Access to primary health care services for Indigenous peoples: A framework synthesis.

Science.gov (United States)

Davy, Carol; Harfield, Stephen; McArthur, Alexa; Munn, Zachary; Brown, Alex

2016-09-30

Indigenous peoples often find it difficult to access appropriate mainstream primary health care services. Securing access to primary health care services requires more than just services that are situated within easy reach. Ensuring the accessibility of health care for Indigenous peoples who are often faced with a vast array of additional barriers including experiences of discrimination and racism, can be complex. This framework synthesis aimed to identify issues that hindered Indigenous peoples from accessing primary health care and then explore how, if at all, these were addressed by Indigenous health care services. To be included in this framework synthesis papers must have presented findings focused on access to (factors relating to Indigenous peoples, their families and their communities) or accessibility of Indigenous primary health care services. Findings were imported into NVivo and a framework analysis undertaken whereby findings were coded to and then thematically analysed using Levesque and colleague's accessibility framework. Issues relating to the cultural and social determinants of health such as unemployment and low levels of education influenced whether Indigenous patients, their families and communities were able to access health care. Indigenous health care services addressed these issues in a number of ways including the provision of transport to and from appointments, a reduction in health care costs for people on low incomes and close consultation with, if not the direct involvement of, community members in identifying and then addressing health care needs. Indigenous health care services appear to be best placed to overcome both the social and cultural determinants of health which hamper Indigenous peoples from accessing health care. Findings of this synthesis also suggest that Levesque and colleague's accessibility framework should be broadened to include factors related to the health care system such as funding.

Object oriented programming techniques applied to device access and control

International Nuclear Information System (INIS)

Goetz, A.; Klotz, W.D.; Meyer, J.

1992-01-01

In this paper a model, called the device server model, has been presented for solving the problem of device access and control faced by all control systems. Object Oriented Programming techniques were used to achieve a powerful yet flexible solution. The model provides a solution to the problem which hides device dependancies. It defines a software framework which has to be respected by implementors of device classes - this is very useful for developing groupware. The decision to implement remote access in the root class means that device servers can be easily integrated in a distributed control system. A lot of the advantages and features of the device server model are due to the adoption of OOP techniques. The main conclusion that can be drawn from this paper is that 1. the device access and control problem is adapted to being solved with OOP techniques, 2. OOP techniques offer a distinct advantage over traditional programming techniques for solving the device access problem. (J.P.N.)

Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis

Institute of Scientific and Technical Information of China (English)

TAN Liang; ZHOU Ming-Tian

2006-01-01

DAC (Discretionary Access Control Policy) is access control based on ownership relations between subject and object, the subject can discretionarily decide on that who, by what methods, can access his owns object. In this paper, the system time is looked as a basic secure element. The DAC_T (Discretionary Access Control Policy with Time Character) is presented and formalized. The DAC_T resolves that the subject can discretionarily decide that who, on when, can access his owns objects. And then the DAC_T is implemented on Linux based on GFAC (General Framework for Access Control), and the algorithm is put forward. Finally, the performance analysis for the DAC_T_Linux is carried out. It is proved that the DAC_T_Linux not only can realize time constraints between subject and object but also can still be accepted by us though its performance have been decreased.

Access control and privilege management in electronic health record: a systematic literature review.

Science.gov (United States)

Jayabalan, Manoj; O'Daniel, Thomas

2016-12-01

This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.

A framework for evaluating distributed control systems in nuclear power plants

International Nuclear Information System (INIS)

O'Donell, C.; Jiang, J.

2004-01-01

A framework for evaluating the use of distributed control systems (DCS) in nuclear power plants (NPP) is proposed in this paper. The framework consists of advanced communication, control, hardware and software technology. This paper presents the results of an experiment using the framework test-bench, and elaborates on a variety of other research possibilities. Using a hardware in the loop system (HIL) a DeltaV M3 controller from Emerson Process is connected to a desktop NPP simulator. The industry standard communication protocol, Modbus, has been selected in this study. A simplified boiler pressure control (BPC) module is created on the NPP simulator. The test-bench provides an interface between the controller and the simulator. Through software monitoring the performance of the DCS can be evaluated. Controller access and response times over the Modbus network are observed and compared with theoretical values. The controller accomplishes its task under the specifications set out for the BPC. This novel framework allows a performance metric to be applied against different industrial controllers. (author)

A Protective Mechanism for the Access Control System in the Virtual Domain

Institute of Scientific and Technical Information of China (English)

Jinan Shen; Deqing Zou; Hai Jin; Kai Yang; Bin Yuan; Weiming Li

2016-01-01

In traditional framework,mandatory access control (MAC) system and malicious software are run in kernel mode.Malicious software can stop MAC systems to be started and make it do invalid.This problem cannot be solved under the traditional framework if the operating system (OS) is comprised since malwares are running in ring0 level.In this paper,we propose a novel way to use hypervisors to protect kernel integrity and the access control system in commodity operating systems.We separate the access control system into three parts:policy management (PM),security server (SS) and policy enforcement (PE).Policy management and the security server reside in the security domain to protect them against malware and the isolation feather of the hypervisor can protect them from attacks.We add an access vector cache (AVC) between SS and PE in the guest OS,in order to speed up communication between the guest OS and the security domain.The policy enforcement module is retained in the guest OS for performance.The security of AVC and PE can be ensured by using a memory protection mechanism.The goal of protecting the OS kemel is to ensure the security of the execution path.We implement the system by a modified Xen hypervisor.The result shows that we can secure the security of the access control system in the guest OS with no overhead compared with modules in the latter.Our system offers a centralized security policy for virtual domains in virtual machine environments.

An Access Control and Trust Management Framework for Loosely-Coupled Multidomain Environments

Science.gov (United States)

Zhang, Yue

2010-01-01

Multidomain environments where multiple organizations interoperate with each other are becoming a reality as can be seen in emerging Internet-based enterprise applications. Access control to ensure secure interoperation in such an environment is a crucial challenge. A multidomain environment can be categorized as "tightly-coupled" and…

Formalization of the Access Control on ARM-Android Platform with the B Method

Science.gov (United States)

Ren, Lu; Wang, Wei; Zhu, Xiaodong; Man, Yujia; Yin, Qing

2018-01-01

ARM-Android is a widespread mobile platform with multi-layer access control mechanisms, security-critical in the system. Many access control vulnerabilities still exist due to the course-grained policy and numerous engineering defects, which have been widely studied. However, few researches focus on the mechanism formalization, including the Android permission framework, kernel process management and hardware isolation. This paper first develops a comprehensive formal access control model on the ARM-Android platform using the B method, from the Android middleware to hardware layer. All the model specifications are type checked and proved to be well-defined, with 75%of proof obligations demonstrated automatically. The results show that the proposed B model is feasible to specify and verify access control schemes in the ARM-Android system, and capable of implementing a practical control module.

A theoretical framework for an access programme encompassing ...

African Journals Online (AJOL)

A theoretical framework for an access programme encompassing further education training: remedy for educational wastage? ... learners who have dropped out of school without completing their secondary-school education, there are the special needs of adult learners in the workplace that must be taken into consideration.

Public Access to Government Electronic Information. Policy Framework.

Science.gov (United States)

Bulletin of the American Society for Information Science, 1992

1992-01-01

This policy framework provides guidelines for federal agencies on public access to government electronic information. Highlights include reasons for disseminating information; defining user groups; which technology to use; pricing flexibility; security and privacy issues; and the private sector and state and local government roles. (LRW)

What is access to radiation therapy? A conceptual framework and review of influencing factors.

Science.gov (United States)

Sundaresan, Puma; Stockler, Martin R; Milross, Christopher G

2016-02-01

Optimal radiation therapy (RT) utilisation rates (RURs) have been defined for various cancer indications through extensive work in Australia and overseas. These benchmarks remain unrealised. The gap between optimal RUR and actual RUR has been attributed to inadequacies in 'RT access'. We aimed to develop a conceptual framework for the consideration of 'RT access' by examining the literature for existing constructs and translating it to the context of RT services. We further aimed to use this framework to identify and examine factors influencing 'RT access'. Existing models of health care access were reviewed and used to develop a multi-dimensional conceptual framework for 'RT access'. A review of the literature was then conducted to identify factors reported to affect RT access and utilisation. The electronic databases searched, the host platform and date range of the databases searched were Ovid MEDLINE, 1946 to October 2014 and PsycINFO via OvidSP,1806 to October 2014. The framework developed demonstrates that 'RT access' encompasses opportunity for RT as well as the translation of this opportunity to RT utilisation. Opportunity for RT includes availability, affordability, adequacy (quality) and acceptability of RT services. Several factors at the consumer, referrer and RT service levels affect the translation of this opportunity for RT to actual RT utilisation. 'Access' is a term that is widely used in the context of health service related research, planning and political discussions. It is a multi-faceted concept with many descriptions. We propose a conceptual framework for the consideration of 'RT access' so that factors affecting RT access and utilisation may be identified and examined. Understanding these factors, and quantifying them where possible, will allow objective evaluation of their impact on RT utilisation and guide implementation of strategies to modify their effects.

Access Agent Improving The Performance Of Access Control Lists

Directory of Open Access Journals (Sweden)

Thelis R. S.

2015-08-01

Full Text Available The main focus of the proposed research is maintaining the security of a network. Extranet is a popular network among most of the organizations where network access is provided to a selected group of outliers. Limiting access to an extranet can be carried out using Access Control Lists ACLs method. However handling the workload of ACLs is an onerous task for the router. The purpose of the proposed research is to improve the performance and to solidify the security of the ACLs used in a small organization. Using a high performance computer as a dedicated device to share and handle the router workload is suggested in order to increase the performance of the router when handling ACLs. Methods of detecting and directing sensitive data is also discussed in this paper. A framework is provided to help increase the efficiency of the ACLs in an organization network using the above mentioned procedures thus helping the organizations ACLs performance to be improved to be more secure and the system to perform faster. Inbuilt methods of Windows platform or Software for open source platforms can be used to make a computer function as a router. Extended ACL features allow the determining of the type of packets flowing through the router. Combining these mechanisms allows the ACLs to be improved and perform in a more efficient manner.

Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns

NARCIS (Netherlands)

Demchenko, Y.; Ngo, C.; de Laat, C.; Lee, C.

2014-01-01

This paper presents on-going research to define the basic models and architecture patterns for federated access control in heterogeneous (multi-provider) multi-cloud and inter-cloud environment. The proposed research contributes to the further definition of Intercloud Federation Framework (ICFF)

A self-description data framework for Tokamak control system design

Energy Technology Data Exchange (ETDEWEB)

Zhang, Ming; Zhang, Jing [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Zheng, Wei, E-mail: zhengwei@hust.edu.cn [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Hu, Feiran; Zhuang, Ge [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China)

2015-10-15

Highlights: • The SDD framework can be applied to different Tokamak devices. • We explain how configuration settings of control systems are described in SDD models, namely components and connections. • Evolving SDD models are stored in a dynamic schema database. • The SDD editor supports plug-and-play SDD models. - Abstract: A Tokamak device consists of numerous control systems, which need to be integrated. CODAC (Control, Data Access and Communication) system requires the configuration settings of these control systems to carry out the integration smoothly. SDD (Self-description data) is designed to describe the static configuration of control systems. ITER CODAC group has released an SDD software package for control system designers to manage the static configuration, but it is specific for ITER plant control systems. Following the idea of ITER SDD, we developed a flexible and scalable SDD framework to develop SDD software for J-TEXT and other sophisticated devices. The SDD framework describes the configuration settings of various control systems, including physical and logical elements and their relation information, in SDD models which are classified into Components and Connections. The framework is composed of three layers: the MongoDB database, an open-source, dynamic schema, NoSQL (Not Only SQL) database; the SDD service, which maps SDD models to MongoDB and handles the transaction and business logic; the SDD applications, which can be used to create and maintain SDD information, and generate various kinds of output using the stored SDD information.

A self-description data framework for Tokamak control system design

International Nuclear Information System (INIS)

Zhang, Ming; Zhang, Jing; Zheng, Wei; Hu, Feiran; Zhuang, Ge

2015-01-01

Highlights: • The SDD framework can be applied to different Tokamak devices. • We explain how configuration settings of control systems are described in SDD models, namely components and connections. • Evolving SDD models are stored in a dynamic schema database. • The SDD editor supports plug-and-play SDD models. - Abstract: A Tokamak device consists of numerous control systems, which need to be integrated. CODAC (Control, Data Access and Communication) system requires the configuration settings of these control systems to carry out the integration smoothly. SDD (Self-description data) is designed to describe the static configuration of control systems. ITER CODAC group has released an SDD software package for control system designers to manage the static configuration, but it is specific for ITER plant control systems. Following the idea of ITER SDD, we developed a flexible and scalable SDD framework to develop SDD software for J-TEXT and other sophisticated devices. The SDD framework describes the configuration settings of various control systems, including physical and logical elements and their relation information, in SDD models which are classified into Components and Connections. The framework is composed of three layers: the MongoDB database, an open-source, dynamic schema, NoSQL (Not Only SQL) database; the SDD service, which maps SDD models to MongoDB and handles the transaction and business logic; the SDD applications, which can be used to create and maintain SDD information, and generate various kinds of output using the stored SDD information.

A Conceptual Framework of Mapping Access to Health Care across EU Countries: The Patient Access Initiative.

Science.gov (United States)

Souliotis, Kyriakos; Hasardzhiev, Stanimir; Agapidaki, Eirini

Research evidence suggests that access to health care is the key influential factor for improved population health outcomes and health care system sustainability. Although the importance of addressing barriers in access to health care across European countries is well documented, little has been done to improve the situation. This is due to different definitions, approaches and policies, and partly due to persisting disparities in access within and between European countries. To bridge this gap, the Patient Access Partnership (PACT) developed (a) the '5As' definition of access, which details the five critical elements (adequacy, accessibility, affordability, appropriateness, and availability) of access to health care, (b) a multi-stakeholders' approach for mapping access, and (c) a 13-item questionnaire based on the 5As definition in an effort to address these obstacles and to identify best practices. These tools are expected to contribute effectively to addressing access barriers in practice, by suggesting a common framework and facilitating the exchange of knowledge and expertise, in order to improve access to health care between and within European countries. © 2016 S. Karger AG, Basel.

Android Security Framework: Enabling Generic and Extensible Access Control on Android

OpenAIRE

Backes, Michael; Bugiel, Sven; Gerling, Sebastian; von Styp-Rekowsky, Philipp

2014-01-01

We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ...

An Internet of Things Based Multi-Level Privacy-Preserving Access Control for Smart Living

Directory of Open Access Journals (Sweden)

Usama Salama

2018-05-01

Full Text Available The presence of the Internet of Things (IoT in healthcare through the use of mobile medical applications and wearable devices allows patients to capture their healthcare data and enables healthcare professionals to be up-to-date with a patient’s status. Ambient Assisted Living (AAL, which is considered as one of the major applications of IoT, is a home environment augmented with embedded ambient sensors to help improve an individual’s quality of life. This domain faces major challenges in providing safety and security when accessing sensitive health data. This paper presents an access control framework for AAL which considers multi-level access and privacy preservation. We focus on two major points: (1 how to use the data collected from ambient sensors and biometric sensors to perform the high-level task of activity recognition; and (2 how to secure the collected private healthcare data via effective access control. We achieve multi-level access control by extending Public Key Infrastructure (PKI for secure authentication and utilizing Attribute-Based Access Control (ABAC for authorization. The proposed access control system regulates access to healthcare data by defining policy attributes over healthcare professional groups and data classes classifications. We provide guidelines to classify the data classes and healthcare professional groups and describe security policies to control access to the data classes.

European union water policy--tasks for implementing "Water Framework Directive" in pre-accession countries.

Science.gov (United States)

Sözen, Seval; Avcioglu, Ebru; Ozabali, Asli; Görgun, Erdem; Orhon, Derin

2003-08-01

Water Framework Directive aiming to maintain and improve the aquatic environment in the EU was launched by the European Parliament in 2000. According to this directive, control of quantity is an ancillary element in securing good water quality and therefore measures on quantity, serving the objective of ensuring good quality should also be established. Accordingly, it is a comprehensive and coordinated package that will ensure all European waters to be protected according to a common standard. Therefore, it refers to all other Directives related to water resources management such as Urban Wastewater Treatment Directive Nitrates Directive, Drinking Water Directive, Integrated Pollution Prevention Control etc. Turkey, as a candidate state targeting full-membership, should comply the necessary preparations for the implementation of the "Water Framework Directive" as soon as possible. In this study, the necessary legislative, political, institutional, and technical attempts of the pre-accession countries have been discussed and effective recommendations have been offered for future activities in Turkey.

Android Access Control Extension

Directory of Open Access Journals (Sweden)

Anton Baláž

2015-12-01

Full Text Available The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

A federated capability-based access control mechanism for internet of things (IoTs)

Science.gov (United States)

Xu, Ronghua; Chen, Yu; Blasch, Erik; Chen, Genshe

2018-05-01

The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access

Directory of Open Access Journals (Sweden)

Simon de Lusignan

2016-01-01

Full Text Available Background The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed.Objective To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access.Method The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences.Results The framework contains three steps: (1 identifying possible ethical and privacy principles relevant to the project; (2 providing ethics and privacy guidance questions that inform the type of approval needed; and (3 assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics, privacy and data access.

Science.gov (United States)

De Lusignan, Simon; Liyanage, Harshana; Di Iorio, Concetta Tania; Chan, Tom; Liaw, Siaw-Teng

2016-01-19

The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed. To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access. The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics-related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences. The framework contains three steps: (1) identifying possible ethical and privacy principles relevant to the project; (2) providing ethics and privacy guidance questions that inform the type of approval needed; and (3) assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.

COSO internal control integrated framework 2013

CERN Document Server

American Institute of Certified Public Accountants

2013-01-01

Issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the 2013 Internal Control – Integrated Framework(Framework) is expected to help organizations design and implement internal control in light of many changes in business and operating environments since the issuance of the original Framework in 1992. The new Framework retains the core definition of internal control and the five components of internal control, and it continues to emphasize the importance of management judgment in designing, implementing, and conducting a system of internal control, and in assessing its effectiveness. It broadens the application of internal control in addressing operations and reporting objectives, and clarifies the requirements for determining what constitutes effective internal control.

Efficient Access Control in Multimedia Social Networks

Science.gov (United States)

Sachan, Amit; Emmanuel, Sabu

Multimedia social networks (MMSNs) have provided a convenient way to share multimedia contents such as images, videos, blogs, etc. Contents shared by a person can be easily accessed by anybody else over the Internet. However, due to various privacy, security, and legal concerns people often want to selectively share the contents only with their friends, family, colleagues, etc. Access control mechanisms play an important role in this situation. With access control mechanisms one can decide the persons who can access a shared content and who cannot. But continuously growing content uploads and accesses, fine grained access control requirements (e.g. different access control parameters for different parts in a picture), and specific access control requirements for multimedia contents can make the time complexity of access control to be very large. So, it is important to study an efficient access control mechanism suitable for MMSNs. In this chapter we present an efficient bit-vector transform based access control mechanism for MMSNs. The proposed approach is also compatible with other requirements of MMSNs, such as access rights modification, content deletion, etc. Mathematical analysis and experimental results show the effectiveness and efficiency of our proposed approach.

Perti Net-Based Workflow Access Control Model

Institute of Scientific and Technical Information of China (English)

陈卓; 骆婷; 石磊; 洪帆

2004-01-01

Access control is an important protection mechanism for information systems. This paper shows how to make access control in workflow system. We give a workflow access control model (WACM) based on several current access control models. The model supports roles assignment and dynamic authorization. The paper defines the workflow using Petri net. It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM). Finally, an example of an e-commerce workflow access control model is discussed in detail.

Application-Defined Decentralized Access Control

Science.gov (United States)

Xu, Yuanzhong; Dunn, Alan M.; Hofmann, Owen S.; Lee, Michael Z.; Mehdi, Syed Akbar; Witchel, Emmett

2014-01-01

DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users. For both local and networked file systems, its execution time overhead is between 0%–9% on file system microbenchmarks, and under 1% on applications. This paper shows the design and implementation of DCAC, as well as several real-world use cases, including sandboxing applications, enforcing server applications’ security policies, supporting NFS, and authenticating user-defined sub-principals in SSH, all with minimal code changes. PMID:25426493

Access control system operation

International Nuclear Information System (INIS)

Barnes, L.D.

1981-06-01

An automated method for the control and monitoring of personnel movement throughout the site was developed under contract to the Department of Energy by Allied-General Nuclear Services (AGNS) at the Barnwell Nuclear Fuel Plant (BNFP). These automated features provide strict enforcement of personnel access policy without routine patrol officer involvement. Identification methods include identification by employee ID number, identification by voice verification and identification by physical security officer verification. The ability to grant each level of access authority is distributed over the organization to prevent any single individual at any level in the organization from being capable of issuing an authorization for entry into sensitive areas. Each access event is recorded. As access events occur, the inventory of both the entered and the exited control area is updated so that a current inventory is always available for display. The system has been operated since 1979 in a development mode and many revisions have been implemented in hardware and software as areas were added to the system. Recent changes have involved the installation of backup systems and other features required to achieve a high reliability. The access control system and recent operating experience are described

Cardea: Dynamic Access Control in Distributed Systems

Science.gov (United States)

Lepro, Rebekah

2004-01-01

Modern authorization systems span domains of administration, rely on many different authentication sources, and manage complex attributes as part of the authorization process. This . paper presents Cardea, a distributed system that facilitates dynamic access control, as a valuable piece of an inter-operable authorization framework. First, the authorization model employed in Cardea and its functionality goals are examined. Next, critical features of the system architecture and its handling of the authorization process are then examined. Then the S A M L and XACML standards, as incorporated into the system, are analyzed. Finally, the future directions of this project are outlined and connection points with general components of an authorization system are highlighted.

A service-oriented data access control model

Science.gov (United States)

Meng, Wei; Li, Fengmin; Pan, Juchen; Song, Song; Bian, Jiali

2017-01-01

The development of mobile computing, cloud computing and distributed computing meets the growing individual service needs. Facing with complex application system, it's an urgent problem to ensure real-time, dynamic, and fine-grained data access control. By analyzing common data access control models, on the basis of mandatory access control model, the paper proposes a service-oriented access control model. By regarding system services as subject and data of databases as object, the model defines access levels and access identification of subject and object, and ensures system services securely to access databases.

Access control, security, and trust a logical approach

CERN Document Server

Chin, Shiu-Kai

2010-01-01

Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

Enterprise Dynamic Access Control (EDAC)

National Research Council Canada - National Science Library

Fernandez, Richard

2005-01-01

.... Resources can represent software applications, web services and even facility access. An effective access control model should be capable of evaluating resource access based on user characteristics and environmentals...

Cross-Layer Framework for Fine-Grained Channel Access in Next Generation High-Density WiFi Networks

Institute of Scientific and Technical Information of China (English)

ZHAO Haitao; ZHANG Shaojie; Emiliano Garcia-Palacios

2016-01-01

Densely deployed WiFi networks will play a crucial role in providing the capacity for next generation mobile internet.However,due to increasing interference,overlapped channels in WiFi networks and throughput efficiency degradation,densely deployed WiFi networks is not a guarantee to obtain higher throughput.An emergent challenge is how to efficiently utilize scarce spectrum resources,by matching physical layer resources to traffic demand.In this aspect,access control allocation strategies play a pivotal role but remain too coarse-grained.As a solution,this research proposes a flexible framework for fine-grained channel width adaptation and multi-channel access in WiFi networks.This approach,named SFCA (Subcarrier Fine-grained Channel Access),adopts DOFDM (Discontinuous Orthogonal Frequency Division Multiplexing) at the PHY layer.It allocates the frequency resource with a subcarrier granularity,which facilitates the channel width adaptation for multi-channel access and thus brings more flexibility and higher frequency efficiency.The MAC layer uses a frequencytime domain backoff scheme,which combines the popular time-domain BEB scheme with a frequency-domain backoff to decrease access collision,resulting in higher access probability for the contending nodes.SFCA is compared with FICA (an established access scheme) showing significant outperformance.Finally we present results for next generation 802.11 ac WiFi networks.

Flexible Access Control for Dynamic Collaborative Environments

NARCIS (Netherlands)

Dekker, M.A.C.

2009-01-01

Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect

Access Control Based on Trail Inference

Directory of Open Access Journals (Sweden)

ALBARELO, P. C.

2015-06-01

Full Text Available Professionals are constantly seeking qualification and consequently increasing their knowledge in their area of expertise. Thus, it is interesting to develop a computer system that knows its users and their work history. Using this information, even in the case of professional role change, the system could allow the renewed authorization for activities, based on previously authorized use. This article proposes a model for user access control that is embedded in a context-aware environment. The model applies the concept of trails to manage access control, recording activities usage in contexts and applying this history as a criterion to grant new accesses. Despite the fact that previous related research works consider contexts, none of them uses the concept of trails. Hence, the main contribution of this work is the use of a new access control criterion, namely, the history of previous accesses (trails. A prototype was implemented and applied in an evaluation based on scenarios. The results demonstrate the feasibility of the proposal, allowing for access control systems to use an alternative way to support access rights.

Attributes Enhanced Role-Based Access Control Model

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

2015-01-01

as an important area of research. In this paper, we propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that not only takes contextual information into account while making the access control...... decisions but is also suitable for applications where access to resources is controlled by exploiting contents of the resources in the policy....

IAACaaS: IoT Application-Scoped Access Control as a Service

Directory of Open Access Journals (Sweden)

Álvaro Alonso

2017-10-01

Full Text Available access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

Joint control algorithm in access network

Institute of Scientific and Technical Information of China (English)

2008-01-01

To deal with long probing delay and inaccurate probing results in the endpoint admission control method,a joint local and end-to-end admission control algorithm is proposed,which introduces local probing of access network besides end-to-end probing.Through local probing,the algorithm accurately estimated the resource status of the access network.Simulation shows that this algorithm can improve admission control performance and reduce users' average waiting time when the access network is heavily loaded.

Virtual shelves in a digital library: a framework for access to networked information sources.

Science.gov (United States)

Patrick, T B; Springer, G K; Mitchell, J A; Sievert, M E

1995-01-01

Develop a framework for collections-based access to networked information sources that addresses the problem of location-dependent access to information sources. This framework uses a metaphor of a virtual shelf. A virtual shelf is a general-purpose server that is dedicated to a particular information subject class. The identifier of one of these servers identifies its subject class. Location-independent call numbers are assigned to information sources. Call numbers are based on standard vocabulary codes. The call numbers are first mapped to the location-independent identifiers of virtual shelves. When access to an information resource is required, a location directory provides a second mapping of these location-independent server identifiers to actual network locations. The framework has been implemented in two different systems. One system is based on the Open System Foundation/Distributed Computing Environment and the other is based on the World Wide Web. This framework applies in new ways traditional methods of library classification and cataloging. It is compatible with two traditional styles of selecting information searching and browsing. Traditional methods may be combined with new paradigms of information searching that will be able to take advantage of the special properties of digital information. Cooperation between the library-informational science community and the informatics community can provide a means for a continuing application of the knowledge and techniques of library science to the new problems of networked information sources.

Integrating Attributes into Role-Based Access Control

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim; Jensen, Christian D.; Krishnan, Ram

2015-01-01

of research recently. We propose an access control model that combines the two models in a novel way in order to unify their benefits. Our approach provides a fine-grained access control mechanism that takes into account the current contextual information while making the access control decisions....

Aber-OWL: a framework for ontology-based data access in biology

KAUST Repository

Hoehndorf, Robert

2015-01-28

Background: Many ontologies have been developed in biology and these ontologies increasingly contain large volumes of formalized knowledge commonly expressed in the Web Ontology Language (OWL). Computational access to the knowledge contained within these ontologies relies on the use of automated reasoning. Results: We have developed the Aber-OWL infrastructure that provides reasoning services for bio-ontologies. Aber-OWL consists of an ontology repository, a set of web services and web interfaces that enable ontology-based semantic access to biological data and literature. Aber-OWL is freely available at http://aber-owl.net. Conclusions: Aber-OWL provides a framework for automatically accessing information that is annotated with ontologies or contains terms used to label classes in ontologies. When using Aber-OWL, access to ontologies and data annotated with them is not merely based on class names or identifiers but rather on the knowledge the ontologies contain and the inferences that can be drawn from it.

The Joint COntrols Project Framework

CERN Document Server

González-Berges, M

2003-01-01

The Framework is one of the subprojects of the Joint COntrols Project (JCOP), which is collaboration between the four LHC experiments and CERN. By sharing development, this will reduce the overall effort required to build and maintain the experiment control systems. As such, the main aim of the Framework is to deliver a common set of software components, tools and guidelines that can be used by the four LHC experiments to build their control systems. Although commercial components are used wherever possible, further added value is obtained by customisation for HEP-specific applications. The supervisory layer of the Framework is based on the SCADA tool PVSS, which was selected after a detailed evaluation. This is integrated with the front-end layer via both OPC (OLE for Process Control), an industrial standard, and the CERN-developed DIM (Distributed Information Management System) protocol. Several components are already in production and being used by running fixed-target experiments at CERN as well as for th...

Access control and personal identification systems

CERN Document Server

Bowers, Dan M

1988-01-01

Access Control and Personal Identification Systems provides an education in the field of access control and personal identification systems, which is essential in selecting the appropriate equipment, dealing intelligently with vendors in purchases of the equipment, and integrating the equipment into a total effective system. Access control devices and systems comprise an important part of almost every security system, but are seldom the sole source of security. In order for the goals of the total system to be met, the other portions of the security system must also be well planned and executed

Hybrid Solution for Privacy-Preserving Access Control for Healthcare Data

Directory of Open Access Journals (Sweden)

SMITHAMOL, M. B.

2017-05-01

Full Text Available The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use.

Access control and service-oriented architectures

NARCIS (Netherlands)

Leune, C.J.

2007-01-01

Access Control and Service-Oriented Architectures" investigates in which way logical access control can be achieved effectively, in particular in highly dynamic environments such as service-oriented architectures (SOA's). The author combines state-of-the-art best-practice and projects these onto the

Network Access Control For Dummies

CERN Document Server

Kelley, Jay; Wessels, Denzil

2009-01-01

Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride. You'll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you'll become familiar with what NAC is (and what it isn't) as well as the key business drivers for deploying NAC.Learn the step

Research of user access control for networked manufacturing system

Institute of Scientific and Technical Information of China (English)

ZHENG Xiao-lin; LEI Yu; CHEN De-ren

2006-01-01

An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS).Based on the analysis of the security issues in networked manufacturing system,an integrated user access control method composed of role-based access control (RBAC),task-based access control (TBAC),relationship-driven access control (RDAC)and coalition-based access control (CBAC) was proposed,including the hierarchical user relationship model,the reference model and the process model.The elements and their relationships were defined,and the expressions of constraints authorization were given.The extensible access control markup language (XACML) was used to implement this method.This method was used in the networked manufacturing system in the Shaoxing spinning region of China.The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

A framework for improving access and customer service times in health care: application and analysis at the UCLA Medical Center.

Science.gov (United States)

Duda, Catherine; Rajaram, Kumar; Barz, Christiane; Rosenthal, J Thomas

2013-01-01

There has been an increasing emphasis on health care efficiency and costs and on improving quality in health care settings such as hospitals or clinics. However, there has not been sufficient work on methods of improving access and customer service times in health care settings. The study develops a framework for improving access and customer service time for health care settings. In the framework, the operational concept of the bottleneck is synthesized with queuing theory to improve access and reduce customer service times without reduction in clinical quality. The framework is applied at the Ronald Reagan UCLA Medical Center to determine the drivers for access and customer service times and then provides guidelines on how to improve these drivers. Validation using simulation techniques shows significant potential for reducing customer service times and increasing access at this institution. Finally, the study provides several practice implications that could be used to improve access and customer service times without reduction in clinical quality across a range of health care settings from large hospitals to small community clinics.

Time dependent policy-based access control

DEFF Research Database (Denmark)

Vasilikos, Panagiotis; Nielson, Flemming; Nielson, Hanne Riis

2017-01-01

also on other attributes of the environment such as the time. In this paper, we use systems of Timed Automata to model distributed systems and we present a logic in which one can express time-dependent policies for access control. We show how a fragment of our logic can be reduced to a logic......Access control policies are essential to determine who is allowed to access data in a system without compromising the data's security. However, applications inside a distributed environment may require those policies to be dependent on the actual content of the data, the flow of information, while...... that current model checkers for Timed Automata such as UPPAAL can handle and we present a translator that performs this reduction. We then use our translator and UPPAAL to enforce time-dependent policy-based access control on an example application from the aerospace industry....

Access control within military C4ISR systems

Science.gov (United States)

Maschino, Mike

2003-07-01

Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) tactical battlefield systems must provide the right information and resources to the right individuals at the right time. At the same time, the C4ISR system must enforce access controls to prevent the wrong individuals from obtaining sensitive information, or consuming scarce resources. Because lives, missions and property depend upon them, these access control mechanisms must be effective, reliable, efficient and flexible. The mechanisms employed must suit the nature of the items that are to be protected, as well as the varieties of access policies that must be enforced, and the types of access that will be made to these items. Some access control technologies are inherently centralized, while others are suitable for distributed implementation. The C4ISR architect must select from among the available technologies a combination of mechanisms that eases the burden of policy administration, but is inherently survivable, accurate, resource efficient, and which provides low latency. This paper explores various alternative access enforcement mechanisms, and assesses their effectiveness in managing policy-driven access control within the battlespace.

Break-glass handling exceptional situations in access control

CERN Document Server

Petritsch, Helmut

2014-01-01

Helmut Petritsch describes the first holistic approach to Break-Glass which covers the whole life-cycle: from access control modeling (pre-access), to logging the security-relevant system state during Break-Glass accesses (at-access), and the automated analysis of Break-Glass accesses (post-access). Break-Glass allows users to override security restrictions in exceptional situations. While several Break-Glass models specific to given access control models have already been discussed in research (e.g., extending RBAC with Break-Glass), the author introduces a generic Break-Glass model. The pres

Geospacial information utilized under the access control strategy

Institute of Scientific and Technical Information of China (English)

TIAN Jie; ZHANG Xin-fang; WANG Tong-yang; XIANG Wei; Cheng Ming

2007-01-01

This paper introduces a solution to the secure requirement for digital rights management (DRM) by the way of geospacial access control named geospacial access control (GeoAC) in geospacial field. The issues of authorization for geospacial DRM are concentrated on. To geospacial DRM, one aspect is the declaration and enforcement of access rights, based on geographic aspects. To the approbation of digital geographic content, it is important to adopt online access to geodata through a spacial data infrastructure (SDI). This results in the interoperability requirements on three different levels: data model level, service level and access control level. The interaction between the data model and service level can be obtained by criterions of the open geospacial consortium (OGC), and the interaction of the access control level may be reached by declaring and enforcing access restrictions in GeoAC. Then an archetype enforcement based on GeoAC is elucidated. As one aspect of performing usage rights, the execution of access restrictions as an extension to a regular SDI is illuminated.

Access control mechanism of wireless gateway based on open flow

Science.gov (United States)

Peng, Rong; Ding, Lei

2017-08-01

In order to realize the access control of wireless gateway and improve the access control of wireless gateway devices, an access control mechanism of SDN architecture which is based on Open vSwitch is proposed. The mechanism utilizes the features of the controller--centralized control and programmable. Controller send access control flow table based on the business logic. Open vSwitch helps achieve a specific access control strategy based on the flow table.

Controlling hepatitis C in Rwanda: a framework for a national response.

Science.gov (United States)

Mbituyumuremyi, Aimable; Van Nuil, Jennifer Ilo; Umuhire, Jeanne; Mugabo, Jules; Mwumvaneza, Mutagoma; Makuza, Jean Damascene; Umutesi, Justine; Nsanzimana, Sabin; Gupta, Neil

2018-01-01

With the introduction of direct-acting antiviral drugs, treatment of hepatitis C is both highly effective and tolerable. Access to treatment for patients, however, remains limited in low- and middle-income countries due to the lack of supportive health infrastructure and the high cost of treatment. Poorer countries are being encouraged by international bodies to organize public health responses that would facilitate the roll-out of care and treatment on a national scale. Yet few countries have documented formal plans and policies. Here, we outline the approach taken in Rwanda to a public health framework for hepatitis C control and care within the World Health Organization hepatitis health sector strategy. This includes the development and implementation of policies and programmes, prevention efforts, screening capacity, treatment services and strategic information systems. We highlight key successes by the national programme for the control and management of hepatitis C: establishment of national governance and planning; development of diagnostic capacity; approval and introduction of direct-acting antiviral treatments; training of key personnel; generation of political will and leadership; and fostering of key strategic partnerships. Existing challenges and next steps for the programme include developing a detailed monitoring and evaluation framework and tools for monitoring of viral hepatitis. The government needs to further decentralize care and integrate hepatitis C management into routine clinical services to provide better access to diagnosis and treatment for patients. Introducing rapid diagnostic tests to public health-care facilities would help to increase case-finding. Increased public and private financing is essential to support care and treatment services.

Dynamic Information Management and Exchange for Command and Control Applications, Modelling and Enforcing Category-Based Access Control via Term Rewriting

Science.gov (United States)

2015-03-01

a hotel and a hospital. 2. Event handler for emergency policies (item 2 above): this has been implemented in two UG projects, one project developed a...Workshop on Logical and Se- mantic Frameworks, with Applications, Brasilia, Brazil , September 2014. Electronic Notes in Theoretical Computer Science (to...Brasilia, Brazil , September 2014, 2015. [3] S. Barker. The next 700 access control models or a unifying meta-model? In SACMAT 2009, 14th ACM Symposium on

Access Control Management for SCADA Systems

Science.gov (United States)

Hong, Seng-Phil; Ahn, Gail-Joon; Xu, Wenjuan

The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.

Task-role-based Access Control Model in Smart Health-care System

Directory of Open Access Journals (Sweden)

Wang Peng

2015-01-01

Full Text Available As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for the medical health-care environment, task-role-based access control model, which overcomes the disadvantages of traditional access control models. The task-role-based access control (T-RBAC model introduces a task concept, dividing tasks into four categories. It also supports supervision role hierarchy. T-RBAC is a proper access control model for Smart Health-care System, and it improves the management of access rights. This paper also proposes an implementation of T-RBAC, a binary two-key-lock pair access control scheme using prime factorization.

Access Control of Web- and Java-Based Applications

Science.gov (United States)

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

LANSCE personnel access control system (PACS)

International Nuclear Information System (INIS)

Sturrock, J.C.; Gallegos, F.R.; Hall, M.J.

1997-01-01

The Radiation Security System (RSS) at the Los Alamos Neutron Science Center (LANSCE) provides personnel protection from prompt radiation due to accelerated beam. The Personnel Access Control System (PACS) is a component of the RSS that is designed to prevent personnel access to areas where prompt radiation is a hazard. PACS was designed to replace several older personnel safety systems (PSS) with a single modem unified design. Lessons learned from the operation over the last 20 years were incorporated into a redundant sensor, single-point failure safe, fault tolerant, and tamper-resistant system that prevents access to the beam areas by controlling the access keys and beam stoppers. PACS uses a layered philosophy to the physical and electronic design. The most critical assemblies are battery backed up, relay logic circuits; less critical devices use Programmable Logic Controllers (PLCs) for timing functions and communications. Outside reviewers have reviewed the operational safety of the design. The design philosophy, lessons learned, hardware design, software design, operation, and limitations of the device are described

Gender Dimensions Framework Application

OpenAIRE

Rubin, D.

2011-01-01

This is a presentation of the The Gender Dimensions Framework (GDF). The GDF was developed to provide guidance to USAID staff and partner organizations for working with USAID projects looking at promoting equitable opportunities in agricultural value chains. The GDF contemplates four dimensions: access to and control over key productive assets (tangible and intangible); beliefs and perceptions; practices and participation, and legal frameworks. CCRA-7 (Gendered Knowledge)

Dynamically Authorized Role-Based Access Control for Grid Applications

Institute of Scientific and Technical Information of China (English)

YAO Hanbing; HU Heping; LU Zhengding; LI Ruixuan

2006-01-01

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed "virtual organizations". The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user's environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

Framework for rapid assessment and adoption of new vector control tools.

Science.gov (United States)

Vontas, John; Moore, Sarah; Kleinschmidt, Immo; Ranson, Hilary; Lindsay, Steve; Lengeler, Christian; Hamon, Nicholas; McLean, Tom; Hemingway, Janet

2014-04-01

Evidence-informed health policy making is reliant on systematic access to, and appraisal of, the best available research evidence. This review suggests a strategy to improve the speed at which evidence is gathered on new vector control tools (VCTs) using a framework based on measurements of the vectorial capacity of an insect population to transmit disease. We explore links between indicators of VCT efficacy measurable in small-scale experiments that are relevant to entomological and epidemiological parameters measurable only in large-scale proof-of-concept randomised control trials (RCTs). We hypothesise that once RCTs establish links between entomological and epidemiological indicators then rapid evaluation of new products within the same product category may be conducted through smaller scale experiments without repetition of lengthy and expensive RCTs. Copyright © 2014 Elsevier Ltd. All rights reserved.

Primer Control System Cyber Security Framework and Technical Metrics

Energy Technology Data Exchange (ETDEWEB)

Wayne F. Boyer; Miles A. McQueen

2008-05-01

The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

A framework for evaluating the accessibility of raw materials from end-of-life products and the Earth's crust.

Science.gov (United States)

Mueller, Sandra R; Wäger, Patrick A; Turner, David A; Shaw, Peter J; Williams, Ian D

2017-10-01

An increasing number of geochemically scarce metallic raw materials are entering into our lives via new technologies. A reversal of this trend is not foreseeable, leading to concerns regarding the security of their supply. However, the evaluation of raw material supply is currently hampered by inconsistent use of fundamental terminologies and incomplete assessment criteria. In this paper, we aim to establish a consistent framework for evaluating raw material supply from both anthropogenic and geological sources. A method for concept extraction was applied to evaluate systematically the use of fundamental terms in the evaluation of raw material supply. The results have shown that 'availability' is commonly used in raw material supply evaluations, whilst other researchers suggest that raw material supply should be evaluated based on 'accessibility'. It was revealed that 'accessibility' actually comprises two aspects: 'availability' and 'approachability'. Raw material 'approachability' has not previously been explicitly addressed at a system level. A novel, consistent framework for evaluating raw material supply was therefore developed. To demonstrate the application of the established framework, we evaluated the raw material supply of four rare earth element case studies. Three case studies are End-of-Life products (the anthroposphere) from Switzerland: (i) phosphors in fluorescent lamps, (i) permanent magnets in the drive motors of electric cars and (iii) fibre optic cable. The fourth case study source is the Earth's crust (the geosphere): Mount Weld deposit in Australia. The framework comprises a comprehensive evaluation of six components relating to raw material mining and processing: their geological knowledge, eligibility, technology, economic, societal and environmental impacts. Our results show that metals are not considered to be fully accessible in any of the case studies due to a lack of necessary technologies and potential societal and environmental

Information-flow-based Access Control for Virtualized Systems

Directory of Open Access Journals (Sweden)

Dmitriy Aleksandrovich Postoev

2014-12-01

Full Text Available The article is devoted to the method of information-flow-based access control, adopted for virtualized systems. General structure of access control system for virtual infrastructure is proposed.

Task-role-based Access Control Model in Smart Health-care System

OpenAIRE

Wang Peng; Jiang Lingyun

2015-01-01

As the development of computer science and smart health-care technology, there is a trend for patients to enjoy medical care at home. Taking enormous users in the Smart Health-care System into consideration, access control is an important issue. Traditional access control models, discretionary access control, mandatory access control, and role-based access control, do not properly reflect the characteristics of Smart Health-care System. This paper proposes an advanced access control model for...

Framework for control system development

International Nuclear Information System (INIS)

Cork, C.; Nishimura, Hiroshi

1992-01-01

Control systems being developed for the present generation of accelerators will need to adapt to changing machine and operating state conditions. Such systems must also be capable of evolving over the life of the accelerator operation. In this paper we present a framework for the development of adaptive control systems

Framework for control system development

International Nuclear Information System (INIS)

Cork, C.; Nishimura, Hiroshi.

1991-11-01

Control systems being developed for the present generation of accelerators will need to adapt to changing machine and operating state conditions. Such systems must also be capable of evolving over the life of the accelerator operation. In this paper we present a framework for the development of adaptive control systems

Analysing Access Control Specifications

DEFF Research Database (Denmark)

Probst, Christian W.; Hansen, René Rydhof

2009-01-01

When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most...... common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming. This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all....... Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data. In this work we present an approach that analyses the access control configuration to identify the set...

Disk access controller for Multi 8 computer

International Nuclear Information System (INIS)

Segalard, Jean

1970-01-01

After having presented the initial characteristics and weaknesses of the software provided for the control of a memory disk coupled with a Multi 8 computer, the author reports the development and improvement of this controller software. He presents the different constitutive parts of the computer and the operation of the disk coupling and of the direct access to memory. He reports the development of the disk access controller: software organisation, loader, subprograms and statements

First Experiences Using XACML for Access Control in Distributed Systems

Science.gov (United States)

Lorch, Marcus; Proctor, Seth; Lepro, Rebekah; Kafura, Dennis; Shah, Sumit

2003-01-01

Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as complex as the system itself. Worse still, while there are many standards that define authentication mechanisms, the standards that address authorization are less well defined and tend to work only within homogeneous systems. This paper presents XACML, a standard access control language, as one component of a distributed and inter-operable authorization framework. Several emerging systems which incorporate XACML are discussed. These discussions illustrate how authorization can be deployed in distributed, decentralized systems. Finally, some new and future topics are presented to show where this work is heading and how it will help connect the general components of an authorization system.

IMPROVEMENTS IN THE CONTROL FRAMEWORKS: COSO AND COBIT

Directory of Open Access Journals (Sweden)

Oana Diana OPREA

2014-06-01

Full Text Available After the corporate scandals from the beginning of the 21st century, there was a general lack of confidence in the quality of the financial reporting. The Sarbanes-Oxley Act came to address this issue, by imposing rules that would prevent such scandals in the future. In order to help companies with the compliance, control frameworks have been issued. The framework of the Committee of Sponsoring Organisations of the Treadway Commission offers guidance in matters of internal controls, whereas the Control Objectives for Information and related Technology focus on IT controls. The present paper intends to critically address the changes in the COSO and COBIT framework, that took place during 2012 and 2013.

The new control system of J-TEXT divertor power supply system using J-TEXT real-time framework

Energy Technology Data Exchange (ETDEWEB)

Zhang, Ming; Zheng, Guozhen; Chen, Zhi [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Zheng, Wei, E-mail: zhengwei@hust.edu.cn [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China); Yuan, Tao; Li, Yang [State Key Laboratory of Advanced Electromagnetic Engineering and Technology, Huazhong University of Science and Technology, Wuhan 430074 (China); College of Electrical and Electronic Engineering, Huazhong University of Science and Technology, Wuhan 430074 (China)

2016-11-15

Highlights: • The most highlight of this paper is the J-TEXT Real-Time Framework (JRTF). JRTF is a flexible real-time software framework which allows users to develop real-time applications rapidly without compromise on the performance. It makes a clear separation between control functions and hard/software administration, developers just need to focus on the control logic and algorithms. • The JRTF based control system can achieve a precise control loop cycle of 1 ms and a jitter under 0.01 ms on Linux operation system. The real-time performance meets the requirement of the real-time control tasks in J-TEXT. • Several days of operation with no faults were already achieved with the system running and in real-time 8 h per day. The stability of the new system is qualified for discharging experiment. - Abstract: The J-TEXT divertor power supply system is designed as a parallel connection, 12-pulse rectifier which is powered by a 100 MVA pulse generator unit. To achieve robust current feedback control, high performance real-time control system is required. The new control system adopts a more powerful software framework named J-TEXT real-time framework (JRTF). JRTF is a flexible real-time software framework designed for the implementation of real-time control systems. A JRTF application contains various Application Blocks (AB) which execute specific functions such as feedback computing and protection. JRTF is compatible with ITER standard PFC (Plant Fast Controller) hardware and ITER CODAC (Control, Data Access and Communication) Core software, so it can be monitored and configured by any EPICS based control system. The hardware of the new control system is upgraded to standard ITER fast controller which are much faster and more reliable than former controllers. This control system is the first application of JRTF, and the result shows that the new control system is running properly and stably. It provides an instance for real-time control schemes in J-TEXT, and

The new control system of J-TEXT divertor power supply system using J-TEXT real-time framework

International Nuclear Information System (INIS)

Zhang, Ming; Zheng, Guozhen; Chen, Zhi; Zheng, Wei; Yuan, Tao; Li, Yang

2016-01-01

Highlights: • The most highlight of this paper is the J-TEXT Real-Time Framework (JRTF). JRTF is a flexible real-time software framework which allows users to develop real-time applications rapidly without compromise on the performance. It makes a clear separation between control functions and hard/software administration, developers just need to focus on the control logic and algorithms. • The JRTF based control system can achieve a precise control loop cycle of 1 ms and a jitter under 0.01 ms on Linux operation system. The real-time performance meets the requirement of the real-time control tasks in J-TEXT. • Several days of operation with no faults were already achieved with the system running and in real-time 8 h per day. The stability of the new system is qualified for discharging experiment. - Abstract: The J-TEXT divertor power supply system is designed as a parallel connection, 12-pulse rectifier which is powered by a 100 MVA pulse generator unit. To achieve robust current feedback control, high performance real-time control system is required. The new control system adopts a more powerful software framework named J-TEXT real-time framework (JRTF). JRTF is a flexible real-time software framework designed for the implementation of real-time control systems. A JRTF application contains various Application Blocks (AB) which execute specific functions such as feedback computing and protection. JRTF is compatible with ITER standard PFC (Plant Fast Controller) hardware and ITER CODAC (Control, Data Access and Communication) Core software, so it can be monitored and configured by any EPICS based control system. The hardware of the new control system is upgraded to standard ITER fast controller which are much faster and more reliable than former controllers. This control system is the first application of JRTF, and the result shows that the new control system is running properly and stably. It provides an instance for real-time control schemes in J-TEXT, and

Context-Aware Usage-Based Grid Authorization Framework

Institute of Scientific and Technical Information of China (English)

CUI Yongquan; HONG Fan; FU Cai

2006-01-01

Due to inherent heterogeneity, multi-domain characteristic and highly dynamic nature, authorization is a critical concern in grid computing. This paper proposes a general authorization and access control architecture, grid usage control (GUCON), for grid computing. It's based on the next generation access control mechanism usage control (UCON) model. The GUCON Framework dynamic grants and adapts permission to the subject based on a set of contextual information collected from the system environments; while retaining the authorization by evaluating access requests based on subject attributes, object attributes and requests. In general, GUCON model provides very flexible approaches to adapt the dynamically security request. GUCON model is being implemented in our experiment prototype.

Task Delegation Based Access Control Models for Workflow Systems

Science.gov (United States)

Gaaloul, Khaled; Charoy, François

e-Government organisations are facilitated and conducted using workflow management systems. Role-based access control (RBAC) is recognised as an efficient access control model for large organisations. The application of RBAC in workflow systems cannot, however, grant permissions to users dynamically while business processes are being executed. We currently observe a move away from predefined strict workflow modelling towards approaches supporting flexibility on the organisational level. One specific approach is that of task delegation. Task delegation is a mechanism that supports organisational flexibility, and ensures delegation of authority in access control systems. In this paper, we propose a Task-oriented Access Control (TAC) model based on RBAC to address these requirements. We aim to reason about task from organisational perspectives and resources perspectives to analyse and specify authorisation constraints. Moreover, we present a fine grained access control protocol to support delegation based on the TAC model.

Role Based Access Control system in the ATLAS experiment

International Nuclear Information System (INIS)

Valsan, M L; Dumitru, I; Darlea, G L; Bujor, F; Dobson, M; Miotto, G Lehmann; Schlenker, S; Avolio, G; Scannicchio, D A; Filimonov, V; Khomoutnikov, V; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Twomey, M

2011-01-01

The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The RBAC implementation uses a directory service based on Lightweight Directory Access Protocol to store the users (∼3000), roles (∼320), groups (∼80) and access policies. The information is kept in sync with various other databases and directory services: human resources, central CERN IT, CERN Active Directory and the Access Control Database used by DCS. The paper concludes with a detailed description of the integration across all areas of the system.

RFID Based Security Access Control System with GSM Technology

OpenAIRE

Peter Adole; Joseph M. Môm; Gabriel A. Igwue

2016-01-01

The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

Role Based Access Control system in the ATLAS experiment

CERN Document Server

Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F; Avolio, G

2011-01-01

The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

Role Based Access Control System in the ATLAS Experiment

CERN Document Server

Valsan, M L; The ATLAS collaboration; Lehmann Miotto, G; Scannicchio, D A; Schlenker, S; Filimonov, V; Khomoutnikov, V; Dumitru, I; Zaytsev, A S; Korol, A A; Bogdantchikov, A; Avolio, G; Caramarcu, C; Ballestrero, S; Darlea, G L; Twomey, M; Bujor, F

2010-01-01

The complexity of the ATLAS experiment motivated the deployment of an integrated Access Control System in order to guarantee safe and optimal access for a large number of users to the various software and hardware resources. Such an integrated system was foreseen since the design of the infrastructure and is now central to the operations model. In order to cope with the ever growing needs of restricting access to all resources used within the experiment, the Roles Based Access Control (RBAC) previously developed has been extended and improved. The paper starts with a short presentation of the RBAC design, implementation and the changes made to the system to allow the management and usage of roles to control access to the vast and diverse set of resources. The paper continues with a detailed description of the integration across all areas of the system: local Linux and Windows nodes in the ATLAS Control Network (ATCN), the Linux application gateways offering remote access inside ATCN, the Windows Terminal Serv...

A framework for production control in health care organizations

NARCIS (Netherlands)

Vissers, Jan; Bertrand, J.W.M.; Vries, de G.

2001-01-01

The paper presents a hierarchical framework for production control of hospitals which deals with the balance between service and efficiency, at all levels of planning and control. The framework is based on an analysis of the design requirements for hospital production control systems. These design

Access Control with Delegated Authorization Policy Evaluation for Data-Driven Microservice Workflows

Directory of Open Access Journals (Sweden)

Davy Preuveneers

2017-09-01

Full Text Available Microservices offer a compelling competitive advantage for building data flow systems as a choreography of self-contained data endpoints that each implement a specific data processing functionality. Such a ‘single responsibility principle’ design makes them well suited for constructing scalable and flexible data integration and real-time data flow applications. In this paper, we investigate microservice based data processing workflows from a security point of view, i.e., (1 how to constrain data processing workflows with respect to dynamic authorization policies granting or denying access to certain microservice results depending on the flow of the data; (2 how to let multiple microservices contribute to a collective data-driven authorization decision and (3 how to put adequate measures in place such that the data within each individual microservice is protected against illegitimate access from unauthorized users or other microservices. Due to this multifold objective, enforcing access control on the data endpoints to prevent information leakage or preserve one’s privacy becomes far more challenging, as authorization policies can have dependencies and decision outcomes cross-cutting data in multiple microservices. To address this challenge, we present and evaluate a workflow-oriented authorization framework that enforces authorization policies in a decentralized manner and where the delegated policy evaluation leverages feature toggles that are managed at runtime by software circuit breakers to secure the distributed data processing workflows. The benefit of our solution is that, on the one hand, authorization policies restrict access to the data endpoints of the microservices, and on the other hand, microservices can safely rely on other data endpoints to collectively evaluate cross-cutting access control decisions without having to rely on a shared storage backend holding all the necessary information for the policy evaluation.

AcconPred: Predicting Solvent Accessibility and Contact Number Simultaneously by a Multitask Learning Framework under the Conditional Neural Fields Model.

Science.gov (United States)

Ma, Jianzhu; Wang, Sheng

2015-01-01

The solvent accessibility of protein residues is one of the driving forces of protein folding, while the contact number of protein residues limits the possibilities of protein conformations. The de novo prediction of these properties from protein sequence is important for the study of protein structure and function. Although these two properties are certainly related with each other, it is challenging to exploit this dependency for the prediction. We present a method AcconPred for predicting solvent accessibility and contact number simultaneously, which is based on a shared weight multitask learning framework under the CNF (conditional neural fields) model. The multitask learning framework on a collection of related tasks provides more accurate prediction than the framework trained only on a single task. The CNF method not only models the complex relationship between the input features and the predicted labels, but also exploits the interdependency among adjacent labels. Trained on 5729 monomeric soluble globular protein datasets, AcconPred could reach 0.68 three-state accuracy for solvent accessibility and 0.75 correlation for contact number. Tested on the 105 CASP11 domain datasets for solvent accessibility, AcconPred could reach 0.64 accuracy, which outperforms existing methods.

STAR-TYPE LOCAL AREA NETWORK ACCESS CONTROL

Institute of Scientific and Technical Information of China (English)

逯昭义; 齐藤忠夫

1990-01-01

The multiple access fashion is a new resolution for the star-type local area network (LAN) access control and star-type optical fibre LAN. Arguments about this network are discussed, and the results are introduced.

Role based access control design using Triadic concept analysis

Institute of Scientific and Technical Information of China (English)

Ch Aswani Kumar; S Chandra Mouliswaran; LI Jin-hai; C Chandrasekar

2016-01-01

Role based access control is one of the widely used access control models. There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis (FCA), description logics, and Ontology for representing access control mechanism. However, while using FCA, investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts. This transformation is mainly to derive the formal concepts, lattice structure and implications to represent role hierarchy and constraints of RBAC. In this work, we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts. Our discussion is on two lines of inquiry. We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature.

Urban air quality management and information systems in Europe: legal framework and information access

International Nuclear Information System (INIS)

Karatzas, K.; Moussiopoulos, N.

2000-01-01

The European Union (EU) legislative framework related to air quality, together with national legislation and relevant declarations of the United Nations (UN), requires an integrated approach concerning air quality management (AQM), and accessibility of related information for the citizens. In the present paper, the main requirements of this legislative framework are discussed and main air quality management and information system characteristics are drawn. The use of information technologies is recommended for the construction of such systems. The World Wide Web (WWW) is considered a suitable platform for system development and integration and at the same time as a medium for communication and information dissemination. (author)

Urban air quality management and information systems in Europe: legal framework and information access

Energy Technology Data Exchange (ETDEWEB)

Karatzas, K.; Moussiopoulos, N. [Aristotle University of Thessaloniki (Greece). Department of Mechanical Engineering, Laboratory of Heat Transfer and Environmental Engineering

2000-06-01

The European Union (EU) legislative framework related to air quality, together with national legislation and relevant declarations of the United Nations (UN), requires an integrated approach concerning air quality management (AQM), and accessibility of related information for the citizens. In the present paper, the main requirements of this legislative framework are discussed and main air quality management and information system characteristics are drawn. The use of information technologies is recommended for the construction of such systems. The World Wide Web (WWW) is considered a suitable platform for system development and integration and at the same time as a medium for communication and information dissemination. (author)

Generic Model Predictive Control Framework for Advanced Driver Assistance Systems

NARCIS (Netherlands)

Wang, M.

2014-01-01

This thesis deals with a model predictive control framework for control design of Advanced Driver Assistance Systems, where car-following tasks are under control. The framework is applied to design several autonomous and cooperative controllers and to examine the controller properties at the

Owner-Based Role-Based Access Control OB-RBAC

NARCIS (Netherlands)

Saffarian, M.; Sadighi, Babak

Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based

Analysis of Access Control Policies in Operating Systems

Science.gov (United States)

Chen, Hong

2009-01-01

Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system administrators and software developers. Therefore, mis-configurations are common, and the…

A Framework for Healthcare Planning and Control

NARCIS (Netherlands)

Hans, Elias W.; van Houdenhoven, Mark; Hulshof, P.J.H.; Hall, Randolph

2012-01-01

Rising expenditures spur healthcare organizations to organize their processes more efficiently and effectively. Unfortunately, healthcare planning and control lags behind manufacturing planning and control. We analyze existing planning and control concepts or frameworks for healthcare operations

Towards an Approach of Semantic Access Control for Cloud Computing

Science.gov (United States)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

Legal framework related to access to information and public participation on nuclear activity

International Nuclear Information System (INIS)

Arias, M. C.; Bernaldez, A.L.; Ghiggeri, M.; Tula, C.

2011-01-01

The right of access to information by citizens about activities related to scientific and technological development of nuclear energy for peaceful uses, has evolved over time. Governments began to perceive the necessity and the benefits of informing the community, who manifested certain prejudices about nuclear activity as a consequence of the propelling of nuclear bombs in Nagasaki and Hiroshima. With the advent of environmental law and the influence of its principles, the idea of transparency of information in the nuclear field was imposed, and also the importance of both the inhabitants of countries with nuclear developments and neighbouring countries who may be affected by the bordering effects of ionizing radiation, could have access to information and to participate actively. The access to information and citizen participation has been institutionalized and reflected in international regulations through international conventions subscribed by our country and nationally through the National Constitution, the Provincials Constitutions, the City of Buenos Aires Constitution, Laws No. 25.675, 25.831 and PEN Decree No. 1172/03, among others. The present work aims to make an overview of the legal framework related to access to information on nuclear activity. (authors) [es

METHOD AND ABSTRACT MODEL FOR CONTROL AND ACCESS RIGHTS BY REQUESTS REDIRECTION

Directory of Open Access Journals (Sweden)

K. A. Shcheglov

2015-11-01

Full Text Available We have researched implementation problems of control and access rights of subjects to objects in modern computer systems. We have suggested access control method based on objects access requests redirection. The method possesses a distinctive feature as compared to discretional access control. In case when a subject needs to deny writing (object modification, it is not denied but redirected (access rights are not changed, but operation is performed with another object. This gives the possibility to implement access policies to system objects without breaking the system and applications operability, and share correctly access objects between subjects. This important property of suggested access control method enables to solve fundamentally new system objects securing problems like system resources virtualization aimed to protect system objects from users’ and applications attacks. We have created an abstract model, and it shows that this method (access control from subjects to objects based on requests redirection can be used as self-sufficient access control method, implementing any access control policy (from subjects to objects, thus being an alternative to discretional access control method.

INTEGRATING CONTROLS FRAMEWORKS: CONTROL SYSTEMS FOR NA62 LAV DETECTOR TEST BEAMS

CERN Document Server

Holme, O; Golonka, P; Gonzalez-Berges, M; Milcent, H

2011-01-01

The detector control system for the NA62 experiment at CERN, to be ready for physics data-taking in 2014, is going to be built based on control technologies recommended by the CERN Engineering group. A rich portfolio of the technologies is planned to be showcased and deployed in the final application, and synergy between them is needed. In particular two approaches to building controls application need to play in harmony: the use of the high-level application framework called UNICOS, and a bottom-up approach of development based on the components of the JCOP Framework. The aim of combining the features provided by the two frameworks is to avoid duplication of functionality and minimize the maintenance and development effort for future controls applications. In the paper the result of the integration efforts obtained so far are presented; namely the control applications developed for beam-testing of NA62 detector prototypes. Even though the delivered applications are simple, significant conceptual and developm...

Integrating Controls Frameworks: Control Systems for NA62 LAV Detector Test Beams

CERN Document Server

Holme, Oliver; Golonka, Piotr; Gonzalez-Berges, Manuel; Milcent, Hervé

2011-01-01

The detector control system for the NA62 experiment at CERN, to be ready for physics data-taking in 2014, is going to be built based on control technologies recommended by the CERN Engineering group. A rich portfolio of the technologies is planned to be showcased and deployed in the final application, and synergy between them is needed. In particular two approaches to building controls application need to play in harmony: the use of the high-level application framework called UNICOS, and a bottom-up approach of development based on the components of the JCOP Framework. The aim of combining the features provided by the two frameworks is to avoid duplication of functionality and minimize the maintenance and development effort for future controls applications. In the paper the result of the integration efforts obtained so far are presented; namely the control applications developed for beam-testing of NA62 detector prototypes. Even though the delivered applications are simple, significant conceptual and developm...

Task-and-role-based access-control model for computational grid

Institute of Scientific and Technical Information of China (English)

LONG Tao; HONG Fan; WU Chi; SUN Ling-li

2007-01-01

Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

AcconPred: Predicting Solvent Accessibility and Contact Number Simultaneously by a Multitask Learning Framework under the Conditional Neural Fields Model

Directory of Open Access Journals (Sweden)

Jianzhu Ma

2015-01-01

Full Text Available Motivation. The solvent accessibility of protein residues is one of the driving forces of protein folding, while the contact number of protein residues limits the possibilities of protein conformations. The de novo prediction of these properties from protein sequence is important for the study of protein structure and function. Although these two properties are certainly related with each other, it is challenging to exploit this dependency for the prediction. Method. We present a method AcconPred for predicting solvent accessibility and contact number simultaneously, which is based on a shared weight multitask learning framework under the CNF (conditional neural fields model. The multitask learning framework on a collection of related tasks provides more accurate prediction than the framework trained only on a single task. The CNF method not only models the complex relationship between the input features and the predicted labels, but also exploits the interdependency among adjacent labels. Results. Trained on 5729 monomeric soluble globular protein datasets, AcconPred could reach 0.68 three-state accuracy for solvent accessibility and 0.75 correlation for contact number. Tested on the 105 CASP11 domain datasets for solvent accessibility, AcconPred could reach 0.64 accuracy, which outperforms existing methods.

Distributed Role-based Access Control for Coaliagion Application

Institute of Scientific and Technical Information of China (English)

HONG Fan; ZHU Xian; XING Guanglin

2005-01-01

Access control in multi-domain environments is one of the important questions of building coalition between domains.On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization.Then, a distributed RBAC model is presented.Finally the implementation issues are discussed.

XACML to build access control policies for Internet of Things

OpenAIRE

Atlam, Hany F.; Alassafi, Madini, Obad; Alenezi, Ahmed; Walters, Robert; Wills, Gary

2018-01-01

Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an ef...

An application-layer based centralized information access control for VPN

Institute of Scientific and Technical Information of China (English)

OUYANG Kai; ZHOU Jing-li; XIA Tao; YU Sheng-sheng

2006-01-01

With the rapid development of Virtual Private Network (VPN), many companies and organizations use VPN to implement their private communication. Traditionally, VPN uses security protocols to protect the confidentiality of data, the message integrity and the endpoint authentication. One core technique of VPN is tunneling, by which clients can access the internal servers traversing VPN. However, the tunneling technique also introduces a concealed security hole. It is possible that ifone vicious user can establish tunneling by the VPN server, he can compromise the internal servers behind the VPN server. So this paper presents a novel Application-layer based Centralized Information Access Control (ACIAC) for VPN to solve this problem.To implement an efficient, flexible and multi-decision access control model, we present two key techniques to ACIAC-the centralized management mechanism and the stream-based access control. Firstly, we implement the information center and the constraints/events center for ACIAC. By the two centers, we can provide an abstract access control mechanism, and the material access control can be decided dynamically by the ACIAC's constraint/event mechanism. Then we logically classify the VPN communication traffic into the access stream and the data stream so that we can tightly couple the features of VPN communication with the access control model. We also provide the design of our ACIAC prototype in this paper.

Transaction-Based Building Controls Framework, Volume 1: Reference Guide

Energy Technology Data Exchange (ETDEWEB)

Somasundaram, Sriram [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Pratt, Robert G. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Akyol, Bora A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Fernandez, Nicholas [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Foster, Nikolas AF [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Katipamula, Srinivas [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Mayhorn, Ebony T. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Somani, Abhishek [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Steckley, Andrew C. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Taylor, Zachary T. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2014-12-01

This document proposes a framework concept to achieve the objectives of raising buildings’ efficiency and energy savings potential benefitting building owners and operators. We call it a transaction-based framework, wherein mutually-beneficial and cost-effective market-based transactions can be enabled between multiple players across different domains. Transaction-based building controls are one part of the transactional energy framework. While these controls realize benefits by enabling automatic, market-based intra-building efficiency optimizations, the transactional energy framework provides similar benefits using the same market -based structure, yet on a larger scale and beyond just buildings, to the society at large.

A Theorem on Grid Access Control

Institute of Scientific and Technical Information of China (English)

XU ZhiWei(徐志伟); BU GuanYing(卜冠英)

2003-01-01

The current grid security research is mainly focused on the authentication of grid systems. A problem to be solved by grid systems is to ensure consistent access control. This problem is complicated because the hosts in a grid computing environment usually span multiple autonomous administrative domains. This paper presents a grid access control model, based on asynchronous automata theory and the classic Bell-LaPadula model. This model is useful to formally study the confidentiality and integrity problems in a grid computing environment. A theorem is proved, which gives the necessary and sufficient conditions to a grid to maintain confidentiality.These conditions are the formalized descriptions of local (node) relations or relationship between grid subjects and node subjects.

PID motion control tuning rules in a damping injection framework

NARCIS (Netherlands)

Tadele, T.S.; de Vries, Theodorus J.A.; Stramigioli, Stefano

2013-01-01

This paper presents a general design approach for a performance based tuning of a damping injection framework impedance controller by using insights from PID motion control tuning rules. The damping injection framework impedance controller is suitable for human friendly robots as it enhances safety

How Drug Control Policy and Practice Undermine Access to Controlled Medicines.

Science.gov (United States)

Burke-Shyne, Naomi; Csete, Joanne; Wilson, Duncan; Fox, Edward; Wolfe, Daniel; Rasanathan, Jennifer J K

2017-06-01

Drug conventions serve as the cornerstone for domestic drug laws and impose a dual obligation upon states to prevent the misuse of controlled substances while ensuring their adequate availability for medical and scientific purposes. Despite the mandate that these obligations be enforced equally, the dominant paradigm enshrined in the drug conventions is an enforcement-heavy criminal justice response to controlled substances that prohibits and penalizes their misuse. Prioritizing restrictive control is to the detriment of ensuring adequate availability of and access to controlled medicines, thereby violating the rights of people who need them. This paper argues that the drug conventions' prioritization of criminal justice measures-including efforts to prevent non-medical use of controlled substances-undermines access to medicines and infringes upon the right to health and the right to enjoy the benefits of scientific progress. While the effects of criminalization under drug policy limit the right to health in multiple ways, we draw on research and documented examples to highlight the impact of drug control and criminalization on access to medicines. The prioritization and protection of human rights-specifically the right to health and the right to enjoy the benefits of scientific progress-are critical to rebalancing drug policy.

An electronically controlled automatic security access gate

Directory of Open Access Journals (Sweden)

Jonathan A. ENOKELA

2014-11-01

Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

Access road reclamation

International Nuclear Information System (INIS)

Manson, T.; Blok, M.

1997-01-01

A general review of the measures involved in restoring abandoned access road sites in British Columbia was presented. Permits and licences are needed for the use of crown land for roads used by the petroleum and natural gas industry for exploration activities. However, the regulatory framework for road site reclamation is not well developed. The nature of access road reclamation is very site-specific. Some of the issues that are considered for all reclamation projects include slope stability, water control, revegetation, soil rehabilitation, access management and monitoring. The primary objective of reclaiming access road sites is to return the site to conditions that are equal or better than pre-disturbance conditions. Restoration measures must be approved by BC Environment and by the Department of Fisheries and Oceans where federal fisheries responsibilities are involved. 54 refs., 5 tabs., 3 figs

Foundation for a Time Interval Access Control Model

National Research Council Canada - National Science Library

Afinidad, Francis B; Levin, Timothy E; Irvine, Cynthia E; Nguyen, Thuy D

2005-01-01

A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects and objects, and a time interval access graph...

Performance estimates for personnel access control systems

International Nuclear Information System (INIS)

Bradley, R.G.

1980-10-01

Current performance estimates for personnel access control systems use estimates of Type I and Type II verification errors. A system performance equation which addresses normal operation, the insider, and outside adversary attack is developed. Examination of this equation reveals the inadequacy of classical Type I and II error evaluations which require detailed knowledge of the adversary threat scenario for each specific installation. Consequently, new performance measures which are consistent with the performance equation and independent of the threat are developed as an aid in selecting personnel access control systems

A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

Energy Technology Data Exchange (ETDEWEB)

Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

2012-01-01

As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

Advanced Control Facility for the CERN-UNICOS Framework

CERN Document Server

Pezzetti, M; Coppier, H

2010-01-01

CERN, during last decade, has extensively applied the CERN/UNICOS framework to large scale cryoplant control system. An increase of interested to advanced control techniques and innovative simulation environment applied to cryogenic processes has also occur. Since new control algorithm development into UNICOS framework requires significant time, a control testing platform which can be externally connected can improve and simplify the procedure of testing advanced controllers implementation. In this context, the present paper describes the development of a control testing tool at CERN, which allows rapid control strategies implementation through the Matlab/Simulink® environment, coupled with the large scale cryogenics UNICOS control system or with the CERN PROCOS simulation environment. The time delays which are inherently introduced by network links and communication protocols are analyzed and experimentally identified. Security and reliability issues are also discussed.

The Practice of Hospital Intranet Terminal Access Control Solution

Institute of Scientific and Technical Information of China (English)

QI Shi-tao; TANG Li-ming

2016-01-01

Along with the increasingly urgent management needs of intranet terminals in hospital, and large scaled deployment of terminal management system, terminal access control has become one of the standard functions of terminal management. This paper mainly aims at some simple research for the system construction of hospital intranet terminal access control.

A utility perspective on radiation worker access control systems

International Nuclear Information System (INIS)

Watson, B.A.; Goff, T.E.

1984-01-01

Based on an evaluation of the current commercial Radiation Worker Access Control Software Systems, Baltimore Gas and Electric Company has elected to design and develop a site specific access control and accountability system for the Calvert Cliffs Nuclear Power Plant. The vendor provided systems allow for radiation worker access control based on training and external exposure records and authorizations. These systems do not afford internal exposure control until after bioassay measurements or maximum permissible concentration-hours are tabulated. The vendor provided systems allow for data trending for ALARA purposes, but each software package must be modified to meet site specific requirements. Unlike the commercial systems, the Calvert Cliffs Radiological Controls and Accountability System (RCAS) will provide radiation worker exposure control, both internal and external. The RCAS is designed to fulfill the requirements by integrating the existing Radiation Safety, Dosemetry, and Training data bases with a comprehensive radiological surveillance program. Prior to each worker's entry into the Radiological Control Area; his training and qualifications, radiation exposure history and authorization, will be compared with administrative controls, such as radiation work permits, and respiratory protection requirements and the radiological conditions in the work area. The RCAS, a computer based applied health physics access control system is described as it is presently configured for development. The mechanisms for enhancing worker internal and external exposure controls are discussed. Proposed data application to both the Calvert Cliffs ALARA and outage planning programs is included

Experience with ActiveX control for simple channel access

International Nuclear Information System (INIS)

Timossi, C.; Nishimura, H.; McDonald, J.

2003-01-01

Accelerator control system applications at Berkeley Lab's Advanced Light Source (ALS) are typically deployed on operator consoles running Microsoft Windows 2000 and utilize EPICS[2]channel access for data access. In an effort to accommodate the wide variety of Windows based development tools and developers with little experience in network programming, ActiveX controls have been deployed on the operator stations. Use of ActiveX controls for use in the accelerator control environment has been presented previously[1]. Here we report on some of our experiences with the use and development of these controls

The Methods and Mechanisms for Access Control of Encrypted Data in Clouds

Directory of Open Access Journals (Sweden)

Sergey Vladimirovich Zapechnikov

2013-09-01

Full Text Available The paper is about the problem of data access control in clouds. The main mechanisms for access control of encrypted data in untrusted cloud environments are analyzed and described. The comparative analysis of access control algorithms and implementation issues are offered. The main practical result of research is a web-based (Wikipedia-like reference and information system devoted to the access control methods and mechanisms.

Access Control of Web and Java Based Applications

Science.gov (United States)

Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

2011-01-01

Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

Mandatory and Location-Aware Access Control for Relational Databases

Science.gov (United States)

Decker, Michael

Access control is concerned with determining which operations a particular user is allowed to perform on a particular electronic resource. For example, an access control decision could say that user Alice is allowed to perform the operation read (but not write) on the resource research report. With conventional access control this decision is based on the user's identity whereas the basic idea of Location-Aware Access Control (LAAC) is to evaluate also a user's current location when making the decision if a particular request should be granted or denied. LAAC is an interesting approach for mobile information systems because these systems are exposed to specific security threads like the loss of a device. Some data models for LAAC can be found in literature, but almost all of them are based on RBAC and none of them is designed especially for Database Management Systems (DBMS). In this paper we therefore propose a LAAC-approach for DMBS and describe a prototypical implementation of that approach that is based on database triggers.

Development of an access control system for the LHD experimental hall

International Nuclear Information System (INIS)

Kawano, T.; Inoue, N.; Sakuma, Y.; Uda, T.; Yamanishi, H.; Miyake, H.; Tanahashi, S.; Motozima, O.

2000-01-01

An access control system for the LHD (Large Helical Device) experimental hall had been constructed and its practical operation started in March 1998. Continuously, the system has been improved. The present system keeps watch on involved entrance and exit for the use of persons at four entrances by using five turnstile gates while watching on eight shielding doors at eight positions (four entrances, three carriage entrances and a hall overview) and a stairway connecting the LHD main hall with the LHD basement. Besides, for the security of safety operation of the LHD, fifteen kinds of interlock signals are exchanged between the access control system and the LHD control system. Seven of the interlock signals are properly sent as the occasional demands from the access control system to the LHD control system, in which three staple signals are B Personnel Access to Controlled Area, D Shielding Door Closed, and E No Entrance. It is important that any plasma experiments of the LHD are not permitted while the signal B being sent or D being not sent. The signal E is sent to inform the LHD control system that the turnstile gates are locked. All the plasma experiments should not be done unless the lock procedure of the turnstile is confirmed. When the turnstile gates are locked, any persons cannot enter into the LHD controlled area, but are permissible to exit only. Six of the interlock signals are used to send the information of the working at that time in the LHD controlled area to the access control system. When one signal of the operation mode is sent to the access control system from the LHD, the access control system sets the turnstile gate in situation corresponding to the operation mode, A Equipment Operation, B Vacuum Pumping, C Coil Cooling, D Coil Excitation, and E Plasma Experiment. If the access control system receives, for example, the signal B, this system sets the turnstile gate in the condition of control such that only persons assigned to the work of vacuum

Open versus Controlled-Access Data | Office of Cancer Genomics

Science.gov (United States)

OCG employs stringent human subjects’ protection and data access policies to protect the privacy and confidentiality of the research participants. Depending on the risk of patient identification, OCG programs data are available to the scientific community in two tiers: open or controlled access. Both types of data can be accessed through its corresponding OCG program-specific data matrix or portal. Open-access Data

DiSC: A Simulation Framework for Distribution System Voltage Control

DEFF Research Database (Denmark)

Pedersen, Rasmus; Sloth, Christoffer Eg; Andresen, Gorm

2015-01-01

This paper presents the MATLAB simulation framework, DiSC, for verifying voltage control approaches in power distribution systems. It consists of real consumption data, stochastic models of renewable resources, flexible assets, electrical grid, and models of the underlying communication channels....... The simulation framework makes it possible to validate control approaches, and thus advance realistic and robust control algorithms for distribution system voltage control. Two examples demonstrate the potential voltage issues from penetration of renewables in the distribution grid, along with simple control...

An Extended Role Based Access Control Method for XML Documents

Institute of Scientific and Technical Information of China (English)

MENG Xiao-feng; LUO Dao-feng; OU Jian-bo

2004-01-01

As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue.Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years.Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties.This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

Access control and confidentiality in radiology

Science.gov (United States)

Noumeir, Rita; Chafik, Adil

2005-04-01

A medical record contains a large amount of data about the patient such as height, weight and blood pressure. It also contains sensitive information such as fertility, abortion, psychiatric data, sexually transmitted diseases and diagnostic results. Access to this information must be carefully controlled. Information technology has greatly improved patient care. The recent extensive deployment of digital medical images made diagnostic images promptly available to healthcare decision makers, regardless of their geographic location. Medical images are digitally archived, transferred on telecommunication networks, and visualized on computer screens. However, with the widespread use of computing and communication technologies in healthcare, the issue of data security has become increasingly important. Most of the work until now has focused on the security of data communication to ensure its integrity, authentication, confidentiality and user accountability. The mechanisms that have been proposed to achieve the security of data communication are not specific to healthcare. Data integrity can be achieved with data signature. Data authentication can be achieved with certificate exchange. Data confidentiality can be achieved with encryption. User accountability can be achieved with audits. Although these mechanisms are essential to ensure data security during its transfer on the network, access control is needed in order to ensure data confidentiality and privacy within the information system application. In this paper, we present and discuss an access control mechanism that takes into account the notion of a care process. Radiology information is categorized and a model to enforce data privacy is proposed.

A generic finite state machine framework for the ACNET control system

International Nuclear Information System (INIS)

Carmichael, L.; Warner, A.

2009-01-01

A significant level of automation and flexibility has been added to the ACNET control system through the development of a Java-based Finite State Machine (FSM) infrastructure. These FSMs are integrated into ACNET and allow users to easily build, test and execute scripts that have full access to ACNET's functionality. In this paper, a description will be given of the FSM design and its ties to the Java-based Data Acquisition Engine (DAE) framework. Each FSM is part of a client-server model with FSM display clients using Remote Method Invocation (RMI) to communicate with DAE servers heavily coupled to ACNET. A web-based monitoring system that allows users to utilize browsers to observe persistent FSMs will also be discussed. Finally, some key implementations such as the crash recovery FSM developed for the Electron Cooling machine protection system will be presented.

Coupling DCS and MARTe: two real-time control frameworks in collaboration

Energy Technology Data Exchange (ETDEWEB)

Rapson, Christopher J., E-mail: chris.rapson@ipp.mpg.de [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany); Carvalho, Pedro [Instituto de Plasmas e Fusão Nuclear, Instituto Superior Técnico, Universidade de Lisboa, 1049-001 Lisboa (Portugal); Lüddecke, Klaus; Neto, André C. [Unlimited Computer Systems GmbH, Seeshaupterstr. 15, 82393 Iffeldorf (Germany); Santos, Bruno [Instituto de Plasmas e Fusão Nuclear, Instituto Superior Técnico, Universidade de Lisboa, 1049-001 Lisboa (Portugal); Treutterer, Wolfgang [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany); Winter, Axel [ITER Organization, Route de Vinon-sur-Verdon, 13115 St.-Paul-Lès-Durance (France); Zehetbauer, Thomas [Max Planck Institute for Plasma Physics, Boltzmannstrasse 2, 85748 Garching (Germany)

2014-12-15

Highlights: • Similarities and differences between DCS and MARTe. • Identifies the state-of-the-art in terms of software frameworks for fusion control. • Interfaces developed for realtime and non-realtime communication between DCS and MARTe. • An algorithm replicated in DCS and MARTe produces identical results and good performance. • The start of collaboration to develop a new framework for ITER PCS. - Abstract: Fusion experiments place high demands on real-time control systems. Within the fusion community two modern framework-based software architectures have emerged as powerful tools for developing algorithms for real-time control of complex systems while maintaining the flexibility required when operating a physics experiment. The two frameworks are known as DCS (Discharge Control System), from ASDEX Upgrade and MARTe (Multithreaded Application Real-Time executor), originally from JET. Based on the success of DCS and MARTe, ITER has chosen to develop a framework architecture for its Plasma Control System which will adopt major design concepts from both the existing frameworks. This paper describes a coupling of the two existing frameworks, which was undertaken to explore the degree of similarity and compliance between the concepts, and to extend their capabilities. DCS and MARTe operate in parallel with synchronised state machines and a common message logger. Configuration data is exchanged before the real-time phase. During the real-time phase, structured data is exchanged via shared memory and an existing DCS algorithm is replicated within MARTe. The coupling tests the flexibility and identifies the respective strengths of the two frameworks, providing a well-informed basis on which to move forward and design a new ITER real-time framework.

Coupling DCS and MARTe: two real-time control frameworks in collaboration

International Nuclear Information System (INIS)

Rapson, Christopher J.; Carvalho, Pedro; Lüddecke, Klaus; Neto, André C.; Santos, Bruno; Treutterer, Wolfgang; Winter, Axel; Zehetbauer, Thomas

2014-01-01

Highlights: • Similarities and differences between DCS and MARTe. • Identifies the state-of-the-art in terms of software frameworks for fusion control. • Interfaces developed for realtime and non-realtime communication between DCS and MARTe. • An algorithm replicated in DCS and MARTe produces identical results and good performance. • The start of collaboration to develop a new framework for ITER PCS. - Abstract: Fusion experiments place high demands on real-time control systems. Within the fusion community two modern framework-based software architectures have emerged as powerful tools for developing algorithms for real-time control of complex systems while maintaining the flexibility required when operating a physics experiment. The two frameworks are known as DCS (Discharge Control System), from ASDEX Upgrade and MARTe (Multithreaded Application Real-Time executor), originally from JET. Based on the success of DCS and MARTe, ITER has chosen to develop a framework architecture for its Plasma Control System which will adopt major design concepts from both the existing frameworks. This paper describes a coupling of the two existing frameworks, which was undertaken to explore the degree of similarity and compliance between the concepts, and to extend their capabilities. DCS and MARTe operate in parallel with synchronised state machines and a common message logger. Configuration data is exchanged before the real-time phase. During the real-time phase, structured data is exchanged via shared memory and an existing DCS algorithm is replicated within MARTe. The coupling tests the flexibility and identifies the respective strengths of the two frameworks, providing a well-informed basis on which to move forward and design a new ITER real-time framework

Accessing and disclosing protected resources

DEFF Research Database (Denmark)

Olesen, Henning; Khajuria, Samant

2015-01-01

Today, data is money. Whether it is private users' personal data or confidential data and assets belonging to service providers, all parties have a strong need to protect their resources when interacting with each other, i.e. for access control and authorization measures to be deployed. Enabling...... advanced user controlled privacy is essential to realize the visions of 5G applications and services. For service providers and enterprises resources are usually well safeguarded, while private users are often missing the tools and the know-how to protect their own data and preserve their privacy. The user...... the framework of User Managed Access (UMA), can enable users to understand the value of their protected resources and possibly give them control of how their data will be used by service providers....

Robust and optimal control a two-port framework approach

CERN Document Server

Tsai, Mi-Ching

2014-01-01

A Two-port Framework for Robust and Optimal Control introduces an alternative approach to robust and optimal controller synthesis procedures for linear, time-invariant systems, based on the two-port system widespread in electrical engineering. The novel use of the two-port system in this context allows straightforward engineering-oriented solution-finding procedures to be developed, requiring no mathematics beyond linear algebra. A chain-scattering description provides a unified framework for constructing the stabilizing controller set and for synthesizing H2 optimal and H∞ sub-optimal controllers. Simple yet illustrative examples explain each step. A Two-port Framework for Robust and Optimal Control  features: ·         a hands-on, tutorial-style presentation giving the reader the opportunity to repeat the designs presented and easily to modify them for their own programs; ·         an abundance of examples illustrating the most important steps in robust and optimal design; and ·   �...

A Framework for Collateral Risk Control Determination

OpenAIRE

Didier Cossin; Zhijiang Huang; Daniel Aunon-Nerin; Fer nando González

2002-01-01

This paper derives a general framework for collateral risk control determination in repurchase transactions or repos. The objective is to treat consistently heterogeneous collateral so that the collateral taker has a similar risk exposure whatever the collateral pledged. The framework measures the level of risk with the probability of incurring a loss higher than a pre-specified level given two well-known parameters used to manage the intrinsic risk of collateral: marking to market and haircu...

Fine-Grained Access Control for Electronic Health Record Systems

Science.gov (United States)

Hue, Pham Thi Bach; Wohlgemuth, Sven; Echizen, Isao; Thuy, Dong Thi Bich; Thuc, Nguyen Dinh

There needs to be a strategy for securing the privacy of patients when exchanging health records between various entities over the Internet. Despite the fact that health care providers such as Google Health and Microsoft Corp.'s Health Vault comply with the U.S Health Insurance Portability and Accountability Act (HIPAA), the privacy of patients is still at risk. Several encryption schemes and access control mechanisms have been suggested to protect the disclosure of a patient's health record especially from unauthorized entities. However, by implementing these approaches, data owners are not capable of controlling and protecting the disclosure of the individual sensitive attributes of their health records. This raises the need to adopt a secure mechanism to protect personal information against unauthorized disclosure. Therefore, we propose a new Fine-grained Access Control (FGAC) mechanism that is based on subkeys, which would allow a data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.

The control software framework of the web base

International Nuclear Information System (INIS)

Nakatani, Takeshi; Inamura, Yasuhiro; Ito, Takayoshi; Otomo, Toshiya

2015-01-01

Web browsers are one of the most platform-independent user interfaces. In particular, web pages created using responsive web design (RWD) are available for use on desktop and laptop computers, as well as tablet terminals and smart phones. We developed a common software framework, IROHA, for the instrument control system in the Materials and Life Science Experimental Facility at the Japan Proton Accelerator Research Complex to build a flexible and scalable system by adopting XML/HTTP. However, its user interface was platform-dependent, and we wanted it to be more user-friendly. In 2013, we developed the prototype of a new software framework, IROHA2, comprising several device control servers and an instrument management server, retaining the flexibility and scalability of IROHA. We also adopted the Bootstrap framework to create an RWD user interface for these servers. (author)

A Framework for WWW Query Processing

Science.gov (United States)

Wu, Binghui Helen; Wharton, Stephen (Technical Monitor)

2000-01-01

Query processing is the most common operation in a DBMS. Sophisticated query processing has been mainly targeted at a single enterprise environment providing centralized control over data and metadata. Submitting queries by anonymous users on the web is different in such a way that load balancing or DBMS' accessing control becomes the key issue. This paper provides a solution by introducing a framework for WWW query processing. The success of this framework lies in the utilization of query optimization techniques and the ontological approach. This methodology has proved to be cost effective at the NASA Goddard Space Flight Center Distributed Active Archive Center (GDAAC).

Regulatory accessibility and social influences on state self-control.

Science.gov (United States)

vanDellen, Michelle R; Hoyle, Rick H

2010-02-01

The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals' state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-control leads to increases in state self-control and thinking of others with bad trait or state self-control leads to decreases in state self-control. Study 5 provides evidence that the salience of significant others influences both regulatory accessibility and state self-control. Combined, these studies suggest that the effects of social influences on state self-control occur through multiple mechanisms.

Tango for experiment control

International Nuclear Information System (INIS)

Meyer, J.; Claustre, L.; Petitdemange, S.; Svensson, O.; Götz, A.; Coutinho, T.; Klora, J.; Picca, F.; Ounsy, M.; Buteau, A.

2012-01-01

The Tango control system framework allows you to control an accelerator complex as well as single equipment. The framework contains the communication bus with the standard communication modes (synchronous, asynchronous, event driven) as well as the basic hardware access modules, GUI tools and development kits, bindings to commercial products (LabView, Matlab, IgorPro) and services (administration, archiving, access control) to set up a control system. Tango was mainly developed by several synchrotron light sources that have to support not only the accelerator complex but also a lot of experimental end stations. For synchrotron experiments we have to control the whole process from basic hardware access over data taking to data analysis. This paper describes in the first part the special features of Tango allowing flexible experiment control. The dynamic configuration, the rapid hardware interface development and the sequencing and scanning framework are some examples. The second part gives an overview of some packages developed in the Tango community for experiment control: A HKL library for diffraction computation and diffractometer control, a library to control 2D detectors and a data analysis workbench with workflow engine for on-line and off-line data analysis. These packages are not part of Tango and can be used with other control systems. (author)

A Novel Dynamic Spectrum Access Framework Based on Reinforcement Learning for Cognitive Radio Sensor Networks

Directory of Open Access Journals (Sweden)

Yun Lin

2016-10-01

Full Text Available Cognitive radio sensor networks are one of the kinds of application where cognitive techniques can be adopted and have many potential applications, challenges and future research trends. According to the research surveys, dynamic spectrum access is an important and necessary technology for future cognitive sensor networks. Traditional methods of dynamic spectrum access are based on spectrum holes and they have some drawbacks, such as low accessibility and high interruptibility, which negatively affect the transmission performance of the sensor networks. To address this problem, in this paper a new initialization mechanism is proposed to establish a communication link and set up a sensor network without adopting spectrum holes to convey control information. Specifically, firstly a transmission channel model for analyzing the maximum accessible capacity for three different polices in a fading environment is discussed. Secondly, a hybrid spectrum access algorithm based on a reinforcement learning model is proposed for the power allocation problem of both the transmission channel and the control channel. Finally, extensive simulations have been conducted and simulation results show that this new algorithm provides a significant improvement in terms of the tradeoff between the control channel reliability and the efficiency of the transmission channel.

A New Key-lock Method for User Authentication and Access Control

Institute of Scientific and Technical Information of China (English)

JI Dongyao; ZHANG Futai; WANG Yumin

2001-01-01

We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

Controlling Access to Suicide Means

Directory of Open Access Journals (Sweden)

Miriam Iosue

2011-12-01

Full Text Available Background: Restricting access to common means of suicide, such as firearms, toxic gas, pesticides and other, has been shown to be effective in reducing rates of death in suicide. In the present review we aimed to summarize the empirical and clinical literature on controlling the access to means of suicide. Methods: This review made use of both MEDLINE, ISI Web of Science and the Cochrane library databases, identifying all English articles with the keywords “suicide means”, “suicide method”, “suicide prediction” or “suicide prevention” and other relevant keywords. Results: A number of factors may influence an individual’s decision regarding method in a suicide act, but there is substantial support that easy access influences the choice of method. In many countries, restrictions of access to common means of suicide has lead to lower overall suicide rates, particularly regarding suicide by firearms in USA, detoxification of domestic and motor vehicle gas in England and other countries, toxic pesticides in rural areas, barriers at jumping sites and hanging, by introducing “safe rooms” in prisons and hospitals. Moreover, decline in prescription of barbiturates and tricyclic antidepressants (TCAs, as well as limitation of drugs pack size for paracetamol and salicylate has reduced suicides by overdose, while increased prescription of SSRIs seems to have lowered suicidal rates. Conclusions: Restriction to means of suicide may be particularly effective in contexts where the method is popular, highly lethal, widely available, and/or not easily substituted by other similar methods. However, since there is some risk of means substitution, restriction of access should be implemented in conjunction with other suicide prevention strategies.

A General Attribute and Rule Based Role-Based Access Control Model

Institute of Scientific and Technical Information of China (English)

无

2007-01-01

Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

Design and implementation of a standard framework for KSTAR control system

International Nuclear Information System (INIS)

Lee, Woongryol; Park, Mikyung; Lee, Taegu; Lee, Sangil; Yun, Sangwon; Park, Jinseop; Park, Kaprai

2014-01-01

Highlights: • We performed a standardized of control system in KSTAR. • EPICS based software framework is developed for the realization of various control systems. • The applicability of the framework is widened from a simple command dispatcher to the real time application. • Our framework supports the implementation of embedded IOC in FPGA board. - Abstract: Standardization of control system is an important issue in KSTAR which is organized with various heterogeneous systems. Diverse control systems in KSTAR have been adopting new application software since 2010. Development of this software was launched for easy implementation of a data acquisition system but it is extended to as a Standard Framework (SFW) of control system in KSTAR. It is composed with a single library, database, template, and descriptor files. The SFW based controller has common factors. It has non-blocking control command method with a thread. The internal sequence handler makes it can be synchronized with KSTAR experiment. It also has a ring buffer pool mechanism for streaming input data handling. Recently, there are two important functional improvements in the framework. Processor embedded FPGA was proposed as a standard hardware platform for specific application. These are also manipulated by the SFW based embedded application. This approach gives single board system an ability of low level distributed control under the EPICS environments. We also developed a real time monitoring system as a real time network inspection tool in 2012 campaign using the SFW

[Towards a theoretical framework for rethinking cultural accessibility].

Science.gov (United States)

Landini, Fernando; Cowes, Valeria González; D'Amore, Eliana

2014-02-01

Health services accessibility is a key health policy issue. However, few in-depth studies have addressed it theoretically. Most distinguish between availability, accessibility, and acceptability, or between geographic, financial, administrative, and cultural accessibility. We discuss and analyze the concept of accessibility as conflictive articulation between supply and demand in health. The article addresses the importance of cultural accessibility, rethinking it as a social interface, i.e., a social arena with clashing worldviews (namely, those of physicians and patients). The approach sheds light on the complex processes of grasping, translating, and reshaping knowledge and recommendations within such interaction.

Building a Privacy, Ethics, and Data Access Framework for Real World Computerised Medical Record System Data: A Delphi Study. Contribution of the Primary Health Care Informatics Working Group.

Science.gov (United States)

Liyanage, H; Liaw, S-T; Di Iorio, C T; Kuziemsky, C; Schreiber, R; Terry, A L; de Lusignan, S

2016-11-10

Privacy, ethics, and data access issues pose significant challenges to the timely delivery of health research. Whilst the fundamental drivers to ensure that data access is ethical and satisfies privacy requirements are similar, they are often dealt with in varying ways by different approval processes. To achieve a consensus across an international panel of health care and informatics professionals on an integrated set of privacy and ethics principles that could accelerate health data access in data-driven health research projects. A three-round consensus development process was used. In round one, we developed a baseline framework for privacy, ethics, and data access based on a review of existing literature in the health, informatics, and policy domains. This was further developed using a two-round Delphi consensus building process involving 20 experts who were members of the International Medical Informatics Association (IMIA) and European Federation of Medical Informatics (EFMI) Primary Health Care Informatics Working Groups. To achieve consensus we required an extended Delphi process. The first round involved feedback on and development of the baseline framework. This consisted of four components: (1) ethical principles, (2) ethical guidance questions, (3) privacy and data access principles, and (4) privacy and data access guidance questions. Round two developed consensus in key areas of the revised framework, allowing the building of a newly, more detailed and descriptive framework. In the final round panel experts expressed their opinions, either as agreements or disagreements, on the ethics and privacy statements of the framework finding some of the previous round disagreements to be surprising in view of established ethical principles. This study develops a framework for an integrated approach to ethics and privacy. Privacy breech risk should not be considered in isolation but instead balanced by potential ethical benefit.

Access and control of information and intellectual property

Science.gov (United States)

Lang, Gerald S.

1996-03-01

This paper introduces the technology of two pioneering patents for the secure distribution of information and intellectual property. The seminal technology has been used in the control of sensitive material such as medical records and imagery in distributed networks. It lends itself to the implementation of an open architecture access control system that provides local or remote user selective access to digital information stored on any computer system or storage medium, down to the data element, pixel, and sub-pixel levels. Use of this technology is especially suited for electronic publishing, health care records, MIS, and auditing.

Hopping control channel MAC protocol for opportunistic spectrum access networks

Institute of Scientific and Technical Information of China (English)

FU Jing-tuan; JI Hong; MAO Xu

2010-01-01

Opportunistic spectrum access （OSA） is considered as a promising approach to mitigate spectrum scarcity by allowing unlicensed users to exploit spectrum opportunities in licensed frequency bands. Derived from the existing channel-hopping multiple access （CHMA） protocol,we introduce a hopping control channel medium access control （MAC） protocol in the context of OSA networks. In our proposed protocol,all nodes in the network follow a common channel-hopping sequence; every frequency channel can be used as control channel and data channel. Considering primary users＇ occupancy of the channel,we use a primary user （PU） detection model to calculate the channel availability for unlicensed users＇ access. Then,a discrete Markov chain analytical model is applied to describe the channel states and deduce the system throughput. Through simulation,we present numerical results to demonstrate the throughput performance of our protocol and thus validate our work.

Creativity and Control : A Paradox-Evidence from the Levers of Control Framework

NARCIS (Netherlands)

Speklé, R.F.; van Elten, Hilco; Widener, Sally

2017-01-01

Both control and creativity are important drivers of organizational success (Gilson, Mathieu, Shally, and Ruddy 2005; Hirst, Van Knippenberg, Chen, and Sacramento 2011). However, they are often regarded as conflicting. We use the Levers of Control (LoC) framework to examine the relationships between

Creativity and Control : A Paradox: Evidence from the Levers of Control Framework

NARCIS (Netherlands)

Speklé, R.F.; Elten, van H.J.; Widener, S.

2017-01-01

Both control and creativity are important drivers of organizational success (Gilson, Mathieu, Shally, and Ruddy 2005; Hirst, Van Knippenberg, Chen, and Sacramento 2011). However, they are often regarded as conflicting. We use the Levers of Control (LoC) framework to examine the relationships between

Energy efficiency and renewable energy policy in the Czech Republic within the framework of accession to the European Union

International Nuclear Information System (INIS)

Wees, M.T. van; Uyterlinde, M.A.; Maly, M.

2002-01-01

The main barrier for end-use energy efficiency and renewable energy in the Czech Republic is the lack of a stable political and regulatory framework. Market incentives can only properly work if the market conditions and restrictions are clear and stable. However, no comprehensive policies and regulation have been implemented in the Czech Republic. Although the acquis communautaire of the European Union includes regulation on energy efficiency and renewable energy, this topic remains low on the negotiation agenda for accession. This paper reports on the current situation in the Czech Republic, including the potentials for end-use energy efficiency and renewable energy, on the existing policy and regulatory framework, and on the remaining gaps with the requirements of accession to the European Union. Also, the impact of the recent increase of nuclear capacity on energy efficiency and renewable energy in the Czech Republic is discussed

Human engineering considerations in designing a computerized controlled access security system

International Nuclear Information System (INIS)

Moore, J.W.; Banks, W.W.

1988-01-01

This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

75 FR 4007 - Risk Management Controls for Brokers or Dealers With Market Access

Science.gov (United States)

2010-01-26

... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... or other persons, to implement risk management controls and supervisory procedures reasonably... access may not utilize any pre-trade risk management controls (i.e., ``unfiltered'' or ``naked'' access...

A framework to prevent and control tobacco among adolescents and children: introducing the IMPACT model.

Science.gov (United States)

Arora, Monika; Mathur, Manu Raj; Singh, Neha

2013-03-01

The objective of this paper is to provide a comprehensive evidence based model aimed at addressing multi-level risk factors influencing tobacco use among children and adolescents with multi-level policy and programmatic approaches in India. Evidences around effectiveness of policy and program interventions from developed and developing countries were reviewed using Pubmed, Scopus, Google Scholar and Ovid databases. This evidence was then categorized under three broad approaches: Policy level approaches (increased taxation on tobacco products, smoke-free laws in public places and work places, effective health warnings, prohibiting tobacco advertising, promotions and sponsorships, and restricting access to minors); Community level approaches (school health programs, mass media campaigns, community based interventions, promoting tobacco free norms) and Individual level approaches (promoting cessation in various settings). This review of literature around determinants and interventions was organized into developing the IMPACT framework. The paper further presents a comparative analysis of tobacco control interventions in India vis a vis the proposed approaches. Mixed results were found for prevention and control efforts targeting youth. However, this article suggests a number of intervention strategies that have shown to be effective. Implementing these interventions in a coordinated way will provide potential synergies across interventions. Pediatricians have prominent role in advocating and implementing the IMPACT framework in countries aiming to prevent and control tobacco use among adolescents and children.

Authenticated IGMP for Controlling Access to Multicast Distribution Tree

Science.gov (United States)

Park, Chang-Seop; Kang, Hyun-Sun

A receiver access control scheme is proposed to protect the multicast distribution tree from DoS attack induced by unauthorized use of IGMP, by extending the security-related functionality of IGMP. Based on a specific network and business model adopted for commercial deployment of IP multicast applications, a key management scheme is also presented for bootstrapping the proposed access control as well as accounting and billing for CP (Content Provider), NSP (Network Service Provider), and group members.

Role-Based Access Control in Retrospect

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Wieringa, Roelf J.

Role-Based Access Control (RBAC) has been a success in terms of the amount of research that went into it, its uptake in international standards, and its adoption by major software vendors. Yet, RBAC remains complex to implement in user organizations. In this paper we review the state of the art of

A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

National Research Council Canada - National Science Library

Crawford, Frederick L

2008-01-01

This research conducts a comparative analysis of discretionary access controls of current wikis by experimenting with their discretionary access controls and functionality, comparing the wiki software...

Requirements for Scalable Access Control and Security Management Architectures

National Research Council Canada - National Science Library

Keromytis, Angelos D; Smith, Jonathan M

2005-01-01

Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms...

Urban Studies: A Study of Bibliographic Access and Control.

Science.gov (United States)

Anderson, Barbara E.

This paper analyzes: (1) the bibliographic access to publications in urban studies via printed secondary sources; (2) development and scope of classification systems and of vocabulary control for urban studies; and (3) currently accessible automated collections of bibliographic citations. Urban studies is defined as "an agglomeration of…

Database design for Physical Access Control System for nuclear facilities

Energy Technology Data Exchange (ETDEWEB)

Sathishkumar, T., E-mail: satishkumart@igcar.gov.in; Rao, G. Prabhakara, E-mail: prg@igcar.gov.in; Arumugam, P., E-mail: aarmu@igcar.gov.in

2016-08-15

Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

Database design for Physical Access Control System for nuclear facilities

International Nuclear Information System (INIS)

Sathishkumar, T.; Rao, G. Prabhakara; Arumugam, P.

2016-01-01

Highlights: • Database design needs to be optimized and highly efficient for real time operation. • It requires a many-to-many mapping between Employee table and Doors table. • This mapping typically contain thousands of records and redundant data. • Proposed novel database design reduces the redundancy and provides abstraction. • This design is incorporated with the access control system developed in-house. - Abstract: A (Radio Frequency IDentification) RFID cum Biometric based two level Access Control System (ACS) was designed and developed for providing access to vital areas of nuclear facilities. The system has got both hardware [Access controller] and software components [server application, the database and the web client software]. The database design proposed, enables grouping of the employees based on the hierarchy of the organization and the grouping of the doors based on Access Zones (AZ). This design also illustrates the mapping between the Employee Groups (EG) and AZ. By following this approach in database design, a higher level view can be presented to the system administrator abstracting the inner details of the individual entities and doors. This paper describes the novel approach carried out in designing the database of the ACS.

BRICK v0.2, a simple, accessible, and transparent model framework for climate and regional sea-level projections

Science.gov (United States)

Wong, Tony E.; Bakker, Alexander M. R.; Ruckert, Kelsey; Applegate, Patrick; Slangen, Aimée B. A.; Keller, Klaus

2017-07-01

Simple models can play pivotal roles in the quantification and framing of uncertainties surrounding climate change and sea-level rise. They are computationally efficient, transparent, and easy to reproduce. These qualities also make simple models useful for the characterization of risk. Simple model codes are increasingly distributed as open source, as well as actively shared and guided. Alas, computer codes used in the geosciences can often be hard to access, run, modify (e.g., with regards to assumptions and model components), and review. Here, we describe the simple model framework BRICK (Building blocks for Relevant Ice and Climate Knowledge) v0.2 and its underlying design principles. The paper adds detail to an earlier published model setup and discusses the inclusion of a land water storage component. The framework largely builds on existing models and allows for projections of global mean temperature as well as regional sea levels and coastal flood risk. BRICK is written in R and Fortran. BRICK gives special attention to the model values of transparency, accessibility, and flexibility in order to mitigate the above-mentioned issues while maintaining a high degree of computational efficiency. We demonstrate the flexibility of this framework through simple model intercomparison experiments. Furthermore, we demonstrate that BRICK is suitable for risk assessment applications by using a didactic example in local flood risk management.

Offset Free Tracking Predictive Control Based on Dynamic PLS Framework

Directory of Open Access Journals (Sweden)

Jin Xin

2017-10-01

Full Text Available This paper develops an offset free tracking model predictive control based on a dynamic partial least square (PLS framework. First, state space model is used as the inner model of PLS to describe the dynamic system, where subspace identification method is used to identify the inner model. Based on the obtained model, multiple independent model predictive control (MPC controllers are designed. Due to the decoupling character of PLS, these controllers are running separately, which is suitable for distributed control framework. In addition, the increment of inner model output is considered in the cost function of MPC, which involves integral action in the controller. Hence, the offset free tracking performance is guaranteed. The results of an industry background simulation demonstrate the effectiveness of proposed method.

External access to ALICE controls conditions data

International Nuclear Information System (INIS)

Jadlovský, J; Jadlovská, A; Sarnovský, J; Jajčišin, Š; Čopík, M; Jadlovská, S; Papcun, P; Bielek, R; Čerkala, J; Kopčík, M; Chochula, P; Augustinus, A

2014-01-01

ALICE Controls data produced by commercial SCADA system WINCCOA is stored in ORACLE database on the private experiment network. The SCADA system allows for basic access and processing of the historical data. More advanced analysis requires tools like ROOT and needs therefore a separate access method to the archives. The present scenario expects that detector experts create simple WINCCOA scripts, which retrieves and stores data in a form usable for further studies. This relatively simple procedure generates a lot of administrative overhead – users have to request the data, experts needed to run the script, the results have to be exported outside of the experiment network. The new mechanism profits from database replica, which is running on the CERN campus network. Access to this database is not restricted and there is no risk of generating a heavy load affecting the operation of the experiment. The developed tools presented in this paper allow for access to this data. The users can use web-based tools to generate the requests, consisting of the data identifiers and period of time of interest. The administrators maintain full control over the data – an authorization and authentication mechanism helps to assign privileges to selected users and restrict access to certain groups of data. Advanced caching mechanism allows the user to profit from the presence of already processed data sets. This feature significantly reduces the time required for debugging as the retrieval of raw data can last tens of minutes. A highly configurable client allows for information retrieval bypassing the interactive interface. This method is for example used by ALICE Offline to extract operational conditions after a run is completed. Last but not least, the software can be easily adopted to any underlying database structure and is therefore not limited to WINCCOA.

MstApp, a rich client control applications framework at DESY

International Nuclear Information System (INIS)

Kirsten Hinsch, Winfried Schuette

2012-01-01

The control systems for PETRA 3 (a dedicated synchrotron machine) and its pre-accelerators extensively use rich clients for the control room and the servers. Most of them are written with the help of a rich client Java framework: MstApp. They totalize 106 different consoles and 158 individual server applications. MstApp takes care of many common control system application aspects beyond communication. MstApp provides a common look and feel: core menu items, a colour scheme for standard states of hardware components and predefined standardized screen sizes/locations. It interfaces our console application manager (CAM) and displays on demand our communication link diagnostics tools. MstApp supplies an accelerator context for each application; it handles printing, logging, re-sizing and unexpected application crashes. Due to our standardized deploy process MstApp applications know their individual developers and can even send them - on button press of the users - E-mails. Further a concept of different operation modes is implemented: view only, operating and expert use. Administration of the corresponding rights is done via web access of a database server. Initialization files on a web server are instantiated as JAVA objects with the help of the Java SE XML-Decoder. Data tables are read with the same mechanism. New MstApp applications can easily be created with in house wizards like the NewProjectWizard or the DeviceServerWizard. MstApp improves the operator experience, application developer productivity and delivered software quality. (authors)

Capability-based Access Control Delegation Model on the Federated IoT Network

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2012-01-01

Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

Optical label-controlled transparent metro-access network interface

DEFF Research Database (Denmark)

Osadchiy, Alexey Vladimirovich

This thesis presents results obtained during the course of my PhD research on optical signal routing and interfacing between the metropolitan and access segments of optical networks. Due to both increasing capacity demands and variety of emerging services types, new technological challenges...... control. Highlights of my research include my proposal and experimental proof of principle of an optical coherent detection based optical access network architecture providing support for a large number of users over a single distribution fiber; a spectral amplitude encoded label detection technique...... are arising for seamlessly interfacing metropolitan and access networks. Therefore, in this PhD project, I have analyzed those technological challenges and identified the key aspects to be addressed. I have also proposed and experimentally verified a number of solutions to metropolitan and access networks...

A slotted access control protocol for metropolitan WDM ring networks

Science.gov (United States)

Baziana, P. A.; Pountourakis, I. E.

2009-03-01

In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.

Toward a systems- and control-oriented agent framework.

Science.gov (United States)

Fregene, Kingsley; Kennedy, Diane C; Wang, David W L

2005-10-01

This paper develops a systems- and control-oriented intelligent agent framework called the hybrid intelligent control agent (HICA), as well as its composition into specific kinds of multiagent systems. HICA is essentially developed around a hybrid control system core so that knowledge-based planning and coordination can be integrated with verified hybrid control primitives to achieve the coordinated control of multiple multimode dynamical systems. The scheme is applied to the control of teams of unmanned air and ground vehicles engaged in a pursuit-evasion war game. Results are demonstrated in simulation.

Optimizing data access in the LAMPF control system

International Nuclear Information System (INIS)

Schaller, S.C.; Corley, J.K.; Rose, P.A.

1985-01-01

The LAMPF control system data access software offers considerable power and flexibility to application programs through symbolic device naming and an emphasis on hardware independence. This paper discusses optimizations aimed at improving the performance of the data access software while retaining these capabilities. The only aspects of the optimizations visible to the application programs are ''vector devices'' and ''aggregate devices.'' A vector device accesses a set of hardware related data items through a single device name. Aggregate devices allow run-time optimization of references to groups of unrelated devices. Optimizations not visible on the application level include careful handling of: network message traffic; the sharing of global resources; and storage allocation

[Public control and equity of access to hospitals under non-State public administration].

Science.gov (United States)

Carneiro Junior, Nivaldo; Elias, Paulo Eduardo

2006-10-01

To analyze social health organizations in the light of public control and the guarantee of equity of access to health services. Utilizing the case study technique, two social health organizations in the metropolitan region of São Paulo were selected. The analytical categories were equity of access and public control, and these were based on interviews with key informants and technical-administrative reports. It was observed that the overall funding and administrative control of the social health organizations are functions of the state administrator. The presence of a local administrator is important for ensuring equity of access. Public control is expressed through supervisory actions, by means of accounting and financial procedures. Equity of access and public control are not taken into consideration in the administration of these organizations. The central question lies in the capacity of the public authorities to have a presence in implementing this model at the local level, thereby ensuring equity of access and taking public control into consideration.

Access Control from an Intrusion Detection Perspective

NARCIS (Netherlands)

Nunes Leal Franqueira, V.

Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

Automated biometric access control system for two-man-rule enforcement

International Nuclear Information System (INIS)

Holmes, J.P.; Maxwell, R.L.; Henderson, R.W.

1991-01-01

This paper describes a limited access control system for nuclear facilities which makes use of the eye retinal identity verifier to control the passage of personnel into and out of one or a group of security controlled working areas. This access control system requires no keys, cards or credentials. The user simply enters his Personal Identification Number (PIN) and takes an eye reading to request passage. The PIN does not have to be kept secret. The system then relies on biometric identity verification of the user, along with other system information, to make the decision of whether or not to unlock the door. It also enforces multiple zones control with personnel tracking and the two-man-rule

Identity driven Capability based Access Control (ICAC) Scheme for the Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2012-01-01

Internet of Things (IoT) becomes discretionary part of everyday life. Scalability and manageability is daunting due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is equally important to establish secure communication between multiple...... devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related...... to complexity and dynamics of device identities. ICAC is implemented for 802.11 and results shows that ICAC has less scalability issues and better performance analysis compared with other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against...

Efficient medium access control protocol for geostationary satellite systems

Institute of Scientific and Technical Information of China (English)

王丽娜; 顾学迈

2004-01-01

This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

Random access procedures and radio access network (RAN) overload control in standard and advanced long-term evolution (LTE and LTE-A) networks

DEFF Research Database (Denmark)

Kiilerich Pratas, Nuno; Thomsen, Henning; Popovski, Petar

2015-01-01

In this chapter, we describe and discuss the current LTE random access procedure and the Radio Access Network Load Control solution within LTE/LTE-A. We provide an overview of the several considered load control solutions and give a detailed description of the standardized Extended Access Class B...

Requirements and Challenges of Location-Based Access Control in Healthcare Emergency Response

DEFF Research Database (Denmark)

Vicente, Carmen Ruiz; Kirkpatrick, Michael; Ghinita, Gabriel

2009-01-01

Recent advances in positioning and tracking technologies have led to the emergence of novel location-based applications that allow participants to access information relevant to their spatio-temporal context. Traditional access control models, such as role-based access control (RBAC), are not suf...... to such settings. We overview the main technical issues to be addressed, and we describe the architecture for policy decision and enforcement points....

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2005-09-01

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

A Trusted Host's Authentication Access and Control Model Faced on User Action

Institute of Scientific and Technical Information of China (English)

ZHANG Miao; XU Guoai; HU Zhengming; YANG Yixian

2006-01-01

The conception of trusted network connection (TNC) is introduced, and the weakness of TNC to control user's action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC's security of user control and authorization.

Controlling Access to Input/Output Peripheral Devices

Directory of Open Access Journals (Sweden)

E. Y. Rodionov

2010-03-01

Full Text Available In this paper the author proposes a system that manages information security policy on enterprise. Problems related to managing information security policy on enterprise and access to peripheral devices in computer systems functioning under control of Microsoft Windows NT operating systems are considered.

BRICK v0.2, a simple, accessible, and transparent model framework for climate and regional sea-level projections

Directory of Open Access Journals (Sweden)

T. E. Wong

2017-07-01

Full Text Available Simple models can play pivotal roles in the quantification and framing of uncertainties surrounding climate change and sea-level rise. They are computationally efficient, transparent, and easy to reproduce. These qualities also make simple models useful for the characterization of risk. Simple model codes are increasingly distributed as open source, as well as actively shared and guided. Alas, computer codes used in the geosciences can often be hard to access, run, modify (e.g., with regards to assumptions and model components, and review. Here, we describe the simple model framework BRICK (Building blocks for Relevant Ice and Climate Knowledge v0.2 and its underlying design principles. The paper adds detail to an earlier published model setup and discusses the inclusion of a land water storage component. The framework largely builds on existing models and allows for projections of global mean temperature as well as regional sea levels and coastal flood risk. BRICK is written in R and Fortran. BRICK gives special attention to the model values of transparency, accessibility, and flexibility in order to mitigate the above-mentioned issues while maintaining a high degree of computational efficiency. We demonstrate the flexibility of this framework through simple model intercomparison experiments. Furthermore, we demonstrate that BRICK is suitable for risk assessment applications by using a didactic example in local flood risk management.

Holistic Web-based Virtual Micro Controller Framework for Research and Education

Directory of Open Access Journals (Sweden)

Sven Seiler

2012-11-01

Full Text Available Education in the field of embedded system programming became an even more important aspect in the qualification of young engineers during the last decade. This development is accompanied by a rapidly increasing complexity of the software environments used with such devices. Therefore a qualified and solid teaching methodology is necessary, accompanied by industry driven technological innovation with an emphasis on programming. As part of three European projects regarding lifelong-learning a comprehensive blended learning concept for teaching embedded systems and robotics was developed by paper authors. It comprises basic exercises in micro controller programming up to high-level student robotic challenges. These implemented measures are supported by a distance learning environment. The programming of embedded systems and microcontroller technology has to be seen as the precursor for more complex robotic systems in this context, but with a high importance for later successfully working with the technology for further professional utilization with these technologies. Current paper introduces the most novel part; the online accessible Virtual Micro Controller Platform (VMCU and its underlying simulation framework platform. This approach conquers the major existing problems in engineering education: outdated hardware and limited lab times. This paper answers the question about advantages of using virtual hardware in an educational environment.

Need an Information Security in Access Control System?

Directory of Open Access Journals (Sweden)

V. R. Petrov

2011-12-01

Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

Controlling user access to electronic resources without password

Science.gov (United States)

Smith, Fred Hewitt

2015-06-16

Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes pre-determining an association of the restricted computer resource and computer-resource-proximal environmental information. Indicia of user-proximal environmental information are received from a user requesting access to the restricted computer resource. Received indicia of user-proximal environmental information are compared to associated computer-resource-proximal environmental information. User access to the restricted computer resource is selectively granted responsive to a favorable comparison in which the user-proximal environmental information is sufficiently similar to the computer-resource proximal environmental information. In at least some embodiments, the process further includes comparing user-supplied biometric measure and comparing it with a predetermined association of at least one biometric measure of an authorized user. Access to the restricted computer resource is granted in response to a favorable comparison.

The new biometric access control system resembles a big electronic eye. It will be used to control access to the LHC from 2007 onwards.

CERN Multimedia

Maximilien Brice

2006-01-01

The new LHC access control systems will soon be using the latest technology: optical recognition based on iris image data. In order to gain access to the tunnel it will be your eye, not your credentials that you'll be required to show! As of September, the entrance point at Point 8 should be the first to be fitted out with iris recognition equipment. The other access shafts will then gradually be equipped one by one.

A Universal Communication Framework and Navigation Control Software for Mobile Prototyping Platforms

Directory of Open Access Journals (Sweden)

Andreas Mitschele-Thiel

2010-09-01

Full Text Available In our contribution we would like to describe two new aspects of our low-cost mobile prototyping platform concept: a new hardware communication framework as well as new software features for navigation and control of our mobile platform. The paper is an extension of the ideas proposed in REV2009 [1] and is based on the therein used hardware platform and the monitoring and management software. This platform is based on the Quadrocopter concept – autonomous flying helicopter-style robots – and includes additional off-the-shelf parts. This leads to a universal mobile prototyping platform for communication tasks providing both mobile phone and WiFi access. However, the platform can provide these functions far more quickly than a technician on the ground might be able to. We will show that with our concept we can easily adapt the platform to the individual needs of the user, which leads to a very flexible and semi-autonomous system.

A Multi-Functional Fully Distributed Control Framework for AC Microgrids

DEFF Research Database (Denmark)

Shafiee, Qobad; Nasirian, Vahidreza; Quintero, Juan Carlos Vasquez

2018-01-01

This paper proposes a fully distributed control methodology for secondary control of AC microgrids. The control framework includes three modules: voltage regulator, reactive power regulator, and active power/frequency regulator. The voltage regulator module maintains the average voltage of the mi......This paper proposes a fully distributed control methodology for secondary control of AC microgrids. The control framework includes three modules: voltage regulator, reactive power regulator, and active power/frequency regulator. The voltage regulator module maintains the average voltage...... of the microgrid distribution line at the rated value. The reactive power regulator compares the local normalized reactive power of an inverter with its neighbors’ powers on a communication graph and, accordingly, fine-tunes Q-V droop coefficients to mitigate any reactive power mismatch. Collectively, these two....../reactive power sharing. An AC microgrid is prototyped to experimentally validate the proposed control methodology against the load change, plug-and-play operation, and communication constraints such as delay, packet loss, and limited bandwidth....

Risk and train control : a framework for analysis

Science.gov (United States)

2001-01-01

This report develops and demonstrates a framework for examining the effects of various train control strategies on some of the major risks of railroad operations. Analysis of hypothetical 1200-mile corridor identified the main factors that increase r...

Predictive access control for distributed computation

DEFF Research Database (Denmark)

Yang, Fan; Hankin, Chris; Nielson, Flemming

2013-01-01

We show how to use aspect-oriented programming to separate security and trust issues from the logical design of mobile, distributed systems. The main challenge is how to enforce various types of security policies, in particular predictive access control policies — policies based on the future beh...... behavior of a program. A novel feature of our approach is that we can define policies concerning secondary use of data....

Controlling user access to electronic resources without password

Science.gov (United States)

Smith, Fred Hewitt

2017-08-22

Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

Accessibility to tuberculosis control services and tuberculosis programme performance in southern Ethiopia

Directory of Open Access Journals (Sweden)

Mesay Hailu Dangisso

2015-11-01

Full Text Available Background: Despite the expansion of health services and community-based interventions in Ethiopia, limited evidence exists about the distribution of and access to health facilities and their relationship with the performance of tuberculosis (TB control programmes. We aim to assess the geographical distribution of and physical accessibility to TB control services and their relationship with TB case notification rates (CNRs and treatment outcome in the Sidama Zone, southern Ethiopia. Design: We carried out an ecological study to assess physical accessibility to TB control facilities and the association of physical accessibility with TB CNRs and treatment outcome. We collected smear-positive pulmonary TB (PTB cases treated during 2003–2012 from unit TB registers and TB service data such as availability of basic supplies for TB control and geographic locations of health services. We used ArcGIS 10.2 to measure the distance from each enumeration location to the nearest TB control facilities. A linear regression analysis was employed to assess factors associated with TB CNRs and treatment outcome. Results: Over a decade the health service coverage (the health facility–to-population ratio increased by 36% and the accessibility to TB control facilities also improved. Thus, the mean distance from TB control services was 7.6 km in 2003 (ranging from 1.8 to 25.5 km between kebeles (the smallest administrative units and had decreased to 3.2 km in 2012 (ranging from 1.5 to 12.4 km. In multivariate linear regression, as distance from TB diagnostic facilities (b-estimate=−0.25, p<0.001 and altitude (b-estimate=−0.31, p<0.001 increased, the CNRs of TB decreased, whereas a higher population density was associated with increased TB CNRs. Similarly, distance to TB control facilities (b-estimate=−0.27, p<0.001 and altitude (b-estimate=−0.30, p<0.001 were inversely associated with treatment success (proportion of treatment completed or cured cases

Maternity Leave Access and Health: A Systematic Narrative Review and Conceptual Framework Development.

Science.gov (United States)

Andres, Ellie; Baird, Sarah; Bingenheimer, Jeffrey Bart; Markus, Anne Rossier

2016-06-01

Background Maternity leave is integral to postpartum maternal and child health, providing necessary time to heal and bond following birth. However, the relationship between maternity leave and health outcomes has not been formally and comprehensively assessed to guide public health research and policy in this area. This review aims to address this gap by investigating both the correlates of maternity leave utilization in the US and the related health benefits for mother and child. Methods We searched the peer-reviewed scholarly literature using six databases for the years 1990 to early 2015 and identified 37 studies to be included in the review. We extracted key data for each of the included studies and assessed study quality using the "Weight of the Evidence" approach. Results The literature generally confirms a positive, though limited correlation between maternity leave coverage and utilization. Likewise, longer maternity leaves are associated with improved breastfeeding intentions and rates of initiation, duration and predominance as well as improved maternal mental health and early childhood outcomes. However, the literature points to important disparities in access to maternity leave that carry over into health outcomes, such as breastfeeding. Synthesis We present a conceptual framework synthesizing what is known to date related to maternity leave access and health outcomes.

Problems and Concerns Regarding Access Control System Construction in Radiation Facilities Based on the NIFS Experience

International Nuclear Information System (INIS)

Kawano, T.; Inoue, N.; Sakuma, Y.; Motojima, O.

2001-01-01

Full text: In 1998, access control system for the large helical device (LHD) experimental hall was constructed and put into operation at the National Institute for Fusion Science (NIFS) in Toki, Japan. Since then, the system has been continuously improved. It now controls access into the LHD controlled area through four entrances. The system has five turnstile gates and enables control of access at the four entrances. The system is always checking whether the shielding doors are open or closed at eight positions. The details pertaining to the construction of the system were reported at IRPA-10 held in Hiroshima, Japan, in 2000. Based on our construction experience of the NIFS access control system, we will discuss problems related to software and operational design of the system. We will also discuss some concerns regarding the use of the system in radiation facilities. The problems we will present concern, among other thing, individual registration, time control, turnstile control, interlock signal control, data aggregation and transactions, automatic and manual control, and emergency procedures. For example, in relation to the time control and turnstile control functions, we will discuss the gate-opening time interval for an access event, the timing of access data recording, date changing, turn bar control, double access, and access error handling. (author)

Control Framework for Dexterous Manipulation Using Dynamic Visual Servoing and Tactile Sensors’ Feedback

Directory of Open Access Journals (Sweden)

Carlos A. Jara

2014-01-01

Full Text Available Tactile sensors play an important role in robotics manipulation to perform dexterous and complex tasks. This paper presents a novel control framework to perform dexterous manipulation with multi-fingered robotic hands using feedback data from tactile and visual sensors. This control framework permits the definition of new visual controllers which allow the path tracking of the object motion taking into account both the dynamics model of the robot hand and the grasping force of the fingertips under a hybrid control scheme. In addition, the proposed general method employs optimal control to obtain the desired behaviour in the joint space of the fingers based on an indicated cost function which determines how the control effort is distributed over the joints of the robotic hand. Finally, authors show experimental verifications on a real robotic manipulation system for some of the controllers derived from the control framework.

Evaluation of secure capability-based access control in the M2M local cloud platform

DEFF Research Database (Denmark)

Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

2016-01-01

delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

CSchema: A Downgrading Policy Language for XML Access Control

Institute of Scientific and Technical Information of China (English)

Dong-Xi Liu

2007-01-01

The problem of regulating access to XML documents has attracted much attention from both academic and industry communities.In existing approaches, the XML elements specified by access policies are either accessible or inac-cessible according to their sensitivity.However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible.This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them.The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations.CSchema language has a type system to guarantee the type correctness of the embedded calcula-tion expressions and moreover this type system also generates a security view after type checking a CSchema policy.Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies.These released documents are then ready tobe accessed by, for instance, XML query engines.By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module.

Designing a Secure E-commerce with Credential Purpose-based Access Control

OpenAIRE

Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

2014-01-01

The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

Controllable synthesis of single-walled carbon nanotube framework membranes and capsules.

Science.gov (United States)

Song, Changsik; Kwon, Taeyun; Han, Jae-Hee; Shandell, Mia; Strano, Michael S

2009-12-01

Controlling the morphology of membrane components at the nanometer scale is central to many next-generation technologies in water purification, gas separation, fuel cell, and nanofiltration applications. Toward this end, we report the covalent assembly of single-walled carbon nanotubes (SWNTs) into three-dimensional framework materials with intertube pores controllable by adjusting the size of organic linker molecules. The frameworks are fashioned into multilayer membranes possessing linker spacings from 1.7 to 3.0 nm, and the resulting framework films were characterized, including transport properties. Nanoindentation measurements by atomic force microscopy show that the spring constant of the SWNT framework film (22.6 +/- 1.2 N/m) increased by a factor of 2 from the control value (10.4 +/- 0.1 N/m). The flux ratio comparison in a membrane-permeation experiment showed that larger spacer sizes resulted in larger pore structures. This synthetic method was equally efficient on silica microspheres, which could then be etched to create all-SWNT framework, hollow capsules approximately 5 mum in diameter. These hollow capsules are permeable to organic and inorganic reagents, allowing one to form inorganic nanoparticles, for example, that become entrapped within the capsule. The ability to encapsulate functional nanomaterials inside perm-selective SWNT cages and membranes may find applications in new adsorbents, novel catalysts, and drug delivery vehicles.

36 CFR 1256.70 - What controls access to national security-classified information?

Science.gov (United States)

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

A conceptual modeling framework for discrete event simulation using hierarchical control structures

Science.gov (United States)

Furian, N.; O’Sullivan, M.; Walker, C.; Vössner, S.; Neubacher, D.

2015-01-01

Conceptual Modeling (CM) is a fundamental step in a simulation project. Nevertheless, it is only recently that structured approaches towards the definition and formulation of conceptual models have gained importance in the Discrete Event Simulation (DES) community. As a consequence, frameworks and guidelines for applying CM to DES have emerged and discussion of CM for DES is increasing. However, both the organization of model-components and the identification of behavior and system control from standard CM approaches have shortcomings that limit CM’s applicability to DES. Therefore, we discuss the different aspects of previous CM frameworks and identify their limitations. Further, we present the Hierarchical Control Conceptual Modeling framework that pays more attention to the identification of a models’ system behavior, control policies and dispatching routines and their structured representation within a conceptual model. The framework guides the user step-by-step through the modeling process and is illustrated by a worked example. PMID:26778940

A conceptual modeling framework for discrete event simulation using hierarchical control structures.

Science.gov (United States)

Furian, N; O'Sullivan, M; Walker, C; Vössner, S; Neubacher, D

2015-08-01

Conceptual Modeling (CM) is a fundamental step in a simulation project. Nevertheless, it is only recently that structured approaches towards the definition and formulation of conceptual models have gained importance in the Discrete Event Simulation (DES) community. As a consequence, frameworks and guidelines for applying CM to DES have emerged and discussion of CM for DES is increasing. However, both the organization of model-components and the identification of behavior and system control from standard CM approaches have shortcomings that limit CM's applicability to DES. Therefore, we discuss the different aspects of previous CM frameworks and identify their limitations. Further, we present the Hierarchical Control Conceptual Modeling framework that pays more attention to the identification of a models' system behavior, control policies and dispatching routines and their structured representation within a conceptual model. The framework guides the user step-by-step through the modeling process and is illustrated by a worked example.

Demand, capacity, and access of the outpatient clinic: A framework for analysis and improvement.

Science.gov (United States)

van Bussel, Erik Martijn; van der Voort, Marc Boudewijn Victor Rouppe; Wessel, Ronald N; van Merode, Godefridus G

2018-06-01

While theoretical frameworks for optimization of the outpatient processes are abundant, practical step-by-step analyses to give leads for improvement, to forecast capacity, and to support decision making are sparse. This article demonstrates how to evaluate and optimize the triad of demand, (future) capacity, and access time of the outpatient clinic using a structured six-step method. All individual logistical patient data of an orthopaedic outpatient clinic of one complete year were analysed using a 6-step method to evaluate demand, supply, and access time. Trends in the data were retrospectively analysed and evaluated for potential improvements. A model for decision making was tested. Both the analysis of the method and actual results were considered as main outcomes. More than 25 000 appointments were analysed. The 6-step method showed to be sufficient to result in valuable insights and leads for improvement. While the overall match between demand and capacity was considered adequate, the variability in capacity was much higher than in demand, thereby leading to delays in access time. Holidays and subsequent weeks showed to be of great influence for demand, capacity, and access time. Using the six-step method, several unfavourable characteristics of the outpatient clinic were revealed and a better match between demand, supply, and access time could have been reached with only minor adjustments. Last, a clinic specific prediction and decision model for demand and capacity was made using the 6-step method. The 6-step analysis can successfully be applied to redesign and improve the outpatient health care process. The results of the analysis showed that national holidays and variability in demand and capacity have a big influence on the outpatient clinic. Using the 6-step method, practical improvements in outpatient logistics were easily found and leads for future decision making were contrived. © 2018 The Authors Journal of Evaluation in Clinical Practice

Consistency maintenance for constraint in role-based access control model

Institute of Scientific and Technical Information of China (English)

韩伟力; 陈刚; 尹建伟; 董金祥

2002-01-01

Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

Consistency maintenance for constraint in role-based access control model

Institute of Scientific and Technical Information of China (English)

韩伟力; 陈刚; 尹建伟; 董金祥

2002-01-01

Constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far'few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces correaponding formal rules, rulebased reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally,the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-ori-ented product data management (PDM) system.

Regulatory Accessibility and Social Influences on State Self-Control

OpenAIRE

vanDellen, Michelle R.; Hoyle, Rick H.

2009-01-01

The current work examined how social factors influence self-control. Current conceptions of state self-control treat it largely as a function of regulatory capacity. The authors propose that state self-control might also be influenced by social factors because of regulatory accessibility. Studies 1 through 4 provide evidence that individuals’ state self-control is influenced by the trait and state self-control of salient others such that thinking of others with good trait or state self-contro...

Framework for virtual control desk projects

Energy Technology Data Exchange (ETDEWEB)

Mol, Antonio Carlos A.; Freitas, Victor Goncalves G.; Espieito Santos, Andre Cotelli do; Aghina, Mauricio A. da C. e, E-mail: mol@ien.gov.b, E-mail: vgoncalves@ien.gov.b, E-mail: mag@ien.gov.b [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil)

2011-07-01

Through the recent advances of the Brazilian nuclear program, the creation of virtual control desks allows an ergonomic evaluation and technique of the same, even before its physical implementation, reducing costs and time in addition to allow the virtual training of operators. This project intends to develop a 'framework' where the components of a real control desk are available for creating a virtual desk, continuing the project control desk developed at the Laboratorio de Interface Homem Sistema do IEN (LABHIS/IEN). Through the C++ programming language integrated with the OPENGL graphics library was possible to create the desk and it's components, allowing a graphical modeling in 3D (stereo) of a virtual control desk where the operator, with the aid of GLUI user interface library, can choose what and where the components are positioned on the bench, and select the type of desk wanted from the pre-defined templates. Finally, with the control desk mounted and configured, enabling a virtual interaction with operators, making possible to reproduce its functionalities. (author)

Framework for virtual control desk projects

International Nuclear Information System (INIS)

Mol, Antonio Carlos A.; Freitas, Victor Goncalves G.; Espieito Santos, Andre Cotelli do; Aghina, Mauricio A. da C. e

2011-01-01

Through the recent advances of the Brazilian nuclear program, the creation of virtual control desks allows an ergonomic evaluation and technique of the same, even before its physical implementation, reducing costs and time in addition to allow the virtual training of operators. This project intends to develop a 'framework' where the components of a real control desk are available for creating a virtual desk, continuing the project control desk developed at the Laboratorio de Interface Homem Sistema do IEN (LABHIS/IEN). Through the C++ programming language integrated with the OPENGL graphics library was possible to create the desk and it's components, allowing a graphical modeling in 3D (stereo) of a virtual control desk where the operator, with the aid of GLUI user interface library, can choose what and where the components are positioned on the bench, and select the type of desk wanted from the pre-defined templates. Finally, with the control desk mounted and configured, enabling a virtual interaction with operators, making possible to reproduce its functionalities. (author)

Entity Framework 4.0 Recipes A Problem-solution Approach

CERN Document Server

Tenny, L

2010-01-01

Entity Framework 4.0 Recipes provides an exhaustive collection of ready-to-use code solutions for Microsoft's Entity Framework, Microsoft's vision for the future of data access. Entity Framework is a model-centric data access platform with an ocean of new concepts and patterns for developers to learn. With this book, you will learn the core concepts of Entity Framework through a broad range of clear and concise solutions to everyday data access tasks. Armed with this experience, you will be ready to dive deep into Entity Framework, experiment with new approaches, and develop ways to solve even

Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2013-01-01

Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

An Efficient Role and Object Based Access Control Model Implemented in a PDM System

Institute of Scientific and Technical Information of China (English)

HUANG Xiaowen; TAN Jian; HUANG Xiangguo

2006-01-01

An effective and reliable access control is crucial to a PDM system. This article has discussed the commonly used access control models, analyzed their advantages and disadvantages, and proposed a new Role and Object based access control model that suits the particular needs of a PDM system. The new model has been implemented in a commercial PDM system, which has demonstrated enhanced flexibility and convenience.

Personalizing Access to Learning Networks

DEFF Research Database (Denmark)

Dolog, Peter; Simon, Bernd; Nejdl, Wolfgang

2008-01-01

In this article, we describe a Smart Space for Learning™ (SS4L) framework and infrastructure that enables personalized access to distributed heterogeneous knowledge repositories. Helping a learner to choose an appropriate learning resource or activity is a key problem which we address in this fra......In this article, we describe a Smart Space for Learning™ (SS4L) framework and infrastructure that enables personalized access to distributed heterogeneous knowledge repositories. Helping a learner to choose an appropriate learning resource or activity is a key problem which we address...... in this framework, enabling personalized access to federated learning repositories with a vast number of learning offers. Our infrastructure includes personalization strategies both at the query and the query results level. Query rewriting is based on learning and language preferences; rule-based and ranking...

A Fine-Grained Data Access Control System in Wireless Sensor Network

Directory of Open Access Journals (Sweden)

Boniface K. Alese

2015-12-01

Full Text Available The evolving realities of Wireless Sensor Network (WSN deployed to various terrain of life require serving multiple applications. As large amount of sensed data are distributed and stored in individual sensors nodes, the illegal access to these sensitive data can be devastating. Consequently, data insecurity becomes a big concern. This study, therefore, proposes a fine-grained access control system which only requires the right set of users to access a particular data, based on their access privileges in the sensor networks. It is designed using Priccess Protocol with Access policy formulation adopting the principle of Bell Lapadula model as well as Attribute-Based Encryption (ABE to control access to sensor data. The functionality of the proposed system is simulated using Netbeans. The performance analysis of the proposed system using execution time and size of the key show that the higher the key size, the harder it becomes for the attacker to hack the system. Additionally, the time taken for the proposed work is lesser which makes the work faster than the existing work. Consequently, a well secure interactive web-based application that could facilitates the field officers access to stored data in safe and secure manner is developed.

A Distributed Architecture for Sharing Ecological Data Sets with Access and Usage Control Guarantees

DEFF Research Database (Denmark)

Bonnet, Philippe; Gonzalez, Javier; Granados, Joel Andres

2014-01-01

new insights, there are signicant barriers to the realization of this vision. One of the key challenge is to allow scientists to share their data widely while retaining some form of control over who accesses this data (access control) and more importantly how it is used (usage control). Access...... and usage control is necessary to enforce existing open data policies. We have proposed the vision of trusted cells: A decentralized infrastructure, based on secure hardware running on devices equipped with trusted execution environments at the edges of the Internet. We originally described the utilization...... data sets with access and usage control guarantees. We rely on examples from terrestrial research and monitoring in the arctic in the context of the INTERACT project....

Physical Access Control Database -

Data.gov (United States)

Department of Transportation — This data set contains the personnel access card data (photo, name, activation/expiration dates, card number, and access level) as well as data about turnstiles and...

A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints.

Science.gov (United States)

Sundharam, Sakthivel Manikandan; Navet, Nicolas; Altmeyer, Sebastian; Havet, Lionel

2018-02-20

Model-Driven Engineering (MDE) is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS). The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller), he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency). This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language), an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system.

A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints

Science.gov (United States)

Navet, Nicolas; Havet, Lionel

2018-01-01

Model-Driven Engineering (MDE) is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS). The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller), he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency). This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language), an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system. PMID:29461489

A Model-Driven Co-Design Framework for Fusing Control and Scheduling Viewpoints

Directory of Open Access Journals (Sweden)

Sakthivel Manikandan Sundharam

2018-02-01

Full Text Available Model-Driven Engineering (MDE is widely applied in the industry to develop new software functions and integrate them into the existing run-time environment of a Cyber-Physical System (CPS. The design of a software component involves designers from various viewpoints such as control theory, software engineering, safety, etc. In practice, while a designer from one discipline focuses on the core aspects of his field (for instance, a control engineer concentrates on designing a stable controller, he neglects or considers less importantly the other engineering aspects (for instance, real-time software engineering or energy efficiency. This may cause some of the functional and non-functional requirements not to be met satisfactorily. In this work, we present a co-design framework based on timing tolerance contract to address such design gaps between control and real-time software engineering. The framework consists of three steps: controller design, verified by jitter margin analysis along with co-simulation, software design verified by a novel schedulability analysis, and the run-time verification by monitoring the execution of the models on target. This framework builds on CPAL (Cyber-Physical Action Language, an MDE design environment based on model-interpretation, which enforces a timing-realistic behavior in simulation through timing and scheduling annotations. The application of our framework is exemplified in the design of an automotive cruise control system.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Directory of Open Access Journals (Sweden)

Luis Cruz-Piris

2018-03-01

Full Text Available Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT. One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.. To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT. As an access control scheme, we have selected User-Managed Access (UMA, an existing Open Authorization (OAuth 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.

Science.gov (United States)

Cruz-Piris, Luis; Rivera, Diego; Marsa-Maestre, Ivan; de la Hoz, Enrique; Velasco, Juan R

2018-03-20

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Science.gov (United States)

2018-01-01

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. PMID:29558406

Surgical model-view-controller simulation software framework for local and collaborative applications.

Science.gov (United States)

Maciel, Anderson; Sankaranarayanan, Ganesh; Halic, Tansel; Arikatla, Venkata Sreekanth; Lu, Zhonghua; De, Suvranu

2011-07-01

Surgical simulations require haptic interactions and collaboration in a shared virtual environment. A software framework for decoupled surgical simulation based on a multi-controller and multi-viewer model-view-controller (MVC) pattern was developed and tested. A software framework for multimodal virtual environments was designed, supporting both visual interactions and haptic feedback while providing developers with an integration tool for heterogeneous architectures maintaining high performance, simplicity of implementation, and straightforward extension. The framework uses decoupled simulation with updates of over 1,000 Hz for haptics and accommodates networked simulation with delays of over 1,000 ms without performance penalty. The simulation software framework was implemented and was used to support the design of virtual reality-based surgery simulation systems. The framework supports the high level of complexity of such applications and the fast response required for interaction with haptics. The efficacy of the framework was tested by implementation of a minimally invasive surgery simulator. A decoupled simulation approach can be implemented as a framework to handle simultaneous processes of the system at the various frame rates each process requires. The framework was successfully used to develop collaborative virtual environments (VEs) involving geographically distributed users connected through a network, with the results comparable to VEs for local users.

A novel decentralized hierarchical access control scheme for the medical scenario

DEFF Research Database (Denmark)

Eskeland, Sigurd; Prasad, Neeli R.

2006-01-01

to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

A novel decentralized hierarchical access control scheme for the medical scenario

DEFF Research Database (Denmark)

Eskeland, Sigurd; Prasad, Neeli R.

2006-01-01

Electronic patient records contains highly personal and confidential information that it is essential to keep private. Thus, only the medical professionals providing care to a patient should access the patient record of the concerning patient. As personal medical data can be considered...... to be the property of the corresponding patient, it is justified that patients should have the opportunity to exert control over their own data. In this paper, we propose a cryptographic access control scheme allowing patients to grant medical teams authorizations to access their medical data. Moreover......, the hierarchical aspects of teams are taken into account so that the modules of the patient record are to be accessed according to the individual privileges of the medical professionals of the team. Thus, more privileged users obtain larger portions of the data than less privileged users....

Database application research in real-time data access of accelerator control system

International Nuclear Information System (INIS)

Chen Guanghua; Chen Jianfeng; Wan Tianmin

2012-01-01

The control system of Shanghai Synchrotron Radiation Facility (SSRF) is a large-scale distributed real-time control system, It involves many types and large amounts of real-time data access during the operating. Database system has wide application prospects in the large-scale accelerator control system. It is the future development direction of the accelerator control system, to replace the differently dedicated data structures with the mature standardized database system. This article discusses the application feasibility of database system in accelerators based on the database interface technology, real-time data access testing, and system optimization research and to establish the foundation of the wide scale application of database system in the SSRF accelerator control system. Based on the database interface technology, real-time data access testing and system optimization research, this article will introduce the application feasibility of database system in accelerators, and lay the foundation of database system application in the SSRF accelerator control system. (authors)

XML in an Adaptive Framework for Instrument Control

Science.gov (United States)

Ames, Troy J.

2004-01-01

NASA Goddard Space Flight Center is developing an extensible framework for instrument command and control, known as Instrument Remote Control (IRC), that combines the platform independent processing capabilities of Java with the power of the Extensible Markup Language (XML). A key aspect of the architecture is software that is driven by an instrument description, written using the Instrument Markup Language (IML). IML is an XML dialect used to describe interfaces to control and monitor the instrument, command sets and command formats, data streams, communication mechanisms, and data processing algorithms.

Access control system for two person rule at Rokkasho Reprocessing Plant

International Nuclear Information System (INIS)

Yanagisawa, Sawako; Ino, Munekazu; Yamada, Noriyuki; Oota, Hiroto; Iwasaki, Mitsuaki; Kodani, Yoshiki; Iwamoto, Tomonori

2014-01-01

Following the amendment and enforcement of Regulation of Reprocessing Activity on March 29th 2012, two person rule has become compulsory for the specific rooms to counter and prevent the sabotage or theft of nuclear materials by the insiders at reprocessing plant in Japan. The rooms will include those which contains cooling systems for decay heat removal from spent fuels and so on, scavenging systems to prevent the hydrogen accumulation, and those which contains nuclear material. To ensure the two person rule at Rokkasho Reprocessing Plant, JNFL has recently, after comprehensive study, introduced efficient and effective access control system for the rooms mentioned above. The system is composed of bio-attestation devices, surveillance cameras and electronic locks to establish access control system. This report outlines the access control system for two person rule and introduces the operation. (author)

Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2013-01-01

In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

Controlling Thermal Expansion: A Metal?Organic Frameworks Route

OpenAIRE

Balestra, Salvador R. G.; Bueno-Perez, Rocio; Hamad, Said; Dubbeldam, David; Ruiz-Salvador, A. Rabdel; Calero, Sofia

2016-01-01

Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal?organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model m...

Distributed medium access control in wireless networks

CERN Document Server

Wang, Ping

2013-01-01

This brief investigates distributed medium access control (MAC) with QoS provisioning for both single- and multi-hop wireless networks including wireless local area networks (WLANs), wireless ad hoc networks, and wireless mesh networks. For WLANs, an efficient MAC scheme and a call admission control algorithm are presented to provide guaranteed QoS for voice traffic and, at the same time, increase the voice capacity significantly compared with the current WLAN standard. In addition, a novel token-based scheduling scheme is proposed to provide great flexibility and facility to the network servi

Simple measurement-based admission control for DiffServ access networks

Science.gov (United States)

Lakkakorpi, Jani

2002-07-01

In order to provide good Quality of Service (QoS) in a Differentiated Services (DiffServ) network, a dynamic admission control scheme is definitely needed as an alternative to overprovisioning. In this paper, we present a simple measurement-based admission control (MBAC) mechanism for DiffServ-based access networks. Instead of using active measurements only or doing purely static bookkeeping with parameter-based admission control (PBAC), the admission control decisions are based on bandwidth reservations and periodically measured & exponentially averaged link loads. If any link load on the path between two endpoints is over the applicable threshold, access is denied. Link loads are periodically sent to Bandwidth Broker (BB) of the routing domain, which makes the admission control decisions. The information needed in calculating the link loads is retrieved from the router statistics. The proposed admission control mechanism is verified through simulations. Our results prove that it is possible to achieve very high bottleneck link utilization levels and still maintain good QoS.

Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

National Research Council Canada - National Science Library

Nandram, Winsome

2004-01-01

.... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

Strengthening tactical planning and operational frameworks for vector control: the roadmap for malaria elimination in Namibia.

Science.gov (United States)

Chanda, Emmanuel; Ameneshewa, Birkinesh; Angula, Hans A; Iitula, Iitula; Uusiku, Pentrina; Trune, Desta; Islam, Quazi M; Govere, John M

2015-08-05

Namibia has made tremendous gains in malaria control and the epidemiological trend of the disease has changed significantly over the past years. In 2010, the country reoriented from the objective of reducing disease morbidity and mortality to the goal of achieving malaria elimination by 2020. This manuscript outlines the processes undertaken in strengthening tactical planning and operational frameworks for vector control to facilitate expeditious malaria elimination in Namibia. The information sources for this study included all available data and accessible archived documentary records on malaria vector control in Namibia. A methodical assessment of published and unpublished documents was conducted via a literature search of online electronic databases, Google Scholar, PubMed and WHO, using a combination of search terms. To attain the goal of elimination in Namibia, systems are being strengthened to identify and clear all infections, and significantly reduce human-mosquito contact. Particularly, consolidating vector control for reducing transmission at the identified malaria foci will be critical for accelerated malaria elimination. Thus, guarding against potential challenges and the need for evidence-based and sustainable vector control instigated the strengthening of strategic frameworks by: adopting the integrated vector management (IVM) strategy; initiating implementation of the global plan for insecticide resistance management (GPIRM); intensifying malaria vector surveillance; improving data collection and reporting systems on DDT; updating the indoor residual spraying (IRS) data collection and reporting tool; and, improving geographical reconnaissance using geographical information system-based satellite imagery. Universal coverage with IRS and long-lasting insecticidal nets, supplemented by larval source management in the context of IVM and guided by vector surveillance coupled with rational operationalization of the GPIRM, will enable expeditious

Identity Establishment and Capability Based Access Control (IECAC) Scheme for Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

2012-01-01

Internet of Things (IoT) become discretionary part of everyday life and could befall a threat if security is not considered before deployment. Authentication and access control in IoT is equally important to establish secure communication between devices. To protect IoT from man in middle, replay...... and denial of service attacks, the concept of capability for access control is introduced. This paper presents Identity establishment and capability based access control (IECAC) protocol using ECC (Elliptical Curve Cryptography) for IoT along with protocol evaluation, which protect against the aforementioned...

The design and implementation of access control management system in IHEP network

International Nuclear Information System (INIS)

Wang Yanming; An Dehai; Qi Fazhi

2010-01-01

In campus network environment of Institute of High Energy Physics, because of the number of Network devices and computers are large scale, ensuring the access validity of network devices and user's computer, and aiming at effective control the exceptional network communication are technological means to achieve network normal running. The access control system of Campus network of institute of High Energy Physics using MySQL database in the behind, and using CGI PHP HTML language to develop the front interface. The System achieves user information management, user computer access control, cutting down the exceptional network communication and alarm function. Increasing the management effective of network, to ensure campus network safety and reliable running. (authors)

An Optimal Medium Access Control with Partial Observations for Sensor Networks

Directory of Open Access Journals (Sweden)

Servetto Sergio D

2005-01-01

Full Text Available We consider medium access control (MAC in multihop sensor networks, where only partial information about the shared medium is available to the transmitter. We model our setting as a queuing problem in which the service rate of a queue is a function of a partially observed Markov chain representing the available bandwidth, and in which the arrivals are controlled based on the partial observations so as to keep the system in a desirable mildly unstable regime. The optimal controller for this problem satisfies a separation property: we first compute a probability measure on the state space of the chain, namely the information state, then use this measure as the new state on which the control decisions are based. We give a formal description of the system considered and of its dynamics, we formalize and solve an optimal control problem, and we show numerical simulations to illustrate with concrete examples properties of the optimal control law. We show how the ergodic behavior of our queuing model is characterized by an invariant measure over all possible information states, and we construct that measure. Our results can be specifically applied for designing efficient and stable algorithms for medium access control in multiple-accessed systems, in particular for sensor networks.

Lanthanide co-ordination frameworks: Opportunities and diversity

International Nuclear Information System (INIS)

Hill, Robert J.; Long, De-Liang; Hubberstey, Peter; Schroeder, Martin; Champness, Neil R.

2005-01-01

Significant successes have been made over recent years in preparing co-ordination framework polymers that show macroscopic material properties, but in the vast majority of cases this has been achieved with d-block metal-based systems. Lanthanide co-ordination frameworks also offer attractive properties in terms of their potential applications as luminescent, non-linear optical and porous materials. However, lanthanide-based systems have been far less studied to date than their d-block counterparts. One possible reason for this is that the co-ordination spheres of lanthanide cations are more difficult to control and, in the absence of design strategies for lanthanide co-ordination frameworks, it is significantly more difficult to target materials with specific properties. However, this article highlights some of the exciting possibilities that have emerged from the earliest investigations in this field with new topological families of compounds being discovered from relatively simple framework components, including unusual eight, seven and five-connected framework systems. Our own research, as well as others, is leading to a much greater appreciation of the factors that control framework formation and the resultant observed topologies of these polymers. As this understanding develops targeting particular framework types will become more straightforward and the development of designed polyfunctional materials more accessible. Thus, it can be seen that lanthanide co-ordination frameworks have the potential to open up previously unexplored directions for materials chemistry. This article focuses on the underlying concepts for the construction of these enticing and potentially highly important materials

Accessing and disclosing protected resources

DEFF Research Database (Denmark)

Olesen, Henning; Khajuria, Samant

2014-01-01

TODAY, DATA IS MONEY. Whether it is private users’ personal data or confidential data and assets belonging to service providers, all parties have a strong need to protect their resources when interacting with each other, i.e. for access control and authorization. For service providers and enterpr......TODAY, DATA IS MONEY. Whether it is private users’ personal data or confidential data and assets belonging to service providers, all parties have a strong need to protect their resources when interacting with each other, i.e. for access control and authorization. For service providers...... and enterprises resources are usually well safeguarded, while private users are often missing the tools and the know-how to protect their own data and preserve their privacy. The user’s personal data have become an economic asset, not necessarily to the owners of these data, but to the service providers, whose...... business mod- els often includes the use of these data. In this paper we focus on the user – service provider interaction and discuss how recent technological progress, in particular the framework of User Managed Access (UMA), can enable users to understand the value of their protected resources...

Resonant Frequency Control For the PIP-II Injector Test RFQ: Control Framework and Initial Results

Energy Technology Data Exchange (ETDEWEB)

Edelen, A. L. [Colorado State U.; Biedron, S. G.; Milton, S. V.; Bowring, D.; Chase, B. E.; Edelen, J. P.; Nicklaus, D.; Steimel, J.

2016-12-16

For the PIP-II Injector Test (PI-Test) at Fermilab, a four-vane radio frequency quadrupole (RFQ) is designed to accelerate a 30-keV, 1-mA to 10-mA, H- beam to 2.1 MeV under both pulsed and continuous wave (CW) RF operation. The available headroom of the RF amplifiers limits the maximum allowable detuning to 3 kHz, and the detuning is controlled entirely via thermal regulation. Fine control over the detuning, minimal manual intervention, and fast trip recovery is desired. In addition, having active control over both the walls and vanes provides a wider tuning range. For this, we intend to use model predictive control (MPC). To facilitate these objectives, we developed a dedicated control framework that handles higher-level system decisions as well as executes control calculations. It is written in Python in a modular fashion for easy adjustments, readability, and portability. Here we describe the framework and present the first control results for the PI-Test RFQ under pulsed and CW operation.

Design and Implementation of Linux Access Control Model

Institute of Scientific and Technical Information of China (English)

Wei Xiaomeng; Wu Yongbin; Zhuo Jingchuan; Wang Jianyun; Haliqian Mayibula

2017-01-01

In this paper,the design and implementation of an access control model for Linux system are discussed in detail. The design is based on the RBAC model and combines with the inherent characteristics of the Linux system,and the support for the process and role transition is added.The core idea of the model is that the file is divided into different categories,and access authority of every category is distributed to several roles.Then,roles are assigned to users of the system,and the role of the user can be transited from one to another by running the executable file.

Automated personal identification: a new technique for controlling access to nuclear materials and facilities

International Nuclear Information System (INIS)

Eccles, D.R.

1975-01-01

Special nuclear materials must be protected against the threat of diversion or theft, and nuclear facilities against the threat of industrial sabotage. Implicit in this protection is the means of controlling access to protected areas, material access areas, and vital areas. With the advent of automated personal identification technology, the processes of access control can be automated to yield both higher security and reduced costs. This paper first surveys the conventional methods of access control; next, automated personal identification concepts are presented and various systems approaches are highlighted; finally, Calspan's FINGERSCAN /sub TM/ system for identity verification is described

ACCESS: Detector Control and Performance

Science.gov (United States)

Morris, Matthew J.; Kaiser, M.; McCandliss, S. R.; Rauscher, B. J.; Kimble, R. A.; Kruk, J. W.; Wright, E. L.; Bohlin, R.; Kurucz, R. L.; Riess, A. G.; Pelton, R.; Deustua, S. E.; Dixon, W. V.; Sahnow, D. J.; Mott, D. B.; Wen, Y.; Benford, D. J.; Gardner, J. P.; Feldman, P. D.; Moos, H. W.; Lampton, M.; Perlmutter, S.; Woodgate, B. E.

2014-01-01

ACCESS, Absolute Color Calibration Experiment for Standard Stars, is a series of rocket-borne sub-orbital missions and ground-based experiments that will enable improvements in the precision of the astrophysical flux scale through the transfer of absolute laboratory detector standards from the National Institute of Standards and Technology (NIST) to a network of stellar standards with a calibration accuracy of 1% and a spectral resolving power of 500 across the 0.35 to 1.7 micron bandpass (companion poster, Kaiser et al.). The flight detector and detector spare have been selected and integrated with their electronics and flight mount. The controller electronics have been flight qualified. Vibration testing to launch loads and thermal vacuum testing of the detector, mount, and housing have been successfully performed. Further improvements to the flight controller housing have been made. A cryogenic ground test system has been built. Dark current and read noise tests have been performed, yielding results consistent with the initial characterization tests of the detector performed by Goddard Space Flight Center’s Detector Characterization Lab (DCL). Detector control software has been developed and implemented for ground testing. Performance and integration of the detector and controller with the flight software will be presented. NASA APRA sounding rocket grant NNX08AI65G supports this work.

Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

Science.gov (United States)

Kim, Seungjoo

2014-01-01

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information. PMID:25374943

Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

Directory of Open Access Journals (Sweden)

Seungsoo Baek

2014-01-01

Full Text Available There has been an explosive increase in the population of the OSN (online social network in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

TRBAC:基于信任的访问控制模型%TRBAC: Trust Based Access Control Model

Institute of Scientific and Technical Information of China (English)

刘武; 段海新; 张洪; 任萍; 吴建平

2011-01-01

访问控制是根据网络用户的身份或属性,对该用户执行某些操作或访问某些网络资源进行控制的过程.对现有访问控制模型进行分析,并针对其不足对RBAC模型进行了扩展,提出了基于信任的访问控制模型TRBAC(trust based access control model).该模型可以提供更加安全、灵活以及细粒度的动态访问授权机制,从而提高授权机制的安全性与可靠性.%Access control is a process which controls users to execute some operations or access some network resources according to the users' identity or attribution. The discretionary access control and mandatory access control are two main access control modes which are broadly used in secure operating systems. Discretionary access control is based on user identity and/or groups and mandatory access control is usually based on sensitivity labels. Neither of these two modes can completely satisfy the requirements of all access control. Discretionary access control is too loose to restrict the propagation of privileges while mandatory access control is too rigid to use flexibly. This paper analyzes current access control models, and extends the RBAC (role based access control) model aiming at its deficiency, and based on which we propose a trust based access control model (TRBAC). The TRBAC model can provide more security, flexible and fine-grained dynamic access control mechanism, and therefore improve both the security and the reliability of authorization mechanism.

A Framework for Concrete Reputation-Systems with Applications to History-Based Access Control

DEFF Research Database (Denmark)

Krukow, Karl Kristian; Nielsen, Mogens; Sassone, Vladimiro

2005-01-01

-based trust-management systems provide no formal security-guarantees. In this extended abstract, we describe a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents' past histories....... We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive (encoding e.g. Chinese Wall policies) we show how one can extend it with quantification and parameterized events. This allows us...... to encode other policies known from the literature, e.g., `one-out-of-k'. The problem of checking a history with respect to a policy is efficient for the basic language, and tractable for the quantified language when policies do not have too many variables....

Radical covalent organic frameworks: a general strategy to immobilize open-accessible polyradicals for high-performance capacitive energy storage.

Science.gov (United States)

Xu, Fei; Xu, Hong; Chen, Xiong; Wu, Dingcai; Wu, Yang; Liu, Hao; Gu, Cheng; Fu, Ruowen; Jiang, Donglin

2015-06-01

Ordered π-columns and open nanochannels found in covalent organic frameworks (COFs) could render them able to store electric energy. However, the synthetic difficulty in achieving redox-active skeletons has thus far restricted their potential for energy storage. A general strategy is presented for converting a conventional COF into an outstanding platform for energy storage through post-synthetic functionalization with organic radicals. The radical frameworks with openly accessible polyradicals immobilized on the pore walls undergo rapid and reversible redox reactions, leading to capacitive energy storage with high capacitance, high-rate kinetics, and robust cycle stability. The results suggest that channel-wall functional engineering with redox-active species will be a facile and versatile strategy to explore COFs for energy storage. © 2015 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

A Distributed Control Framework for Integrated Photovoltaic-Battery-Based Islanded Microgrids

DEFF Research Database (Denmark)

Golsorkhi, Mohammad; Shafiee, Qobad; Lu, Dylan Dah-Chuan

2017-01-01

This paper proposes a new cooperative control framework for coordination of energy storage units (ESUs), photovoltaic (PV) panels and controllable load units in singlephase low voltage microgrids (MGs). The control objectives are defined and acted upon using a two level structure; primary...

Efficient key management for cryptographically enforced access control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

Applying the CobiT Control Framework to Spreadsheet Developments

OpenAIRE

Butler, Raymond J.

2008-01-01

One of the problems reported by researchers and auditors in the field of spreadsheet risks is that of getting and keeping managements attention to the problem. Since 1996, the Information Systems Audit & Control Foundation and the IT Governance Institute have published CobiT which brings mainstream IT control issues into the corporate governance arena. This paper illustrates how spreadsheet risk and control issues can be mapped onto the CobiT framework and thus brought to managers attention i...

Automated Biometric Voice-Based Access Control in Automatic Teller Machine (ATM)

OpenAIRE

Yekini N.A.; Itegboje A.O.; Oyeyinka I.K.; Akinwole A.K.

2012-01-01

An automatic teller machine requires a user to pass an identity test before any transaction can be granted. The current method available for access control in ATM is based on smartcard. Efforts were made to conduct an interview with structured questions among the ATM users and the result proofed that a lot of problems was associated with ATM smartcard for access control. Among the problems are; it is very difficult to prevent another person from attaining and using a legitimate persons card, ...

Access control issues and solutions for large sites

International Nuclear Information System (INIS)

Warren, F.E.

1992-07-01

The Lawrence Livermore National Laboratory (LLNL) operates an automated access control system consisting of more than 100 portals. We have gained considerable practical experience in the issues involved in operating this large system, and have identified the central issues to include system reliability, the large user population, the need for central control, constant change, high visibility and the budget. This paper outlines these issues and draws from our experience to discuss some fruitful ways of addressing them

Cognitive radio networks medium access control for coexistence of wireless systems

CERN Document Server

Bian, Kaigui; Gao, Bo

2014-01-01

This book gives a comprehensive overview of the medium access control (MAC) principles in cognitive radio networks, with a specific focus on how such MAC principles enable different wireless systems to coexist in the same spectrum band and carry out spectrum sharing.  From algorithm design to the latest developments in the standards and spectrum policy, readers will benefit from leading-edge knowledge of how cognitive radio systems coexist and share spectrum resources.  Coverage includes cognitive radio rendezvous, spectrum sharing, channel allocation, coexistence in TV white space, and coexistence of heterogeneous wireless systems.   • Provides a comprehensive reference on medium access control (MAC)-related problems in the design of cognitive radio systems and networks; • Includes detailed analysis of various coexistence problems related to medium access control in cognitive radio networks; • Reveals novel techniques for addressing the challenges of coexistence protocol design at a higher level ...

The OPL Access Control Policy Language

Science.gov (United States)

Alm, Christopher; Wolf, Ruben; Posegga, Joachim

Existing policy languages suffer from a limited ability of directly and elegantly expressing high-level access control principles such as history-based separation of duty [22], binding of duty [26], context constraints [24], Chinese wall properties [10], and obligations [20]. It is often difficult to extend a language in order to retrofit these features once required or it is necessary to use complicated and complex language constructs to express such concepts. The latter, however, is cumbersome and error-prone for humans dealing with policy administration.

A novel technique to extract events from access control system and locate persons

International Nuclear Information System (INIS)

Vincent, M.; Vaidyanathan, Mythili; Patidar, Suresh Chandra; Prabhakara Rao, G.

2011-01-01

Indira Gandhi Centre for Atomic Research houses many laboratories which handle radioactive materials and classified materials. Protection and accounting of men and material and critical facilities are important aspect of nuclear security. Access Control System (ACS) is used to enhance the protective measures against elevated threat environment. Access control system hardware consists of hand geometry readers, RFID readers, Controllers, Electromagnetic door locks, Turnstiles, fiber cable laying and termination etc. Access Control System controls and monitors the people accessing the secured facilities. Access Control System generates events on: 1. Showing of RFID card, 2. Rotation of turnstile, 3. Download of valid card numbers, 4. Generation of alarms etc. Access control system turnstiles are located in main entrance of a facility, entrance of inside laboratory and door locks are fixed on secured facilities. Events are stored in SQL server database. From the events stored in database a novel technique is developed to extract events and list the persons in a particular facility, list all entry/exit events on one day, list the first in and last out entries. This paper discusses the complex multi level group by queries and software developed to extract events from database, locate persons and generate reports. Software is developed as a web application in ASP.Net and query is written in SQL. User can select the doors, type of events and generate reports. Reports are generated using the master data stored about employees RFID cards and events data stored in tables. Four types of reports are generated 1. Plant Emergency Report, 2. Locate User Report, 3. Entry - Exit Report, 4. First in Last out Report. To generate plant emergency report for whole plant only events generated in outer gates have to be considered. To generate plant emergency report for inside laboratory, events generated in entrance gates have to be ignored. (author)

A novel and efficient user access control scheme for wireless body area sensor networks

Directory of Open Access Journals (Sweden)

Santanu Chatterjee

2014-07-01

Full Text Available Wireless body area networks (WBANs can be applied to provide healthcare and patient monitoring. However, patient privacy can be vulnerable in a WBAN unless security is considered. Access to authorized users for the correct information and resources for different services can be provided with the help of efficient user access control mechanisms. This paper proposes a new user access control scheme for a WBAN. The proposed scheme makes use of a group-based user access ID, an access privilege mask, and a password. An elliptic curve cryptography-based public key cryptosystem is used to ensure that a particular legitimate user can only access the information for which he/she is authorized. We show that our scheme performs better than previously existing user access control schemes. Through a security analysis, we show that our scheme is secure against possible known attacks. Furthermore, through a formal security verification using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool, we show that our scheme is also secure against passive and active attacks.

TP-model transformation-based-control design frameworks

CERN Document Server

Baranyi, Péter

2016-01-01

This book covers new aspects and frameworks of control, design, and optimization based on the TP model transformation and its various extensions. The author outlines the three main steps of polytopic and LMI based control design: 1) development of the qLPV state-space model, 2) generation of the polytopic model; and 3) application of LMI to derive controller and observer. He goes on to describe why literature has extensively studied LMI design, but has not focused much on the second step, in part because the generation and manipulation of the polytopic form was not tractable in many cases. The author then shows how the TP model transformation facilitates this second step and hence reveals new directions, leading to powerful design procedures and the formulation of new questions. The chapters of this book, and the complex dynamical control tasks which they cover, are organized so as to present and analyze the beneficial aspect of the family of approaches (control, design, and optimization). Additionally, the b...

RESEARCH Improving access and quality of care in a TB control ...

African Journals Online (AJOL)

or treatment. Improving access and quality of care in a. TB control programme. Vera Scott, Virginia Azevedo, Judy Caldwell. Objectives. To use a quality improvement approach to improve access to and quality of tuberculosis (TB) diagnosis and care in. Cape Town. Methods. Five HIV/AIDS/sexually transmitted infections/TB.

Holistic approaches to e-learning accessibility

Directory of Open Access Journals (Sweden)

Lawrie Phipps

2006-12-01

Full Text Available The importance of accessibility to digital e-learning resources is widely acknowledged. The World Wide Web Consortium Web Accessibility Initiative has played a leading role in promoting the importance of accessibility and developing guidelines that can help when developing accessible web resources. The accessibility of e-learning resources provides additional challenges. While it is important to consider the technical and resource related aspects of e-learning when designing and developing resources for students with disabilities, there is a need to consider pedagogic and contextual issues as well. A holistic framework is therefore proposed and described, which in addition to accessibility issues takes into account learner needs, learning outcomes, local factors, infrastructure, usability and quality assurance. The practical application and implementation of this framework is discussed and illustrated through the use of examples and case studies.

Audit-based compliance control

NARCIS (Netherlands)

Cederquist, J.G.; Dimitrakos, T.; Corin, R.J.; Martinelli, F.; Ryan, P.Y.A.; Dekker, M.A.C.; Etalle, Sandro; Schneider, S.; den Hartog, Jeremy; Lenzini, Gabriele

2007-01-01

In this paper we introduce a new framework for controlling compliance to discretionary access control policies [Cederquist et al. in Proceedings of the International Workshop on Policies for Distributed Systems and Networks (POLICY), 2005; Corin et al. in Proceedings of the IFIP Workshop on Formal

CAFE, a modern C++ interface to the EPICS channel access library

International Nuclear Information System (INIS)

Chrin, J.; Sloan, M.C.

2012-01-01

CAFE (Channel Access interface) is a C++ library that provides a modern, multifaceted interface to the EPICS-based control system that we may find in particle accelerators for instance. CAFE makes extensive use of templates and containers with multiple STL-compatible access methods to enhance efficiency, flexibility and performance. Stability and robustness are accomplished by ensuring that connectivity to EPICS channels remains in a well defined state in every eventuality, and results of all synchronous and asynchronous operations are captured and reported with integrity. CAFE presents the user with a number of options for writing and retrieving data to and from the control system. In addition to basic read and write operations, a further abstraction layer provides transparency to more intricate functionalities involving logical sets of data; such 'group' objects are easily instantiated through an XML-based configuration mechanism. CAFE's suitability for use in a broad spectrum of applications is demonstrated. These range from high performance Qt GUI (Graphical User Interface) control widgets, to event processing agents that propagate data through the Object Managements Group's Data Distribution Service (OMG-DDS), to script-like frameworks such as MATLAB. The methodology for the modular use of CAFE serves to improve maintainability by enforcing a logical boundary between the channel access components and the programming extensions of the application framework at hand. (authors)

Policy framework for utilisation. A pillar of better accessibility

International Nuclear Information System (INIS)

2008-01-01

The goals and frameworks for traffic and transport policy for the Netherlands to 2020 are described in the Mobility Document. Whereas government policy previously viewed mobility as a problem or as something permissible, the assumption is now that mobility is a must. Mobility, for people as well as goods, is a prerequisite for society and the economy to function well. The Mobility Document contains ambitious goals to deal with current and anticipated traffic and transport problems: door to door, faster, cleaner and safer. Three interrelated pillars are to help achieve these goals: Building, Pricing and Utilisation. Work is being done on the Building and Pricing pillars; Utilisation is elaborated further in this policy framework. The Policy Framework for Utilisation is an elaboration of the Mobility Document for the 2008-2020 period and aims for faster, cleaner, safer travel from door to door. The purpose of this policy framework is to describe the direction of development of utilisation, in terms of content as well as process, to indicate actions that are required and to provide perspective on the expected effects. The policy framework is in line with current developments or plans, caters to new opportunities (technological and otherwise), encourages the innovative potential of the market and provides room for joint ventures between the government and the market. It will result in actions for the short term and provide direction for activities and developments for the longer term

Optimizing data access for wind farm control over hierarchical communication networks

DEFF Research Database (Denmark)

Madsen, Jacob Theilgaard; Findrik, Mislav; Madsen, Tatiana Kozlova

2016-01-01

delays and also by the choice of the time instances at which sensor information is accessed. In order to optimize the latter, we introduce an information quality metric and a mathematical model based on Markov chains, which are compared performance-wise to a heuristic approach for finding this parameter......In this paper we investigate a centralized wind farm controller which runs periodically. The controller attempts to reduce the damage a wind turbine sustains during operation by estimating fatigue based on the wind turbine state. The investigation focuses on the impact of information access...

A mobile console for local access to accelerator control systems.

CERN Multimedia

1981-01-01

Microprocessors were installed as auxiliary crate controllers (ACCs) in the CAMAC interface of control systems for various accelerators. The same ACC was also at the hearth of a stand-alone system in the form of a mobile console. This was also used for local access to the control systems for tests and development work (Annual Report 1981, p. 80, Fig. 10).

Integrity Based Access Control Model for Multilevel XML Document

Institute of Scientific and Technical Information of China (English)

HONG Fan; FENG Xue-bin; HUANO Zhi; ZHENG Ming-hui

2008-01-01

XML's increasing popularity highlights the security demand for XML documents. A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document. Then, the algorithms for decomposition/recovery multilevel XML document into/from single level document are given, and the manipulation rules for typical operations of XQuery and XUpdate: QUERY, INSERT,UPDATE, and REMOVE, are elaborated. The multilevel XML document access model can meet the requirement of sensitive information processing application.

DARC: Next generation decentralized control framework for robot applications

DEFF Research Database (Denmark)

Kjærgaard, Morten; Andersen, Nils Axel; Ravn, Ole

2013-01-01

This paper presents DARC, a next generation control framework for robot applications. It is designed to be equally powerful in prototyping research projects and for building serious commercial robots running on low powered embedded hardware, thus closing the gab between research and industry....... It incorporates several new techniques such as a decentralized peer-to-peer architecture, transparent network distribution of the control system, and automatic run-time supervision to guarantee robustness....

Health Information System Role-Based Access Control Current Security Trends and Challenges.

Science.gov (United States)

de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

2018-01-01

This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

Access Control with RFID in the Internet of Things

DEFF Research Database (Denmark)

Jensen, Steffen Elstrøm Holst; Jacobsen, Rune Hylsberg

2013-01-01

, to the Internet is suggested. The solution uses virtual representations of objects by using low-cost, passive RFID tags to give objects identities on the Internet. A prototype that maps an RFID identity into an IPv6 address is constructed. It is illustrated how this approach can be used in access control systems......Future Internet research is needed to bring the Internet and the Things closer to each other to form the Internet of Things. As objects in our daily life gradually become smarter, there is an increasing benefit of networking these objects. In this article, a method to couple objects, the Things...... based on open network protocols and packet filtering. The solution includes a novel RFID reader architecture that supports the internetworking of components of a future access control system based on network layer technology....

Improving the Authentication Scheme and Access Control Protocol for VANETs

Directory of Open Access Journals (Sweden)

Wei-Chen Wu

2014-11-01

Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

A SOA broker solution for standard discovery and access services: the GI-cat framework

Science.gov (United States)

Boldrini, Enrico

2010-05-01

GI-cat ideal users are data providers or service providers within the geoscience community. The former have their data already available through an access service (e.g. an OGC Web Service) and would have it published through a standard catalog service, in a seamless way. The latter would develop a catalog broker and let users query and access different geospatial resources through one or more standard interfaces and Application Profiles (AP) (e.g. OGC CSW ISO AP, CSW ebRIM/EO AP, etc.). GI-cat actually implements a broker components (i.e. a middleware service) which carries out distribution and mediation functionalities among "well-adopted" catalog interfaces and data access protocols. GI-cat also publishes different discovery interfaces: the OGC CSW ISO and ebRIM Application Profiles (the latter coming with support for the EO and CIM extension packages) and two different OpenSearch interfaces developed in order to explore Web 2.0 possibilities. An extended interface is also available to exploit all available GI-cat features, such as interruptible incremental queries and queries feedback. Interoperability tests performed in the context of different projects have also pointed out the importance to enforce compatibility with existing and wide-spread tools of the open source community (e.g. GeoNetwork and Deegree catalogs), which was then achieved. Based on a service-oriented framework of modular components, GI-cat can effectively be customized and tailored to support different deployment scenarios. In addition to the distribution functionality an harvesting approach has been lately experimented, allowing the user to switch between a distributed and a local search giving thus more possibilities to support different deployment scenarios. A configurator tool is available in order to enable an effective high level configuration of the broker service. A specific geobrowser was also naturally developed, for demonstrating the advanced GI-cat functionalities. This client

RFID-Based Monitoring And Access Control System For Parliamentary Campus

Directory of Open Access Journals (Sweden)

Sai Thu Rein Htun

2015-08-01

Full Text Available This paper is to implement monitoring and access control system based on RFID and Zigbee technology which can be used at Parliamentary Campus. Nowadays RFID technology is widely used for access control system because it is cheap waterproof and easy to use as well as it contains unique EPC electronic protect code .In addition Zigbee wireless module is cost-effective and can be reliable for security. Sothis system consists of RFID tag RFID reader Arduino Uno and Zigbee. This system can also be used for industrial amp commercial and security HVAC closures. This paper describes the results of point-to-point connection and point-to-multipoint connection using Zigbee and RFID technology.

ASDEX Upgrade Discharge Control System—A real-time plasma control framework

International Nuclear Information System (INIS)

Treutterer, W.; Cole, R.; Lüddecke, K.; Neu, G.; Rapson, C.; Raupp, G.; Zasche, D.; Zehetbauer, T.

2014-01-01

Highlights: • The ASDEX Upgrade Discharge Control System (DCS) is a comprehensive control system to conduct fusion experiments. • DCS supports real-time diagnostic integration, adaptable feedback schemes, actuator management and exception handling. • DCS offers workflow management, logging and archiving, self-monitoring and inter-process communication. • DCS is based on a distributed, modular software framework architecture designed for real-time operation. • DCS is composed of re-usable generic but highly customisable components. - Abstract: ASDEX Upgrade is a fusion experiment with a size and complexity to allow extrapolation of technical and physical conditions and requirements to devices like ITER and even beyond. In addressing advanced physics topics it makes extensive use of sophisticated real-time control methods. It comprises real-time diagnostic integration, dynamically adaptable multivariable feedback schemes, actuator management including load distribution schemes and a powerful monitoring and pulse supervision concept based on segment scheduling and exception handling. The Discharge Control System (DCS) supplies all this functionality on base of a modular software framework architecture designed for real-time operation. It provides system-wide services like workflow management, logging and archiving, self-monitoring and inter-process communication on Linux, VxWorks and Solaris operating systems. By default DCS supports distributed computing, and a communication layer allows multi-directional signal transfer and data-driven process synchronisation over shared memory as well as over a number of real-time networks. The entire system is built following the same common design concept combining a rich set of re-usable generic but highly customisable components with a configuration-driven component deployment method. We will give an overview on the architectural concepts as well as on the outstanding capabilities of DCS in the domains of inter

ASDEX Upgrade Discharge Control System—A real-time plasma control framework

Energy Technology Data Exchange (ETDEWEB)

Treutterer, W., E-mail: Wolfgang.Treutterer@ipp.mpg.de [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany); Cole, R.; Lüddecke, K. [Unlimited Computer Systems GmbH, Iffeldorf (Germany); Neu, G.; Rapson, C.; Raupp, G.; Zasche, D.; Zehetbauer, T. [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany)

2014-03-15

Highlights: • The ASDEX Upgrade Discharge Control System (DCS) is a comprehensive control system to conduct fusion experiments. • DCS supports real-time diagnostic integration, adaptable feedback schemes, actuator management and exception handling. • DCS offers workflow management, logging and archiving, self-monitoring and inter-process communication. • DCS is based on a distributed, modular software framework architecture designed for real-time operation. • DCS is composed of re-usable generic but highly customisable components. - Abstract: ASDEX Upgrade is a fusion experiment with a size and complexity to allow extrapolation of technical and physical conditions and requirements to devices like ITER and even beyond. In addressing advanced physics topics it makes extensive use of sophisticated real-time control methods. It comprises real-time diagnostic integration, dynamically adaptable multivariable feedback schemes, actuator management including load distribution schemes and a powerful monitoring and pulse supervision concept based on segment scheduling and exception handling. The Discharge Control System (DCS) supplies all this functionality on base of a modular software framework architecture designed for real-time operation. It provides system-wide services like workflow management, logging and archiving, self-monitoring and inter-process communication on Linux, VxWorks and Solaris operating systems. By default DCS supports distributed computing, and a communication layer allows multi-directional signal transfer and data-driven process synchronisation over shared memory as well as over a number of real-time networks. The entire system is built following the same common design concept combining a rich set of re-usable generic but highly customisable components with a configuration-driven component deployment method. We will give an overview on the architectural concepts as well as on the outstanding capabilities of DCS in the domains of inter

A framework for selecting suitable control technologies for nuclear power plant systems

International Nuclear Information System (INIS)

Kisner, R.A.

1992-01-01

New concepts continue to emerge for controlling systems, subsystems, and components and for monitoring parameters, characteristics, and vital signs in nuclear power plants. The steady stream of new control theories and the evolving state of control software exacerbates the difficulty of selecting the most appropriate control technology for nuclear power plant systems. As plant control room operators increase their reliance on computerized systems, the integration of monitoring, diagnostic, and control functions into a uniform and understandable environment becomes imperative. A systematic framework for comparing and evaluating the overall usefulness of control techniques is needed. This paper describes nine factors that may be used to evaluate alternative control concepts. These factors relate to a control system's potential effectiveness within the context of the overall environment, including both human and machine components. Although not an in-depth study, this paper serves to outline an evaluation framework based on several measures of utility. 32 refs

Cognitive Self-Scheduled Mechanism for Access Control in Noisy Vehicular Ad Hoc Networks

Directory of Open Access Journals (Sweden)

Mario Manzano

2015-01-01

Full Text Available Within the challenging environment of intelligent transportation systems (ITS, networked control systems such as platooning guidance of autonomous vehicles require innovative mechanisms to provide real-time communications. Although several proposals are currently under discussion, the design of a rapid, efficient, flexible, and reliable medium access control mechanism which meets the specific constraints of such real-time communications applications remains unsolved in this highly dynamic environment. However, cognitive radio (CR combines the capacity to sense the radio spectrum with the flexibility to adapt to transmission parameters in order to maximize system performance and has thus become an effective approach for the design of dynamic spectrum access (DSA mechanisms. This paper presents the enhanced noncooperative cognitive division multiple access (ENCCMA proposal combining time division multiple access (TDMA and frequency division multiple access (FDMA schemes with CR techniques to obtain a mechanism fulfilling the requirements of real-time communications. The analysis presented here considers the IEEE WAVE and 802.11p as reference standards; however, the proposed medium access control (MAC mechanism can be adapted to operate on the physical layer of different standards. The mechanism also offers the advantage of avoiding signaling, thus enhancing system autonomy as well as behavior in adverse scenarios.

Challenges with access to healthcare from the perspective of patients living with HIV: a scoping review & framework synthesis.

Science.gov (United States)

Asghari, Shabnam; Hurd, Jillian; Marshall, Zack; Maybank, Allison; Hesselbarth, Lydia; Hurley, Oliver; Farrell, Alison; Kendall, Claire E; Rourke, Sean B; Becker, Marissa; Johnston, Sharon; Lundrigan, Phil; Rosenes, Ron; Bibeau, Christine; Liddy, Clare

2018-08-01

Accessing healthcare can be difficult but the barriers multiply for people living with HIV (PLHIV). To improve access and the health of PLHIV, we must consider their perspectives and use them to inform standard practice. A better understanding of the current literature related to healthcare access from the perspective of PLHIV, can help to identify evidence gaps and highlight research priorities and opportunities. To identify relevant peer-reviewed publications, search strategies were employed. Electronic and grey literature databases were explored. Articles were screened based on their title and abstract and those that met the screening criteria, were reviewed in full. Data analysis was conducted using a collaborative approach that included knowledge user consultation. Initial concepts were extracted, summarized and through framework synthesis, developed into emerging and final themes. From 20,678 articles, 326 articles met the initial screening criteria and 64 were reviewed in full. The final themes identified, in order of most to least frequent were: Acceptability, Availability, Accessibility, Affordability, Other Barriers, Communication, Satisfaction, Accommodation, Preferences and Equity in Access. The most frequently discussed concepts related to negative interactions with staff, followed by long wait times, limited household resources or inability to pay fees, and fear of one's serostatus being disclosed. Knowledge users were in agreement with the categorization of initial concepts and final themes; however, some gaps in the literature were identified. Specific changes are critical to improving access to healthcare for PLHIV. These include improving availability by ensuring staff and healthcare professionals have proper training, cultivating acceptability and reducing stigma through improving HIV awareness, increasing accessibility through increased HIV information for PLHIV and improved dissemination of this information to increase patient knowledge and

Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

OpenAIRE

Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

2007-01-01

This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an active mobile device to enforce centralized ACL-based access control policies. Selective RFID Jamming also solves a Differential Signal Analysis attack to which the RFID Blocker Tag is susceptible.

Information access for event-driven smart grid controllers

DEFF Research Database (Denmark)

Kristensen, Thomas Le Fevre; Olsen, Rasmus Løvenstein; Rasmussen, Jakob Gulddahl

2018-01-01

grids, which targets a reduction of over- and under voltage level situations by adjusting reactive power production of selected low voltage grid assets. The paper models different information access schemes between remote assets and controller, which is activated only when certain voltage thresholds...... stochastic models. We investigate in this paper the suitability for using these two metrics for optimization in a voltage grid control scenario. We conclude that, while the mismatch probability is very useful compared to the simpler information age metric from a network designers and operators point of view...

Usage Control Enhanced Access Control Based on XACML%使用控制支持的基于XACML的访问控制

Institute of Scientific and Technical Information of China (English)

陶宇炜; 符彦惟

2011-01-01

针对网格环境下资源访问控制的特点,提出了一个基于使用控制模型UCON,结合XACML和SAML的访问控制模型.用可扩展访问标记语占XACML描述访问控制的授权策略,结合SAML声明和请求/响应机制,根据用户、资源、环境的属性进行访问控制决策,可动态地评估访问请求,提供细粒度的访问控制和良好的互操作性.%Combining the feature of resource access control in the grid environment, this paper presents an access control model based on UCON, combined with XACML and SAML. The paper describes authorization policy about access control by XACML, combines SAML statement and request/response mechanism, executes access control decision based on user, resource and environment attributes, evaluates access request dynamically, and provides fine-grained access control and good interoperability.

A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

Institute of Scientific and Technical Information of China (English)

ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

2006-01-01

PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

Accessing ANSA Objects from OSI Network Management

OpenAIRE

Berrah, Karrim; Gay, David; Genilloud, Guy

1994-01-01

OSI network management provides a general framework for the management of OSI systems, and by extension of any distributed system. However, it is not yet possible to tell to what extent the tools developed for network management will be applicable to distributed systems management. This paper assumes that network managers will want to have some control of the distributed infrastructure and applications. It examines how access to some of the ANSA management interfaces can be given to OSI netwo...

C-DAM: CONTENTION BASED DISTRIBUTED RESERVATION PROTOCOL ALLOCATION ALGORITHM FOR WIMEDIA MEDIUM ACCESS CONTROL

Directory of Open Access Journals (Sweden)

UMADEVI K. S.

2017-07-01

Full Text Available WiMedia Medium Access Control (MAC provides high rate data transfer for wireless networking thereby enables construction of high speed home networks. It facilitates data communication between the nodes through two modes namely: i Distributed Reservation Protocol (DRP for isochronous traffic and ii Prioritized Contention Access (PCA for asynchronous traffic. PCA mode enables medium access using CSMA/CA similar to IEEE 802.11e. In the presence of DRP, the throughput of PCA saturates when there is an increase in the number of devices accessing PCA channel. Researchers suggest that the better utilization of medium resolves many issues in an effective way. To demonstrate the effective utilization of the medium, Contention Based Distributed Reservation Protocol Allocation Algorithm for WiMedia Medium Access Control is proposed for reserving Medium Access Slots under DRP in the presence of PCA. The proposed algorithm provides a better medium access, reduces energy consumption and enhances the throughput when compared to the existing methodologies.

On the Impact of information access delays on remote control of a wind turbine

DEFF Research Database (Denmark)

Madsen, Jacob Theilgaard; Barradas Berglind, Jose de Jesus; Madsen, Tatiana Kozlova

2015-01-01

farm controller. The controller attempts to reduce fatigue on the wind turbine, which is used as a measure of the controller performance. Via simulation analysis, we show the degradation of the controller performance when subject to network delays. We analyse different access strategies useable...... by the controller to gather sensor information and and quantitatively characterize the impact of these access strategies on the controller performance......It is important to reduce the impact of renewable production in the power grid by means of control, due to increased frequency deviations and imbalances caused by these assets. Cost efficient deployment of asset control frequently results in a distributed control architecture where the controller...

Benefits of Location-Based Access Control:A Literature Study

NARCIS (Netherlands)

van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

2010-01-01

Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been

A real-time control framework for urban water reservoirs operation

Science.gov (United States)

Galelli, S.; Goedbloed, A.; Schwanenberg, D.

2012-04-01

Drinking water demand in urban areas is growing parallel to the worldwide urban population, and it is acquiring an increasing part of the total water consumption. Since the delivery of sufficient water volumes in urban areas represents a difficult logistic and economical problem, different metropolitan areas are evaluating the opportunity of constructing relatively small reservoirs within urban areas. Singapore, for example, is developing the so-called 'Four National Taps Strategies', which detects the maximization of water yields from local, urban catchments as one of the most important water sources. However, the peculiar location of these reservoirs can provide a certain advantage from the logistical point of view, but it can pose serious difficulties in their daily management. Urban catchments are indeed characterized by large impervious areas: this results in a change of the hydrological cycle, with decreased infiltration and groundwater recharge, and increased patterns of surface and river discharges, with higher peak flows, volumes and concentration time. Moreover, the high concentrations of nutrients and sediments characterizing urban discharges can cause further water quality problems. In this critical hydrological context, the effective operation of urban water reservoirs must rely on real-time control techniques, which can exploit hydro-meteorological information available in real-time from hydrological and nowcasting models. This work proposes a novel framework for the real-time control of combined water quality and quantity objectives in urban reservoirs. The core of this framework is a non-linear Model Predictive Control (MPC) scheme, which employs the current state of the system, the future discharges furnished by a predictive model and a further model describing the internal dynamics of the controlled sub-system to determine an optimal control sequence over a finite prediction horizon. The main advantage of this scheme stands in its reduced

A Logic for Reasoning About Time-Dependent Access Control Policies

National Research Council Canada - National Science Library

DeYoung, Henry

2008-01-01

.... Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust...

Access point analysis in smoking and nonsmoking adolescents: Findings from the European Smoking Prevention Framework Approach study

NARCIS (Netherlands)

Vries, H. de; Riet, J.P. van 't; Panday, S.; Reubsaet, A.

2007-01-01

This study analyzed possibilities to access European adolescents for tobacco control activities in out-of-school settings as part of comprehensive tobacco control programs. Data on leisure time behaviors of secondary school students were gathered during three waves from six European Union countries

A Key Management Method for Cryptographically Enforced Access Control

NARCIS (Netherlands)

Zych, Anna; Petkovic, Milan; Jonker, Willem; Fernández-Medina, Eduardo; Yagüe, Mariemma I.

Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is

Planning Framework for Mesolevel Optimization of Urban Runoff Control Schemes

Energy Technology Data Exchange (ETDEWEB)

Zhou, Qianqian; Blohm, Andrew; Liu, Bo

2017-04-01

A planning framework is developed to optimize runoff control schemes at scales relevant for regional planning at an early stage. The framework employs less sophisticated modeling approaches to allow a practical application in developing regions with limited data sources and computing capability. The methodology contains three interrelated modules: (1)the geographic information system (GIS)-based hydrological module, which aims at assessing local hydrological constraints and potential for runoff control according to regional land-use descriptions; (2)the grading module, which is built upon the method of fuzzy comprehensive evaluation. It is used to establish a priority ranking system to assist the allocation of runoff control targets at the subdivision level; and (3)the genetic algorithm-based optimization module, which is included to derive Pareto-based optimal solutions for mesolevel allocation with multiple competing objectives. The optimization approach describes the trade-off between different allocation plans and simultaneously ensures that all allocation schemes satisfy the minimum requirement on runoff control. Our results highlight the importance of considering the mesolevel allocation strategy in addition to measures at macrolevels and microlevels in urban runoff management. (C) 2016 American Society of Civil Engineers.

Flexible CP-ABE Based Access Control on Encrypted Data for Mobile Users in Hybrid Cloud System

Institute of Scientific and Technical Information of China (English)

Wen-Min Li; Xue-Lei Li; Qiao-Yan Wen; Shuo Zhang; Hua Zhang

2017-01-01

In hybrid cloud computing, encrypted data access control can provide a fine-grained access method for orga-nizations to enact policies closer to organizational policies. This paper presents an improved CP-ABE (ciphertext-policy attribute-based encryption) scheme to construct an encrypted data access control solution that is suitable for mobile users in hybrid cloud system. In our improvement, we split the original decryption keys into a control key, a secret key and a set of transformation keys. The private cloud managed by the organization administrator takes charge of updating the transformation keys using the control key. It helps to handle the situation of flexible access management and attribute alteration. Meanwhile, the mobile user's single secret key remains unchanged as well as the ciphertext even if the data user's attribute has been revoked. In addition, we modify the access control list through adding the attributes with corresponding control key and transformation keys so as to manage user privileges depending upon the system version. Finally, the analysis shows that our scheme is secure, flexible and efficient to be applied in mobile hybrid cloud computing.

A Novel Medium Access Control for Ad hoc Networks Based on OFDM System

Institute of Scientific and Technical Information of China (English)

YU Yi-fan; YIN Chang-chuan; YUE Guang-xin

2005-01-01

Recently, hosts of Medium Access Control (MAC) protocols for Ad hoc radio networks have been proposed to solve the hidden terminal problem and exposed terminal problem. However most of them take into no account the interactions between physical (PHY) system and MAC protocol. Therefore, the current MAC protocols are either inefficient in the networks with mobile nodes and fading channel or difficult in hardware implementation. In this paper, we present a novel media access control for Ad hoc networks that integrates a media access control protocol termed as Dual Busy Tone Multiple Access (DBTMA) into Orthogonal Frequency Division Multiplexing (OFDM) system proposed in IEEE 802.11a standard. The analysis presented in the paper indicates that the proposed MAC scheme achieves performance improvement over IEEE 802.11 protocol about 25%～80% especially in the environment with high mobility and deep fading. The complexity of the proposed scheme is also lower than other implementation of similar busy tone solution. Furthermore, it is compatible with IEEE 802.11a networks.

Time dependent accessibility

OpenAIRE

Kaza, Nikhil

2015-01-01

Many place based accessibility studies ignore the time component. Relying on theoretical frameworks that treat distance between two fixed points as constant, these methods ignore the diurnal and seasonal changes in accessibility. Network distances between two nodes are dependent on the network structure and weight distribution on the edges. These weights can change quite frequently and the network structure itself is subject to modification because of availability and unavailability of links ...

An intelligent trust-based access control model for affective ...

African Journals Online (AJOL)

In this study, a fuzzy expert system Trust-Based Access Control (TBAC) model for improving the Quality of crowdsourcing using emotional affective computing is presented. This model takes into consideration a pre-processing module consisting of three inputs such as crowd-workers category, trust metric and emotional ...

An autonomous control framework for advanced reactors

Directory of Open Access Journals (Sweden)

Richard T. Wood

2017-08-01

Full Text Available Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors.

An autonomous control framework for advanced reactors

International Nuclear Information System (INIS)

Wood, Richard T.; Upadhyaya, Belle R.; Floyd, Dan C.

2017-01-01

Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors

An autonomous control framework for advanced reactors

Energy Technology Data Exchange (ETDEWEB)

Wood, Richard T.; Upadhyaya, Belle R.; Floyd, Dan C. [Dept. of Nuclear Engineering, University of Tennessee, Knoxville (United States)

2017-08-15

Several Generation IV nuclear reactor concepts have goals for optimizing investment recovery through phased introduction of multiple units on a common site with shared facilities and/or reconfigurable energy conversion systems. Additionally, small modular reactors are suitable for remote deployment to support highly localized microgrids in isolated, underdeveloped regions. The long-term economic viability of these advanced reactor plants depends on significant reductions in plant operations and maintenance costs. To accomplish these goals, intelligent control and diagnostic capabilities are needed to provide nearly autonomous operations with anticipatory maintenance. A nearly autonomous control system should enable automatic operation of a nuclear power plant while adapting to equipment faults and other upsets. It needs to have many intelligent capabilities, such as diagnosis, simulation, analysis, planning, reconfigurability, self-validation, and decision. These capabilities have been the subject of research for many years, but an autonomous control system for nuclear power generation remains as-yet an unrealized goal. This article describes a functional framework for intelligent, autonomous control that can facilitate the integration of control, diagnostic, and decision-making capabilities to satisfy the operational and performance goals of power plants based on multimodular advanced reactors.

Internet-based hardware/software co-design framework for embedded 3D graphics applications

Directory of Open Access Journals (Sweden)

Wong Weng-Fai

2011-01-01

Full Text Available Abstract Advances in technology are making it possible to run three-dimensional (3D graphics applications on embedded and handheld devices. In this article, we propose a hardware/software co-design environment for 3D graphics application development that includes the 3D graphics software, OpenGL ES application programming interface (API, device driver, and 3D graphics hardware simulators. We developed a 3D graphics system-on-a-chip (SoC accelerator using transaction-level modeling (TLM. This gives software designers early access to the hardware even before it is ready. On the other hand, hardware designers also stand to gain from the more complex test benches made available in the software for verification. A unique aspect of our framework is that it allows hardware and software designers from geographically dispersed areas to cooperate and work on the same framework. Designs can be entered and executed from anywhere in the world without full access to the entire framework, which may include proprietary components. This results in controlled and secure transparency and reproducibility, granting leveled access to users of various roles.

Integrating CERN e-groups into TWiki access control.

CERN Document Server

Jones, PL; Hoymr, N; CERN. Geneva. IT Department

2010-01-01

Wikis allow for easy collaborative editing of documents on the web for users located in different buildings, cities or even countries. TWiki culture lends to open free form editing and most pages are world readable and editable by CERN authenticated users, however access control is possible and is used to protect sensitive documents. This note discusses the integration of E-groups for authorisation purposes at CERN.

Secure access control and large scale robust representation for online multimedia event detection.

Science.gov (United States)

Liu, Changyu; Lu, Bin; Li, Huiling

2014-01-01

We developed an online multimedia event detection (MED) system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC) model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK) event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Secure Access Control and Large Scale Robust Representation for Online Multimedia Event Detection

Directory of Open Access Journals (Sweden)

Changyu Liu

2014-01-01

Full Text Available We developed an online multimedia event detection (MED system. However, there are a secure access control issue and a large scale robust representation issue when we want to integrate traditional event detection algorithms into the online environment. For the first issue, we proposed a tree proxy-based and service-oriented access control (TPSAC model based on the traditional role based access control model. Verification experiments were conducted on the CloudSim simulation platform, and the results showed that the TPSAC model is suitable for the access control of dynamic online environments. For the second issue, inspired by the object-bank scene descriptor, we proposed a 1000-object-bank (1000OBK event descriptor. Feature vectors of the 1000OBK were extracted from response pyramids of 1000 generic object detectors which were trained on standard annotated image datasets, such as the ImageNet dataset. A spatial bag of words tiling approach was then adopted to encode these feature vectors for bridging the gap between the objects and events. Furthermore, we performed experiments in the context of event classification on the challenging TRECVID MED 2012 dataset, and the results showed that the robust 1000OBK event descriptor outperforms the state-of-the-art approaches.

Virus spreading in wireless sensor networks with a medium access control mechanism

International Nuclear Information System (INIS)

Wang Ya-Qi; Yang Xiao-Yuan

2013-01-01

In this paper, an extended version of standard susceptible-infected (SI) model is proposed to consider the influence of a medium access control mechanism on virus spreading in wireless sensor networks. Theoretical analysis shows that the medium access control mechanism obviously reduces the density of infected nodes in the networks, which has been ignored in previous studies. It is also found that by increasing the network node density or node communication radius greatly increases the number of infected nodes. The theoretical results are confirmed by numerical simulations. (general)

Patient adaptive control of end-effector based gait rehabilitation devices using a haptic control framework.

Science.gov (United States)

Hussein, Sami; Kruger, Jörg

2011-01-01

Robot assisted training has proven beneficial as an extension of conventional therapy to improve rehabilitation outcome. Further facilitation of this positive impact is expected from the application of cooperative control algorithms to increase the patient's contribution to the training effort according to his level of ability. This paper presents an approach for cooperative training for end-effector based gait rehabilitation devices. Thereby it provides the basis to firstly establish sophisticated cooperative control methods in this class of devices. It uses a haptic control framework to synthesize and render complex, task specific training environments, which are composed of polygonal primitives. Training assistance is integrated as part of the environment into the haptic control framework. A compliant window is moved along a nominal training trajectory compliantly guiding and supporting the foot motion. The level of assistance is adjusted via the stiffness of the moving window. Further an iterative learning algorithm is used to automatically adjust this assistance level. Stable haptic rendering of the dynamic training environments and adaptive movement assistance have been evaluated in two example training scenarios: treadmill walking and stair climbing. Data from preliminary trials with one healthy subject is provided in this paper. © 2011 IEEE

Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms : A Comprehensive Access Control Scheme Applied to the GENIDA Project - Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders.

Science.gov (United States)

Parrend, Pierre; Mazzucotelli, Timothée; Colin, Florent; Collet, Pierre; Mandel, Jean-Louis

2017-11-16

Cohort Study Platforms (CSP) are emerging as a key tool for collecting patient information, providing new research data, and supporting family and patient associations. However they pose new ethics and regulatory challenges since they cross the gap between patients and medical practitioners. One of the critical issues for CSP is to enforce a strict control on access privileges whilst allowing the users to take advantage of the breadth of the available data. We propose Cerberus, a new access control scheme spanning the whole life-cycle of access right management: design, implementation, deployment and maintenance, operations. Cerberus enables switching from a dual world, where CSP data can be accessed either from the users who entered it or fully de-identified, to an access-when-required world, where patients, practitioners and researchers can access focused medical data through explicit authorisation by the data owner. Efficient access control requires application-specific access rights, as well as the ability to restrict these rights when they are not used. Cerberus is implemented and evaluated in the context of the GENIDA project, an international CSP for Genetically determined Intellectual Disabilities and Autism Spectrum Disorders. As a result of this study, the software is made available for the community, and validated specifications for CSPs are given.

78 FR 43963 - Twenty-Third Meeting: RTCA Special Committee 224, Airport Security Access Control Systems

Science.gov (United States)

2013-07-22

... Committee 224, Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), U.S. Department of Transportation (DOT). ACTION: Meeting Notice of RTCA Special Committee 224, Airport Security... meeting of the RTCA Special Committee 224, Airport Security Access Control Systems. DATES: The meeting...

Accessibility and usability OCW data: The UTPL OCW

Directory of Open Access Journals (Sweden)

Germania Rodríguez

2017-08-01

Full Text Available This data article provides a data description on article entitled “A framework for improving web accessibility and usability of Open Course Ware sites” [3] This Data in Brief presents the data obtained from the accessibility and usability evaluation of the UTPL OCW. The data obtained from the framework evaluation consists of the manual evaluation of the standards criteria and the automatic evaluation of the tools Google PageSpeed and Google Analytics. In addition, this article presents the synthetized tables from standards that are used by the framework to evaluate the accessibility and usability of OCW, and the questionnaires required to extract the data. As a result, the article also provides the data required to reproduce the evaluation of other OCW.

Distributed Framework for Dynamic Telescope and Instrument Control

Science.gov (United States)

Ames, Troy J.; Case, Lynne

2002-01-01

Traditionally, instrument command and control systems have been developed specifically for a single instrument. Such solutions are frequently expensive and are inflexible to support the next instrument development effort. NASA Goddard Space Flight Center is developing an extensible framework, known as Instrument Remote Control (IRC) that applies to any kind of instrument that can be controlled by a computer. IRC combines the platform independent processing capabilities of Java with the power of the Extensible Markup Language (XML). A key aspect of the architecture is software that is driven by an instrument description, written using the Instrument Markup Language (IML). IML is an XML dialect used to describe graphical user interfaces to control and monitor the instrument, command sets and command formats, data streams, communication mechanisms, and data processing algorithms. The IRC framework provides the ability to communicate to components anywhere on a network using the JXTA protocol for dynamic discovery of distributed components. JXTA (see httD://www.jxta.org,) is a generalized protocol that allows any devices connected by a network to communicate in a peer-to-peer manner. IRC uses JXTA to advertise a device's IML and discover devices of interest on the network. Devices can join or leave the network and thus join or leave the instrument control environment of IRC. Currently, several astronomical instruments are working with the IRC development team to develop custom components for IRC to control their instruments. These instruments include: High resolution Airborne Wideband Camera (HAWC), a first light instrument for the Stratospheric Observatory for Infrared Astronomy (SOFIA); Submillimeter And Far Infrared Experiment (SAFIRE), a Principal Investigator instrument for SOFIA; and Fabry-Perot Interferometer Bolometer Research Experiment (FIBRE), a prototype of the SAFIRE instrument, used at the Caltech Submillimeter Observatory (CSO). Most recently, we have

Conviviality-driven access control policy

NARCIS (Netherlands)

El Kateb, Donia; Zannone, N.; Moawad, Assaad; Caire, Patrice; Nain, Grégory; Mouelhi, Tejeddine; Le Traon, Yves

2015-01-01

Nowadays many organizations experience security incidents due to unauthorized access to information. To reduce the risk of such incidents, security policies are often employed to regulate access to information. Such policies, however, are often too restrictive, and users do not have the rights

The Development of a Framework for Target Diagnostic Centralized Control System (TDCCS) in ICF Experiments

International Nuclear Information System (INIS)

Zhang Chi; Wang Jian; Yu Xiaoqi; Yang Dong

2008-01-01

A framework for target diagnostic centralized control system (TDCCS) in inertial confinement fusion (ICF) experiment has been developed. The developed framework is based on the common object request broker architecture (CORBA) standard and part of the concept from the ICFRoot (a framework based on ROOT for ICF experiments) framework design. This framework is of a component architecture, including a message bus, command executer, status processor, parser and proxy. To test the function of the framework, a simplified prototype of the TDCCS has been developed as well.

The intersection of disability and healthcare disparities: a conceptual framework.

Science.gov (United States)

Meade, Michelle A; Mahmoudi, Elham; Lee, Shoou-Yih

2015-01-01

This article provides a conceptual framework for understanding healthcare disparities experienced by individuals with disabilities. While health disparities are the result of factors deeply rooted in culture, life style, socioeconomic status, and accessibility of resources, healthcare disparities are a subset of health disparities that reflect differences in access to and quality of healthcare and can be viewed as the inability of the healthcare system to adequately address the needs of specific population groups. This article uses a narrative method to identify and critique the main conceptual frameworks that have been used in analyzing disparities in healthcare access and quality, and evaluating those frameworks in the context of healthcare for individuals with disabilities. Specific models that are examined include the Aday and Anderson Model, the Grossman Utility Model, the Institute of Medicine (IOM)'s models of Access to Healthcare Services and Healthcare Disparities, and the Cultural Competency model. While existing frameworks advance understandings of disparities in healthcare access and quality, they fall short when applied to individuals with disabilities. Specific deficits include a lack of attention to cultural and contextual factors (Aday and Andersen framework), unrealistic assumptions regarding equal access to resources (Grossman's utility model), lack of recognition or inclusion of concepts of structural accessibility (IOM model of Healthcare Disparities) and exclusive emphasis on supply side of the healthcare equation to improve healthcare disparities (Cultural Competency model). In response to identified gaps in the literature and short-comings of current conceptualizations, an integrated model of disability and healthcare disparities is put forth. We analyzed models of access to care and disparities in healthcare to be able to have an integrated and cohesive conceptual framework that could potentially address issues related to access to

Leveraging the Unified Access Framework: A Tale of an Integrated Ocean Data Prototype

Science.gov (United States)

O'Brien, K.; Kern, K.; Smith, B.; Schweitzer, R.; Simons, R.; Mendelssohn, R.; Diggs, S. C.; Belbeoch, M.; Hankin, S.

2014-12-01

The Tropical Pacific Observing System (TPOS) has been functioning and capturing measurements since the mid 1990s during the very successful Tropical Ocean Global Atmosphere (TOGA) project. Unfortunately, in the current environment, some 20 years after the end of the TOGA project, sustaining the observing system is proving difficult. With the many advances in methods of observing the ocean, a group of scientists is taking a fresh look at what the Tropical Pacific Observing System requires for sustainability. This includes utilizing a wide variety of observing system platforms, including Argo floats, unmanned drifters, moorings, ships, etc. This variety of platforms measuring ocean data also provides a significant challenge in terms of integrated data management. It is recognized that data and information management is crucial to the success and impact of any observing system. In order to be successful, it is also crucial to avoid building stovepipes for data management. To that end, NOAA's Observing System Monitoring Center (OSMC) has been tasked to create a testbed of integrated real time and delayed mode observations for the Tropical Pacific region in support of the TPOS. The observing networks included in the prototype are: Argo floats, OceanSites moorings, drifting buoys, hydrographic surveys, underway carbon observations and, of course, real time ocean measurements. In this presentation, we will discuss how the OSMC project is building the integrated data prototype using existing free and open source software. We will explore how we are leveraging successful data management frameworks pioneered by efforts such as NOAA's Unified Access Framework project. We will also show examples of how conforming to well known conventions and standards allows for discoverability, usability and interoperability of data.

基于角色访问控制模型及其在操作系统中的实现%Role-Based Access Control Model and its Implementation in Operating System

Institute of Scientific and Technical Information of China (English)

刘伟; 孙玉芳

2003-01-01

Since Role-based access control shows great advantage in meeting the security need in large-scale, enter-prise-wide system, RBAC becomes the hot topic in access control research area. Researchers have proposed severalRBAC models, which include the famous RBAC96 model. However, these frameworks are sometimes hard for sys-tem developers to understand because the models defined are too abstract or focus on application-oriented solutions.In this paper, a new model (OSRBAC)is discussed, which is the improved model to RBAC3 model in RBAC96 modelfamily. Compared with RBAC3 model, OSRBAC model is more concrete and easilier to understand. At the end, thispaper describes the implementation of OSRBAC model in RedFlag Secure Operating System(RFSOS).

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

OpenAIRE

Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

2013-01-01

This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

Feasibility Assessment of a Fine-Grained Access Control Model on Resource Constrained Sensors.

Science.gov (United States)

Uriarte Itzazelaia, Mikel; Astorga, Jasone; Jacob, Eduardo; Huarte, Maider; Romaña, Pedro

2018-02-13

Upcoming smart scenarios enabled by the Internet of Things (IoT) envision smart objects that provide services that can adapt to user behavior or be managed to achieve greater productivity. In such environments, smart things are inexpensive and, therefore, constrained devices. However, they are also critical components because of the importance of the information that they provide. Given this, strong security is a requirement, but not all security mechanisms in general and access control models in particular are feasible. In this paper, we present the feasibility assessment of an access control model that utilizes a hybrid architecture and a policy language that provides dynamic fine-grained policy enforcement in the sensors, which requires an efficient message exchange protocol called Hidra. This experimental performance assessment includes a prototype implementation, a performance evaluation model, the measurements and related discussions, which demonstrate the feasibility and adequacy of the analyzed access control model.

Hierarchical Brokering with Feedback Control Framework in Mobile Device-Centric Clouds

Directory of Open Access Journals (Sweden)

Chao-Lieh Chen

2016-01-01

Full Text Available We propose a hierarchical brokering architecture (HiBA and Mobile Multicloud Networking (MMCN feedback control framework for mobile device-centric cloud (MDC2 computing. Exploiting the MMCN framework and RESTful web-based interconnection, each tier broker probes resource state of its federation for control and management. Real-time and seamless services were developed. Case studies including intrafederation energy-aware balancing based on fuzzy feedback control and higher tier load balancing are further demonstrated to show how HiBA with MMCN relieves the embedding of algorithms when developing services. Theoretical performance model and real-world experiments both show that an MDC2 based on HiBA features better quality in terms of resource availability and network latency if it federates devices with enough resources distributed in lower tier hierarchy. The proposed HiBA realizes a development platform for MDC2 computing which is a feasible solution to User-Centric Networks (UCNs.

Keep on Blockin' in the Free World: Personal Access Control for Low-Cost RFID Tags

NARCIS (Netherlands)

Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

2005-01-01

This paper introduces an off-tag RFID access control mechanism called "Selective RFID Jamming". Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

Keep on Blockin’ in the Free World: Personal Access Control for Low-Cost RFID Tags

NARCIS (Netherlands)

Rieback, Melanie; Crispo, Bruno; Tanenbaum, Andrew

2007-01-01

This paper introduces an off-tag RFID access control mechanism called “Selective RFID Jamming”. Selective RFID Jamming protects low-cost RFID tags by enforcing access control on their behalf, in a similar manner to the RFID Blocker Tag. However, Selective RFID Jamming is novel because it uses an

Access control system for ISABELLE

International Nuclear Information System (INIS)

Potter, K.; Littenberg, L.

1977-01-01

An access system based on the one now in operation at the CERN ISR is recommended. Access doors would presumably be located at the entrances to the utility tunnels connecting the support buildings with the ring. Persons requesting access would insert an identity card into a scanner to activate the system. The request would be autologged, the keybank adjacent to the door would be unlocked and ISABELLE operations would be notified. The operator would then select the door, activating a TV-audio link. The person requesting entry would draw a key from the bank, show it and his film badge to the operator who would enable the door release

Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

Institute of Scientific and Technical Information of China (English)

XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

2006-01-01

Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

Energy Efficient Medium Access Control Protocol for Clustered Wireless Sensor Networks with Adaptive Cross-Layer Scheduling.

Science.gov (United States)

Sefuba, Maria; Walingo, Tom; Takawira, Fambirai

2015-09-18

This paper presents an Energy Efficient Medium Access Control (MAC) protocol for clustered wireless sensor networks that aims to improve energy efficiency and delay performance. The proposed protocol employs an adaptive cross-layer intra-cluster scheduling and an inter-cluster relay selection diversity. The scheduling is based on available data packets and remaining energy level of the source node (SN). This helps to minimize idle listening on nodes without data to transmit as well as reducing control packet overhead. The relay selection diversity is carried out between clusters, by the cluster head (CH), and the base station (BS). The diversity helps to improve network reliability and prolong the network lifetime. Relay selection is determined based on the communication distance, the remaining energy and the channel quality indicator (CQI) for the relay cluster head (RCH). An analytical framework for energy consumption and transmission delay for the proposed MAC protocol is presented in this work. The performance of the proposed MAC protocol is evaluated based on transmission delay, energy consumption, and network lifetime. The results obtained indicate that the proposed MAC protocol provides improved performance than traditional cluster based MAC protocols.

On the Protection of Personal Data in the Access Control System

Directory of Open Access Journals (Sweden)

A. P. Durakovskiy

2012-03-01

Full Text Available The aim is to prove the qualification system of access control systems (ACS as an information system for personal data (ISPDn. Applications: systems of physical protection of facilities.

Role-Based Access Control for Coalition Partners in Maritime Domain Awareness

National Research Council Canada - National Science Library

McDaniel, Christopher R; Tardy, Matthew L

2005-01-01

The need for Shared Situational Awareness (SSA) in accomplishing joint missions by coalition militaries, law enforcement, the intelligence community, and the private sector creates a unique challenge to providing access control...

A Unified Framework of the Performance Evaluation of Optical Time-Wavelength Code-Division Multiple-Access Systems

Science.gov (United States)

Inaty, Elie

In this paper, we provide an analysis to the performance of optical time-wavelength code-division multiple-access (OTW-CDMA) network when the system is working above the nominal transmission rate limit imposed by the passive encoding-decoding operation. We address the problem of overlapping in such a system and how it can directly affect the bit error rate (BER). A unified mathematical framework is presented under the assumption of one coincidence sequences with non-repeating wavelengths. A closed form expression of the multiple access interference limited BER is provided as a function of different system parameters. Results show that the performance of OTW-CDMA system may be critically affected when working above the nominal limit; an event that may happen when the network operates at high transmission rate. In addition, the impact of the derived error probability on the performance of two newly proposed MAC protocols, the S-ALOHA and the R3T, is also investigated. It is shown that for low transmission rates, the S-ALOHA is better than the R3T; while the R3T is better at very high transmission rates. However, in general it is postulated that the R3T protocol suffers a higher delay mainly because of the presence of additional modes.

Receiver-initiated medium access control protocols for wireless sensor networks

DEFF Research Database (Denmark)

Fafoutis, Xenofon; Di Mauro, Alessio; Vithanage, Madava D.

2015-01-01

One of the fundamental building blocks of a Wireless Sensor Network (WSN) is the Medium Access Control (MAC) protocol, that part of the system governing when and how two independent neighboring nodes activate their respective transceivers to directly interact. Historically, data exchange has always...

Access control and interlock system at the Advanced Photon Source

International Nuclear Information System (INIS)

Forrestal, J.; Hogrefe, R.; Knott, M.; McDowell, W.; Reigle, D.; Solita, L.; Koldenhoven, R.; Haid, D.

1997-01-01

The Advanced Photon Source (APS) consists of a linac, position accumulator ring (PAR), booster synchrotron, storage ring, and up to 70 experimental beamlines. The Access Control and Interlock System (ACIS) utilizes redundant programmable logic controllers (PLCs) and a third hard-wired chain to protect personnel from prompt radiation generated by the linac, PAR, synchrotron, and storage ring. This paper describes the ACIS's design philosophy, configuration, hardware, functionality, validation requirements, and operational experience

76 FR 38293 - Risk Management Controls for Brokers or Dealers With Market Access

Science.gov (United States)

2011-06-30

... 3235-AK53 Risk Management Controls for Brokers or Dealers With Market Access AGENCY: Securities and... of risk management controls and supervisory procedures that, among other things, is reasonably... relevant risk management controls and supervisory procedures required under the Rule. DATES: The effective...

A method to implement fine-grained access control for personal health records through standard relational database queries.

Science.gov (United States)

Sujansky, Walter V; Faus, Sam A; Stone, Ethan; Brennan, Patricia Flatley

2010-10-01

Online personal health records (PHRs) enable patients to access, manage, and share certain of their own health information electronically. This capability creates the need for precise access-controls mechanisms that restrict the sharing of data to that intended by the patient. The authors describe the design and implementation of an access-control mechanism for PHR repositories that is modeled on the eXtensible Access Control Markup Language (XACML) standard, but intended to reduce the cognitive and computational complexity of XACML. The authors implemented the mechanism entirely in a relational database system using ANSI-standard SQL statements. Based on a set of access-control rules encoded as relational table rows, the mechanism determines via a single SQL query whether a user who accesses patient data from a specific application is authorized to perform a requested operation on a specified data object. Testing of this query on a moderately large database has demonstrated execution times consistently below 100ms. The authors include the details of the implementation, including algorithms, examples, and a test database as Supplementary materials. Copyright © 2010 Elsevier Inc. All rights reserved.

Development of a wireless protection against imitation system for identification and control of vehicle access

Directory of Open Access Journals (Sweden)

Aleksei A. Gavrishev

2018-03-01

Full Text Available This article deals with wireless systems for identification and control of vehicle access to protected objects. Known systems are considered. As a result, it has been established that one of the most promising approaches to identifying and controlling vehicle access to protected objects is the use of systems based on the "friend or foe" principle. Among these systems, there are "one-directional" and "bedirectional" identification and access control systems. "Bidirectional" systems are more preferable for questions of identification and access control. However, at present, these systems should have a reduced probability of recognizing the structure of the request and response signals because the potential attacker can easily perform unauthorized access to the radio channel of the system. On this basis, developed a wireless system identification and control vehicle access to protected objects based on the principle of "friend or foe", featuring increased protection from unauthorized access and jamming through the use of rewritable drives chaotic sequences. In addition, it’s proposed to use to identify the vehicle's RFID tag containing additional information about it. Are some specifications of the developed system (the possible frequency range of the request-response signals, the communication range, data rate, the size of the transmitted data, guidelines for choosing RFID. Also, with the help of fuzzy logic, was made the security assessment from unauthorized access request-response signals based on the system of "friend or foe", which are transferred via radio channel, developed systems and analogues. The security assessment of the developed system shows an adequate degree of protection against complex threats (view, spoofing, interception and jamming of traffic in comparison with known systems of this class. Among the main advantages of the developed system it’s necessary to mention increased security from unauthorized access and jamming

F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing

Directory of Open Access Journals (Sweden)

Wei Ren

2016-01-01

Full Text Available Current file storage service models for cloud servers assume that users either belong to single layer with different privileges or cannot authorize privileges iteratively. Thus, the access control is not fine-grained and flexible. Besides, most access control methods at cloud servers mainly rely on computationally intensive cryptographic algorithms and, especially, may not be able to support highly dynamic ad hoc groups with addition and removal of group members. In this paper, we propose a scheme called F2AC, which is a lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing. F2AC can not only achieve iterative authorization, authentication with tailored policies, and access control for dynamically changing accessing groups, but also provide access privilege transition and revocation. A new access control model called directed tree with linked leaf model is proposed for further implementations in data structures and algorithms. The extensive analysis is given for justifying the soundness and completeness of F2AC.

[Strategic framework for cholera prevention and control in Chengdu: construction and effectiveness evaluation].

Science.gov (United States)

Liang, Xian; Du, Chang-hui; Yang, Lan; Ma, Lin; Huang, Zhong-hang; Tuo, Xiao-Li; Yin, Zhong-liang

2011-02-01

To construct an operable strategic framework for cholera prevention and control which mobilized the advantages of local resources and adapted to social developments in Chengdu, and to evaluate its application effects. (1) After analyzing the local epidemic data of cholera in Chengdu from 1994 to 2004, we determined the main problems of cholera prevention and control works as well as the efficiency and deficiency of employed measures, and then formed a basic strategic framework. (2) After 55 invited experts preliminarily scored the strategic framework, we selected 72 specific measures to establish a measure entry database, and then the importance and operability of each measure were scored by 17 core experts. (3) Finally, the effectiveness of this strategic framework was evaluated according to the analyzing results of infection control, health education and etiological monitoring. (1) The framework took government leadership as main scenario and the informatization as subordination scenario. Meanwhile, it focused on three points: the improvement of social environment, the completion of system and mechanisms for monitoring and early warning, and the enhancement of CDC response to public health emergencies. Total importance score and operability score of 35 specific measures included in this framework was 4.20 ± 0.86 and 4.09 ± 0.87, respectively. (2) Chengdu had maintained zero cholera incidence for five consecutive years from 2005 to 2009 since it gradually began to implement the strategic framework in 2002. There were 19 positive cholera cases detected by etiological monitoring and all of them were seafood or fishery products including soft-shelled turtles, silver carps and bullfrogs. The coverage rate and qualification rate of the training for grassroots cadres, grassroots medical workers, mobile cooks and their assistants was 98.14% (198 452/202 220) and 98.17% (194 820/198 452) in average, respectively. The qualification rate of the training for employees in

A Solution of Data-Level Security Access Control%一种数据级安全访问控制方案①

Institute of Scientific and Technical Information of China (English)

唐建; 徐罡; 许舒人

2013-01-01

To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.%为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略，并将数据访问策略关联到功能，通过对原有业务 SQL 解析，使用行级访问权限对数据记录进行行级过滤，再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制，并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中，验证了该方案的可行性和有效性。

Mastering entity framework

CERN Document Server

Singh, Rahul Rajat

2015-01-01

This book is for .NET developers who are developing data-driven applications using ADO.NET or other data access technologies. This book is going to give you everything you need to effectively develop and manage data-driven applications using Entity Framework.

Comparing, optimizing, and benchmarking quantum-control algorithms in a unifying programming framework

International Nuclear Information System (INIS)

Machnes, S.; Sander, U.; Glaser, S. J.; Schulte-Herbrueggen, T.; Fouquieres, P. de; Gruslys, A.; Schirmer, S.

2011-01-01

For paving the way to novel applications in quantum simulation, computation, and technology, increasingly large quantum systems have to be steered with high precision. It is a typical task amenable to numerical optimal control to turn the time course of pulses, i.e., piecewise constant control amplitudes, iteratively into an optimized shape. Here, we present a comparative study of optimal-control algorithms for a wide range of finite-dimensional applications. We focus on the most commonly used algorithms: GRAPE methods which update all controls concurrently, and Krotov-type methods which do so sequentially. Guidelines for their use are given and open research questions are pointed out. Moreover, we introduce a unifying algorithmic framework, DYNAMO (dynamic optimization platform), designed to provide the quantum-technology community with a convenient matlab-based tool set for optimal control. In addition, it gives researchers in optimal-control techniques a framework for benchmarking and comparing newly proposed algorithms with the state of the art. It allows a mix-and-match approach with various types of gradients, update and step-size methods as well as subspace choices. Open-source code including examples is made available at http://qlib.info.

Gender Relations in Access to and Control over Resources in Awra ...

African Journals Online (AJOL)

Administrator

participant observation of gender roles and relations in the study community. ..... in domestic and public spheres, access to and control over locally available ...... Proposal on Leadership Initiatives in Awra Amba Community Case Study on.

Modelling and Analysing Access Control Policies in XACML 3.0

DEFF Research Database (Denmark)

Ramli, Carroline Dewi Puspa Kencana

(c.f. GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0....... The main focus of this thesis is modelling and analysing access control policies in XACML 3.0. There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard...... semantics is described normatively using natural language. The use of English text in standardisation leads to the risk of misinterpretation and ambiguity. In order to avoid this drawback, we define an abstract syntax of XACML 3.0 and a formal XACML semantics. Second, we propose a logic-based XACML analysis...

A re-conceptualization of access for 21st century healthcare.

Science.gov (United States)

Fortney, John C; Burgess, James F; Bosworth, Hayden B; Booth, Brenda M; Kaboli, Peter J

2011-11-01

Many e-health technologies are available to promote virtual patient-provider communication outside the context of face-to-face clinical encounters. Current digital communication modalities include cell phones, smartphones, interactive voice response, text messages, e-mails, clinic-based interactive video, home-based web-cams, mobile smartphone two-way cameras, personal monitoring devices, kiosks, dashboards, personal health records, web-based portals, social networking sites, secure chat rooms, and on-line forums. Improvements in digital access could drastically diminish the geographical, temporal, and cultural access problems faced by many patients. Conversely, a growing digital divide could create greater access disparities for some populations. As the paradigm of healthcare delivery evolves towards greater reliance on non-encounter-based digital communications between patients and their care teams, it is critical that our theoretical conceptualization of access undergoes a concurrent paradigm shift to make it more relevant for the digital age. The traditional conceptualizations and indicators of access are not well adapted to measure access to health services that are delivered digitally outside the context of face-to-face encounters with providers. This paper provides an overview of digital "encounterless" utilization, discusses the weaknesses of traditional conceptual frameworks of access, presents a new access framework, provides recommendations for how to measure access in the new framework, and discusses future directions for research on access.

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

Directory of Open Access Journals (Sweden)

Wen-Jye Shyr

2013-02-01

Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

The UK's Levy Control Framework for renewable electricity support: Effects and significance

International Nuclear Information System (INIS)

Lockwood, Matthew

2016-01-01

There is a long-standing debate over price vs. quantity approaches to supporting the deployment of renewable electricity technologies. In the context of a recent shift from quantity to price-based support, the UK has also introduced a new form of budgetary framework, the Levy Control Framework (LCF). The introduction of the LCF has been very important for investors but has received relatively little attention in the academic literature. The paper gives an overview of the LCF, explores its effects on renewables policy, on consumers and on investor confidence arguing that an unintended consequence of its introduction has been to increase uncertainty, through interactions with underlying support mechanisms. A number of problems with the current scope and design of the LCF are noted. It is argued that the LCF is best understood as aimed at avoiding a political backlash against renewable support policy in a context where the benefits of such policy are concentrated economically and socially. The paper concludes by placing the LCF within a wider context of a shift towards greater budgetary control over renewable energy support policy across European countries. - Highlights: • Gives an description of the Levy Control Framework. • Analyses the effects of the LCF on UK renewable policy. • Reviews possible purposes of the LCF. • Evaluates the effects of the LCF on consumers and investors. • Places the LCF in context of greater cost control over renewables across the EU.

Abortion in Australia: access versus protest.

Science.gov (United States)

Dean, Rebecca Elizabeth; Allanson, Susie

2004-05-01

Currently in Australia anti-choice protesters' right to freedom of speech and freedom to protest is privileged over a woman's right to privacy and to access a health service safely, free from harassment, intimidation and obstruction. This article considers how this situation is played out daily at one Victorian abortion-providing clinic. The Fertility Control Clinic was thrown into the spotlight after the murder of its security guard by an anti-choice crusader in July 2001. Australian common law appears not to offer women protection from anti-choice protesters. By contrast, United States and Canadian "bubble" legislation sits comfortably with key constitutional rights. It would be a useful development if Australian governments passed legislation to ensure the rights, wellbeing and safety of Australian women accessing health services. Such legislation would be another step away from the misogynistic and androcentric values once central to our legislative framework.

Open Access to Mexican Academic Production

Science.gov (United States)

Adame, Silvia I.; Llorens, Luis

2016-01-01

This paper presents a description of the metadata harvester software development. This system provides access to reliable and quality educational resources, shared by Mexican Universities through their repositories, to anyone with Internet Access. We present the conceptual and contextual framework, followed by the technical basis, the results and…

Adaptive Media Access Control for Energy Harvesting - Wireless Sensor Networks

DEFF Research Database (Denmark)

Fafoutis, Xenofon; Dragoni, Nicola

2012-01-01

ODMAC (On-Demand Media Access Control) is a recently proposed MAC protocol designed to support individual duty cycles for Energy Harvesting — Wireless Sensor Networks (EH-WSNs). Individual duty cycles are vital for EH-WSNs, because they allow nodes to adapt their energy consumption to the ever-ch...

Research and Design of Dynamic Migration Access Control Technology Based on Heterogeneous Network

Directory of Open Access Journals (Sweden)

Wang Feng

2017-01-01

Full Text Available With the continuous development of wireless networks, the amount of privacy services in heterogeneous mobile networks is increasing, such as information storage, user access, and so on. Access control security issues for heterogeneous mobile radio network, this paper proposes a dynamic migration access control technology based on heterogeneous network. Through the system architecture of the mutual trust system, we can understand the real-time mobile node failure or abnormal state. To make the service can be terminated for the node. And adopt the 802.1X authentication way to improve the security of the system. Finally, it by combining the actual running test data, the trust update algorithm of the system is optimized to reduce the actual security threats in the environment. Experiments show that the system’s anti-attack, the success rate of access, bit error rate is in line with the expected results. This system can effectively reduce the system authentication information is illegally obtained after the network security protection mechanism failure and reduce the risk of user data leakage.

Service Degradation in Context Management Frameworks

DEFF Research Database (Denmark)

Shawky, Ahmed; Olsen, Rasmus Løvenstein; Pedersen, Jens Myrup

2011-01-01

information. The paper considers a developed framework from the ICT project, OPEN, and investigates the impact of applying Differentiated Services (DiffServ) Quality of Services (QoS). The paper finally provides insight in how the insight gained can be utilized to ensure reliable remote accessed context......Context aware network services are a new and inter-esting way to enhance network users experience. A context aware application/service enhances network performance in relation to dynamic context information, e.g. mobility, location and device information as it senses and reacts to environment...... changes. The reliability of the information accessed is a key factor in achieving reliable context aware application. This paper will review the service degradation in Context Management Frameworks (CMF) and the effect of high network utilization, with particular focus on the reliability of the accessed...

Perti Net-Based Workflow Access Control Model%基于Perti网的工作流访问控制模型研究

Institute of Scientific and Technical Information of China (English)

陈卓; 骆婷; 石磊; 洪帆

2004-01-01

Access control is an important protection mechanism for information systems.This paper shows how to make access control in workflow system.We give a workflow access control model (WACM) based on several current access control models.The model supports roles assignment and dynamic authorization.The paper defines the workflow using Petri net.It firstly gives the definition and description of the workflow, and then analyzes the architecture of the workflow access control model (WACM).Finally, an example of an e-commerce workflow access control model is discussed in detail.

Regulatory control, legislation and framework

International Nuclear Information System (INIS)

Parthasarathy, K.S.

1998-01-01

The legislation and regulations, a regulatory authority to authorise and inspect the regulated activities and to enforce the legislation and regulations, sufficient financial and man-power resources are the essential parts of a national infrastructure to implement the Basic Safety Standards. The legal framework consists of legislation (Act passed by Parliament) and the regulations (framed by the government and endorsed by the Parliament). This paper is primarily deals with the the legal framework set up in India for atomic energy activities

Enforcing access control in virtual organizations using hierarchical attribute-based encryption

NARCIS (Netherlands)

Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

2012-01-01

Virtual organizations are dynamic, interorganizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

Science.gov (United States)

Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

DOE's nation-wide system for access control can solve problems for the federal government

International Nuclear Information System (INIS)

Callahan, S.; Tomes, D.; Davis, G.; Johnson, D.; Strait, S.

1996-07-01

The U.S. Department of Energy's (DOE's) ongoing efforts to improve its physical and personnel security systems while reducing its costs, provide a model for federal government visitor processing. Through the careful use of standardized badges, computer databases, and networks of automated access control systems, the DOE is increasing the security associated with travel throughout the DOE complex, and at the same time, eliminating paperwork, special badging, and visitor delays. The DOE is also improving badge accountability, personnel identification assurance, and access authorization timeliness and accuracy. Like the federal government, the DOE has dozens of geographically dispersed locations run by many different contractors operating a wide range of security systems. The DOE has overcome these obstacles by providing data format standards, a complex-wide virtual network for security, the adoption of a standard high security system, and an open-systems-compatible link for any automated access control system. If the location's level of security requires it, positive visitor identification is accomplished by personal identification number (PIN) and/or by biometrics. At sites with automated access control systems, this positive identification is integrated into the portals

Administrative court control in taxation matters

OpenAIRE

Nataša Zunić Kovačević

2016-01-01

Starting with the current organisation of administrative court control in taxation matters, this paper, after a brief overview of the normative legal framework of control in such matters, provides an analysis of certain indicators of administrative and administrative court control implementation in taxation matters. The experience of the application of administrative control in taxation matters and an analysis of accessible indicators of recent administrative court control in taxation matters...

COMDES-II: A Component-Based Framework for Generative Development of Distributed Real-Time Control Systems

DEFF Research Database (Denmark)

Ke, Xu; Sierszecki, Krzysztof; Angelov, Christo K.

2007-01-01

The paper presents a generative development methodology and component models of COMDES-II, a component-based software framework for distributed embedded control systems with real-time constraints. The adopted methodology allows for rapid modeling and validation of control software at a higher lev...... methodology for COMDES-II from a general perspective, describes the component models in details and demonstrates their application through a DC-Motor control system case study.......The paper presents a generative development methodology and component models of COMDES-II, a component-based software framework for distributed embedded control systems with real-time constraints. The adopted methodology allows for rapid modeling and validation of control software at a higher level...

A Model-based Framework for Risk Assessment in Human-Computer Controlled Systems

Science.gov (United States)

Hatanaka, Iwao

2000-01-01

The rapid growth of computer technology and innovation has played a significant role in the rise of computer automation of human tasks in modem production systems across all industries. Although the rationale for automation has been to eliminate "human error" or to relieve humans from manual repetitive tasks, various computer-related hazards and accidents have emerged as a direct result of increased system complexity attributed to computer automation. The risk assessment techniques utilized for electromechanical systems are not suitable for today's software-intensive systems or complex human-computer controlled systems. This thesis will propose a new systemic model-based framework for analyzing risk in safety-critical systems where both computers and humans are controlling safety-critical functions. A new systems accident model will be developed based upon modem systems theory and human cognitive processes to better characterize system accidents, the role of human operators, and the influence of software in its direct control of significant system functions. Better risk assessments will then be achievable through the application of this new framework to complex human-computer controlled systems.

Enforcing access control in virtual organizations using hierarchical attribute-based encryption

NARCIS (Netherlands)

Asim, M.; Ignatenko, T.; Petkovic, M.; Trivellato, D.; Zannone, N.

2012-01-01

Virtual organizations are dynamic, inter-organizational collaborations that involve systems and services belonging to different security domains. Several solutions have been proposed to guarantee the enforcement of the access control policies protecting the information exchanged in a distributed

Fuzzy Privacy Decision for Context-Aware Access Personal Information

Institute of Scientific and Technical Information of China (English)

ZHANG Qingsheng; QI Yong; ZHAO Jizhong; HOU Di; NIU Yujie

2007-01-01

A context-aware privacy protection framework was designed for context-aware services and privacy control methods about access personal information in pervasive environment. In the process of user's privacy decision, it can produce fuzzy privacy decision as the change of personal information sensitivity and personal information receiver trust. The uncertain privacy decision model was proposed about personal information disclosure based on the change of personal information receiver trust and personal information sensitivity. A fuzzy privacy decision information system was designed according to this model. Personal privacy control policies can be extracted from this information system by using rough set theory. It also solves the problem about learning privacy control policies of personal information disclosure.

Framework for establishing records control in hospitals as an ISO 9001 requirement.

Science.gov (United States)

Al-Qatawneh, Lina

2017-02-13

Purpose The purpose of this paper is to present the process followed to control records in a Jordanian private community hospital as an ISO 9001:2008 standard requirement. Design/methodology/approach Under the hospital quality council's supervision, the quality management and development office staff were responsible for designing, planning and implementing the quality management system (QMS) using the ISO 9001:2008 standard. A policy for records control was established. An action plan for establishing the records control was developed and implemented. On completion, a coding system for records was specified to be used by hospital staff. Finally, an internal audit was performed to verify conformity to the ISO 9001:2008 standard requirements. Findings Successful certification by a neutral body ascertained that the hospital's QMS conformed to the ISO 9001:2008 requirements. A framework was developed that describes the records controlling process, which can be used by staff in any healthcare organization wanting to achieve ISO 9001:2008 accreditation. Originality/value Given the increased interest among healthcare organizations to achieve the ISO 9001 certification, the proposed framework for establishing records control is developed and is expected to be a valuable management tool to improve and sustain healthcare quality.

A systematic framework for design of process monitoring and control (PAT) systems for crystallization processes

DEFF Research Database (Denmark)

Abdul Samad, Noor Asma Fazli Bin; Sin, Gürkan; Gernaey, Krist

2013-01-01

A generic computer-aided framework for systematic design of a process monitoring and control system for crystallization processes has been developed to study various aspects of crystallization operations.The systematic design framework contains a generic crystallizer modelling toolbox, a tool for...

Hybrid Zeolitic Imidazolate Frameworks: Controlling Framework Porosity and Functionality by Mixed-Linker Synthesis

KAUST Repository

Thompson, Joshua A.

2012-05-22

Zeolitic imidazolate frameworks (ZIFs) are a subclass of nanoporous metal-organic frameworks (MOFs) that exhibit zeolite-like structural topologies and have interesting molecular recognition properties, such as molecular sieving and gate-opening effects associated with their pore apertures. The synthesis and characterization of hybrid ZIFs with mixed linkers in the framework are described in this work, producing materials with properties distinctly different from the parent frameworks (ZIF-8, ZIF-90, and ZIF-7). NMR spectroscopy is used to assess the relative amounts of the different linkers included in the frameworks, whereas nitrogen physisorption shows the evolution of the effective pore size distribution in materials resulting from the framework hybridization. X-ray diffraction shows these hybrid materials to be crystalline. In the case of ZIF-8-90 hybrids, the cubic space group of the parent frameworks is continuously maintained, whereas in the case of the ZIF-7-8 hybrids there is a transition from a cubic to a rhombohedral space group. Nitrogen physisorption data reveal that the hybrid materials exhibit substantial changes in gate-opening phenomena, either occurring at continuously tunable partial pressures of nitrogen (ZIF-8-90 hybrids) or loss of gate-opening effects to yield more rigid frameworks (ZIF-7-8 hybrids). With this synthetic approach, significant alterations in MOF properties may be realized to suit a desired separation or catalytic process. © 2012 American Chemical Society.

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

Access Structures in a Standard Translation Dictionary | Louw ...

African Journals Online (AJOL)

The access structure is the primary guide structure in the central texts of any standard translation dictionary. The metalexicographical term "guide structures" refers to the set of structures that provides a framework within which the accessibility and availability of information types in the dictionary can be evaluated. The access ...

Privacy and Access Control for IHE-Based Systems

Science.gov (United States)

Katt, Basel; Breu, Ruth; Hafner, Micahel; Schabetsberger, Thomas; Mair, Richard; Wozak, Florian

Electronic Health Record (EHR) is the heart element of any e-health system, which aims at improving the quality and efficiency of healthcare through the use of information and communication technologies. The sensitivity of the data contained in the health record poses a great challenge to security. In this paper we propose a security architecture for EHR systems that are conform with IHE profiles. In this architecture we are tackling the problems of access control and privacy. Furthermore, a prototypical implementation of the proposed model is presented.

BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

Science.gov (United States)

Frias-Martinez, Vanessa; Stolfo, Salvatore J.; Keromytis, Angelos D.

Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

NL(q) Theory: A Neural Control Framework with Global Asymptotic Stability Criteria.

Science.gov (United States)

Vandewalle, Joos; De Moor, Bart L.R.; Suykens, Johan A.K.

1997-06-01

In this paper a framework for model-based neural control design is presented, consisting of nonlinear state space models and controllers, parametrized by multilayer feedforward neural networks. The models and closed-loop systems are transformed into so-called NL(q) system form. NL(q) systems represent a large class of nonlinear dynamical systems consisting of q layers with alternating linear and static nonlinear operators that satisfy a sector condition. For such NL(q)s sufficient conditions for global asymptotic stability, input/output stability (dissipativity with finite L(2)-gain) and robust stability and performance are presented. The stability criteria are expressed as linear matrix inequalities. In the analysis problem it is shown how stability of a given controller can be checked. In the synthesis problem two methods for neural control design are discussed. In the first method Narendra's dynamic backpropagation for tracking on a set of specific reference inputs is modified with an NL(q) stability constraint in order to ensure, e.g., closed-loop stability. In a second method control design is done without tracking on specific reference inputs, but based on the input/output stability criteria itself, within a standard plant framework as this is done, for example, in H( infinity ) control theory and &mgr; theory. Copyright 1997 Elsevier Science Ltd.

Secure Dynamic access control scheme of PHR in cloud computing.

Science.gov (United States)

Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

2012-12-01

With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

Interaction framework for loosely-coupled controllers

DEFF Research Database (Denmark)

Falsig, Simon

2011-01-01

terminology provide a common grounding for new work in the field of robotic controllers, whereas the TosNet framework allows researchers to focus on the actual functionality of robotic systems, and keeps them from wasting time implementing redundant, ad-hoc communication and infrastructure. It has been......Implementing communication and interfacing in research and prototype embedded systems is often done ad-hoc rather than in a standardized way. This leads to much time wasted due to redundantly implementing the same functionality in slightly different ways for each new project. This PhD project...... will aim to present both theoretical and practical work that can help reduce this waste by fostering reuse, simplicity and the use of a consistent, common terminology. Through a quick analysis of a few ad-hoc systems already implemented at the university, a number of undesirable characteristics...

Access Control Model for Sharing Composite Electronic Health Records

Science.gov (United States)

Jin, Jing; Ahn, Gail-Joon; Covington, Michael J.; Zhang, Xinwen

The adoption of electronically formatted medical records, so called Electronic Health Records (EHRs), has become extremely important in healthcare systems to enable the exchange of medical information among stakeholders. An EHR generally consists of data with different types and sensitivity degrees which must be selectively shared based on the need-to-know principle. Security mechanisms are required to guarantee that only authorized users have access to specific portions of such critical record for legitimate purposes. In this paper, we propose a novel approach for modelling access control scheme for composite EHRs. Our model formulates the semantics and structural composition of an EHR document, from which we introduce a notion of authorized zones of the composite EHR at different granularity levels, taking into consideration of several important criteria such as data types, intended purposes and information sensitivities.

Malaria and the mobile and migrant population in Cambodia: a population movement framework to inform strategies for malaria control and elimination.

Science.gov (United States)

Guyant, Philippe; Canavati, Sara E; Chea, Nguon; Ly, Po; Whittaker, Maxine Anne; Roca-Feltrer, Arantxa; Yeung, Shunmay

2015-06-20

The relationships between human population movement (HPM) and health are a concern at global level. In the case of malaria, those links are crucial in relation to the spread of drug resistant parasites and to the elimination of malaria in the Greater Mekong sub-Region (GMS) and beyond. The mobile and migrant populations (MMP) who are involved in forest related activities are both at high risk of being infected with malaria and at risk of receiving late and sub-standard treatment due to poor access to health services. In Cambodia, in 2012, the National Malaria Control Programme (NMCP) identified, as a key objective, the development of a specific strategy for MMPs in order to address these challenges. A population movement framework (PMF) for malaria was developed and operationalized in order to contribute to this strategy. A review of the published and unpublished literature was conducted. Based on a synthesis of the results, information was presented and discussed with experienced researchers and programme managers in the Cambodian NMCP and led to the development and refinement of a PMF for malaria. The framework was "tested" for face and content validity with national experts through a workshop approach. In the literature, HPM has been described using various spatial and temporal dimensions both in the context of the spread of anti-malarial drug resistance, and in the context of malaria elimination and previous classifications have categorized MMPs in Cambodia and the GMS through using a number of different criteria. Building on these previous models, the PMF was developed and then refined and populated with in-depth information relevant to Cambodia collected from social science research and field experiences in Cambodia. The framework comprises of the PMF itself, MMP activity profiles and a Malaria Risk Index which is a summation of three related indices: a vulnerability index, an exposure index and an access index which allow a qualitative ranking of malaria

A Comparative Analysis of Wiki Discretionary Access Control in a CONOPS Environment

National Research Council Canada - National Science Library

Crawford, Frederick L

2008-01-01

.... The derivation of the author's thesis focuses awareness on effective information allocation that is reliable and accurate while maintaining its confidentiality based upon some level of discretionary access control (DAC...

SDN Based User-Centric Framework for Heterogeneous Wireless Networks

Directory of Open Access Journals (Sweden)

Zhaoming Lu

2016-01-01

Full Text Available Due to the rapid growth of mobile data traffic, more and more basestations and access points (APs have been densely deployed to provide users with ubiquitous network access, which make current wireless network a complex heterogeneous network (HetNet. However, traditional wireless networks are designed with network-centric approaches where different networks have different quality of service (QoS strategies and cannot easily cooperate with each other to serve network users. Massive network infrastructures could not assure users perceived network and service quality, which is an indisputable fact. To address this issue, we design a new framework for heterogeneous wireless networks with the principle of user-centricity, refactoring the network from users’ perspective to suffice their requirements and preferences. Different from network-centric approaches, the proposed framework takes advantage of Software Defined Networking (SDN and virtualization technology, which will bring better perceived services quality for wireless network users. In the proposed user-centric framework, control plane and data plane are decoupled to manage the HetNets in a flexible and coadjutant way, and resource virtualization technology is introduced to abstract physical resources of HetNets into unified virtualized resources. Hence, ubiquitous and undifferentiated network connectivity and QoE (quality of experience driven fine-grained resource management could be achieved for wireless network users.

Rural providers' access to online resources: a randomized controlled trial

Science.gov (United States)

Hall, Laura J.; McElfresh, Karen R.; Warner, Teddy D.; Stromberg, Tiffany L.; Trost, Jaren; Jelinek, Devin A.

2016-01-01

Objective The research determined the usage and satisfaction levels with one of two point-of-care (PoC) resources among health care providers in a rural state. Methods In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants' attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA), paired t tests, and Cohen's d statistic to compare pre- and post-study effects sizes. Results Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to “about right amounts of information” at the completion of the study. DynaMed users reported a Cohen's d increase of +1.50 compared to AccessMedicine users' reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen's d. Conclusion Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine. PMID:26807050

Assessment of current practices in creating and using passwords as a control mechanism for information access

Directory of Open Access Journals (Sweden)

P. L. Wessels

2007-11-01

Full Text Available One of the critical issues in managing information within an organization is to ensure that proper controls exist and are applied in allowing people access to information. Passwords are used extensively as the main control mechanism to identify users wanting access to systems, applications, data files, network servers or personal information. In this article, the issues involved in selecting and using passwords are discussed and the current practices employed by users in creating and storing passwords to gain access to sensitive information are assessed. The results of this survey conclude that information managers cannot rely only on users to employ proper password control in order to protect sensitive information.

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

OpenAIRE

Luis Cruz-Piris; Diego Rivera; Ivan Marsa-Maestre; Enrique de la Hoz; Juan R. Velasco

2018-01-01

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to o...

A Framework for Transparently Accessing Deep Web Sources

Science.gov (United States)

Dragut, Eduard Constantin

2010-01-01

An increasing number of Web sites expose their content via query interfaces, many of them offering the same type of products/services (e.g., flight tickets, car rental/purchasing). They constitute the so-called "Deep Web". Accessing the content on the Deep Web has been a long-standing challenge for the database community. For a user interested in…

Cloud computing-based energy optimization control framework for plug-in hybrid electric bus

International Nuclear Information System (INIS)

Yang, Chao; Li, Liang; You, Sixiong; Yan, Bingjie; Du, Xian

2017-01-01

Considering the complicated characteristics of traffic flow in city bus route and the nonlinear vehicle dynamics, optimal energy management integrated with clustering and recognition of driving conditions in plug-in hybrid electric bus is still a challenging problem. Motivated by this issue, this paper presents an innovative energy optimization control framework based on the cloud computing for plug-in hybrid electric bus. This framework, which includes offline part and online part, can realize the driving conditions clustering in offline part, and the energy management in online part. In offline part, utilizing the operating data transferred from a bus to the remote monitoring center, K-means algorithm is adopted to cluster the driving conditions, and then Markov probability transfer matrixes are generated to predict the possible operating demand of the bus driver. Next in online part, the current driving condition is real-time identified by a well-trained support vector machine, and Markov chains-based driving behaviors are accordingly selected. With the stochastic inputs, stochastic receding horizon control method is adopted to obtain the optimized energy management of hybrid powertrain. Simulations and hardware-in-loop test are carried out with the real-world city bus route, and the results show that the presented strategy could greatly improve the vehicle fuel economy, and as the traffic flow data feedback increases, the fuel consumption of every plug-in hybrid electric bus running in a specific bus route tends to be a stable minimum. - Highlights: • Cloud computing-based energy optimization control framework is proposed. • Driving cycles are clustered into 6 types by K-means algorithm. • Support vector machine is employed to realize the online recognition of driving condition. • Stochastic receding horizon control-based energy management strategy is designed for plug-in hybrid electric bus. • The proposed framework is verified by simulation and hard

Socio-economic status influences blood pressure control despite equal access to care

DEFF Research Database (Denmark)

Paulsen, M S; Andersen, M; Munck, A P

2012-01-01

OBJECTIVE: Denmark has a health care system with free and equal access to care irrespective of age and socio-economic status (SES). We conducted a cross-sectional study to investigate a possible association between SES and blood pressure (BP) control of hypertensive patients treated in general...... Statistics Denmark. The outcome measure was BP control defined as BP...

Lexical Access in L2 Speech Production: a controlled serial search task

Directory of Open Access Journals (Sweden)

Gicele Vergine Vieira

2017-09-01

Full Text Available When it comes to lexical access in L2 speech production, working memory (WM seems to play a central role as for less automatized procedures require more WM capacity to be executed (Prebianca, 2007. With that in mind, this paper aims at claiming that bilingual lexical access qualifies as a controlled serial strategic search task susceptible to individual differences in WM capacity. Evidence in support of such claim is provided by the results of AUTHOR's (2010 study conducted so as to investigate the relationship between L2 lexical access, WMC and L2 proficiency. AUTHOR's (2010 findings indicate that bilingual lexical access entails underlying processes such as cue generation, set delimitation, serial search and monitoring, which to be carried out, require the allocation of attention. Attention is limited and, as a result, only higher spans were able to perform these underlying processes automatically.

Access Control Mechanism for Blog Posts with Fine-Grained Ability Using Simple Operations

Institute of Scientific and Technical Information of China (English)

Yi-Hui Chen; Chi-Shiang Chan; Yuan-Yu Tsai

2017-01-01

Access control enables the owners to assign different users different permissions to see different views. The current blog system does not support fine-grained authorization. That is, the bloggers disallow to just assign partial contents of the blog posts (i.e., a paragraph or several paragraphs) to readers. The management cost is no doubt to be significantly increased while handling the authorizations on the huge amount of blog articles. In this paper, we propose a scheme for supporting a fine-grained access control mechanism on blog articles. The advantage is that bloggers are able to authorize partial contents of blog posts to different users or groups of users.

Controlling Thermal Expansion: A Metal-Organic Frameworks Route.

Science.gov (United States)

Balestra, Salvador R G; Bueno-Perez, Rocio; Hamad, Said; Dubbeldam, David; Ruiz-Salvador, A Rabdel; Calero, Sofia

2016-11-22

Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal-organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model material, along with three molecules of similar size and known differences in terms of the nature of host-guest interactions. It has been shown that adsorbate molecules can control, in a colligative way, the thermal expansion of the solid, so that changing the adsorbate molecules induces the solid to display positive, zero, or negative thermal expansion. We analyze in depth the distortion mechanisms, beyond the ligand metal junction, to cover the ligand distortions, and the energetic and entropic effect on the thermo-structural behavior. We provide an unprecedented atomistic insight on the effect of adsorbates on the thermal expansion of MOFs as a basic tool toward controlling the thermal expansion.

Controlling Thermal Expansion: A Metal–Organic Frameworks Route

Science.gov (United States)

2016-01-01

Controlling thermal expansion is an important, not yet resolved, and challenging problem in materials research. A conceptual design is introduced here, for the first time, for the use of metal–organic frameworks (MOFs) as platforms for controlling thermal expansion devices that can operate in the negative, zero, and positive expansion regimes. A detailed computer simulation study, based on molecular dynamics, is presented to support the targeted application. MOF-5 has been selected as model material, along with three molecules of similar size and known differences in terms of the nature of host–guest interactions. It has been shown that adsorbate molecules can control, in a colligative way, the thermal expansion of the solid, so that changing the adsorbate molecules induces the solid to display positive, zero, or negative thermal expansion. We analyze in depth the distortion mechanisms, beyond the ligand metal junction, to cover the ligand distortions, and the energetic and entropic effect on the thermo-structural behavior. We provide an unprecedented atomistic insight on the effect of adsorbates on the thermal expansion of MOFs as a basic tool toward controlling the thermal expansion. PMID:28190918

A Conceptual Framework for Primary Source Practices

Science.gov (United States)

Ensminger, David C.; Fry, Michelle L.

2012-01-01

This article introduces a descriptive conceptual framework to provide teachers with a means of recognizing and describing instructional activities that use primary sources. The framework provides structure for professional development programs that have been established to train teachers to access and integrate primary sources into lessons. The…

Gender Relations in Access to and Control over Resources in Awra ...

African Journals Online (AJOL)

This paper explores gender relations in access to and control over resources in Awra Amba Community of Amhara Region, Ethiopia. The study employed primary and secondary data sources. The primary data were gathered through semistructured interviews with selected community members and key informants, focus ...

Intelligent Control Framework for the Feeding System in the Biomass Power Plant

Directory of Open Access Journals (Sweden)

Sun Jin

2015-01-01

Full Text Available This paper proposes an intelligent control framework for biomass drying process with flue gases based on FLC (fuzzy logic controller and CAN (Controller Area Network bus. In the operation of a biomass drying process, in order to get the biomass with the set-point low moisture content dried by waste high temperature flue gases, it is necessary to intelligent control for the biomass flow rate. Use of an experiment with varied materials at different initial moisture contents enables acquisition of the biomass flow rates as initial setting values. Set the error between actual straw moisture content and set-point, and rate of change of error as two inputs. the biomass flow rate can be acquired by the fuzzy logic computing as the output. Since the length of dryer is more than twenty meters, the integration by the CAN bus can ensure real-time reliable data acquisition and processing. The control framework for biomass drying process can be applied to a variety of biomass, such as, cotton stalk, corn stalk, rice straw, wheat straw, sugar cane. It has strong potential for practical applications because of its advantages on intelligent providing the set-point low moisture content of biomass feedstock for power generation equipment.

A Model-driven Role-based Access Control for SQL Databases

Directory of Open Access Journals (Sweden)

Raimundas Matulevičius

2015-07-01

Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.

Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

Directory of Open Access Journals (Sweden)

Zhen Qin

2017-01-01

Full Text Available Online healthcare social networks (OHSNs play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT. Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

Rural providers’ access to online resources: a randomized controlled trial

Directory of Open Access Journals (Sweden)

Jonathan D. Eldredge

2016-01-01

Full Text Available Objective: The research determined the usage and satisfaction levels with one of two point-of-care (PoC resources among health care providers in a rural state. Methods: In this randomized controlled trial, twenty-eight health care providers in rural areas were stratified by occupation and region, then randomized into either the DynaMed or the AccessMedicine study arm. Study participants were physicians, physician assistants, and nurses. A pre- and post-study survey measured participants’ attitudes toward different information resources and their information-seeking activities. Medical student investigators provided training and technical support for participants. Data analyses consisted of analysis of variance (ANOVA, paired t tests, and Cohen’s d statistic to compare pre- and post-study effects sizes. Results: Participants in both the DynaMed and the AccessMedicine arms of the study reported increased satisfaction with their respective PoC resource, as expected. Participants in both arms also reported that they saved time in finding needed information. At baseline, both arms reported too little information available, which increased to ‘‘about right amounts of information’’ at the completion of the study. DynaMed users reported a Cohen’s d increase of þ1.50 compared to AccessMedicine users’ reported use of 0.82. DynaMed users reported d2 satisfaction increases of 9.48 versus AccessMedicine satisfaction increases of 0.59 using a Cohen’s d. Conclusion: Participants in the DynaMed arm of the study used this clinically oriented PoC more heavily than the users of the textbook-based AccessMedicine. In terms of user satisfaction, DynaMed users reported higher levels of satisfaction than the users of AccessMedicine.

A framework for evaluating hydrogen control and management

International Nuclear Information System (INIS)

Lee, Seung Dong; Suh, Kune Yul; Jae, Moosung

2003-01-01

The present paper presents a new framework for assessing accident management strategies using decision trees. The containment event tree (CET) model considers characteristics associated with the implementation of each strategy. It is constructed and quantified using data obtained from NUREG-1150, other probabilistic risk assessments, and the MAAP4 calculations. The proposed framework for evaluating hydrogen control strategies is based on the concept of a measure using a risk triplet. Ulchin units of nuclear power plants 3 and 4 are used as the reference plant. On the basis of best-estimate assessment, it is shown that it is beneficial to execute hydrogen igniters rather than to do nothing with respect to expected value of hydrogen concentration in the containment during an accident. The proposed approach is shown to be flexible in that it can be applied to various accident management strategies based on the timing of mitigation. The advantage of using the CET for assessing an accident management strategy lies with its capability for modeling both the positive and negative aspects associated with progression of the accident, which may in turn affect the containment failure mode

Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

Science.gov (United States)

Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

2018-04-28

Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

IEPLC Framework, Automated Communication in a Heterogeneous Control System Environment

CERN Document Server

Locci, F

2014-01-01

In CERN accelerators control system several components are essential such as: Programmable Logic Controller (PLC), PCI Extensions for Instrumentation (PXI), and other micro-controller families. Together with their weaknesses and their strength points they typically present custom communication protocols and it is therefore difficult to federate them into the control system using a single communication strategy. Furthermore this dependency to the physical device interfaces and protocols makes most of the code not reusable and the replacement of old technology a difficult problem. The purpose of IEPLC ([1]) is to mitigate the communication issues given by this heterogeneity; it proposes a framework to define communication interfaces in a hardware independent manner. In addition it automatically generates all the resources needed on master side (typically represented by a FEC: Front-End Computer) and slave side (typically represented by the controller) to implement a common and generic Ethernet communication. Th...

The equipment access software for a distributed UNIX-based accelerator control system

International Nuclear Information System (INIS)

Trofimov, Nikolai; Zelepoukine, Serguei; Zharkov, Eugeny; Charrue, Pierre; Gareyte, Claire; Poirier, Herve

1994-01-01

This paper presents a generic equipment access software package for a distributed control system using computers with UNIX or UNIX-like operating systems. The package consists of three main components, an application Equipment Access Library, Message Handler and Equipment Data Base. An application task, which may run in any computer in the network, sends requests to access equipment through Equipment Library calls. The basic request is in the form Equipment-Action-Data and is routed via a remote procedure call to the computer to which the given equipment is connected. In this computer the request is received by the Message Handler. According to the type of the equipment connection, the Message Handler either passes the request to the specific process software in the same computer or forwards it to a lower level network of equipment controllers using MIL1553B, GPIB, RS232 or BITBUS communication. The answer is then returned to the calling application. Descriptive information required for request routing and processing is stored in the real-time Equipment Data Base. The package has been written to be portable and is currently available on DEC Ultrix, LynxOS, HPUX, XENIX, OS-9 and Apollo domain. ((orig.))

National Ignition Facility integrated computer control system

International Nuclear Information System (INIS)

Van Arsdall, P.J. LLNL

1998-01-01

The NIF design team is developing the Integrated Computer Control System (ICCS), which is based on an object-oriented software framework applicable to event-driven control systems. The framework provides an open, extensible architecture that is sufficiently abstract to construct future mission-critical control systems. The ICCS will become operational when the first 8 out of 192 beams are activated in mid 2000. The ICCS consists of 300 front-end processors attached to 60,000 control points coordinated by a supervisory system. Computers running either Solaris or VxWorks are networked over a hybrid configuration of switched fast Ethernet and asynchronous transfer mode (ATM). ATM carries digital motion video from sensors to operator consoles. Supervisory software is constructed by extending the reusable framework components for each specific application. The framework incorporates services for database persistence, system configuration, graphical user interface, status monitoring, event logging, scripting language, alert management, and access control. More than twenty collaborating software applications are derived from the common framework. The framework is interoperable among different kinds of computers and functions as a plug-in software bus by leveraging a common object request brokering architecture (CORBA). CORBA transparently distributes the software objects across the network. Because of the pivotal role played, CORBA was tested to ensure adequate performance