely significant effects on the environment of implementing the Plan or Programme due to be studied. Transport Plans usually generate accessibility improvements or facilitate access between two given points on the territory. One indirect impact that this action implies is a likely pressure increase in those areas where a great improvem...

  5. Design for Accessibility

    Herriott, Richard

    2012-01-01

    A report on how nine rail builder, operators and transport designers deal with design for accessibility......A report on how nine rail builder, operators and transport designers deal with design for accessibility...

  6. Experimental Investigation on Transmission Control Protocol Throughput Behavior in Optical Fiber Access Networks

    Tego, Edion; Matera, Francesco; del Buono, Donato

    2016-03-01

    This article describes an experimental investigation on the behavior of transmission control protocol in throughput measurements to be used in the verification of the service-level agreement between the Internet service provider and user in terms of line capacity for ultra-broadband access networks typical of fiber-to-the-x architectures. It is experimentally shown different conditions in high bandwidth-delay product links where the estimation of the line capacity based on a single transmission control protocol session results are unreliable. Simple equations reported in this work, and experimentally verified, point out the conditions in terms of packet loss, time delay, and line capacity, that allow consideration of the reliability of the measurement carried out with a single transmission control protocol session test by adopting a suitable measurement time duration.

  7. A stochastic control approach to Slotted-ALOHA random access protocol

    Pietrabissa, Antonio

    2013-12-01

    ALOHA random access protocols are distributed protocols based on transmission probabilities, that is, each node decides upon packet transmissions according to a transmission probability value. In the literature, ALOHA protocols are analysed by giving necessary and sufficient conditions for the stability of the queues of the node buffers under a control vector (whose elements are the transmission probabilities assigned to the nodes), given an arrival rate vector (whose elements represent the rates of the packets arriving in the node buffers). The innovation of this work is that, given an arrival rate vector, it computes the optimal control vector by defining and solving a stochastic control problem aimed at maximising the overall transmission efficiency, while keeping a grade of fairness among the nodes. Furthermore, a more general case in which the arrival rate vector changes in time is considered. The increased efficiency of the proposed solution with respect to the standard ALOHA approach is evaluated by means of numerical simulations.

  8. Physical protection of hardware and software. Linking access control systems with operational computer systems

    The existence and use of software and networks have generated another possibility for perpetrators to influence systems in nuclear facilities or to prepare malevolent acts. Data security has become an element of physical protection plans, not as an end in itself but as a means to achieve physical protection objectives. Physical protection measures are additional measures, which become necessary when other measures that have to be taken (e.g. in compliance with international standards) are insufficient to prevent a hazard to the protection goals through data manipulation by software and hardware. In planning or assessing data protection measures for the purpose of physical protection, it is necessary to differentiate between applications which can, if manipulated, directly endanger the protection goals. The importance of software protection is growing. In particular, because of ageing of components, the existing instrumentation and control systems with their fixed wiring and discrete elements will have to be updated. Computerized access control systems play an eminent role in the physical protection of a nuclear facility. Therefore, most systems are operated as islands. The paper shows that linking of certain systems with other computer systems is possible without inadmissible drawbacks for the physical protection level. It is shown by means of the example of linking together the computer networks of access control, health physics, the flexitime system, the key administration and the operational management system that such linking of systems in nuclear facilities had hidden advantages for all participants

  9. Directional Medium Access Control (MAC Protocols in Wireless Ad Hoc and Sensor Networks: A Survey

    David Tung Chong Wong

    2015-06-01

    Full Text Available This survey paper presents the state-of-the-art directional medium access control (MAC protocols in wireless ad hoc and sensor networks (WAHSNs. The key benefits of directional antennas over omni-directional antennas are longer communication range, less multipath interference, more spatial reuse, more secure communications, higher throughput and reduced latency. However, directional antennas lead to single-/multi-channel directional hidden/exposed terminals, deafness and neighborhood, head-of-line blocking, and MAC-layer capture which need to be overcome. Addressing these problems and benefits for directional antennas to MAC protocols leads to many classes of directional MAC protocols in WAHSNs. These classes of directional MAC protocols presented in this survey paper include single-channel, multi-channel, cooperative and cognitive directional MACs. Single-channel directional MAC protocols can be classified as contention-based or non-contention-based or hybrid-based, while multi-channel directional MAC protocols commonly use a common control channel for control packets/tones and one or more data channels for directional data transmissions. Cooperative directional MAC protocols improve throughput in WAHSNs via directional multi-rate/single-relay/multiple-relay/two frequency channels/polarization, while cognitive directional MAC protocols leverage on conventional directional MAC protocols with new twists to address dynamic spectrum access. All of these directional MAC protocols are the pillars for the design of future directional MAC protocols in WAHSNs.

  10. An Efficient Medium Access Control Protocol with Parallel Transmission for Wireless Sensor Networks

    Mitsuji Matsumoto

    2012-08-01

    Full Text Available In this paper, we present a novel low power medium access control protocol for wireless sensor networks (WSNs. The proposed protocol, EP-MAC (Efficient MAC with Parallel Transmission achieves high energy efficiency and high packet delivery ratio under different traffic load. EP-MAC protocol is basically based on the Time Division Multiple Access (TDMA approach. The power of Carrier Sense Multiple Access (CSMA is used in order to offset the fundamental problems that the stand-alone TDMA method suffers from, i.e., problems such as lack of scalability, adaptability to varying situations, etc. The novel idea behind the EP-MAC is that it uses the parallel transmission concept with the TDMA link scheduling. EP-MAC uses the methods for the transmission power adjustment, i.e., uses the minimum level power necessary to reach the intended neighbor within a specified bit error rate [BER] target. This reduces energy consumption, as well as further enhances the scope of parallel transmission of the protocol. The simulation studies support the theoretical results, and validate the efficiency of our proposed EP-MAC protocol.

  11. A Model-driven Role-based Access Control for SQL Databases

    Raimundas Matulevičius

    2015-07-01

    Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

  12. A High Throughput Medium Access Control Implementation Based on IEEE 802.11e Standard

    Huang, Min Li; Lee, Jin; Setiawan, Hendra; Ochi, Hiroshi; Park, Sin-Chong

    With the growing demand for high-performance multimedia applications over wireless channels, we need to develop a Medium Access Control (MAC) system that supports high throughput and quality of service enhancements. This paper presents the standard analysis, design architecture and design issues leading to the implementation of an IEEE 802.11e based MAC system that supports MAC throughput of over 100Mbps. In order to meet the MAC layer timing constraints, a hardware/software co-design approach is adopted. The proposed MAC architecture is implemented on the Xilinx Virtex-II Pro Field-Programmable Gate Array (FPGA) (XC2VP70-5FF1704C) prototype, and connected to a host computer through an external Universal Serial Bus (USB) interface. The total FPGA resource utilization is 11, 508 out of 33, 088 (34%) available slices. The measured MAC throughput is 100.7Mbps and 109.2Mbps for voice and video access categories, transmitted at a data rate of 260Mbps based on IEEE 802.11n Physical Layer (PHY), using the contention-based hybrid coordination function channel access mechanism.

  13. Context-Sensitive Access Control Policy Evaluation and Enforcement Using Vulnerability Exploitation Data

    Hassan Rasheed

    2013-09-01

    Full Text Available Conventional approaches for adapting security enforcement in the face of attacks rely on administrators to make policy changes that will limit damage to the system. Paradigm shifts in the capabilities of attack tools demand supplementary strategies that can also adjust policy enforcement dynamically. We extend the current research by proposing an approach for integrating real-time security assessment data into access control systems. Critical application scenarios are tested to examine the impact of using risk data in policy evaluation and enforcement.

  14. Medium Access Control for Thermal Energy Harvesting in Advanced Metering Infrastructures

    Vithanage, Madava D.; Fafoutis, Xenofon; Andersen, Claus Bo;

    2013-01-01

    the potential energy that can be harvested from Low Surface Temperature (LST) radiators. The experiments are based on a developed Energy-Harvesting Heat Cost Allocator (EH-HCA) prototype. On the basis of this measured power budget, we model and analytically compare the currently used Medium Access...... Control (MAC) scheme of an industrial case study (IMR+) to a MAC scheme specifically designed for energy harvesting systems (ODMAC). Our analytical comparison shows the efficiency of the latter, as well as its ability to adapt to harvested ambient energy....

  15. 角色访问控制%Role based Access Control Model

    毛碧波; 孙玉芳

    2003-01-01

    Role based access control (RBAC)was proposed in 70's, and prevailed in 90's, and then Sandhu etc pro-posed formal RBAC model. Now RBAC is attracting increasing attention, and many governmental and commercial or-ganizations have adopted it, its importance is more and more apparent. In this paper we illuminates the distinctionsand similarities of role and user groups, and based the model that was proposed by Sandhu, we examine the relation-ship of role hierarchies and role constraints and formally describes that, and explain the most important part of roleconstraints ,which is separation of duties.

  16. Locks and raspberries: a comparative study of single-board computers for access control

    Romin, Andreas

    2016-01-01

    Over the past decade, there has been a drastic development of the single-board computer market. These computers are now in a position where they can compete with classic embedded hardware. Such fast improvement has led ASSA ABLOY, a well-known lock and security company, to see value in replacing some of their existing access control hardware with an off-the-shelf single-board computer. Therefore, a comparative study of single-board computers was performed for this company. Some of the compare...

  17. GSM-Based Wireless Database Access For Food And Drug Administration And Control

    Engr. Prof Hyacinth C. Inyiama; Engr. Mrs Lois Nwobodo; Engr. Dr. Mrs. Christiana C. Okezie; Engr. Mrs. Nkolika O. Nwazor

    2012-01-01

    GSM (Global system for mobile communication) based wireless database access for food and drug administration and control is a system that enables one to send a query to the database using the short messaging system (SMS) for information about a particular food or drug. It works in such a way that a user needs only send an SMS in order to obtain information about a particular drug produced by a pharmaceutical industry. The system then receives the SMS, interprets it and uses its contents to qu...

  18. Authenticated Blind Issuing of Symmetric Keys for Mobile Access Control System without Trusted Parties

    Shin-Yan Chiou

    2013-01-01

    Mobile authentication can be used to verify a mobile user’s identity. Normally this is accomplished through the use of logon passwords, but this can raise the secret-key agreement problem between entities. This issue can be resolved by using a public-key cryptosystem, but mobile devices have limited computation ability and battery capacity and a PKI is needed. In this paper, we propose an efficient, non-PKI, authenticated, and blind issued symmetric key protocol for mobile access control syst...

  19. A Flexible Component based Access Control Architecture for OPeNDAP Services

    Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

    2010-05-01

    Network data access services such as OPeNDAP enable widespread access to data across user communities. However, without ready means to restrict access to data for such services, data providers and data owners are constrained from making their data more widely available. Even with such capability, the range of different security technologies available can make interoperability between services and user client tools a challenge. OPeNDAP is a key data access service in the infrastructure under development to support the CMIP5 (Couple Model Intercomparison Project Phase 5). The work is being carried out as part of an international collaboration including the US Earth System Grid and Curator projects and the EU funded IS-ENES and Metafor projects. This infrastructure will bring together Petabytes of climate model data and associated metadata from over twenty modelling centres around the world in a federation with a core archive mirrored at three data centres. A security system is needed to meet the requirements of organisations responsible for model data including the ability to restrict data access to registered users, keep them up to date with changes to data and services, audit access and protect finite computing resources. Individual organisations have existing tools and services such as OPeNDAP with which users in the climate research community are already familiar. The security system should overlay access control in a way which maintains the usability and ease of access to these services. The BADC (British Atmospheric Data Centre) has been working in collaboration with the Earth System Grid development team and partner organisations to develop the security architecture. OpenID and MyProxy were selected at an early stage in the ESG project to provide single sign-on capability across the federation of participating organisations. Building on the existing OPeNDAP specification an architecture based on pluggable server side components has been developed at the BADC

  20. F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing

    Wei Ren

    2016-01-01

    Full Text Available Current file storage service models for cloud servers assume that users either belong to single layer with different privileges or cannot authorize privileges iteratively. Thus, the access control is not fine-grained and flexible. Besides, most access control methods at cloud servers mainly rely on computationally intensive cryptographic algorithms and, especially, may not be able to support highly dynamic ad hoc groups with addition and removal of group members. In this paper, we propose a scheme called F2AC, which is a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. F2AC can not only achieve iterative authorization, authentication with tailored policies, and access control for dynamically changing accessing groups, but also provide access privilege transition and revocation. A new access control model called directed tree with linked leaf model is proposed for further implementations in data structures and algorithms. The extensive analysis is given for justifying the soundness and completeness of F2AC.

  1. Federally Qualified Health Centers Minimize the Impact of Loss of Frequency and Independence of Movement in Older Adult Patients through Access to Transportation Services

    Krystal Elaine Knight

    2011-01-01

    Loss of mobility in older adults (65 and older) is associated with falling, loss of independence, and mortality. This paper, which to the author's knowledge is the first of its kind, summarizes findings of Federally Qualified Health Center (FQHC) case reports and how FQHCs minimize the impacts of mobility loss in older adult patients (who would not receive primary services without these transportation programs) by providing access to primary care services through transportation programs. This...

  2. The regulation of glucose transport in the heart of control and diabetic rats: With special emphasis on the glucose transporter

    Glucose transport regulation with insulin and high perfusion pressure in the perfused rat hearts from control and diabetic rat hearts was investigated. [3H]-cytochalasin B binding assay was used to study the distribution of glucose transporters within the subcellular membranes fractionated by linear sucrose density gradient centrifugation. In the present study, insulin increased glucose uptake in the perfused heart of control and diabetic animals. This coincided with an increase of glucose transporters on the plasma membrane. The increase in glucose transporters on the plasma membrane could not be accounted for by a decrease of glucose transporters from the microsomal membranes. High perfusion pressure did not change the number of glucose transporters on the plasma membrane compared to basal in the control and diabetic animals, though it increased glucose uptake above that observed for insulin in the control. Instead, high perfusion pressure altered the distribution of glucose transporters within the subcellular membranes in reverse to that with insulin, increasing an intermediate membrane pool believed to reside between the plasma membrane and microsomal membranes as well as the intracellular membrane pool

  3. Phloem transport: a review of mechanisms and controls.

    De Schepper, Veerle; De Swaef, Tom; Bauweraerts, Ingvar; Steppe, Kathy

    2013-11-01

    It is generally believed that an osmotically generated pressure gradient drives the phloem mass flow. So far, this widely accepted Münch theory has required remarkably few adaptations, but the debate on alternative and additional hypotheses is still ongoing. Recently, a possible shortcoming of the Münch theory has been pointed out, suggesting that the Münch pressure flow is more suitable for herbs than for trees. Estimation of the phloem resistance indicates that a point might be reached in long sieve tubes where the pressure required to drive the Münch flow cannot be generated. Therefore, the relay hypothesis regained belief as it implies that the sieve tubes are shorter then the plant's axial axis. In the source phloem, three different loading strategies exist which probably result from evolutionary advantages. Passive diffusion seems to be the most primitive one, whereas active loading strategies substantially increase the growth potential. Along the transport phloem, a leakage-retrieval mechanism is observed. Appreciable amounts of carbohydrates are lost from the sieve tubes to feed the lateral sinks, while a part of these lost carbohydrates is subsequently reloaded into the sieve tubes. This mechanism is probably involved to buffer short-term irregularities in phloem turgor and gradient. In the long term, the mechanism controls the replenishment and remobilization of lateral stem storage tissues. As phloem of higher plants has multiple functions in plant development, reproduction, signalling, and growth, the fundamental understanding of the mechanisms behind phloem transport should be elucidated to increase our ability to influence plant growth and development. PMID:24106290

  4. Controls on radium transport by adsorption to iron minerals

    Chen, M.; Wang, T.; Kocar, B. D.

    2015-12-01

    Radium is a naturally occurring radioactive metal found in many subsurface environments. Radium isotopes are generated by uranium and thorium decay, and are particularly abundant within groundwaters where minimal porewater flux leads to accumulation. These isotopes are used as natural tracers for estimating submarine groundwater discharge (SGD) [1], allowing for large scale estimation of GW fluxes into and out of the ocean [2]. They also represent a substantial hazard in wastewater produced after hydraulic fracturing for natural gas extraction [3], resulting in a significant risk of environmental release to surface and near-surface waters, and increased cost for water treatment or disposal. Adsorption to mineral surfaces represents a dominant pathway of radium retention in subsurface environments. For SGD studies, adsorption processes impact estimates of GW fluxes, while in hydraulic fracturing, radium adsorption to aquifer solids mediates wastewater radium activities. Analysis of past sorption studies revealed large variability in partition coefficients [4], while examination of radium adsorption kinetics and surface complexation have only recently started [5]. Accordingly, we present the results of sorption and column experiments of radium with a suite of iron minerals representative of those found within deep saline and near-surface (freshwater) aquifers, and evaluate impacts of varying salinity solutions through artificial waters. Further, we explore the impacts of pyrite oxidation and ferrihydrite transformation to other iron-bearing secondary minerals on the transport and retention of radium. These results will provide critical information on the mineralogical controls on radium retention in subsurface environments, and will therefore improve predictions of radium groundwater transport in natural and contaminated systems. [1] Charette, M.A., Buesseler, K.O. & Andrews, J.E., Limnol. Oceanogr. (2001). [2] Moore, W.S., Ann. Rev. Mar. Sci. (2010). [3] Vengosh, A

  5. Design and analysis of a biometric access control system using an electronic olfactory device to identify human odour characteristics

    McMillan, Stephen

    2000-01-01

    The use of an electronic olfactory device, termed an electronic 'nose', was investigated for the detection of unique human odour characteristics. The detection of these unique odours was applied to the field of biometrics for access control, where a human's unique characteristics were used to authenticate a user of an access control system. An electronic odour sensing device was designed and constructed using an array of conducting polymer gas sensors in order to facilitate the regular screen...

  6. Security analysis and improvements of authentication and access control in the Internet of Things.

    Ndibanje, Bruce; Lee, Hoon-Jae; Lee, Sang-Gon

    2014-01-01

    Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al. (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18-21 June 2012, pp. 588-592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost. PMID:25123464

  7. Improved efficiency access control equipment and explosive, weapons and drug abuse detection

    The second generation portal explosives detector has been designed with increased detection capability and convenience in service. The method of detection and performance relative to the first generation is described. A novel method of auto-calibration and self diagnosis is described and results are discussed. Improvements in convenience of operation have been achieved and operating space and costs reduced by combining metal detection capability, together with explosives detection. This allows both alarm signal and diagnostic outputs to be combined on a single remote panel in the guard room, and reduces the number of guards needed to man the access control. This type of access control is entirely a defensive measure against attack but a further additional feature is proposed which will also check the state of mind of all personnel passing through the check point. Any person suffering from the effect of narcotic or alcohol will be detected by their inability to reproduce their normal signature. A new method of signature analysis in five dimensions is described together with proposals for integrating the check without increasing the time in the test area. Some recent results on the effects of alcohol on signature reproduction is given

  8. OBLIVIOUS TRANSFER WITH ACCESS CONTROL AND IDENTITYBASED ENCRYPTION WITH ANONYMOUS KEY ISSUING

    Xu Lingling; Zhang Fangguo; Wen Yamin

    2011-01-01

    In ACM'CCS 2009,Camenisch,et al.proposed the Obhvious Transfer with Access Control (AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the attributes in the associated set.Namely,AC-OT achieves access control policy for conjunction of attributes.Essentially,the functionality of AC-OT is equivalent to the simplified version that we call AC-OT-SV:for each item,one attribute is associated with it,and it is requested that only the users who possess the associated attribute can obtain the item by queries.On one hand,AC-OT-SV is a special case of AC-OT when there is just one associated attribute with each item.On the other hand,any AC-OT can be realized by an AC-OT-SV.In this paper,we first present a concrete AC-OT-SV protocol which is proved to be secure in the model defined by Camenisch,et al..Then from the protocol,interestingly,a concrete Identity-Based Encryption (IBE) with Anonymous Key Issuing (AKI) is given which is just a direct application to AC-OT-SV.By comparison,we show that the AKI protocol we present is more efficient in communications than that proposed by Chow.

  9. Design of a Distributed Personal Information Access Control Scheme for Secure Integrated Payment in NFC

    Jungho Kang

    2015-06-01

    Full Text Available At the center of core technologies for a future cyber world, such as Internet of Things (IoT or big data, is a context-rich system that offers services by using situational information. The field where context-rich systems were first introduced is near-field communication (NFC-based electronic payments. Near-field Communication (NFC integrated payment services collect the payment information of the credit card and the location information to generate patterns in the user’s consumption or movement through big data technology. Based on such pattern information, tailored services, such as advertisement, are offered to users. However, there is difficulty in controlling access to personal information, as there is a collaborative relationship focused on the trusted service manager (TSM that is close knit to shared personal information. Moreover, in the case of Hadoop, among the many big data analytical technologies, it offers access control functions, but not a way to authorize the processing of personal information, making it impossible to grant authority between service providers to process information. As such, this paper proposes a key generation and distribution method, as well as a secure communication protocol. The analysis has shown that the efficiency was greater for security and performance compared to relation works.

  10. CONTEXT BASED ANDROID APPLICATIONADMINISTRATIVE ACCESS CONTROL (CBAA–AAC FOR SMART PHONES

    S. Sharavanan

    2016-07-01

    Full Text Available Android applications in smart phones are generally towards provide greater flexibility and convince for users. Considering the fact that the Android applications are having privilege to access data and resources in mobile after it gets installed (one time permission provided by end user on the time installation, these application may also lead to issues in security for the user data as well as issues relate smart phone with peripheral environment. A practical example for an issue which relates smart phone with peripheral environment can be even an Android smart phone application of a college student use camera resource to capture photos of R&D cell and transfer without user or organization permission. The security of the organization and user should be prevented by providing an adoptable solution. The proposed concept of CBAA-AAC (Context Based Android Application Administrative Access Control is used to control the privileges of any Android application over a corresponding longitude and latitude by the organization administrator. In this way, administrator is able to block malicious application of every individual smart phone which can have activity towards utilizing services and resources that may affect the security of the organization, such an move is must for assuring security of any organization and educational institutions while they allow users to “bring their own smart phones/mobile devices” into the campus.

  11. Gate controllable resistive random access memory devices using reduced graphene oxide

    Hazra, Preetam; Resmi, A. N.; Jinesh, K. B.

    2016-04-01

    The biggest challenge in the resistive random access memory (ReRAM) technology is that the basic operational parameters, such as the set and reset voltages, the current on-off ratios (hence the power), and their operational speeds, strongly depend on the active and electrode materials and their processing methods. Therefore, for its actual technological implementations, the unification of the operational parameters of the ReRAM devices appears to be a difficult task. In this letter, we show that by fabricating a resistive memory device in a thin film transistor configuration and thus applying an external gate bias, we can control the switching voltage very accurately. Taking partially reduced graphene oxide, the gate controllable switching is demonstrated, and the possible mechanisms are discussed.

  12. On the Design of Energy Efficient Optical Networks with Software Defined Networking Control Across Core and Access Networks

    Wang, Jiayuan; Yan, Ying; Dittmann, Lars

    2013-01-01

    This paper presents a Software Defined Networking (SDN) control plane based on an overlay GMPLS control model. The SDN control platform manages optical core networks (WDM/DWDM networks) and the associated access networks (GPON networks), which makes it possible to gather global information and...

  13. On the Design of Energy Efficient Optical Networks with Software Defined Networking Control Across Core and Access Networks

    Wang, Jiayuan; Yan, Ying; Dittmann, Lars

    This paper presents a Software Defined Networking (SDN) control plane based on an overlay GMPLS control model. The SDN control platform manages optical core networks (WDM/DWDM networks) and the associated access networks (GPON networks), which makes it possible to gather global information and...

  14. Bank Access Control of Electronic Payment Based on SPKI%基于SPKI电子支付中的银行端访问控制

    王茜; 王富强; 傅鹤岗; 朱庆生

    2003-01-01

    In the system of electronic payment based on SPKI, access control of bank acts as the important function of identification, protecting customer's privacy and ensuring payment. The paper proposes the model of bank access control, and describes the frame and the steps of the access control. Finally, the paper analyzes the characteristics of the model.

  15. Controllable spin-charge transport in strained graphene nanoribbon devices

    Diniz, Ginetom S., E-mail: ginetom@gmail.com; Guassi, Marcos R. [Institute of Physics, University of Brasília, 70919-970, Brasília-DF (Brazil); Qu, Fanyao [Institute of Physics, University of Brasília, 70919-970, Brasília-DF (Brazil); Department of Physics, The University of Texas at Austin, Austin, Texas 78712 (United States)

    2014-09-21

    We theoretically investigate the spin-charge transport in two-terminal device of graphene nanoribbons in the presence of a uniform uniaxial strain, spin-orbit coupling, exchange field, and smooth staggered potential. We show that the direction of applied strain can efficiently tune strain-strength induced oscillation of band-gap of armchair graphene nanoribbon (AGNR). It is also found that electronic conductance in both AGNR and zigzag graphene nanoribbon (ZGNR) oscillates with Rashba spin-orbit coupling akin to the Datta-Das field effect transistor. Two distinct strain response regimes of electronic conductance as function of spin-orbit couplings magnitude are found. In the regime of small strain, conductance of ZGNR presents stronger strain dependence along the longitudinal direction of strain. Whereas for high values of strain shows larger effect for the transversal direction. Furthermore, the local density of states shows that depending on the smoothness of the staggered potential, the edge states of AGNR can either emerge or be suppressed. These emerging states can be determined experimentally by either spatially scanning tunneling microscope or by scanning tunneling spectroscopy. Our findings open up new paradigms of manipulation and control of strained graphene based nanostructure for application on novel topological quantum devices.

  16. Controllable spin transport in dual-gated silicene

    Wang, Yu, E-mail: ywang@semi.ac.cn [Department of Physics, Faculty of Science, Kunming University of Science and Technology, Kunming, 650500 Yunnan (China); Lou, Yiyi [Center of Student Community Education and Management, Kunming University of Science and Technology, Kunming, 650500 Yunnan (China)

    2014-07-11

    Based on the dual-gated silicene, we have evaluated theoretically the spin-dependent transport in lateral resonant tunneling structure. By aligning the completely valley-polarized beam with spin-resolved well state in concerned structure, large spin polarization can be expected owing to spin-dependent resonant tunneling mechanism. Under the gate electric field modulation, the forming quantum well state can be externally manipulated, triggering further the emergence of externally-controllable spin polarization. Importantly, integrating the considered structure with a proper valley-filter, which might be constructed from valley-contrasting physics as that in graphene valleytronics, completely-polarized spin beam can also be attained without the assistance of ferromagnetic component, providing thus some profitable strategies to develop nonmagnetic spintronic devices residing on silicene. - Highlights: • Dual-gated silicene forms a lateral spin-resonant tunneling diode. • Resonant spin polarization can be electrically modulated in the concerned spin-RTD. • Dual-gated silicene can be used as beam-dependent spin/valley filter.

  17. PANATIKI: A Network Access Control Implementation Based on PANA for IoT Devices

    Antonio F. Gomez Skarmeta

    2013-11-01

    Full Text Available Internet of Things (IoT networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA has been standardized by the Internet engineering task force (IETF to carry the Extensible Authentication Protocol (EAP, which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1 to demonstrate the feasibility of EAP/PANA in IoT devices; (2 to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS, called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.

  18. PANATIKI: a network access control implementation based on PANA for IoT devices.

    Moreno Sanchez, Pedro; Marin Lopez, Rafa; Gomez Skarmeta, Antonio F

    2013-01-01

    Internet of Things (IoT) networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP)-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data) or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA) services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA) has been standardized by the Internet engineering task force (IETF) to carry the Extensible Authentication Protocol (EAP), which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1) to demonstrate the feasibility of EAP/PANA in IoT devices; (2) to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS), called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices. PMID:24189332

  19. 48 CFR 247.370 - DD Form 1384, Transportation Control and Movement Document.

    2010-10-01

    ... 48 Federal Acquisition Regulations System 3 2010-10-01 2010-10-01 false DD Form 1384... Transportation in Supply Contracts 247.370 DD Form 1384, Transportation Control and Movement Document. The transportation office of the shipping activity prepares the DD Form 1384 to accompany all shipments made...

  20. Energy-Efficient Boarder Node Medium Access Control Protocol for Wireless Sensor Networks

    Abdul Razaque

    2014-03-01

    Full Text Available This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC for wireless sensor networks (WSNs, which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN, which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS, which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS, which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  1. Energy-efficient boarder node medium access control protocol for wireless sensor networks.

    Razaque, Abdul; Elleithy, Khaled M

    2014-01-01

    This paper introduces the design, implementation, and performance analysis of the scalable and mobility-aware hybrid protocol named boarder node medium access control (BN-MAC) for wireless sensor networks (WSNs), which leverages the characteristics of scheduled and contention-based MAC protocols. Like contention-based MAC protocols, BN-MAC achieves high channel utilization, network adaptability under heavy traffic and mobility, and low latency and overhead. Like schedule-based MAC protocols, BN-MAC reduces idle listening time, emissions, and collision handling at low cost at one-hop neighbor nodes and achieves high channel utilization under heavy network loads. BN-MAC is particularly designed for region-wise WSNs. Each region is controlled by a boarder node (BN), which is of paramount importance. The BN coordinates with the remaining nodes within and beyond the region. Unlike other hybrid MAC protocols, BN-MAC incorporates three promising models that further reduce the energy consumption, idle listening time, overhearing, and congestion to improve the throughput and reduce the latency. One of the models used with BN-MAC is automatic active and sleep (AAS), which reduces the ideal listening time. When nodes finish their monitoring process, AAS lets them automatically go into the sleep state to avoid the idle listening state. Another model used in BN-MAC is the intelligent decision-making (IDM) model, which helps the nodes sense the nature of the environment. Based on the nature of the environment, the nodes decide whether to use the active or passive mode. This decision power of the nodes further reduces energy consumption because the nodes turn off the radio of the transceiver in the passive mode. The third model is the least-distance smart neighboring search (LDSNS), which determines the shortest efficient path to the one-hop neighbor and also provides cross-layering support to handle the mobility of the nodes. The BN-MAC also incorporates a semi

  2. Perceptions of transport corridors and intermodal transport - as ways to control the space of freight transport flows

    Hansen, Leif Gjesing

    2009-01-01

    . In this study stakeholders from Danish and Norwegian ports, ferry operators, train operators, forwarding and road haulage firms has been interviewed in order to analyse how logistical decision-making affect the organisational and physical configuration of intermodal transport solutions in the transport corridor...

  3. Measuring and controlling the transport of magnetic nanoparticles

    Stephens, Jason R.

    increases with pore diameter. We find that fluxes are faster in aqueous solutions than in hexane, which is attributed to the hydrophilic nature of the porous membranes and differences in wettability. The impact of an applied magnetic flux gradient, which induces magnetization and motion, on permeation is also examined. Surface chemistry plays an important role in determining flux through porous media such as in the environment. Diffusive flux of nanoparticles through alkylsilane modified porous alumina is measured as a model for understanding transport in porous media of differing surface chemistries. Experiments are performed as a function of particle size, pore diameter, attached hydrocarbon chain length and chain terminus, and solvent. Particle fluxes are monitored by the change in absorbance of the solution in the receiving side of a diffusion cell. In general, flux increases when the membranes are modified with alkylsilanes compared to untreated membranes, which is attributed to the hydrophobic nature of the porous membranes and differences in wettability. We find that flux decreases, in both hexane and aqueous solutions, when the hydrocarbon chain lining the interior pore wall increases in length. The rate and selectivity of transport across these membranes is related to the partition coefficient (Kp) and the diffusion coefficient (D) of the permeating species. By conducting experiments as a function of initial particle concentration, we find that KpD increases with increasing particle size, is greater in alkylsilane--modified pores, and larger in hexane solution than water. The impact of the alkylsilane terminus (--CH3, --Br, --NH2, --COOH) on permeation in water is also examined. In water, the highest KpD is observed when the membranes are modified with carboxylic acid terminated silanes and lowest with amine terminated silanes as a result of electrostatic effects during translocation. Finally, the manipulation of magnetic nanoparticles for the controlled formation

  4. A Cloud-Assisted Random Linear Network Coding Medium Access Control Protocol for Healthcare Applications

    Kartsakli, Elli; Antonopoulos, Angelos; Alonso, Luis; Verikoukis, Christos

    2014-01-01

    Relay sensor networks are often employed in end-to-end healthcare applications to facilitate the information flow between patient worn sensors and the medical data center. Medium access control (MAC) protocols, based on random linear network coding (RLNC), are a novel and suitable approach to efficiently handle data dissemination. However, several challenges arise, such as additional delays introduced by the intermediate relay nodes and decoding failures, due to channel errors. In this paper, we tackle these issues by adopting a cloud architecture where the set of relays is connected to a coordinating entity, called cloud manager. We propose a cloud-assisted RLNC-based MAC protocol (CLNC-MAC) and develop a mathematical model for the calculation of the key performance metrics, namely the system throughput, the mean completion time for data delivery and the energy efficiency. We show the importance of central coordination in fully exploiting the gain of RLNC under error-prone channels. PMID:24618727

  5. Study on Mandatory Access Control in a Secure Database Management System

    2001-01-01

    This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

  6. RFID card based access control system with counter for Indus Complex

    As per norms of the Atomic energy regulatory board (AERB) to operate a facility in round the clock which has a potential of radiation exposure, radiation safety rules are to be followed. Indus -1 and Indus-2 are synchrotron radiation sources which are open for various users round the clock. To monitor the persons inside the defined zone at any given time, a system is setup consisting of RF ID cards and their readers along with dedicated software. Software is developed in Visual Basic and uses UDP network protocol for receiving data from readers installed at various locations and connected to local area network. The paper describes the access control scheme followed in Indus Accelerator Complex. (author)

  7. A novel distributed algorithm for media access control address assignment in wireless sensor networks

    TIAN Ye; SHENG Min; LI Jiandong

    2007-01-01

    This Paper presents a novel distributed media access control(MAC)address assignment algorithm,namely virtual grid spatial reusing(VGSR),for wireless sensor networks,which reduces the size of the MAC address efficiently on the basis of both the spatial reuse of MAC address and the mapping of geographical position.By adjusting the communication range of sensor nodes,VGSR algorithm can minimize the size of MAC address and meanwhile guarantee the connectivity of the sensor network.Theoretical analysis and experimental results show that VGSR algorithm is not only of low energy cost,but also scales well with the network ize,with its performance superior to that of other existing algorithms.

  8. Separation of Duty and Context Constraints For Contextual Role-Based Access Control (C-RBAC

    Muhammad Nabeel Tahir

    2009-03-01

    Full Text Available This paper presents the separation of duty and context constraints of recently proposed Contextual Role-Based Access Control Model C-RBAC. Constraints in C-RBAC enabled the specification of a rich set of Separation of Duty (SoD constraints over spatial purpose roles. In healthcare environment in which user roles are position and are purpose dependant, the notion of SoD is still meaningful and relevant to the concept of conflict of interest. SoD may be defined as Static Separation of Duty (SSoD and Dynamic Separation of Duty (DSoD depending on whether exclusive role constraints are evaluated against the user-role assignment set or against the set of roles activated in user’s session. In particular, the model is capable of expressing a wider range of constraints on spatial domains, location hierarchy schemas, location hierarchy instances, spatial purposes and spatial purpose roles.

  9. Access Control in IoT/M2M - Cloud Platform

    Anggorojati, Bayu

    Billions of devices are connected to the Internet nowadays, and the number will continue to grow in the future thanks to the advances in the electronics and telecommunication technology developments. Its application in broad aspects of human’s life brings a lot of benefits by improving productivity...... a big role to perform tracking of RFID tags. Scalability and efficiency are two important requirements in location management when big numbers of tags are moving from one reading location to the others, i.e. being mobile. Thus, designing a fine-grained access control along with scalable location...... for both sides. The study also includes a general fact that each node has a set of assets or resources with different values. Finally, an optimum strategy for both attacker and defender will be derived by considering their respective costs and benefits....

  10. A Time Tree Medium Access Control for Energy Efficiency and Collision Avoidance in Wireless Sensor Networks

    Kilhung Lee

    2010-03-01

    Full Text Available This paper presents a medium access control and scheduling scheme for wireless sensor networks. It uses time trees for sending data from the sensor node to the base station. For an energy efficient operation of the sensor networks in a distributed manner, time trees are built in order to reduce the collision probability and to minimize the total energy required to send data to the base station. A time tree is a data gathering tree where the base station is the root and each sensor node is either a relaying or a leaf node of the tree. Each tree operates in a different time schedule with possibly different activation rates. Through the simulation, the proposed scheme that uses time trees shows better characteristics toward burst traffic than the previous energy and data arrival rate scheme.

  11. Cooperative Medium Access Control Protocol for Mobile Ad-hoc Networks using Spatial Diversity

    Tazeem Ahmad Khan

    2013-10-01

    Full Text Available Enhancement the Performance of MANET (Mobile Ad-hoc Network using spatial diversity. Spatial diversity implemented using cooperative transmission technique in Medium access control (MAC layer level protocol. In noisy environment limit the network performance like coverage area, limit number of node, degrade packet transmission rate, increase packet loss rate etc. In this paper enhance the source to destination transmission range, minimize the packet loss, improve packet transmission rate and appropriate end to end delay. When direct link is fail to transmit packet then Cooperative scheme help to transmit packet. Cooperative scheme is to help the packet transmission with five handshakes instead of four. This scheme implemented in MANET network on MAC layer protocol. Cooperative scheme improve the performance with help of intermediate node between sources to destination. We are performance analysis using discrete simulator NS-2 in MANET. Our performance based on MAC layer level with cooperative scheme in IEEE WLAN standard CSMA/CA protocol.

  12. Near-Optimal Deviation-Proof Medium Access Control Designs in Wireless Networks

    Phan, Khoa Tran; van der Schaar, Mihaela

    2010-01-01

    Distributed medium access control (MAC) protocols are essential for the proliferation of low cost, decentralized wireless local area networks (WLANs). Most MAC protocols are designed with the presumption that nodes comply with prescribed rules. However, selfish nodes have natural motives to manipulate protocols in order to improve their own performance. This often degrades the performance of other nodes as well as that of the overall system. In this work, we propose a class of protocols that limit the performance gain which nodes can obtain through selfish manipulation while incurring only a small efficiency loss. The proposed protocols are based on the idea of a review strategy, with which nodes collect signals about the actions of other nodes over a period of time, use a statistical test to infer whether or not other nodes are following the prescribed protocol, and trigger a punishment if a departure from the protocol is perceived. We consider the cases of private and public signals and provide analytical a...

  13. 基于XACML的EPCIS访问控制模型%Access Control Model for EPCIS Based on XACML

    李景峰; 李云鹏

    2013-01-01

    根据供应链系统对EPC信息服务(EPCIS)提出的访问控制需求,设计一种基于可扩展访问控制标记语言(XACML)的EPCIS访问控制模型.模型中的访问控制执行接口利用方法拦截技术实现对访问请求的拦截,并生成决策上下文对象.访问控制服务组件基于决策上下文对象中包含的用户、资源、环境和动作属性实现对访问请求的动态评估.安全通信组件利用安全性断言标记语言,结合缓存机制实现XACML授权请求/响应的实时传输.访问控制流程表明,该模型能够实现灵活的访问控制策略部署和管理,具有供应链产品信息访问控制的动态性、异构性等特点.%The special access control requirements of EPC Information Service(EPCIS) in the supply chains are analyzed,and an EPCIS access control model based on Extensible Access Control Markup Language(XACML) is presented.The access control execution interface in the model can intercept the access requests by using the method intercepting technology,and produce the corresponding judgment context.Based on the user property,resource property,environment property and action property,which are included into the judgment context,the access control service component can dynamically assess the access requests.The secure communication component can effectively provide the real-time transmission for XACML authorization request/response messages,by combining the Security Assertion Markup Language(SAML) and the caching mechanism.The access control workflow indicates that the model can implement the flexible and variable deployment and management of the access control strategies,which is well fit for implement highly dynamic and heterogeneous access control function for the product information in the supply chains.

  14. Simulation-Based Planning and Control of Transport Flows in Port Logistic Systems

    Antonio Diogo Passos Lima; Frederico Werner de Mascarenhas; Enzo Morosini Frazzon

    2015-01-01

    In highly dynamic and uncertain transport conditions, transport transit time has to be continuously monitored so that the service level is ensured at a proper cost. The aim of this research is to propose and to test a procedure which allows an agile planning and control of transport flows in port logistic systems. The procedure couples an agent-based simulation and a queueing theory model. In this paper, the transport scheduling performed by an agent at the intermodal terminal was taken into ...

  15. Error Resistant Real-Time Transport Control Protocol

    S. Shahbazi

    2009-01-01

    Full Text Available Problem statement: Real-time Transport Control Protocol (RTCP protocol has been the subject of various criticisms due its problematic performance in large-scale networks. S-RTCP is a protocol with high potential as it has proved to be able to solve many problems of RTCP. It has numerous flaws on its own. This study aimed at dealing with flaws of S-RTCP and improving it in terms of stability and packet loss. Approach: A new proposed scheme was designed. Modifications included designing multi-manager scheme, improving parent-seeking procedures, reducing distribution of request packets, reforming the design to be independent from TTL, adding methods to check on sanity of manager nodes. This study considered packet loss ratio of below 2% as desirable. Results: ER-RTCP comparing to legacy RTCP in terms of packet loss using NS-2 in four different scenarios revealed improvements between 73 and 88% for various scenarios. It also kept packet loss rate below 2% for all scenarios. Comparison of ER-RTCP to S-RTCP showed that based on different α (stability of each single manager values, ER-RTCP was more stable as it showed more resistance to entire scheme breakdown (β. ER-RTCP's parent-seeking procedure, as modeled scenario revealed a packet generation reduction of 97%, compared to S-RTCP’s. In occurrence of parent AG leave or loss, ER-RTCP reduced request packet generation by 95%. Allowance of AG dismissing in ER-RTCP, avoided occurrence of packet loss, as sample scenario showed S-RTCP experiencing packet loss of 3.5% while ER-RTCP kept packet loss at zero in theory. Conclusion: Proposed design improved S-RTCP in terms of reduction of packet loss and stability.

  16. Coordinated Scheduling and Power Control in Cloud-Radio Access Networks

    Douik, Ahmed

    2015-12-01

    This paper addresses the joint coordinated scheduling and power control problem in cloud-enabled networks. Consider the downlink of a cloud-radio access network (CRAN), where the cloud is only responsible for the scheduling policy, power control, and synchronization of the transmit frames across the single-antenna base-stations (BS). The transmit frame consists of several time/frequency blocks, called power-zones (PZ). The paper considers the problem of scheduling users to PZs and determining their power levels (PL), by maximizing the weighted sum-rate under the practical constraints that each user cannot be served by more than one base-station, but can be served by one or more power-zones within each base-station frame. The paper solves the problem using a graph theoretical approach by introducing the joint scheduling and power control graph formed by several clusters, where each is formed by a set of vertices, representing the possible association of users, BSs, and PLs for one specific PZ. The problem is, then, formulated as a maximumweight clique problem, in which the weight of each vertex is the sum of the benefits of the individual associations belonging to that vertex. Simulation results suggest that the proposed crosslayer scheme provides appreciable performance improvement as compared to schemes from recent literature.

  17. Cloud and the City: Facilitating Flexible Access Control over Data Streams

    Wang, Wen Qiang; Lim, Hock Beng; Datta, Anwitaman

    2012-01-01

    The proliferation of sensing devices create plethora of data-streams, which in turn can be harnessed to carry out sophisticated analytics to support various real-time applications and services as well as long-term planning, e.g., in the context of intelligent cities or smart homes to name a few prominent ones. A mature cloud infrastructure brings such a vision closer to reality than ever before. However, we believe that the ability for data-owners to flexibly and easily to control the granularity at which they share their data with other entities is very important - in making data owners feel comfortable to share to start with, and also to leverage on such fine-grained control to realize different business models or logics. In this paper, we explore some basic operations to flexibly control the access on a data stream and propose a framework eXACML+ that extends OASIS's XACML model to achieve the same. We develop a prototype using the commercial StreamBase engine to demonstrate a seamless combination of strea...

  18. Radiation exposure control software with networked data access for nuclear facilities

    The main aim of personnel monitoring programme is to keep checks on the personnel exposure by application of ALARA principle and to ensure compliance with the permissible dose limits specified by ICRP and the National Regulatory Authority. Keeping in mind the requirement of different facilities at the Bhabha Atomic Research Centre site and to have uniform dose control software for all the facilities, programme was developed using Visual Foxpro. Provision is made to store the photograph of the employee in the database. It is a state of the art program in the field of radiation protection using the database management. The main features of the developed software is the Access Control into the Radiation area by controlling the issue and return of Direct Reading Dosimeters (DRD), Thermo luminescent Dosimeters (TLD) on the basis of display of entire dose details of the employee with his photograph, internal dose calculations, weekly reports, monthly and quarterly reports, Dose analysis on the basis of various criteria. The software also gives the DRD- TLD discrepancy report. Data security is built into the software. Practically all the operations carried out in the nuclear facility need some sort of health physics coverage. Budgeting of dose is an important tool to effectively control the collective dose incurred in the Nuclear Facility and can be carried out easily using this package. This concept of dose budgeting represents a set of yardsticks or guidelines for use in controlling the activities, involving radiation exposure. By this approach, the management can evaluate the radiation protection performance at every level of the organisation where a number of independent functional groups work on routine and non-routine jobs. This program has proved very useful in nuclear facilities which employ large number of persons (typically 100 to 1000). (author)

  19. Development of access control system in Fukushima No.2 nuclear power station

    A new radiation work control system has been developed for controlling the entrance and exit of workers from the radiation controlled area in a nuclear power station and has been run in the Fukushima No.2 Nuclear Power Station of Tokyo Electric Power Co. Inc., since October, 1999. The newly developed system uses an access control device (ACD) for automatically lending an alarm-equipped personal dosimeter (APD) to each worker, and also radio communication for gathering dose data while contamination is measured by a body surface monitor upon exit, to reduce the workload for workers. The APD accurately measures both x-rays and γ-rays and sounds an alarm if the set dose level is reached. The ACD incorporates a charging function for 150 dosimeters in addition to the identification (ID) card reading and entrance/exit qualification judgment functions that are available with conventional entrance/exit control devices. Also, at the time of entrance, the ID number and alarm setpoint are written into an APD, which is then lent automatically, thereby making entry quicker and easier for workers. After returning the APD, it can be recharged rapidly and trend data during work can be automatically collected. The body surface monitor system is designed as follows. While contamination of the body surface is being measured at the time of exit, the data of the APD and ID card is read to perform an exit check. After completion of contamination measurement, the results of the exit check and dose data are printed out and collected by the tested person. Radio communication is used to transmit and receive the APD data, and to ensure precise radio communication during body surface monitoring two antennas are used, one for transmission and one for reception, so data can be read during contamination measurement. The developed system reduces workers' burden and improves functionality and reliability. (Suetake, M.)

  20. Automated Analysis of Scenario-based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities (Extended Version)

    Barletta, Michele; Ranise, Silvio; Viganò, Luca

    2012-01-01

    The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are formidable. In particular, access control solutions should be revised to address new challenges, such as the need of using certificates for the identification of users and their attributes, human intervention in the creation or selection of the certificates, and (cha...